- 95 Views
- Uploaded on
- Presentation posted in: General

Process Algebra C alculus of C ommunicating S ystems

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Process AlgebraCalculus of Communicating Systems

Daniel Choi

Provable Software Lab.

KAIST

- Introduction
- Calculus of Communicating Systems
- Equivalence for CCS
- Discussions

Provable Software Laboratory Seminar

- Need
- Mathematical models for concurrent communicating processes?

- How
- How can we define a mathematical models for concurrent communicating process?

Provable Software Laboratory Seminar

- Need
- Mathematical models for concurrent communicating processes?

- How
- How can we define a mathematical models for concurrent communicating process?

Provable Software Laboratory Seminar

- Need
- Mathematical models for concurrent communicating processes?
- Process Algebra, Petri Net, etc.

- How
- How can we define a mathematical models for concurrent communicating process?
- By defining structured operational semantics

Provable Software Laboratory Seminar

- Milnerâ€™s Calculus of Communicating Systems (CCS)
- Hoareâ€™s theory of Communicating Sequential Processes
- The Algebra of Communicating Processes (ACP) of Bergstra & Klop

Provable Software Laboratory Seminar

- Introduction
- Why are we going to study Process Algebra?

- Calculus of Communicating Systems
- Definitions
- Operational Semantic of CCS Terms
- Examples

- Equivalence for CCS
- Discussions

Provable Software Laboratory Seminar

- Assume a non-empty set S of states, together with a finite, non-empty set of transition labels A and a finite set of predicate symbols
- Signature
- Consist of a finite set of function symbols f, g, â€¦ where each function symbol f has an arity ar(f), being its number of arguments.
- Symbol of arity zero : constant (a, b, c, â€¦)
- Countably infinite set of variables (x, y, z, â€¦)

- Finite non-empty set A of (atomic) actions
- Each atomic action a is a constant that can execute itself, after which it terminates successfully.

- Term
- Set T(âˆ‘) of open terms, s, t, u, â€¦ over âˆ‘ is defined as the least set satisfying
- Each variable is T(âˆ‘);
- If f âˆˆ âˆ‘ and t1, â€¦, tar(f) âˆˆ T(âˆ‘), then f(t1, â€¦, tar(f)) âˆˆ T(âˆ‘)

- A term is closed if it does not contain variables. The set of closed terms is denoted by T(âˆ‘)

- Set T(âˆ‘) of open terms, s, t, u, â€¦ over âˆ‘ is defined as the least set satisfying
- Labeled transition system
- A transition is a triple (s, a, sâ€™) with a âˆˆ A, or a pair (s, P) with P a predicate, where s, sâ€™ âˆˆ S. A labeled transition system (LTS) is a possibly infinite set of transitions. An LTS is finitely branching if each of its states has only finitely many outgoing transitions
- The states of an LTS are always the closed terms over a signature âˆ‘.
- In view of the syntactic structure of closed terms over a signature, such transitions can be derived by means of inductive proof rules, where the validity of a number of transitions (the premises) may imply the validity of some other transition (the conclusion)

- Process graph
- A Process (graph) p is an LTS in which one state s is elected to be the root. If the LTS contains a transition s â€“ a -> sâ€™, then p â€“ a -> pâ€™ where pâ€™ has root state sâ€™. Moreover, if the LTS contains a transition sP, then pP.

Provable Software Laboratory Seminar

- Assume a non-empty set S of states, together with a finite, non-empty set of transition labels A and a finite set of predicate symbols
- Signature
- Consist of a finite set of function symbols f, g, â€¦ where each function symbol f has an arity ar(f), being its number of arguments.
- Symbol of arity zero : constant (a, b, c, â€¦)
- Countably infinite set of variables (x, y, z, â€¦)

- Finite non-empty set A of (atomic) actions
- Each atomic action a is a constant that can execute itself, after which it terminates succefully.

- Term
- Set T(âˆ‘) of open terms, s, t, u, â€¦ over âˆ‘ is defined as the least set satisfying
- Each variable is T(âˆ‘);
- If f âˆˆ âˆ‘ and t1, â€¦, tar(f) âˆˆ T(âˆ‘), then f(t1, â€¦, tar(f)) âˆˆ T(âˆ‘)

- A term is closed if it does not contain variables. The set of closed terms is denoted by T(âˆ‘)

- Set T(âˆ‘) of open terms, s, t, u, â€¦ over âˆ‘ is defined as the least set satisfying
- Labeled transition system
- A transition is a triple (s, a, sâ€™) with a âˆˆ A, or a pair (s, P) with P a predicate, where s, sâ€™ âˆˆ S. A labeled transition system (LTS) is a possibly infinite set of transitions. An LTS is finitely branching if each of its states has only finitely many outgoing transitions
- The states of an LTS are always the closed terms over a signature âˆ‘.
- In view of the syntactic structure of closed terms over a signature, such transitions can be derived by means of inductive proof rules, where the validity of a number of transitions (the premises) may imply the validity of some other transition (the conclusion)

- Process graph
- A Process (graph) p is an LTS in which one state s is elected to be the root. If the LTS contains a transition s â€“ a -> sâ€™, then p â€“ a -> pâ€™ where pâ€™ has root state sâ€™. Moreover, if the LTS contains a transition sP, then pP.

Provable Software Laboratory Seminar

- Actions
- Atomic
- uninterruptible execution steps(with some other internal computation steps(Ï„))
- Representing potential interactions with its environment (inputs/outputs on ports)

Provable Software Laboratory Seminar

- nil
- terminated process that has finished execution

- a.p
- Capable first of a and then behaves like p

- +
- Choice construct
- p1 + p2 offers the potential of behaving like either p1 or p2, depending on the interactions offered by the environment

- |
- parallel composition
- p1 | p2 offers interleaves the execution of p1 and p2
- Permitting complementary actions of p1 and p2 to synchronize (Ï„)

- Restriction operator
- Permits actions to be localized within a system

- [f]
- Actions in a process to be renamed
- P[f] behaves exactly like p except that f is applied to each action that p wishes to engage in

- Defining equation
- C represents a valid system

Provable Software Laboratory Seminar

- Labeled transition system (LTS)
- Triple <Q, A,â†’>
- Q : a set of states
- A : a set of actions
- â†’ : transition relation â†’âŠ†Qâ…¹ A â…¹ Q

- B = ((a.(b.B + c.0) + b.0)|aâ€™.0 )\a

- Triple <Q, A,â†’>

b

(B|0)\a

â€¦

((b.B + c.0)|0)\a

Ï„

c

(0|0)\a

B

b

(0|aâ€™.0)\a

Temporal Structure

Provable Software Laboratory Seminar

Referenced from lecture note of Prof. Kim

Provable Software Laboratory Seminar

- Assume that there is a man and a woman in the society
- Man and Woman can manifest their emotion independently (concurrently)
- M = â€˜man.(acc.Mâ€˜+ rej.M)
- W = man.(â€˜acc.Wâ€™ + â€˜rej.W)
- Mâ€™ = lov.Mâ€™ + â€˜lov.Mâ€™ + â€˜neg_man.M
- Wâ€™ = lov.Wâ€™ + â€˜lov.Wâ€™ + neg_man.W
- Does L = (M|W) is a model of happy lovers?

Provable Software Laboratory Seminar

M|W

â€˜man

Ï„

man

neg_man

(acc.Mâ€˜+ rej.M)|(â€™acc.Wâ€™ + â€˜rej.W)

(acc.Mâ€˜+ rej.M) |W

M|(â€™acc.Wâ€™ + â€˜rej.W)

rej

rej

acc

â€˜rej

â€˜acc

acc

â€˜neg_man

lov,â€™lov

Ï„

â€˜acc

â€˜rej

lov,â€™lov

Mâ€™|W

M|Wâ€™

Mâ€™|(â€™acc.Wâ€™ + â€˜rej.W)

(acc.Mâ€˜+ rej.M)|Wâ€™

â€˜man

man

â€˜neg_man

Ï„

neg_man

acc

â€˜acc

Ï„,lov,â€™lov

Mâ€˜|Wâ€™

Ï„

Provable Software Laboratory Seminar

M|W

â€˜man

Ï„

man

neg_man

(acc.Mâ€˜+ rej.M)|(â€™acc.Wâ€™ + â€˜rej.W)

(acc.Mâ€˜+ rej.M) |W

M|(â€™acc.Wâ€™ + â€˜rej.W)

rej

rej

acc

â€˜rej

â€˜acc

acc

â€˜neg_man

lov,â€™lov

Ï„

â€˜acc

â€˜rej

lov,â€™lov

Mâ€™|W

M|Wâ€™

Mâ€™|(â€™acc.Wâ€™ + â€˜rej.W)

(acc.Mâ€˜+ rej.M)|Wâ€™

â€˜man

man

â€˜neg_man

Ï„

neg_man

acc

â€˜acc

One sided Love

Ï„,lov,â€™lov

Mâ€˜|Wâ€™

Ï„

Provable Software Laboratory Seminar

M|W

Ï„

(acc.Mâ€˜+ rej.M)|(â€™acc.Wâ€™ + â€˜rej.W)

Ï„

Mâ€˜|Wâ€™

HL = (M|W) \{man, lov, acc, rej}

Ï„

Provable Software Laboratory Seminar

M|W

Ï„

(acc.Mâ€˜+ rej.M)|(â€™acc.Wâ€™ + â€˜rej.W)

proc HL = (M|W)\{manifest,love,neg_manifest,accept,reject}

proc UHL = (M|W)

proc M = 'manifest.(accept.M1 + reject.M)

proc W = manifest.('accept.W1 + 'reject.W)

proc M1 = love.M1 + 'love.M1 + 'neg_manifest.M

proc W1 = 'love.W1 + love.W1 + neg_manifest.W

Ï„

Mâ€˜|Wâ€™

HL = (M|W) \{man, lov, acc, rej}

Ï„

Provable Software Laboratory Seminar

- Proof of (M|W)\{man, lov, acc, rej} => (M|W)\{man, lov, acc, rej}

(M|W)\{man, lov, acc, rej} -Ï„->((acc.Mâ€˜+ rej.M)|(â€™acc.Wâ€™ + â€˜rej.W)) \{man, lov, acc, rej}

Provable Software Laboratory Seminar

- Proof of (M|W)\{man, lov, acc, rej} => (M|W)\{man, lov, acc, rej}

Res

(M|W)\{man, lov, acc, rej} -Ï„->((acc.Mâ€˜+ rej.M)|(â€™acc.Wâ€™ + â€˜rej.W)) \{man, lov, acc, rej}

Provable Software Laboratory Seminar

- Proof of (M|W)\{man, lov, acc, rej} => (M|W)\{man, lov, acc, rej}

Res

â€˜man.(acc.Mâ€˜+ rej.M) | man.(â€˜acc.Wâ€™ + â€˜rej.W) -Ï„->(acc.Mâ€˜+ rej.M)|(â€™acc.Wâ€™ + â€˜rej.W)

(M|W)\{man, lov, acc, rej} -Ï„->((acc.Mâ€˜+ rej.M)|(â€™acc.Wâ€™ + â€˜rej.W)) \{man, lov, acc, rej}

Provable Software Laboratory Seminar

- Proof of (M|W)\{man, lov, acc, rej} => (M|W)\{man, lov, acc, rej}

ParÏ„

Res

â€˜man.(acc.Mâ€˜+ rej.M) | man.(â€˜acc.Wâ€™ + â€˜rej.W) -Ï„->(acc.Mâ€˜+ rej.M)|(â€™acc.Wâ€™ + â€˜rej.W)

(M|W)\{man, lov, acc, rej} -Ï„->((acc.Mâ€˜+ rej.M)|(â€™acc.Wâ€™ + â€˜rej.W)) \{man, lov, acc, rej}

Provable Software Laboratory Seminar

- Proof of (M|W)\{man, lov, acc, rej} => (M|W)\{man, lov, acc, rej}

Act

Act

â€˜man.(acc.Mâ€˜+ rej.M) â€“ â€˜man-> (acc.Mâ€˜+ rej.M)

man.(â€˜acc.Wâ€™ + â€˜rej.W) â€“ man-> (â€˜acc.Wâ€™ + â€˜rej.W)

ParÏ„

Res

â€˜man.(acc.Mâ€˜+ rej.M) | man.(â€˜acc.Wâ€™ + â€˜rej.W) -Ï„->(acc.Mâ€˜+ rej.M)|(â€™acc.Wâ€™ + â€˜rej.W)

(M|W)\{man, lov, acc, rej} -Ï„->((acc.Mâ€˜+ rej.M)|(â€™acc.Wâ€™ + â€˜rej.W)) \{man, lov, acc, rej}

Provable Software Laboratory Seminar

- Proof of (M|W)\{man, lov, acc, rej} => (M|W)\{man, lov, acc, rej}

Act

Act

â€˜acc.Wâ€˜ â€“ â€˜acc -> Wâ€™

acc.Mâ€˜ â€“ acc -> Mâ€™

ChoiceL

ChoiceL

(acc.Mâ€˜+ rej.M) - acc-> Mâ€™

(â€˜acc.Wâ€™ + â€˜rej.W) â€“ â€˜acc -> Wâ€™

ParÏ„

(acc.Mâ€˜+ rej.M) | (â€˜acc.Wâ€™ + â€˜rej.W) -Ï„-> (Mâ€™|Wâ€™)

Res

((acc.Mâ€˜+ rej.M)|(â€™acc.Wâ€™ + â€˜rej.W)) \{man, lov, acc, rej} -Ï„-> (Mâ€™|Wâ€™) \{man, lov, acc, rej}

Provable Software Laboratory Seminar

- Introduction
- Why are we going to study Process Algebra?

- Calculus of Communicating Systems
- Definitions
- Operational Semantic of CCS Terms
- Examples

- Equivalence for CCS
- Trace Equivalence
- Strong Bisimulation Equivalence
- Weak Bisimulation Equivalence

- Discussions

Provable Software Laboratory Seminar

- Language Equivalence
- Two machines are equivalent if they accept the same sequences of symbol

- Can we directly apply language equivalence to rooted LTS? No
- Identify every state in a rooted LTS as being accepting

- Definition Let <Q, A,â†’> be a labeled transition system
- Let A* consists of the set of finite sequences of elements of A
- Let s = a1 â€¦ anâˆˆA* be a sequence of actions. Then q â€“ s-> qâ€™ if there are states q0, ..., qnsuch thatq = q0, qi â€“ai-> qi+1 and qâ€™ = qn
- s is a strong trace of q if there exists qâ€™ such that q â€“ s -> qâ€™. We use S(q) to represent the set of all strong traces of q
- p â‰ˆs q exactly when S(p) = S(q) (strong traces do not distinguish between internal and external actions)

- Can we use trace equivalence to decide whether two system are behavioral congruent? No

Provable Software Laboratory Seminar

- Language Equivalence
- Two machines are equivalent if they accept the same sequences of symbol

- Can we directly apply language equivalence to rooted LTS? No
- Identify every state in a rooted LTS as being accepting

- Definition Let <Q, A,â†’> be a labeled transition system
- Let A* consists of the set of finite sequences of elements of A
- Let s = a1 â€¦ anâˆˆA* be a sequence of actions. Then q â€“ s-> qâ€™ if there are states q0, ..., qnsuch thatq = q0, qi â€“ai-> qi+1 and qâ€™ = qn
- s is a strong trace of q if there exists qâ€™ such that q â€“ s -> qâ€™. We use S(q) to represent the set of all strong traces of q
- p â‰ˆs q exactly when S(p) = S(q) (strong traces do not distinguish between internal and external actions)

- Can we use trace equivalence to decide whether two system are behavioral congruent? No

Provable Software Laboratory Seminar

- Language Equivalence
- Two machines are equivalent if they accept the same sequences of symbol

- Can we directly apply language equivalence to rooted LTS? No
- Identify every state in a rooted LTS as being accepting

- Definition Let <Q, A,â†’> be a labeled transition system
- Let A* consists of the set of finite sequences of elements of A
- Let s = a1 â€¦ anâˆˆA* be a sequence of actions. Then q â€“ s-> qâ€™ if there are states q0, ..., qnsuch thatq = q0, qi â€“ai-> qi+1 and qâ€™ = qn
- s is a strong trace of q if there exists qâ€™ such that q â€“ s -> qâ€™. We use S(q) to represent the smallest set of all strong traces of q (prefix-closed)
- p â‰ˆs q exactly when S(p) = S(q) (strong traces do not distinguish between internal and external actions)

- Can we use trace equivalence to decide whether two system are behavioral congruent? No

Provable Software Laboratory Seminar

- Language Equivalence
- Two machines are equivalent if they accept the same sequences of symbol

- Can we directly apply language equivalence to rooted LTS? No
- Identify every state in a rooted LTS as being accepting

- Definition Let <Q, A,â†’> be a labeled transition system
- Let A* consists of the set of finite sequences of elements of A
- s is a strong trace of q if there exists qâ€™ such that q â€“ s -> qâ€™. We use S(q) to represent the smallest set of all strong traces of q (prefix-closed)

- Can we use trace equivalence to decide whether two system are behavioral congruent? No

Provable Software Laboratory Seminar

p0

q0

a

a

a

q1

q1â€™

p1

b

c

b

c

p2

p3

q2

q3

P = a.(b.nil + c.nil)S(P) = {Îµ,a,ab,ac}

Q = a.b.nil + a.c.nilS(Q) = {Îµ,a,ab,ac}

Provable Software Laboratory Seminar

p0

q0

a

a

a

S(P) = S(Q)

q1

q1â€™

p1

b

c

b

c

p2

p3

q2

q3

P = a.(b.nil + c.nil)S(P) = {Îµ,a,ab,ac}

Q = a.b.nil + a.c.nilS(Q) = {Îµ,a,ab,ac}

Provable Software Laboratory Seminar

p0

q0

a

a

a

S(P) = S(Q)

q1

q1â€™

p1

b

c

b

c

p2

p3

q2

q3

Trace Equivalent

P = a.(b.nil + c.nil)S(P) = {Îµ,a,ab,ac}

Q = a.b.nil + a.c.nilS(Q) = {Îµ,a,ab,ac}

Provable Software Laboratory Seminar

p0

q0

a

a

a

S(P) = S(Q)

q1

q1â€™

p1

b

c

b

c

p2

p3

q2

q3

Trace Equivalent

P = a.(b.nil + c.nil)S(P) = {Îµ,a,ab,ac}

Q = a.b.nil + a.c.nilS(Q) = {Îµ,a,ab,ac}

It is not behavioral congruent

Provable Software Laboratory Seminar

- Execution sequences for equivalent systems ought to pass through equivalent states
- Definition Let <Q, A,â†’> be an LTS. A relation R âŠ† Q x Q is a bisimulation if whenever <p, q> âˆˆR, then the following conditions hold for any a, pâ€™ and qâ€™
- If p â€“a-> pâ€™ then q â€“ a -> qâ€™ for some qâ€™ such that <pâ€™, qâ€™> âˆˆR
- If q â€“a-> qâ€™ then p â€“ a -> pâ€™ for some pâ€™ such that <pâ€™, qâ€™> âˆˆR

- Definition System p and q are bisimulation equivalent, or bisimilar, if there exists a bisimulation R containing <p, q>. We write p ~ q whenever p and q are bisimilar

Provable Software Laboratory Seminar

- Strong Simulation
- Let <Q, A,â†’> be an LTS, and let S be a binary relation over Q. Then S is called a strong simulation over <Q, A,â†’> if, whenever pSq, if p â€“ a -> pâ€™ then there exists qâ€™ âˆˆ Q such that q â€“ a -> qâ€™ and pâ€™ S qâ€™

- q strongly simulates p if there exists a strong simulation S such that pSq

Provable Software Laboratory Seminar

p0

q0

a

a

a

q1

q1â€™

p1

b

c

b

c

p2

p3

q2

q3

Suppose, (p0, q0)âˆˆ S

Provable Software Laboratory Seminar

Suppose p0 strongly simulates q0, (q0, p0)âˆˆ S or q0Sp0

q0 S p0

a

a

q1p1

Provable Software Laboratory Seminar

Suppose p0 strongly simulates q0, (q0, p0)âˆˆ S or q0Sp0

q0 S p0

q0 S p0

a

a

a

a

q1p1

q1'p1

q1 S p1

q1' S p1

Provable Software Laboratory Seminar

Suppose p0 strongly simulates q0, (q0, p0)âˆˆ S or q0Sp0

q0 S p0

q0 S p0

q1 S p1

a

a

b

a

a

b

q1p1

q1'p1

q2p2

q1 S p1

q1' S p1

q2 S p2

Provable Software Laboratory Seminar

Suppose p0 strongly simulates q0, (q0, p0)âˆˆ S or q0Sp0

q0 S p0

q0 S p0

q1 S p1

q1' S p1

a

a

b

c

a

a

b

c

q1p1

q1'p1

q2p2

q3p3

q1 S p1

q1' S p1

q2 S p2

q3 S p3

Provable Software Laboratory Seminar

Suppose p0 strongly simulates q0, (q0, p0)âˆˆ S or q0Sp0

q0 S p0

q0 S p0

q1 S p1

q1' S p1

a

a

b

c

a

a

b

c

q1p1

q1'p1

q2p2

q3p3

q1 S p1

q1' S p1

q2 S p2

q3 S p3

Therefore S = {(q0, p0), (q1, p1), (q1â€™, p1), (q2, p2), (q3, p3)}

Provable Software Laboratory Seminar

Suppose q0 strongly simulates p0, (p0, q0)âˆˆ S or p0Sq0

p0 S q0

p1 S q1

p1 S q1

a

b

c

a

b

p1q1

p2q2

p3

p1 S q1

q1' S p1

Provable Software Laboratory Seminar

Suppose q0 strongly simulates p0, (p0, q0)âˆˆ S or p0Sq0

p0 S q0

p1 S q1â€™

p1 S q1â€™

a

c

b

a

c

p1q1â€™

p3q3

p2

p1 S q1â€™

p3 S q3

Provable Software Laboratory Seminar

- Strong Simulation
- Let <Q, A,â†’> be an LTS, and let S be a binary relation over Q. Then S is called a strong simulation over <Q, A,â†’> if, whenever pSq, if p â€“ a -> pâ€™ then there exists qâ€™ âˆˆ Q such that q â€“ a -> qâ€™ and pâ€™ S qâ€™

- q strongly simulates p if there exists a strong simulation S such that pSq
- S-1 is the set of pairs (y, x) such that (x, y) âˆˆ S
- Strong bisimulation
- A binary relation S over Q is said to be a strong bisimulation over the LTS if both S and its converse are simulations

Provable Software Laboratory Seminar

- Strong Simulation
- Let <Q, A,â†’> be an LTS, and let S be a binary relation over Q. Then S is called a strong simulation over <Q, A,â†’> if, whenever pSq, if p â€“ a -> pâ€™ then there exists qâ€™ âˆˆ Q such that q â€“ a -> qâ€™ and pâ€™ S qâ€™

- q strongly simulates p if there exists a strong simulation S such that pSq
- S-1 is the set of pairs (y, x) such that (x, y) âˆˆ S
- Strong bisimulation
- A binary relation S over Q is said to be a strong bisimulation over the LTS if both S and its converse are simulations

Provable Software Laboratory Seminar

b

a

p0

p1

q0

a

q1

a

a

a

b

b

p2

a

a

q2

S = {(p0, q0), (p1, q1), (p2, q1), (p0, q2)}

Sâ€™ = {(q0, p0), (q1, p1), (q1, p2), (q2, p0)}

Provable Software Laboratory Seminar

b

a

p0

p1

q0

a

q1

a

a

a

b

b

p2

a

a

q2

Strong Bisimulation

S = {(p0, q0), (p1, q1), (p2, q1), (p0, q2)}

Sâ€™ = {(q0, p0), (q1, p1), (q1, p2), (q2, p0)}

Provable Software Laboratory Seminar

a

p0

p1

q0

a

q1

a

b

q2

b

p2

p3

It is not Strong Bisimulation

P strongly simulates Q

S = {(q0, p0), (q1, p2), (q2, p3)}

Q strongly simulates P

Sâ€™ = {(p0, q0), (p1, q1), (p2, q1), (p3, q2)}

Provable Software Laboratory Seminar

- Strong Simulation
- q strongly simulates p if there exists a strong simulation S such that pSq
- S-1 is the set of pairs (y, x) such that (x, y) âˆˆ S
- Strong bisimulation (P ~ Q)
- A binary relation S over Q is said to be a strong bisimulation over the LTS if both S and its converse are simulations
- Strong bisimulation equivalence : reflexive, symmetric, transitive
- P ~ Q implies P â‰ˆs Q

- What about internal computation Ï„?
- Weak bisimulation

Provable Software Laboratory Seminar

- Strong Simulation
- q strongly simulates p if there exists a strong simulation S such that pSq
- S-1 is the set of pairs (y, x) such that (x, y) âˆˆ S
- Strong bisimulation (P ~ Q)
- Strong bisimulation equivalence : reflexive, symmetric, transitive
- P ~ Q implies P â‰ˆs Q

- What about internal computation Ï„?
- Weak bisimulation

Provable Software Laboratory Seminar

- How are we going to treat internal computation?
- We cannot ignore Ï„.

- DefinitionS is a weak simulation (observational simulation) if and only if, whenever PSQ, if P â†’ Pâ€™ then there exists Qâ€™âˆˆ P such that Q â‡’ Qâ€™ and Pâ€™SQâ€™if P -Î»-> then there exists Qâ€™ âˆˆ P such that Q = Î» => Qâ€™ and Pâ€™SQâ€™
- â†’ : unobservable reactions (like Ï„)
Î» : observable actions â‡’ : zero or more reactions=Î» => : observation â€“ Î» -> accompanied (before and after) by any number of reactions = Î» => ïƒ³ â†’* â€“ Î» -> â†’*= Ï„ => : = at least one reaction

Provable Software Laboratory Seminar

- How are we going to treat internal computation?
- We cannot ignore Ï„.

- DefinitionS is a weak simulation (observational simulation) if and only if, whenever PSQ, if P â†’ Pâ€™ then there exists Qâ€™âˆˆ P such that Q â‡’ Qâ€™ and Pâ€™SQâ€™if P -Î»-> then there exists Qâ€™ âˆˆ P such that Q = Î» => Qâ€™ and Pâ€™SQâ€™
- â†’ : unobservable reactions (like Ï„)
- Î» : observable actions
- â‡’ : zero or more reactions
- =Î» => : observation â€“ Î» -> accompanied (before and after) by any number of reactions
- = Î» => ïƒ³ â†’* â€“ Î» -> â†’*

- = Ï„ => : = at least one reaction

Provable Software Laboratory Seminar

- Similar to strong bisimulation
- Definition A binary relation S over P is said to be a weak bisimulation if both S and its converse are weak simulations. We say that P and Q are weakly bisimilar, weakly equivalent, or observation equivalent, written P â‰ˆ Q, if there exists a weak bisimulation S such that P S Q
- q weakly simulates p if there exists a strong simulation S such that pSq

Provable Software Laboratory Seminar

p0

A = a.Aâ€™B = b.Bâ€™Aâ€™ = â€˜b.ABâ€™ = â€˜c.B

p0 = (A|B)\{b}

p1 = (Aâ€™|B)\{b}

p2 = (A|Bâ€™)\{b}

p3 = (Aâ€™|Bâ€™)\{b}

a

â€˜c

p1

Ï„

p2

â€˜c

a

p3

â€˜c

E = a.Eâ€™Eâ€™ = a.Eâ€™â€™ + â€˜c.E

Eâ€™â€™ = â€˜c.E

q0 = E

q1 = Eâ€™

q2 = Eâ€™â€™

q0

a

q1

a

â€˜c

q2

Provable Software Laboratory Seminar

p0

A = a.Aâ€™B = b.Bâ€™Aâ€™ = â€˜b.ABâ€™ = â€˜c.B

p0 = (A|B)\{b}

p1 = (Aâ€™|B)\{b}

p2 = (A|Bâ€™)\{b}

p3 = (Aâ€™|Bâ€™)\{b}

a

â€˜c

p1

Ï„

p2

â€˜c

a

p3

â€˜c

E = a.Eâ€™Eâ€™ = a.Eâ€™â€™ + â€˜c.E

Eâ€™â€™ = â€˜c.E

q0 = E

q1 = Eâ€™

q2 = Eâ€™â€™

q0

a

q1

S = {(p0 ,q0), (p1 ,q1), (p2 ,q1), (p3 ,q2)}

a

â€˜c

q2

Provable Software Laboratory Seminar

p0

A = a.Aâ€™B = b.Bâ€™Aâ€™ = â€˜b.ABâ€™ = â€˜c.B

p0 = (A|B)\{b}

p1 = (Aâ€™|B)\{b}

p2 = (A|Bâ€™)\{b}

p3 = (Aâ€™|Bâ€™)\{b}

a

â€˜c

p1

Ï„

p2

â€˜c

a

p3

â€˜c

E = a.Eâ€™Eâ€™ = a.Eâ€™â€™ + â€˜c.E

Eâ€™â€™ = â€˜c.E

q0 = E

q1 = Eâ€™

q2 = Eâ€™â€™

q0

a

Observational Bisimulation

q1

S = {(p0 ,q0), (p1 ,q1), (p2 ,q1), (p3 ,q2)}

a

â€˜c

q2

Provable Software Laboratory Seminar

- Introduction
- Why are we going to study Process Algebra?

- Calculus of Communicating Systems
- Definitions
- Operational Semantic of CCS Terms
- Examples

- Equivalence for CCS
- Trace Equivalence
- Strong Bisimulation Equivalence
- Weak Bisimulation Equivalence

- Discussions

Provable Software Laboratory Seminar

Provable Software Laboratory Seminar

- Communicating and mobile systems: the pi-calculusby Robin Milner, Cambridge,1999
- Communication and Concurrencyby Robin Milner, Prentice Hall, 1989
- Fundamentals of software engineeringby C. Chezzi, M. Jazayeri, D. Mandrioli, Prentice Hall, 2003
- Lecture Notes of Professor Bae, http://se.kaist.ac.kr/~course/DrBae/cs550_2006/
- Lecture Notes of Professor Kim, http://cs.kaist.ac.kr/~moonzoo/cs750b
- Notes on the methodology of CCS and CSPby R.J. van Glabbeek, TCS 177(2), pp. 329-349. Originally appeared as Report CS-R8624, CWI, Amsterdam, 1986
- Operational and algebraic semantics of concurrent processesbyR. Milner, in J. van Leeuwen, editor: Handbook of Theoretical Computer Science, Chapter 19, Elsevier Science Publishers B.V. (North-Holland), pp. 1201-1242. (1990)
- Process Algebraby R. Cleaveland and S. Smolka, in J.G. Webster, editor, Encyclopedia of Electrical Engineering, John Wiley & Sons, 1999 (Chap. 1 ~ 3)

Provable Software Laboratory Seminar