Process Algebra Book: Chapter 8
The Main Issue Q: When are two models equivalent? A: When they satisfy different properties. Q: Does this mean that the models have different executions?
What is process algebra? An abstract description for nondeterministic and concurrent systems. Focuses on the transitions observed rather than on the states reached. Main correctness criterion: conformance between two models. Uses: system refinement, model checking, testing.
Different models may have the same set of executions! a aa b bc c a-insert coin, b-press pepsi, c-press pepsi-light d-obtain pepsi, e-obtain pepsi-light d d ee
Actions: Act={a,b,c,d} { }. Agents: E, E, F, F1, F2, G1, G2, … E E G2G1 F1F2 F a aa b bc c Agent E may evolve into agent E. Agent F may evolve into F 1 or F2. d d ee
Events. E E G2G1 F1F2 F a aa b bc c Ea E, Fa F1, Fa F2, F1a G1, F2a G2. G1 F, G1 F.
Actions and co-actions For each action a, except for, there is a co- action a. a and a interact (a input, a output). The coaction of a is a. G2G1 F1F2 F aa bc E E a bc
Notation a.E – execute a, then continue according to E. E+F – execute according to E or to F. E||F – execute E and F in parallel. E GH F a bc a.(b+c) (actually, a.((b.0)+(c.0)) Ea F Fb G Fc H 0 – deadlock/termination.
Conventions. has higher priority than +..0 or.(0||0||…||0) is omitted.
CCS - calculus of concurrent systems [Milner]. Syntax a,b,c, … actions, A, B, C - agents. a,b,c, coactions of a,b,c. -silent action. nil - terminate. a.E - execute a, then behave like E. + - nondeterministic choice. || - parallel composition. \L - restriction: cannot use letters of L. [f] - apply mapping function f between between letters.
Semantics (proof rule and axioms). Structural Operational Semantics SOS a.p –a p pa p |-- p+q –a p qa q |-- p+q –a q pa p |-- p|q –a p|q qa q |-- p|q –a p|q pa p, qa q |-- p|q – p|q pa p, a R |-- p\L –a p\R pa p |-- p[m]m(a) p[m]
Action Prefixing a.Ea E (Axiom) Thus, a.(b.(c||c)+d)a (b.(c||c)+d).
Choice Ea E Fa F (E+F)a E (E+F)a F b.(c||c)b (c||c). Thus, (b.(c||c)+e)b (c||c). If Ea E and Fa F, then E+F has a nondeterministic choice.
Concurrent Composition Ea E Fa F E||Fa E||F Ea E, Fa F E||F E||F cc 0, cc 0, c||c 0||0, c||cc 0||c, c||cc c||0.
Restriction Ea E, a, a R E\R –a E\R In this case: allows only internal interaction of c. c||c 0||0 c||cc 0||c c||cc c||0 (c||c) \ {c} (0||0) \{c}
Relabeling Ea E E[m] –m(a) E[m] No axioms/rules for agent 0.
Examples a.E||b.F a.E||F E||b.F E||F b b a a
Derivations (0||0) a.(b.(c||c)+d) b.(c||c)+d (c||c)0 (0||c)(c||0) a b d c c c c
Modeling binary variable C0=is_0?. C0 + set_1. C1 + set_0. C0 C1=is_1?. C1 + set_0. C0 + set_1. C1 C0C1 set_1 set_0 is_0? set_1 is_1?
Equational Definition E=a.(b..E+c..E) Ea E, A=E F=a.b..F+a.c..F Aa E G2G1 F1F2 F aa bc E E a bc
Trace equivalence: Systems have same finite sequences. Same traces F aa bb E a b c c E=a.(b+c)F=(a.b)+a.(b+c)
Failures: comparing also what we cannot do after a finite sequence. F a a bb E a b c c Failure of agent E: (σ, X), where after executing σ from E, none of the events in X is enabled. Agent F has failure (a, {c}), which is not a failure of E.
Simulation equivalence Relation over set of agents S. R S S. E R F If E R F and Ea E, then there exists F, Fa F, and E R F. E cd bb a a F c d bb a
Simulation equivalence Relation over set of agents S. R S S. E R F If E R F and Ea E, then there exists F, Fa F, and E R F. E cd bb aa F cd bb a
Here, simulation works only in one direction. No equivalence! Relation over set of agents S. R S S. E R F If E R F and Ea E, then there exists F, Fa F, and E R F. E cd bb aa F cd bb a want to establish symmetrically necessarily problem!!!
Simulation equivalent but not failure equivalent Left agent a.b+a has a failure (a,{b}). E b aa F b a
Bisimulation: same relation simulates in both directions Not in this case: different simulation relations. E b aa F b a
Hierarchy of equivalences Bisimulation Trace FailureSimulation
Example: A=a.((b.nil)+(c.d.A)) B=(a.(b.nil))+(a.c.d.B) a b c d s0s0 s1s1 s2s2 s3s3 a d b a c t0t0 t1t1 t4t4 t2t2 t3t3
Bisimulation between G 1 and G 2 Let N= N 1 U N 2 A relation R : N 1 x N 2 is a bisumulation if If (m,n) in R then 1. If ma m then n:na n and (m,n) in R 2. If na n then m:ma m and (m,n) in R. Other simulation relations are possible, I.e., m=a=> m when m …a m.
Algorithm for bisimulation: Partition N into blocks B 1 B 2 … B n =N. Initially: one block, containing all of N. Repeat until no change: Choose a block B i and a letter a. If some of the transitions of B i move to some block B j and some not, partition B i accordingly. At the end: Structures bisimilar if initial states of two structures are in same blocks.
Correctness of algorithm Invariant: if (m,n) in R then m and n remain in the same block throughout the algorithm. Termination: can split only a finite number of times.
Example: a b c d s0s0 s1s1 s2s2 s3s3 a d b a c t0t0 t1t1 t4t4 t2t2 t3t3 {s 0,s 1,s 2,s 3,t 0,t 1,t 2,t 3,t 4 }
Example: a b c d s0s0 s1s1 s2s2 s3s3 a d b a c t0t0 t1t1 t4t4 t2t2 t3t3 {s 0,s 1,s 2,s 3,t 0,t 1,t 2,t 3,t 4 } split on a. {s 0,t 0 },{s 1,s 2,s 3,t 1,t 2,t 3,t 4 }
Example: a b c d s0s0 s1s1 s2s2 s3s3 a d b a c t0t0 t1t1 t4t4 t2t2 t3t3 {s 0,t 0 },{s 1,s 2,s 3,t 1,t 2,t 3,t 4 } split on b {s 0,t 0 },{s 1,t 1 },{s 0,s 2,s 3,t 2,t 3,t 4 }
Example: a b c d s0s0 s1s1 s2s2 s3s3 a d b a c t0t0 t1t1 t4t4 t2t2 t3t3 {s 0,t 0 },{s 1,t 1 },{s 2,s 3,t 2,t 3,t 4 } split on c {s 0,t 0 },{s 1 },{t 1 },{s 2,s 3,t 2,t 3,t 4 }
Example: {s 0,t 0 },{s 1 },{t 1 },{s 2,s 3,t 2,t 3,t 4 } split on c {s 0,t 0 },{s 1 },{t 1 },{t 4 },{s 2,s 3,t 2,t 3 } a b c d s0s0 s1s1 s2s2 s3s3 a d b a c t0t0 t1t1 t4t4 t2t2 t3t3
Example: {s 0,t 0 },{s 1 },{t 1 },{t 4 },{s 2,s 3,t 2,t 3 } split on d {s 0,t 0 },{s 1 },{t 1 },{t 4 },{s 3, t 3 },{s 2,t 2 } a b c d s0s0 s1s1 s2s2 s3s3 a d b a c t0t0 t1t1 t4t4 t2t2 t3t3
Example: {s 0,t 0 },{s 1 },{t 1 },{t 4 },{s 2,t 2 },{s 3,t 3 } split on a {s 0 },{t 0 },{s 1 },{t 1 },{t 4 },{s 3, t 3 },{s 2,t 2 } a b c d s0s0 s1s1 s2s2 s3s3 a d b a c t0t0 t1t1 t4t4 t2t2 t3t3
Example: {s 0 },{t 0 },{s 1 },{t 1 },{t 4 },{s 2,s 3,t 2,t 3 } split on d {s 0 },{t 0 },{s 1 },{t 1 },{t 4 },{s 3 },{t 3 },{s 2,t 2 } a b c d s0s0 s1s1 s2s2 s3s3 a d b a c t0t0 t1t1 t4t4 t2t2 t3t3