Conference PaperPDF Available

Efficient Bisimilarities from Second-Order Reaction Semantics for

Authors:
Efficient Bisimilarities from Second-order
Reaction Semantics for π-calculus?
Pietro Di Gianantonio1Svetlana Jakˇsi´c2Marina Lenisa1
1Dipartimento di Matematica e Informatica, Universit`a di Udine, Italy.
{digianantonio,lenisa}@dimi.uniud.it
2Faculty of Engineering, University of Novi Sad, Serbia. sjaksic@uns.ac.rs
Abstract. We investigate Leifer and Milner RPO approach for deriv-
ing efficient (finitely branching) LTS’s and bisimilarities for π-calculus.
To this aim, we work in a category of second-order term contexts and
we apply a general pruning technique, which allows to simplify the set
of transitions in the LTS obtained from the original RPO approach.
The resulting LTS and bisimilarity provide an alternative presentation
of symbolic LTS and Sangiorgi’s open bisimilarity.
Introduction
Recently, much attention has been devoted to deriving labelled transition systems
and bisimilarity congruences from reactive systems, in the context of process lan-
guages and graph rewriting. Through the notion of contextual equivalence, re-
active systems naturally induce behavioural equivalences which are congruences
w.r.t. contexts, while LTS’s naturally induce bisimilarity equivalences with coin-
ductive characterizations. However, such equivalences are not congruences in
general, and it can be a difficult task to derive LTS’s inducing bisimilarities
which are congruences.
Leifer and Milner [1] presented a general categorical method, based on the
notion of Relative Pushout (RPO), for deriving a transition system from a re-
active system, in such a way that the induced bisimilarity is a congruence. The
labels in Leifer-Milner’s transition system are those contexts which are minimal
for a given reaction to fire. In the literature, some case studies have been carried
out in the setting of process calculi, for testing the expressivity of Leifer-Milner’s
approach [2,3,4,5,6,7,8]. Moreover, to deal with structural rules, an elaboration
of the RPO theory in the G-category setting (GRPO) has been introduced by
Sassone and Sobocinski in [2].
In general, in applying the RPO construction one needs to deal with the
following problems:
To encode all the characteristics of the language, mainly: structural rules, name
abstraction, name hiding.
?Work partially supported by PRIN Project SISTER 20088HXMYN and FIRB
Project RBIN04M8S8, both funded by MIUR.
To obtain a label transition system which is usable, where proofs of bisimi-
larities require to consider only a finite set of transitions at each step. Almost
always, the RPO approach generates LTS’s that are quite large and often redun-
dant, in the sense that most of the transitions can be eliminated from the LTS
without affecting the induced bisimilarity.
When the RPO construction is performed, by embedding the category of terms
in a larger category, the resulting LTS can contain states that do not correspond
to any term of the language, and whose intuitive meaning is quite difficult to
grasp.
In order to solve the above problems, the RPO construction needs to be
tuned-up, that is we have to find a convenient category in which to perform the
construction, and general methods for pruning the LTS.
In a previous work [7], we solve the above problems for the prototypical ex-
ample of CCS. In [7], we use a category of term contexts,i.e. a Lawvere category.
We encode names, and name binding using de Bruijn indexes ; this allows a rela-
tively simple and formally correct treatment of names, which, when represented
natively, can be quite subtle to treat. Moreover, in [7] we introduce a general
technique, which allows to prune an LTS obtained from a RPO-construction,
without modifying the induced bisimilarity. This is achieved by eliminating de-
finable sets of transitions, i.e transitions whose effect can be obtained by other
transitions. In [7], by using the above ideas in applying the (G)RPO construction
to CCS, we obtain the standard LTS from the standard reaction semantics. This
is an indication that the (G)RPO technique in combination with our general
pruning technique can generate useful LTS’s.
In the present work, we treat in detail the π-calculus. The techniques devel-
oped for CCS turn out to be useful also for the π-calculus, but for the latter,
in order to get an efficient LTS, a further ingredient is necessary, i.e. second-
order contexts. Categories of second-order term contexts have been introduced
in [9] as generalizations of the Lawvere category of terms, where parametric rules
can be readily represented. Intuitively, if we apply Leifer-Milner technique to π-
calculus by working in a standard Lawvere category of term contexts, in the
resulting LTS, for any process Pexposing an output prefix, we need to consider
transitions P[ ]|a(x).Q
P0, for all Q. All these label contexts are “minimal” for
the reduction to fire; we cannot avoid Q, since, in the resulting process P0, a
substitution is applied to Q. This makes the LTS inefficient. To overcome this
problem, we use second-order contexts. In this way, all the above transitions can
be parametrically captured by a single transition P[ ]|a(x).X
P00, where Xis a
variable representing a generic term, which will be possibly instantiated in the
future.
The final result of our construction produces a bisimilarity which is a mild
variation of Sangiorgi’s open bisimilarity. In order to get the final efficient char-
acterization of our bisimilarity, we need a further ad-hoc pruning. However, even
if the GRPO construction does not directly give the final result, once applied, it
produces an LTS which is a superset of the final usable one. Identifying redun-
2
dant transitions is then not so difficult; the only difficult part is to prove that
these are redundant.
Interestingly enough, our analysis provides new insights on the theory of
π-calculus, namely we obtain an alternative presentation of symbolic LTS and
open bisimilarity, where distinctions do not appear.
Remarkably, the Leifer-Milner technique has lead us to a bisimilarity con-
gruence substantially in a direct way, just using general tools, without the need
of new concepts. Whereas, in the standard treatment, in moving from CCS to
π-calculus, various new notions are required, such as bound output transitions,
distinctions, etc. In conclusion, the results for CCS of [7] and the above results
for π-calculus are rather satisfactory, and they are an indication that the general
techniques used in this paper could also give new insights on more recent calculi,
whose theory is still evolving.
Related Work. The RPO construction has been applied to π-calculus in [3,10].
In [3], History Dependent Automata are used to present a reactive system for the
fragment of π-calculus without the ν-operator. The reactive system is obtained
by starting from an LTS and then incorporating the labels in the initial state of
the transition. The reactive system considered in [10] is based on the theory of
bigraphs and models the asynchronous π-calculus.
The present work is also related to [11]. Both works use categories that
are suitable generalizations of the Lawvere category of contexts. However, in
our work we strictly apply the RPO construction to derive an LTS for the π-
calculus, while [11] uses the RPO construction as a sort of inspiration for defining
directly an LTS for the π-calculus. The two works use a quite different notion of
generalized context, and thus also the obtained LTS’s are quite different.
Summary. In Section 1, a presentation of π-calculus syntax with de Bruijn
indexes and parametric reaction semantics is given. In Section 2, the GRPO
technique is applied to π-calculus, and efficient characterizations of the GIPO
bisimilarity are investigated. In Section 3, GIPO bisimilarity is compared with
open bisimilarity. Final remarks appear in Section 4. In Appendix A, the theory
of RPO’s in the G-category setting, and the general pruning technique of [7] are
recalled; in Appendix B some proofs are collected.
1 Second-order π-calculus Processes
In this section, we present a version of π-calculus with de Bruijn indexes to-
gether with reaction semantics. Such presentation allows us to deal smoothly
with binding operators, and it is needed for extending to contexts the structural
congruence on processes. In our presentation, π-calculus names a0, a1, . . . are
replaced by de Bruijn indexes r0, r1, . . ., which are name references.
Intuitively, a name reference can be viewed as a link (or a pointer). So a
bound name is replaced by a link to the corresponding binding operator, while
a free name is replaced by a link to its occurrence in a list of names. Concretely,
links are represented by natural numbers, and:
binding operators νand input prefix do not contain any name;
3
the index rirefers to the free name ajif j=in0 and riappears under
the scope of nbinding operators;
otherwise, if i<n, then riis bound by the i+ 1-th binding operator on its
left.
E.g. in νr1().r2r0.0, r0is bound by the input prefix r1(), while r1and r2both
refer to the free name a0. In standard syntax, the above process will be written
as (νa)a0(a0).a0a0.0.
Definition 1 (π-calculus Processes). Let r0, r1, . . . R be name references;
we will use r, s as metavariables for name references. We define
(Act 3)α::= τ|r() |rs actions
(G 3)M::= 0 |M1+M2|α.P |Yguarded processes
(P 3)P::= M|X|νP |P1|P2|rec X.P |σP processes
where
X, X0, X1, . . . X are process variables, and Y, Y0, Y1, . . . Y are guarded
process variables; we will use Zto range over X Y;
the process variable Xappears guarded in rec X.P ;
σis a name substitution obtained as a finite composition of the transforma-
tions {δi}i0 {si}i0 {tij }i,j0, where δi,sirepresent the i-th shifting
and the i-th swapping, respectively, and ti,j are the singleton substitutions,
defined by:
δi(rj) = (rj+1 if ji
rjif j < i si(rj) =
rjif j6=i, i + 1
ri+1 if j=i
riif j=i+ 1
ti,j (rk) = (rkif k6=i
rjif k=i
Aclosed process is a process in which each occurrence of a variable is in the
scope of a rec operator.
In the following definition, we introduce the notion of second-order context,
consisting of a variable substitution θand a first-order context:
Definition 2 (Second-order Contexts). We define the second-order 1-hole
process contexts (contexts) by:
C::= [ ]θ|νC|P+C|C+P|P|C|C|P|rec X.C|σC
where θ=θX+θY:X+Y P +Gis a substitution of processes for process
variables, mapping (guarded) process variables into (guarded) processes.
4
Notation. We will often denote substitutions by the list of variables which are
actually substituted, i.e. as {P1/X1, . . . , Pm/Xm, M1/Y1, . . . , Mn/Yn}, omitting
the variables which are left unchanged. Moreover, for denoting second-order con-
texts, we will also use the notation C[ ]θ, when we need to make explicit the
variable substitution θ.
Notice that in the above definition of contexts we do not distinguish between
guarded and general contexts, thus also “ill-formed” contexts, such as ([ ]θ|P)+P0
are included at this stage. In Section 2, where we will apply the GIPO technique,
we will give a precise definition of guarded and general contexts.
In what follows, we will refer to π-calculus processes with de Bruijn indexes
and second-order contexts as terms, denoted by T. Intuitively, when a second-
order context C[ ]θis applied to a term T, the variable substitution θis applied
to Tand the resulting term is put in the hole. In order to formalize this no-
tion of context application, we first need to introduce the notion of applying a
substitution to a term:
Definition 3 (Context Application).
(i) Let Tbe a term, and let θbe a variable substitution. We define the extension
b
θto terms, by induction on Tas:
b
θ(Z) = θ(Z)b
θ([ ]θ0) = [ ]b
θθ0
b
θ(T1+T2) = b
θ(T1) + b
θ(T2)b
θ(T1|T2) = b
θ(T1)|b
θ(T2)
b
θ(σT ) = σb
θ(T)b
θ(νT ) = ν(b
θ(T))
b
θ(rec X .T ) = rec X.b
θ0(T),where θ0(Z) = (θ(Z)if Z6=X
Xif Z=X
In what follows, by abuse of notation, we will often denote b
θ(T)simply by θ(T).
(ii) Let Cbe a context and let Tbe a term, the application of Cto T, denoted
by C·T, is defined by induction on Cby:
[ ]θ·T=b
θ(T)νC·T=ν(C·T)
(P+C)·T=P+ (C·T) (C+P)·T= (C·T) + P
(P|C)·T=P|(C·T) (C|P)·T= (C·T)|P
(rec X.C·T) = rec X.(C·T) (σC)·T=σ(C·T)
In order to apply the GRPO technique to π-calculus, it is convenient to
extend the structural congruence, which is usually defined only on processes,
to all contexts. Here is where the syntax presentation `a la de Bruijn plays an
important ole. Namely the π-calculus rule
(νaP )|Qν a(P|Q),if anot free in Q
is problematic to extend to contexts with the usual syntax, since, if Qis a
context, we have to avoid captures by the ν-operator of the free variables of the
processes that will appear in the holes of Q. Using de Bruijn indexes (and index
transformations), the above rule can be naturally extended to contexts as:
(νP )|Cν(P|δ0C)
5
where the shifting operator δ0avoids the capture of free name references. In the
standard syntax there is no way of defining a general name substitution playing
the role of δ0.
The complete definition of the structural congruence is as follows:
Definition 4 (Structural Congruence). Let Tbe a term. Structural congru-
ence is the equivalence relation , closed under process constructors, inductively
generated by the usual axioms on |,+, and by:
(nu)ν00T|(νT 0)ν((δ0T)|T0)ννT ννs0T
τ.νP ντ.P rs.νP νδ0(rs).P r().νP ν δ0(r()).s0P
(sigma)σ00σ(rs.T )σ(r)σ(s)(T)
σ(τ.T )τ(T)σ(r().T )σ(r)()+1 T
σ(T|T0)σ(T)|σ(T0)σ(rec X .T )rec X.(σT )
σ(T+T0)σ(T) + σ(T0)σ(νT )ν(σ+1 T)
σ1. . . σmTσ0
1. . . σ0
nT, if σ1. . . σm=σ0
1. . . σ0
n
(subs) [ ]θ[ ]θ1if X θ(X)θ1(X) (rec)rec X.P P[rec X.P/X ]
where σ+1(ri) = (r0if i= 0
(σ(ri1))+1 otherwise σ(α) =
σ(r)if α=r
σ(r)if α=r
τif α=τ
The last three (nu)-rules are not standard in π-calculus presentations, since
they are not strictly necessary for proving the basic syntactic properties of the
calculus. However, they are safe because they allow to move, inside/outside the
νoperator, prefixes which are not captured by ν, see e.g. [12]. The assumption
of such extra rules is not essential in our presentation, however it simplifies the
GIPO construction. As far as the (sigma)-rule, notice that there is an effective
procedure to determine whether σ1. . . σm=σ0
1. . . σ0
n. Namely, the two
compositions are equal if and only if they contain the same number of transfor-
mations in the forms δiand their behaviour coincides on an initial segment of
indexes (whose length can be calculated from the δi’s and the si’s involved). Fi-
nally, the unfolding rule (rec) is given only for processes P. It cannot be directly
extended to contexts, since their unfolding can produce multiple-hole contexts.
However, the above (rec)-rule is sufficient for our purposes, since we will only
need it in reducing processes.
As in the standard presentation, one can easily show that each π-calculus
process Pis structurally congruent to a process in normal form,i.e. a process of
the shape νk(Σm1
j=1S1,j |. . . |Σmn
j=1Sn,j ), where all unguarded restrictions are at
the top level, and name substitutions do not appear at the top level. We use S
to range over processes of the shape α.P or σY . If mi= 1 for some i {1,...n}
then Scan also be of the form σX .
Definition 5 (Reaction Semantics). The reaction relation is the least re-
lation closed under the following reaction rules and reaction contexts:
6
Reaction rules. (r().X1+Y1)|(rrj.X2+Y2)(ν(t0,j+1 X1)) |X2
τ.X +YX
Reaction contexts. D::= [ ]θ|νD|P|D|D|P|σD
where σis a permutation of name references (a one to one reference substitu-
tion).
Notice that the permutation σin the definition of reaction contexts is not strictly
necessary for defining the reaction semantics. It could be omitted, without chang-
ing the reaction semantics, since, using the congruence rules, name substitutions
distribute over the actions. However, in view of the GIPO construction of Sec-
tion 2 it is useful to include it.
A mapping Tfrom standard π-calculus syntax into our de Bruijn presenta-
tion can be defined by structural induction, using an extra set of names with
negative indexes (a1, a2, . . .). The most meaningful cases are: T(P) = T0(P),
Tn(ai(aj).P ) = ri+n().Tn+1(P{an1/aj}), Tn(aiaj.P ) = ri+nrj+n.Tn(P).
For any pair of π-calculus processes P, Q on the standard syntax, it turns out
that PQin the ordinary reaction system iff T(P) T (Q) in our reaction
system. We omit the details.
2 Applying the GIPO Technique to Second-order
π-calculus
For lack of space, we do not present in detail the (G)RPO construction, we refer
to [1] for a general introduction to the RPO technique, to [2] for the presentation
of the GRPO technique and to [7], or to Appendix A, for a compact presentation
of all the theory on which the results presented here are based.
However, in order to grasp most of the material presented in the paper, the
following informal and intuitive explanations of the GRPO construction may
suffice. The main idea in the RPO construction is to define an LTS, starting
from a reaction system. The states of the derived LTS are terms, while the
labels are the minimal contexts necessary for a given reaction to fire. In more
detail, the LTS contains the transition tC
Iv, if the reaction system contains
the reaction Ctv, and for no subcontext C0of Cand no subterm v0of v,
there is a reaction C0tv0. This idea is formalized using a category where
arrows represent terms or contexts. The notion of minimal context is defined in
terms of a (relative) pushout construction. The main theoretical result is that
the LTS, obtained by the RPO construction, induces a bisimilarity that is a
congruence. The GRPO technique is a further elaboration of the RPO technique
necessary to deal with the structural rules of the syntax; here the main idea is
to perform the RPO construction in a 2-category. A 2-category is a category
having an extra notion of morphism between arrows. When such morphisms are
isomorphisms, as in the GRPO construction, the 2-category is called G-category.
In our setting, morphisms between two arrows represent a structural congruence
between two terms (the two arrows), together with an induced mapping between
7
occurrences of name references in the two terms. G-categories always allow to
distinguish between two different name references denoting the same name, also
when structural rules are used. In some cases, the RPO construction in the
standard categories having as arrows equivalence classes of terms fails to produce
the correct transitions, an example being r0().0|r0r1.0, see [2] for more details.
We define here the G-category formed by the finite (i.e. without the rec
operator) second-order π-calculus terms equipped with structural congruence.
We restrict the G-category to contain only finite processes, because we need the
2-cell morphisms to be isomorphisms. When π-calculus processes contain the rec
operator, two congruent processes can contain different numbers of actions, so,
in general, there does not exist a one-to-one map between occurrences of name
references.
It is possible to recover an LTS for the whole set of π-processes by extending
the rules obtained for the finite calculus, namely allowing parametric rules to
be applied also to terms containing the rec operator (and by considering the
unfolding rule for rec). Quite general arguments show that, in the extended LTS,
the bisimilarity is still a congruence. Briefly, the arguments are the following.
To any infinite process Pone associates the set of its finite approximations
{Po
i|i > 0}obtained by replacing, in the unfolding of P, the subterms containing
rec with 0. For the finite approximations, the following properties hold:
each Po
iis simulated by P,
if every finite approximation of Pis simulated by Q, then also Pis simulated
by Q,
if a finite process Pois simulated by Q, then there exists a finite approxi-
mation of Qsimulating Po.
Since the behaviour of a term is described by the behaviour of its finite approx-
imations, from the fact that simulation is a precongruence on finite approxima-
tions it follows that simulation is also a precongruence on infinite processes.
Moreover, once restricted to finite processes, in the definition of π-calculus
term category, it is sufficient to consider linear terms, that is terms where each
variable appears at most once. This restriction is justified by the fact that, in the
GIPO transition system, closed terms generate only linear open terms; moreover,
it simplifies the GIPO construction below.
Since the π-calculus grammar needs to distinguish between guarded and
generic terms, the category needs to contain two corresponding distinct objects.
Formally:
Definition 6 (Category of Second-order π-calculus Terms). Let Cπbe
the category defined by:
Objects are ,G,P.
Arrows from to G(P) are linear (un)guarded processes, i.e. processes where
each variable appears at most once. Arrows A→Bare the contexts CB
A
generated by the grammar:
CG
G::= [ ]θ|α.CP
G|CG
G+M|M+CG
G
8
CG
P::= α.CP
P|CG
P+M|M+CG
P
CP
G::= CG
G|νCP
G|CP
G|P|P|CP
G|σCP
G
CP
P::= [ ]θ|CG
P|νCP
P|CP
P|P|P|CP
P|σCP
P
where any context CB
A=C[ ]θis linear, i.e. any variable appears at most
once in C[ ] and in the codomain of θ.
The identity arrow on Gand Pis [ ]id. The only arrow with codomain is the
identity. The composition between morphisms T:A→A0,T0:A0 A00 is the
context application T0·T.
In what follows, when not necessary, we will omit tags from contexts.
One can easily prove that the above definition is well-posed. In particular,
associativity of composition follows from associativity of composition of variable
substitutions.
By induction on a proof of structural congruence, it is possible to show that
two structurally congruent finite terms have the same number of occurrences for
each action, and each proof of congruence induces a one to one map between
instances of name references in an obvious way. Thus we can define:
Definition 7 (2-cell isomorphisms). 2-cell isomorphisms between Tand T0
in Cπare the one-to-one maps between occurrences of name references in Tand
T0, induced by the proof of structural congruence.
The above maps induce a structure of G-category on Cπ. Horizontal composi-
tion corresponds to the union of the one-to-one maps , while vertical composition
amounts to standard function composition. One can easily check that horizon-
tal and vertical compositions are well-behaved, in particular the “middle-four
interchange law” holds. Thus we have:
Proposition 1. The structural congruence on terms induces a structure of G-
category on Cπ.
Now we can define the G-reaction system of finite (second order) π-calculus
processes:
Definition 8 (G-reaction system). The G-reaction system Cπconsists of
the G-category of π-calculus terms Cπ;
the distinguished object ;
the subset of linear reaction contexts of Definition 5;
the reaction rules of Definition 5.
One can easily check that the set of reaction contexts as defined above are
composition-reflecting and closed under 2-cells. In particular, in proving that
contexts are composition-reflecting, it turns out to be essential to have included
also reaction contexts of the shape σD, for σa permutation.
Proposition 2. The G-reaction system Cπhas redex GRPOs.
9
A proof of the above proposition appears in Appendix B.
Table 1 summarizes the GIPO contexts (i.e. the labels in the derived LTS)
for every possible term (up-to structural congruence). For simplicity, we denote a
term equivalence class simply by a special representative. For each process P, on
the basis of its form (specified in the first column of the table), the correspond-
ing GIPO contexts are listed, i.e. the “minimal” contexts which make possible
a certain reaction. Redex squares can be classified according to the following
“parameters”:
type of the reaction rule (τ-reaction or communication);
how elements of the redex are obtained:
already present in P;
by instantiating variables in P;
appearing in the context;
in case of variable instantiation by an output action, the name sent can be
either private or public.
A more detailed description of the GIPO contexts of Table 1 follows.
Rows 1–3 correspond to a τ-reaction, while rows 4–13 correspond to a com-
munication reaction. In particular, row 1 takes into account the case where an
internal transition in the process Pis present. In such case the GIPO context
is the identity, up-to a certain bijective name substitution βand a variable sub-
stitution δ. The substitution δsends all variables into variables with even index
(see the note at the bottom of Table 1), and it is used to preserve linearity in the
term C·P. Namely, δensures that the variables with odd indexes will not appear
in the process, and hence they can be used in the context (see e.g. row 2). Row 2
corresponds to the case where a variable Zappears at the top of a process P, and
the GIPO context instantiates the variable with a τ-transition. Row 3 shows all
GIPO contexts where the τ-reaction is “all inside the context” (and the process
plays a passive ole). Row 4 corresponds to the case where the process Pexposes
two complementary actions. Then the minimal context in which the communi-
cation arises is βι[ ]δ, where βis a name substitution and ιis the identity, if the
channel references rand r0in the complementary actions already matches, or a
singleton substitution fusing the two channel references, otherwise, see the note
at the bottom of Table 1. Here we use a function [[ ,]] to express the fact that
the two occurrences of name references in the complementary actions refer to the
same name. This function, given a process and an occurrence of a name reference
riin it, provides the “absolute” index of the name referred by the the occurrence
ri, if riis free in P, that is [[P, ri]] = jmeans that rirefers to the free name
aj; otherwise, if riis bound, [[P, ri]] provides the negative index corresponding
to the nesting level of the occurrence riinside the binding operators (νor input
prefix) in P(we omit the formal definition). Rows 5 and 6 take into account
the case where the process Pexposes either an input or an output action and
the GIPO context provides the complementary action for the communication.
In rows 7–12 we consider all cases where one or two variables appear in P. Then
a communication reaction arises when the GIPO context instantiates the two
variables by a complementary actions (rows 7,7’), or it instantiates a variable by
10
an input (output) action and provides the complementary action (rows 8,9,9’),
or the GIPO context instantiates the variable in Pby the whole communication
redex (rows 10,10’), or finally the GIPO context instantiates the variable with
an action and the complementary action already appears in the process (rows
11,11’,12). Notice that when a variable is instantiated with an output action, we
need to consider two possible instantiations, that is the one where the name sent
is not locally bounded (7,9,10,11) and the one where the name sent is private,
i.e. locally bounded by ν(7’,9’,10’,11’). The last row 13 in the table takes into
account the cases where a communication redex is all in the context.
The GIPO LTS described in Table 1 is quite redundant. Namely, there are
many GIPO contexts which are intuitively redundant; e.g. all contexts in rows
3 and 13, which are “not engaged”. Moreover, in various other cases the effect
of some GIPO contexts can be simulated by a restricted set of simpler contexts.
Many redundant contexts can be eliminated by applying the general pruning
technique presented in [7] and recalled in Appendix A. The result is the LTS of
reduced GIPO contexts,R, formed by the contexts marked by in the column
R of Table 1, in which the name substitution βis restricted to be the identity.
Namely, the GIPO LTS of Table 1 is definable from the set Rof reduced GIPO
contexts. A proof of this can be found in Appendix B. As a consequence, our
general pruning technique ensures that the bisimilarity Rinduced by the LTS
defined in column R coincides with the original GIPO bisimilarity G, and hence
it is a congruence.
A further simplified LTS can be obtained by an ad-hoc analysis. In fact, one
can prove that the GIPO context in row 2 of Table 1 can be eliminated, since
intuitively it just allows us to observe that a variable appears in the term, but
there are other contexts that allow us to observe this. Also the GIPO contexts in
rows 7’,9’,11’ are redundant; intuitively, the behavior of a process which receives
a new bound name is subsumed by the behavior of the same process receiving a
new free name. Moreover, the σ’s of the GIPO contexts in rows 5,6,8,9 can also
be avoided.
Formally, we define an LTS, F, composed by the GIPO contexts marked by
?in column F of Table 1. The proof that the bisimilarity induced by the LTS
Fcoincides with the original GIPO bisimilarity is based on the technique of the
“bisimulation up-to”, and follows from Lemma 2 given in Appendix B.
Proposition 3. The bisimilarity Finduced by the LTS Fcoincides with the
original GIPO bisimilarity G, and hence it is a congruence.
Apparently, the LTS F obtained is still infinitely branching. This is due to
the fact that we consider transitions where the context contains an output action
rs.X, and scan be any reference. But, when comparing two processes P, Q in
the bisimilarity relation, it is sufficient to consider sto be a reference to a name
in Por Q, or a reference to just a new name not appearing in Por Q. In this
way, we get a finitely branching LTS.
Now, if our aim is to define a bisimilarity relation on π-calculus processes
which do not contain process variables, then it is possible to consider a much
11
Table 1. π-calculus GIPO contexts.
Process GIPO context R F
Pνk(Σm1
j=1S1,j |. . . |Σmn
j=1Sn,j )C
1i, j. Si,j =τ.Pi,j β[ ]δ?
2i, j. Si,j =σZ β[ ]{(τ .X1+Y1)/δZ}◦δ
3C0[ ]θ+τ.X1
C0[ ]θ|(τ.X1+Y1)
τ.C 0[ ]θ+Y1
4i, j, i0, j0. i 6=i0βι[ ]δ?
Si,j =r().Pi,j Si0,j0=r0s.Pi0,j0
5i, j. Si,j =r().Pi,j (r0s.X1+Y1)|(σ[ ]δ+Y3)?
6i, j. Si,j =rs.Pi,j (r0().X1+Y1)|(σ[ ]δ+Y3)?
7i, j, i0, j0. i 6=i0βι[ ]{(r().X1+Y1)/δZ ,(r0s.X3+Y3)/δZ 0}◦δ?
Si,j =σ1ZSi0,j0=σ2Z0
7’ i, j, i0, j0. i 6=i0βι[ ]{(r().X1+Y1)/δZ (r0r0.X3+Y3)/δZ0}◦δ
Si,j =σ1ZSi0,j0=σ2Z0
8i, j. Si,j =σ0Z(r0s.X1+Y1)|σ[ ]{(r().X3+Y3)/δZ}◦δ?
9i, j. Si,j =σ0Z(r0().X1+Y1)|σ[ ]{(rs.X3+Y3)/δZ}◦δ?
9’ i, j. Si,j =σ0Z(r0().X1+Y1)|σ[ ]{ν(rr0.X3+Y3)/δZ}◦δ
10 i mi= 1 Si,1=σX β[ ]{((r().X1+Y1)|(r0s.X3+Y3))/δX}◦δ?
r6=r0r6=r0
10’ i mi= 1 Si,1=σX β[ ]{((r().X1+Y1)|ν(r0r0.X3+Y3))/δX}◦δ
11 i, j, i0, j0. i 6=i0βι[ ]{(r0s.X1+Y1)/δZ}◦δ?
Si,j =σZ Si0,j0=r().Pi0,j 0
11’ i, j, i0, j0. i 6=i0βι[ ]{ν(r0r0.X1+Y1)/δZ}◦δ
Si,j =σZ Si0,j0=r().Pi0,j 0
12 i, j, i0, j0. i 6=i0βι[ ]{(r0().X1+Y1)/δZ}◦δ?
Si,j =σZ Si0,j0=rs.Pi0,j0
13 C0[ ]θ|(r().X1+Y1)|(rs.X3+Y3)
(rs.X1+Y1)|(C0[ ]θ+r().X3)
(rs.X1+Y1)|(r().C0[ ]θ+Y3)
where:
- the substitution δ= [X2h/Xh, Y2h/Yh]h0sends all variables into variables with even index;
-C0[ ]θin rows 3 and 13 is any second-order context s.t. the variables in the GIPO context
are not in the codomain of θ;
-r, r0are such that [[C·P, r]] = [[C·P , r0]];
- if Cis of the form βιC0, then ιis the identity if [[C0·P, r ]] = [[C0·P, r0]], and a singleton
substitution otherwise.
where β, if it appears, is the identity.
?where βand σ, if they appear, are the identity.
12
Table 2. π-calculus final GIPO contexts for closed processes.
Process GIPO Context
Pνk(Σm1
j=1S1,j |. . . |Σmn
j=1Sn,j |σX)C
1i, j. Si,j =τ.Pi,j [ ]id
2i, j, i0, j0. i 6=i0Si,j =r().Pi,j Si0,j0=r0s.Pi0,j 0ι[ ]id
3i, j. Si,j =r().Pi,j [ ]{r0s.X1+Y1/δX}◦δ
4i, j. Si,j =rs.Pi,j [ ]{r0().X1+Y1/δX }◦δ
5 [ ]{(r().X1+Y1|r0s.X3+Y3)/δX}◦δ
r6=r0
where:
-r, r0are such that [[C·P, r]] = [[C·P , r0]];
- if Cis of the form ι[ ]id, then ιis the identity if [[P, r ]] = [[P, r0]], and
a singleton substitution otherwise.
simpler LTS, namely the LTS presented in Table 2. This LTS is intended for
processes in the form νk(P|σX ), with Pa closed process. The above set of
processes is closed by all transitions, but 5, which is then meant to be applied just
once. In order to compare two closed processes P, Q, we proceed by comparing
the processes P|Xand Q|X, using the LTS of Table 2. Namely, if Cdenotes
the induced bisimilarity, we have:
Proposition 4. For any pair of closed processes P, Q, we have that PFQiff
P|XCQ|X.
3 GIPO Bisimilarity on Standard Syntax vs Open
Bisimilarity
In this section, first we provide a presentation of GIPO LTS and bisimilarity
for closed processes in the standard π-calculus syntax. Then, we compare this
bisimilarity with Sangiorgi’s open bisimilarity, [13]. GIPO bisimilarity turns out
to be finer than open bisimilarity; however a small variant of it gives exactly
the open bisimilarity. Thus, interestingly enough, we obtain an efficient char-
acterization of open bisimilarity, alternative to Sangiorgi’s characterization on
the symbolic LTS, [13]. An advantage of our presentation lies in the fact that
our bisimilarity has a direct definition of the LTS, without requiring the extra
machinery of distinctions.
3.1 A Presentation of GIPO Bisimilarity on Standard Syntax
In order to compare our GIPO LTS and bisimilarity with standard LTS’s and
bisimilarities of π-calculus, it is useful to provide a presentation of GIPO LTS
and bisimilarity for closed processes in the standard π-calculus syntax.
13
The intuitive idea is the following. The LTS in Table 2 uses terms having
form νk(P|σX). In the standard syntax, there is an immediate correspondent
for the part νk(P), that is the corresponding nameful π-calculus term. Less
obvious is how to define a correspondent for the σX part. The permutation σ
essentially depends on output actions that have been performed in the previous
transitions (history), and there are three important aspects: (i) the permutation
σis determined by the list of names that have been communicated by the process
Pto X(the observer); (ii) σdetermines which private names in νk(P) can be
used for future communications; (iii) through transitions of kind 5 in Table 2,
we can check which public name has been communicated to X, and whether the
same private name has been used in two different communications.
The following example illustrates the above remarks. Consider the nameful
π-calculus process (νa2)a0a2.a2a1.0, its correspondent in de Bruijn notation is
νr1r0.r0r2.0; put in parallel with a process variable X, the process becomes
ν(r1r0.r0r2.0|δ0X). According to Table 2, the only possible transition for this
process is through the GIPO context [ ]{r0().X1+Y1/δX}◦δ. The application of
the context to the term gives ν(r1r0.r0r2.0|δ0r0().X1+Y1)ν(r1r0.r0r2.0|
(r1()1X1+δ1Y1), so the result of the GIPO transition is ν(r0r2.0|ν(t0,1
δ1)X1)ν(r0r2.0|νδ0X1)ν2(r1r3.0|δ0X1). In this later process, the bound
reference r1is visible to the process variable X1, so it is possible to proceed with
the GIPO transition [ ]{r0().X1+Y1/δX1}◦δ, leading to the process ν3((t0,4δ1)X1).
The name substitution (t0,4δ1) transforms both name references r0and r3in the
name reference r4, so there is the GIPO transition [ ]{r0().X1+Y1|r3sX3+Y3/δX1}◦δ,
that allows to observe that in the previous transitions the name reference r3,
corresponding to the name a1, has been passed to X1.
Given the above observations, we represent the information captured by σX
via the list Lof private names communicated to Xby the process. We omit public
names, since they can be represented directly on the labels of the LTS, and their
presence in the list is not strictly necessary. Thus in the LTS we consider pairs
hνaQ, Lisuch that the elements of Lare names in a. Possible applications of
the α-rule to the process apply also to the list of names L.
Labels αin the LTS range over α::= τ| {a0/a} | xy |xy, where we assume
the set of names ordered, and we denote by {a0/a}a singleton substitution, with
a < a0in such ordering.
Transitions hP, Liα
hP0, L0iare described in Table 3.
Remark. Traditional LTS’s use as labels part of the term, dually (G)RPO LTS’s
use as labels contexts that can interact with the term, and in particular with
the part of the term that is “put in evidence” by the traditional LTS; in the
presentation above we use a traditional approach.
In order to define the bisimilarity induced by the above LTS, we first need
to define a relation on possibly bound names w.r.t. lists of names:
Definition 9. Let L, M be name lists. We define
x=LM yiff x=a=yor x=νa y=ν a0 i. (a=L(i) a0=M(i)) .
14
Table 3. Transitions in the standard LTS.
Process List Label Process List
Pνa(Σm1
j=1S1,j |. . . |Σmn
j=1Sn,j )L α P 0L0
1i, j. Si,j =τ.Pi,j τ P 0νa(. . . |Pij |. . .)
L0L
2i, j, i0, j0.(i6=i0Si,j =a(b).Pi,j τ P 0νa(. . . |Pij {c/b} | . . .
Si0,j0=ac.Pi0,j0). . . |Pi0j0|. . .)
L0L
3i, j, i0, j0.(i6=i0Si,j =a(b).Pi,j {a0/a}P0(νa(. . . |Pij {c/b} | . . .
Si0,j0=a0c.Pi0,j0). . . |Pi0j0|. . .)){a0/a}
a, a0free(P), a < a0L0L
4i, j. Si,j =a(b).Pi,j afree(P)L xy P 0νa(. . . |Pij {c/b} | . . .)
(c6∈ bn(P)cL)LL0
5i, j. Si,j =ac.Pi,j afree(P)L xy P 0νa(. . . |Pij |. . .)
L0Lif cfree(P)
L:cotherwise
where substitution is capture-avoiding, i.e. α-conversion is possibly applied before
applying substitution; xaif afree(P)
νa otherwise and ycif c6∈ bn (P)
νc otherwise
The above relation on names can be naturally extended to labels. Then, the
GIPO bisimilarity can be recovered on standard π-calculus as the canonical
bisimilarity induced by the LTS above, up-to the use of the relation =LM on
labels instead of equality. That is, for P, Q processes on the standard syntax,
the empty list, and T(P),T(Q) the translations of P,Qin the syntax with de
Brujin indexes, we have:
Theorem 1. (P, )(Q, )iff T(P)CT(Q).
3.2 GIPO Bisimilarity vs Syntactical and Open Bisimilarity
One can check that the GIPO bisimilarity coincides with the syntactical bisimi-
larity introduced in [3] for the π-calculus fragment without the ν-operator. Syn-
tactical bisimilarity is a variant of the open bisimilarity, obtained by requiring
that a transition with a fusion label is simulated by a transition with the same
fusion (and not by a possibly τ-transition). A stronger result holds, that is a
small variation of our bisimilarity coincides with the open bisimilarity O
on the full calculus. Namely, let denote the bisimilarity obtained from by
allowing a fusion transition with label {a0/a}to be simulated either by the same
fusion or by a τ-transition. The asymmetric definition of is reminiscent of the
semi-saturated bisimilarity introduced in [6]. We have:
Theorem 2. =O.
The above theorem (whose proof is sketched in Appendix B) gives us a new
efficient characterization of the open bisimilarity. The most evident difference
15
between our presentation and the standard symbolic presentation is that in the
latter distinctions are needed, while we do not use them. An explanation for this
is that, when comparing two terms that can perform an input transition, the
open bisimilarity considers just one transition on a free name, while we need to
consider also all the transitions, where a previously communicated bound name
(contained in the list L) is received.
4 Conclusions and Future Work
We have applied the GRPO construction to the full π-calculus, using two extra
important ingredients. Firstly, we have worked in a category of second-order
contexts, based on a presentation of π-calculus with de Bruijn indexes. Secondly,
a general pruning technique has been applied, in order to simplify the LTS
obtained by the standard (G)RPO construction. Finally, the application of a
more ad-hoc simplification technique has allowed us to get an efficient LTS and
bisimilarity, and a new characterization of Sangiorgi’s open bisimilarity. As it
often happens, also in the present case Leifer-Milner technique by itself does not
directly give an efficient LTS and bisimilarity. However, this technique, applied
in the setting of second-order contexts and in combination with our general
pruning technique, gives us substantially less redundant LTS’s and bisimilarities,
and leads us to the final efficient presentation. Moreover, new insights on the
calculus are obtained by applying this machinery. The construction presented in
this paper is solid under variations of π-calculus syntax, e.g. including replication
or match/mismatch operators. In conclusion, the results obtained for π-calculus
in this paper and for CCS in [7] are quite promising; in particular, they show
that the Leifer-Milner technique is valuable in suggesting interesting notions of
LTS’s and bisimilarities. Therefore, it would be worth to experiment the above
machinery on more recent calculi, for which the notions of LTS and bisimilarity
are still evolving.
References
1. Leifer, J.J., Milner, R.: Deriving bisimulation congruences for reactive systems.
In: CONCUR. Volume 1877 of LNCS., Springer (2000) 243–258
2. Sassone, V., Sobocinski, P.: Deriving bisimulation congruences using 2-categories.
Nord. J. Comput. 10 (2003) 163–190
3. Ferrari, G.L., Montanari, U., Tuosto, E.: Model checking for nominal calculi. In
Sassone, V., ed.: FoSSaCS. Volume 3441 of LNCS., Springer (2005) 1–24
4. Gadducci, F., Montanari, U.: Observing reductions in nominal calculi via a graphi-
cal encoding of processes. In: Processes, Terms and Cycles. Volume 3838 of LNCS.,
Springer (2005) 106–126
5. Bonchi, F., Gadducci, F., onig, B.: Process bisimulation via a graphical encoding.
In: ICGT. Volume 4178 of LNCS., Springer (2006) 168–183
6. Bonchi, F., onig, B., Montanari, U.: Saturated semantics for reactive systems.
In: LICS, IEEE Computer Society (2006) 69–80
16
7. Di Gianantonio, P., Honsell, F., Lenisa, M.: Finitely branching labelled transition
systems from reaction semantics for process calculi. In: WADT. Volume 5486 of
LNCS., Springer (2009) 119–134
8. Bonchi, F., Gadducci, F., Monreale, G.V.: Reactive systems, barbed semantics,
and the mobile ambients. In de Alfaro, L., ed.: FOSSACS. Volume 5504 of Lecture
Notes in Computer Science., Springer (2009) 272–287
9. Di Gianantonio, P., Honsell, F., Lenisa, M.: RPO, second-order contexts, and
lambda-calculus. Logical Methods in Computer Science 5(2009)
10. Jensen, O.H., Milner, R.: Bigraphs and transitions. In: POPL. (2003) 38–49
11. Sobocinski, P.: A well-behaved lts for the pi-calculus: (abstract). Electr. Notes
Theor. Comput. Sci. 192 (2007) 5–11
12. Parrow, J.: An introduction to the pi-calculus. In Bergstra, Ponse, Smolka, eds.:
Handbook of Process Algebra, Elsevier (2001) 479–543
13. Sangiorgi, D.: A theory of bisimulation for the pi-calculus. Acta Inf. 33 (1996)
69–97
14. Sobocinski, P.: Deriving process congruences from reduction rules. PhD thesis,
University of Aarhus (2004)
15. Jensen, O.H., Milner, R.: Bigraphs and transitions. In: POPL, ACM (2003) 38–49
A Appendix: Reaction Systems in the G-category Setting
Definition 10 (G-Category). A 2-category Cconsists of
A set of objects: A, B, C, ...
For any pair of objects A, B C, a category C(A, B). Objects in C(A, B)are
called 1-cells morphisms, and denoted by f:AB. Arrows in C(A, B)are
called 2-cells isomorphisms and represented by α:fgor by A
f
&&
g
88
αB.
Composition in C(A, B), called vertical composition, is denoted by .
For all objects A, B and C, there is a functor :C(B , C)× C(A, B)
C(A, C), called horizontal composition, which is associative and admits the
identity 2-cells of idAas identities.
A G-category is a 2-category whose 2-cells morphisms are all isomorphisms.
Definition 11 (G-Reaction System). AG-reaction system Cconsists of:
a G-category C;
a distinguished object 0 |C|;
a collection Dof 1-cells morphisms, in C.Dis referred as the set of reaction
contexts, it is required to be closed under 2-cells, and to reflect composition.
a set of pairs RSI∈|C| C[0, I]× C[0, I ]of reaction rules.
The reaction contexts are those in which a reaction can occur. By composition-
reflecting we mean that dd0 D implies d, d0 D, while by closure under
2-cells we mean that if d D,α:dd0then d0 D.
Definition 12 (GRPO/GIPO).
17
(i) Let Cbe a G-category and let us consider the commutative diagram in
Fig. 1(i). Any tuple hI5, e, f, g, β , γ, δiwhich makes diagram in Fig. 1(ii)
commute and such that δl γt =αis called a candidate for (i).
(ii) A G relative pushout (RPO) is the smallest such candidate, i.e. it satisfies
the universal property that given any other candidate hI6, e0, f0, g 0, β0, γ0, δ0i,
there exists a mediating morphism given by a tuple hh, ϕ, ψ, τ i, with τ:
g0hg, such that diagrams in Fig. 1(iii) commute. Moreover, the fol-
lowing identities on two cells need to be satisfied: γ=τ e g0ϕγ0,δ=
δ0g0ψτ1f,β0=ψl ϕt. Such a mediating morphism must be
unique, up to 2-cell isomorphisms.
(iii) A commuting square such as diagram in Fig 1(i) is a G-idem pushout
(GIPO) if hI4, c, d, idI4, α, 1c,1diis its GRPO.
I4
I2
c
>>
|
|
|
|
|
|
|
|α
=I3
d
``B
B
B
B
B
B
B
B
0
(i)
t
aaB
B
B
B
B
B
B
Bl
==
|
|
|
|
|
|
|
|
I4
I2
e//
~
~
~
~
~
~
~
c
??
>
>
>
>#
γ
I5
g
OO
I3
f
oo
@
@
@
@
@
@
@
__
d
|δ
0
(ii)
t
``@
@
@
@
@
@
@
@l
>>
~
~
~
~
~
~
~
~
β
=
I4
I6
g0
OO
I2
e//
~
~
~
~
~
~
~
e0
??
>
>
>
>#
ϕ
c
GG
O
O
O
O#+
γ0
I5
(iii)
h
OO
I3
f
oo
@
@
@
@
@
@
@
__
f0
|ψ
//////////////
WW
d
o
o
o
o
s{δ0
Fig. 1. Redex Square and Relative Pushout.
Definition 13 (GIPO Transition System).
States: equivalence classes of arrows [t] : 0 Iin C, for any I; two arrows
are in the same equivalence class if there exists a 2-cell isomorphism between
them;
Transitions: [t][c]
I[dr]iff d D,hl, ri Rand the diagram in Fig. 1(i) is
a GIPO.
An important property of GIPO squares is that they are preserved by the
substitution of one edge with a two 2-cell isomorphic one, [14]. It follows that the
transition relation is independent from the chosen representative of an equiva-
lence class. Let Gdenote the bisimilarity induced by the GIPO LTS.
Another important property is the pasting property for GIPO squares.
Lemma 1 (GIPO pasting, [14]). Suppose that the square in Fig. 2(i) has an
GRPO and that both squares in Fig. 2(ii) commute.
(i) If the two squares of Fig. 2(ii) are GIPOs so is the outer rectangle.
(ii) It the outer rectangle and the left square of Fig. 2(ii) are GIPOs so is the
right square.
18
e0
f0//
f1
e2
g0//
g1ασf0;C
(i)
g1//
e0
f0//f1//
e1
e2
g0//
α;C
(ii)
g1//
σ;C
Fig. 2. GIPO pasting.
Definition 14 (Redex GRPO). Let Cbe a G-reaction system and t: 0 I2
an arrow in C. A redex square is a diagram in the form of Fig. 1(i), with lthe
left-hand side of a reaction rule and da reaction context. A G-reaction system
Cis said to have redex GRPOs if every redex square has a GRPO.
The following fundamental theorem is provable using the GIPO pasting
lemma:
Theorem 3. Let Cbe a G-reaction system having redex GRPOs. Then the
GIPO bisimilarity Gis a congruence w.r.t. all contexts, i.e. if aGbthen for
all cof the appropriate type, caGcb.
A.1 Pruning the GIPO LTS
In this section we present a construction (which has been firstly introduced in
[9]), allowing to prune the LTS obtained by the GIPO construction. In this way
it is possible to derive simpler and more usable LTS’s. The key notion is that of
definability. In a GIPO LTS, the GIPO transitions that are “definable” in some
suitable sense can be removed without affecting the bisimilarity induced by the
LTS.
Definition 15. Given a G-reaction system C, having redex GRPOs, let Tbe a
subset of the whole set of GIPO transitions,
(i) we say that Tis closed under bisimilarity if for any [t1],[t0
1],[t2],[t0
2],[f],
such that [t1]G[t0
1],[t2]G[t0
2],[t1][f]
I[t2],[t0
1][f]
I[t0
2], we have that:
[t1][f]
I[t2] T iff [t0
1][f]
I[t0
2] T
(ii) we say that the whole GIPO LTS is definable from Tif there exists a set
of triples { h[fk],[f0
k], eki|kK}of the following form:
[fk]GIPO label, [f0
k]GIPO label or f0
k=with fk:IkI0
k,f0
k:Ik
Jk(where we set :IkIk)
ek:JkIk(with Jkpossibly 0)
and such that, in the whole GIPO LTS, there is a transition [t][f]
I[t0]if
and only if there exist kK,t00 : 0 Jksatisfying:
[f]=[fk],
([t][f0
k]
I[t00] T )or (t00 =tf0
k=)
([t0]=[ek(t00)] Jk6= 0) or ([t0]=[ek]Jk= 0)
19
Intuitively a tuple h[fk],[f0
k], ekisays that some of the transitions with label
[fk] can be simulated by transitions with label [f0
k] and contexts ek. We allow
the extra case of f0
k=to deal with those transitions that can be simulated by
just inserting the original term in a contexts ek, following [15] we can call not
engaged these kind of transitions.
Definition 15 above is a special case of Definition 9 of [7], where the notion
of definability involves also a sort of Hennessy-Milner propositions.
Proposition 5 ([7]). Given a reaction system C, and a subset Tof transi-
tions that is closed under GIPO bisimilarity and such that the whole GIPO LTS
is definable from T, then G=T, i.e. the two GIPO LTS induce the same
bisimilarity.
B Appendix
Proof of Proposition 2.
In order to prove that the G-reaction system Cπhas redex GRPOs, it is necessary
to construct, for any possible redex square, the corresponding GRPO.
A remark about variable substitutions in GRPO constructions. Given a com-
muting square in the form α:C[ ]θ1PD[ ]θ2L, the square remains
commuting also modifying the behavior of θ1and θ2on the variables not ap-
pearing in Pand L, respectively. Since in the GRPOs need to consider the
most general substitution, it follows that, in any GRPO square having form
α:C[ ]θ1PD[ ]θ2L, for any Z1not appearing in P,θ1(Z1) must be a
variable not appearing in the codomain of θ2. A symmetric condition holds for
any variable Z2not appearing in L. Since Pand Lcontain just a finite num-
ber of variables, it follows that the substitutions θ1and θ2, for all but a finite
number of variables, map variables into variables and have disjoint codomains.
In particular, in the redex GRPO that we define, the substitution θ1, in all but
a finite number of cases, maps a variable with index iinto a variable with index
2i, while the substitution θ2, in all but a finite number of cases, maps a variable
into a variable with odd index. For the variables appearing in Pand L, the
substitutions θ1and θ2are obtained applying a sort of unification algorithm, as
described in [9]. A final condition that the substitutions θ1and θ2need to satisfy
is that any variable must appear at most once in each one of their codomains
(linearity condition) and at least once in the union of the codomains.
In more detail, considering a commuting redex square α:CPDL,
with Lr.P +M|r.Q +NP|Qthe left hand side of the communication
rule, we have that the context Ccan be written as νm(C0σ1[ ]θ1), with C0
not containing the νoperator and having name substitutions only applied to
variables, while the reaction context Dcan be written as νn(σ[ ]θ2|P2).
If the redex Lis contained (or better mapped by α1) in the process P,
the GRPO has form α0:σ1[ ] P(νmσ2[ ]θ2|P2)L. Notice that the name
substitution σ1, if different from a bijection, cannot be factorized by the GRPO
construction.
20
If the process Pcontains only one side of the redex L, the other side of the
redex can be obtained by variable substitution and in this case the GRPO has
form α0: (σ1[ ]{rX+Y/Z}◦δ)P(νmσ2[ ]θ2|P2)L, or the other side of the redex
can be generated by the context with a GRPO having form α0: (σ1[ ]|P0)P
(νmσ2[ ]θ2|Pi1|. . . |Pik)L.
If the redex Lis contained in the context C, the GRPO has form α0:C00
σ1[ ] P(νm[ ]θ2|P2)L, with ϕP contained in P0.
If the process Pis contained in the redex L(instantiated with θ2) the GRPO
has the form α0:C00 σ1[ ] P([ ]θ2)L.
Table 1 of Section 2 summarizes the GIPO contexts for every possible process.
An analysis of the various cases appear in Section 2. ut
Proposition 6.
(i) The GIPO LTS of Table 1 is definable from the set Rof reduced GIPO
contexts.
(ii) The bisimilarity Rinduced by the LTS defined by the reduced GIPO contexts
coincides with the original GIPO bisimilarity G, and it is a congruence.
Proof. (i) All transitions corresponding to GIPO contexts in raws 3 and 13 of
Table 1 can be easily shown to be definable by suitable triples with as second
element. Transitions corresponding to GIPO contexts in raw 1 of Table 1 are
definable by triples of the shape hβ[ ]δ,[ ]δ, β[ ]id i. Transitions corresponding to
GIPO contexts in raw 2 of Table 1 are definable by triples hβ[ ]{(τ.X1+Y1) Z}◦δ,
[ ]{(τ.X1+Y1)/δZ }◦δ, β[ ]i. Transitions corresponding to GIPO contexts in raws
4–9’ of Table 1 can be easily shown to be definable by the corresponding reduced
GIPO contexts, obtained by taking βto be the identity. Transitions correspond-
ing to GIPO contexts in raws 10,10’ of Table 1 are definable by τ-transitions
induced by the reduced GIPO contexts in raw 2, when r=r0; the defining tuple,
e.g. for raw 10, being hβ[ ]{((r().X1+Y1)|(rrl.X3+Y3))/δX }◦δ,[ ]{(τ.X1+Y1)/δX }◦δ,
β[ ]{((νt0,l+1 X1)|X3)/X1}i. Transitions corresponding to GIPO contexts in raw 10’,
when r6=r0, are definable by transitions corresponding to raw 10, via the tuple
hβ[ ]{((r().X1+Y1)|ν(r0r0.X3+Y3))/δX}◦δ, β[ ]{((r().X1+Y1)|(r0rl.X3+Y3))/δX }◦δ,
β[ ]{0/X1, ν(ν{r1/r0}(δ0)+1 X1|X3)/X3}i. Finally, transitions induced by GIPO con-
texts in raws 11-12 can be easily shown to be definable by the corresponding
reduced GIPO contexts.
(ii) The proof follows from Proposition 5, by showing that transitions induced
by the reduced GIPO contexts are closed under bisimilarity, according to Defi-
nition 15. ut
Lemma 2. Let Fdenote the bisimilarity induced by the final GIPO contexts
(column F of Table 1) and let Rbe the relation formed by the pairs of processes
in the form hνk(σP |σ1X1|. . . |σnXn), ν k(σQ |σ1X1|. . . |σnXn)i, and
such that there exist a integer land two name substitutions σ0, σ0satisfying the
following list of conditions.
(i) νl(σ0P|σ0X0)Fνl(σ0Q|σ0X0)
(ii) r, i . σ(r)cod(σi)σ0(r)cod(σ0);
21
(iii) r . σ(r)kσ0(r)cod(σ0);
(iv) r . σ0(r)< l σ(r)< k;
(v) r, s . (σ0(r)< k σ0(s)< k)(σ0(r) = σ0(s)σ(r) = σ(s))
(vi) For any pair of instances of name references r, s appearing in P(in Q)
[[σ0P, r]] = [[σ0P, s]] [[σP , r]] = [[σP, s]] ([[σ0Q, r]] = [[σ0Q, s]] [[σQ, r]] =
[[σQ, s]]).
The relation R Fis a bisimulation w.r.t. the reduced GIPO LTS.
Proof. We show that the relation R Fis a bisimulation w.r.t. the reduced
GIPO LTS, using the following schema: given a generic pair of terms hνk(σP |
σ1X1|. . . |σnXn), νk(σQ |σ1X1|. . . |σnXn)i R, and given an integer
land substitutions σ0, σ0for which conditions (i). . . (vi) are satisfied, for any
transition νk(σP |σ1X1|. . . |σnXn)l
IPin the reduced LTS, it is possible
to show that there exists a second transition νl(σ0P|σ0X0)l0
IP0∗, in the
final LTS, mimicking the first one. By similarity, there exists Q0∗ such that
νl(σ0Q|σ0X0)l0
IQ0∗ and, using conditions (ii), . . . , (vi), it is possible to
show that there exists Qsuch that νk(σQ |σ1X1|. . . |σnXn)l
IQand
(P, Q)R. Moreover, to complete the proof, we show if PFQ, for any
transition Pl
IPin the reduced LTS, then there exists a second transition
Pl0
IP0∗ in the final LTS, mimicking the first one. By similarity, there exists
Q0∗ such that Ql0
IQ0∗ and from this fact it follows that there exists Qsuch
that Ql
IQand (P, Q)R
Since there are many different kinds of transitions to consider, the proof is
lengthy. For shortness, here we present just two meaningful cases, the others
follows a similar schema.
Before giving in the details of the proof, we present the following consequences
of conditions (ii), (iv) and (v), which motivate their definition.
(ii) for any instance of name reference rappearing in Pand for any substitution
of the variable Xiwith s().Xi, if rand sdenote the same name in νk(σP |
σ1X1|. . . |σi(s().Xi)|. . . |σnXn),then there exists an instantiation
s0().X0for the variable X0such that rand s0denotes the same name in
νl(σ0P|σ0(s0().X0));
(iv) for any instance of name reference rappearing in P, if rdenotes a private
name in νl(σ0P|σ0X0), then it denotes a private name in νk(σP |σ1X1|
. . . |σnXn);
(v) for any pair of instances of name reference r, s appearing in P, if r, s denote
private names in νk(σP |σ1X1|. . . |σnXn), then they denote the same
name in νk(σP |σ1X1|. . . |σnXn) if and only if they denote the same
name in νl(σ0P|σ0X0).
First case (transition 11):
Suppose that Pr()P1+P2|P3and suppose that νk(σP |σ1X1|. . . |
σnXn)νk(σ(r)()+1P1+σP2|σP3|σ1X1|. . . |σnXn) makes a transition
22
with label ι[ ]{r0s.Xj/Xj}becoming νk(ν{δ0ι+kσj(s)/r0}ι+(k+1) σ+1P1|ι+kσP3|
ι+kσ1X1|. . . |ι(kσmXm)νk+1 ({δ0ι+kσj(s)/r0}ι+(k+1)σ+1 P1|δ0ι+kσP3|
δ0ι+kσ1X1|. . . |δ0ι(kσmXm)νk+1 ({δ0ι+kσj(s)/r0}ι+(k+1)σ+1 P1|
{δ0ι+kσj(s)/r0}δ0ι+kσP3|δ0ι+kσ1X1|. . . |δ0ι+kσmXm)
νk+1({δ0ι+kσj(s)/r0}ι+(k+1) σ+1(P1|δ0P3)|δ0ι+kσ1X1|. . . |δ0ι+kσmXm).
This transition is mimicked by νl(σ0P|σ0X0) with a transition having la-
bel [ ]{r00 s0.X0/X0}, and transforming it in νl+1({δ0σ0(s0)/r0}σ0
+1(P1|δ0P3)|
δ0σ0X0). The name references r00,s0appearing in the label, are defined by cases:
The name reference r00 is chosen in such a way that σ0(r) = σ0(r00). The
argument proving the existence of r00 is the following, if rdenotes a private
name in νl(σ0P|σ0X0) then, by condition (iv), it denotes a private name
also in νk(σP |σ1X1|. . . |σnXn), it follows that ιhas to be the identity
and by condition (ii) r00 exists. On the other hand, it rdenotes a free name
in νl(σ0P|σ0X0), then r00 exists by condition (iii)
If there exists s00 such that σj(s) = σ(s00), s0is chosen in such a way that
σ0(s0) = σ0(s00), by condition (ii), such sexists;
otherwise s0is chosen to denote a free name, not denoted by any other name
reference present in Pand Q, or by the r00 previously defined.
By condition (i), νl(σ0Q|σ0X0) can make a transition with label [ ]{r00s0.X0/X0},
by simple arguments, it follows that Qcan be written in the form
(r()Q1+Q2)|Q3, and the result of the transition can be written in the form
νl+1({δ0σ0(s0)/r0}σ0
+1(Q1|δ0Q3)|δ0σ0X0). It is not difficult to show that
(νk+1({δ0ι+kσj(s)/r0}ι+(k+1) σ+1(P1|δ0P3)|δ0ι+kσ1X1|. . . |δ0ι+kσmXm),
νk+1({δ0ι+kσj(s)/r0}ι+(k+1) σ+1(Q1|δ0Q3)|δ0ι+kσ1X1|. . . |δ0ι+kσmXm)
R, from which the thesis. ut
Proof of Proposition 4.
Given two closed processes Pand Q, since Fis a congruence, it follows that
PFQP|XFQ|X.
Let consider the relation R0whose definition coincides with the relation R,
presented in the proof of the previous lemma, except for point (i) that becomes
(i’) P, Q are closed processes,
(i”) νl(σ0P|σ0X0)Cνl(σ0Q|σ0X0)
By a subset of the arguments used in the previous lemma, it is possible to
prove that relation R0 Fis a F-bisimulation, and therefore it is contained in
F. Immediately, P|XCQ|X hP|X, Q |Xi∈R0P|XFQ|
X.
The inverse implication follows from the fact that the LTS for closed processes
is a subset of final LTS. ut
Proof of Theorem 2.(Sketch)
The proof follows from the fact that, for any process νaP, with P ν-free, there is
a correspondence between derivations in our LTS and derivations in the symbolic
LTS, when in this latter we keep track of distinctions (and we do not permit
23
fusions of names in the distinctions). That is, for L0the empty list and D0
the empty distinction, we have: (νaP, L0)α0
1
(νaP0
1, L1). . . α0
n
(νaP0
n, Ln) iff
(νaP, D0)α1
(νa0
1P1, D1). . . αn
(νa0
nPn, Dn), where for all i,a0
iis a subset
of a, at each step the correspondent transitions in the two terms are performed,
and P0
i=Piσi, for σithe composition of the singleton substitutions arising from
input actions and fusions. ut
24
ResearchGate has not been able to resolve any citations for this publication.
Chapter
Full-text available
The paper introduces a novel approach to the synthesis of labelled transition systems for calculi with name mobility. The proposal is based on a graphical encoding: Each process is mapped into a (ranked) graph, such that the denotation is fully abstract with respect to the usual structural congruence (i.e., two processes are equivalent exactly when the corresponding encodings yield the same graph). Ranked graphs are naturally equipped with a few algebraic operations, and they are proved to form a suitable (bi)category of cospans. Then, as proved by Sassone and Sobocinski, the synthesis mechanism based on relative pushout, originally proposed by Milner and Leifer, can be applied. The resulting labelled transition system has ranked graphs as both states and labels, and it induces on (encodings of) processes an observational equivalence that is reminiscent of early bisimilarity. KeywordsNominal calculi-reduction semantics-synthesised labelled transition systems-relative pushouts-graph transformations
Conference Paper
Full-text available
The paper presents a case study on the synthesis of labelled transition systems (ltss) for process calculi, choosing as testbed Milner’s Calculus of Communicating System (ccs). The proposal is based on a graphical encoding: each ccs process is mapped into a graph equipped with suitable interfaces, such that the denotation is fully abstract with respect to the usual structural congruence. Graphs with interfaces are amenable to the synthesis mechanism based on borrowed contexts (bcs), proposed by Ehrig and König (which are an instance of relative pushouts, originally introduced by Milner and Leifer). The bc mechanism allows the effective construction of an lts that has graphs with interfaces as both states and labels, and such that the associated bisimilarity is automatically a congruence. Our paper focuses on the analysis of the lts distilled by exploiting the encoding of ccs processes: besides offering some technical contributions towards the simplification of the bc mechanism, the key result of our work is the proof that the bisimilarity on processes obtained via bcs coincides with the standard strong bisimilarity for ccs.
Article
Full-text available
The pi-calculus and its many variations have received much attention in the literature. We discuss the standard early labelled transition system (lts) and outline an approach which decomposes the system into two components, one of which is presented in detail. The advantages of using the decomposition include a more complete understanding of the treatment of bound outputs in Pi as well as an lts which is more robust with respect to the addition and removal of language features. The present paper serves as an overview of some of the techniques involved and some of the goals of the ongoing work.
Conference Paper
Full-text available
The semantics of process calculi has traditionally been specified by labelled transition systems (LTS), but with the development of name calculi it turned out that reaction rule s (i.e., unlabelled transition rules) are often more natural . This leads to the question of how behavioural equivalences (bisimilarity, trace equivalence, etc.) defined for LTS can be transferred to unlabelled transition systems. Recently , in order to answer this question, several proposals have been made with the aim of automatically deriving an LTS from reaction rules in such a way that the resulting equivalences are congruences. Furthermore these equivalences should agree with the standard semantics, whenever one exists. In this paper we propose saturated semantics, based on a weaker notion of observation and orthogonal to all the previous proposals, and we demonstrate the appropriate- ness of our semantics by means of two examples: logic pro- gramming and a subset of the openπ-calculus. Indeed, we prove that our equivalences are congruences and that they coincide with logical equivalence and open bisimilarity re - spectively, while equivalences studied in previous works a re strictly finer.
Conference Paper
Full-text available
We investigate Leifer-Milner RPO approach for CCS and - calculus. The basic category in which we carry out the construction is the category of term contexts. Several issues and problems emerge from this experiment; for them we propose some new solutions.
Article
Full-text available
We introduce G-relative-pushouts (GRPO) which are a 2-categorical generalisation of relative-pushouts (RPO). They are suitable for deriving labelled transition systems (LTS) for process calculi where terms are viewed modulo struc- tural congruence. We develop their basic properties and show that bisimulation on the LTS derived via GRPOs is a congruence, provided that suciently many GRPOs exist. The theory is applied to a simple subset of CCS and the resulting LTS is compared to one derived using a procedure proposed by Sewell. CR Classification: F.3.2 Semantics of Programming Languages; F.3.1 Specifying and Verifying and Reasoning about Programs; D.1.3 Concurrent Programming .
Conference Paper
The dynamics of reactive systems, e.g. CCS, has often been defined using a labelled transition system (LTS). More recently it has become natural in defining dynamics to use reaction rules - i.e. unlabelled transition rules - together with a structural congruence. But LTSs lead more naturally to behavioural equivalences. So one would like to derive from reaction rules a suitable LTS. This paper shows how to derive an LTS for a wide range of reactive systems. A label for an agent a is defined to be any context F which intuitively is just large enough so that the agent Fa (“a in context F”) is able to perform a reaction. The key contribution of this paper is a precise definition of “just large enough”, in terms of the categorical notion of relative pushout (RPO), which ensures that bisimilarity is a congruence when sufficient RPOs exist. Two examples - a simplified form of action calculi and term-rewriting - are given, for which it is shown that sufficient RPOs indeed exist. The thrust of this paper is, therefore, towards a general method for achieving useful behavioural congruence relations.
Conference Paper
Reactive systems, proposed by Leifer and Milner, represent a meta-framework aimed at deriving behavioral congruences for those specification formalisms whose operational semantics is provided by rewriting rules. Despite its applicability, reactive systems suffered so far from two main drawbacks. First of all, no technique was found for recovering a set of inference rules, e.g. in the so-called SOS style, for describing the distilled observational semantics. Most importantly, the efforts focused on strong bisimilarity, tackling neither weak nor barbed semantics. Our paper addresses both issues, instantiating them on a calculus whose semantics is still in a flux: Cardelli and Gordon’s mobile ambients. While the solution to the first issue is tailored over our case study, we provide a general framework for recasting (weak) barbed equivalence in the reactive systems formalism. Moreover, we prove that our proposal captures the behavioural semantics for mobile ambients proposed by Rathke and Sobociński and by Merro and Zappa Nardelli.
Conference Paper
A bigraphical reactive system (BRS) involves bigraphs, in which the nesting of nodes represents locality, independently of the edges connecting them. BRSs represent a wide variety of calculi for mobility, including λ-calculus and ambient calculus. A labelled transition system (LTS) for each BRS is here derived uniformly, adapting previous work of Leifer and Milner, so that under certain conditions the resulting bisimilarity is automatically a congruence. For an asynchronous λ-calculus, this LTS and its bisimilarity agree closely with the standard.