1. 4/25/20151 Metodi formali nello sviluppo software a.a.2013/2014 Prof.Anna Labella

2. 4/25/2015 2 Process Equivalences Sameness of behaviour = equivalence of states Many process equivalences have been proposed For instance: q 1 ~ q 2 iff –q 1 and q 2 have the same paths, or –q 1 and q 2 may always refuse the same interactions, or –q 1 and q 2 pass the same tests, or –q 1 and q 2 satisfy the same temporal formulas, or –q 1 and q 2 have identical branching structure CCS: Focus on bisimulation equivalence

3. 4/25/2015 3 Bisimulation Equivalence Intuition: q 1 ~ q 2 iff q 1 and q 2 have same branching structure Idea: Find relation which will relate two states with the same transition structure, and make sure the relation is preserved Example: aaa b b bc c c q1q1 q2q2

4. 4/25/2015 4 Strong Bisimulation Equivalence Given: Labelled transition system T = (Q, ,R) Looking for a relation S  Q  Q on states S is a strong bisimulation relation if whenever q 1 S q 2 then: –q 1   q 1 ’ implies q 2   q 2 ’ for some q 2 ’ such that q 1 ’ S q 2 ’ –q 2   q 2 ’ implies q 1   q 1 ’ for some q 1 ’ such that q 1 ’ S q 2 ’ q 1 and q 2 are strongly bisimilar iff q 1 S q 2 for some strong bisimulation relation S q 1  q 2 : q 1 and q 2 are strongly bisimilar Peled uses ´ bis for »

5. 4/25/2015 5 Example q1q1 q0q0 q2q2 p0p0 p1p1 p2p2 a a a a a a a b b b Does q 0 ~ p 0 hold?

6. 4/25/2015 6 Example q1q1 q0q0 q2q2 p0p0 p1p1 p2p2 c aa a c b b Does q 0 ~ p 0 hold? q3q3 q4q4 p3p3

7. 4/25/2015 7 Weak Transitions What to do about internal activity?  : Transition label for activity which is not externally visible q   q’ iff q = q 0   q 1  ...   q n = q’, n  0 q   q’ iff q   q’ q   q’ iff q   q 1   q 2   q’ (    ) Beware that   =   (non-standard notation) Observational equivalence, v.1.0: Bisimulation equivalence with  in place of  Let q 1  q 2 iff q 1 ~ q 2 with   in place of  

8. 4/25/2015 8 Observational Equivalence Let S  Q  Q. The relation S is a weak bisimulation relation if whenever q 1 S q 2 then: –q 1   q 1 ’ implies q 2   q 2 ’ for some q 2 ’ such that q 1 ’ S q 2 ’ –q 2   q 2 ’ implies q 1   q 1 ’ for some q 1 ’ such that q 1 ’ S q 2 ’ q 1 and q 2 are observationally equivalent, or weakly bisimulation equivalent, if q 1 S q 2 for some weak bisimulation relation S q 1  q 2 : q 1 and q 2 are observationally equivalent/weakly bisimilar

9. 4/25/2015 9 Examples a a a a a a a a b b c c c        

10. 4/25/2015 10 Examples b a  b a  a  b All three are inequivalent

11. 4/25/2015 11 Bisimulazioni Strong Weak Branching

12. 4/25/2015 12 Bisimulazioni Strong Se un processo/stato può fare una mossa, allora può farla anche l ’ altro e viceversa. a c bc b b a a bc

13. 4/25/2015 13 Bisimulazioni weak Un processo può passare attraverso più stati (non equivalenti e non allineati) con mosse invisibili, tentando di simulare l ’ altro. a b c b a b c a

14. 4/25/2015 14 Bisimulazioni branching Un processo può passare attraverso più stati (equivalenti) con mosse invisibili, mentre l ’ altro è fermo, ma mantiene le stesse potenzialità. a b b a bc b a c

15. 4/25/2015 15 Proving Equivalences The bisimulation proof method: To establish P  Q: 1. Identify a relation S such that P S Q 2. Prove that S is a weak bisimulation relation This is the canonical method There are other methods for process verification: 1. Equational reasoning 2. Temporal logic specification/proof/model checking

16. 4/25/2015 16 Bisimilarità: massimo punto fisso

17. 4/25/2015 17

18. 4/25/2015 18

19. 4/25/2015 19

20. 4/25/2015 20

21. 4/25/2015 21

22. 4/25/2015 22

23. 4/25/2015 23

24. 4/25/2015 24

25. 4/25/2015 25

26. 4/25/2015 26

27. 4/25/2015 27

28. 4/25/2015 28

29. 4/25/2015 29

30. 4/25/2015 30

31. 4/25/2015 31

32. 4/25/2015 32

33. 4/25/2015 33