- Email: [email protected]
Finitary logics for some CCS observational bisimulations
Information Processing North-Holland
Letters
25 May 1992
42 (1992) 161-165
Finitary logics for some CCS observational bisimulations Miranda
Mowbray
Hewlett Packard Pisa Science Centre, Corso Italia 115, 56100 Piss, Italy Communicated by V. Kotov Received 28 October 1991 Revised 10 February 1992 Keywords: Concurrency,
formal
semantics,
modal
logic, finitary
Introduction This paper proves that observational bisimulations for CCS which satisfy certain conditions have a finitary associated modal logic. The conditions involve information on the amount of top-level parallelism of states. This result may add fuel to the interleaving-versustrue-concurrency debate, since it suggests that the ability to observe internal structure of states (which is what distinguishes noninterleaving semantics from interleaving semantics) can lead not only to semantics which are more expressive, but also to semantics which are in some way simpler - their associated modal logics are finitary. Some cases of the result (for instance, Strong Equivalence [7] and Pomset Bisimulation Equivalence [l]) were already known, due to Lemma 1, which was proved in [51 and is generalized here.
The language
CCS
The process description language CCS was introduced in [6]. Its syntax and behaviour are recalled here.
Throughout this paper (Y will range over the finite set A, I, over A U A, p over A U AU {T}, and x over an infinite set of variables. @ will range over Perm, the set of permutations of A U AU (7) such that Q(7) = 7 and NV) = Q(u) for all v. The syntax for CCS expressions is E::=NILIxI~.EIE+EI
EIE
I
E\aIE[@]Irecx.E
A closed guarded CCS expression a is an expression with no free variables, such that x is guarded in E (i.e. each occurrence of x in E is within some subexpression of the form p.E’) whenever ret x.E is a subexpression of a. ret is treated as a fiipoint operator. Suppose x is guarded in E, and E has no other free variables. Then ret x.E is defined to be a solution for x in the equation x = E, and in this paper all solutions for x in this equation are identified with ret x. E. a, b (and a,, b ,, etc.) will denote elements of the set CG of closed guarded CCS expressions, modulo the identifications for recursion. The identifications ensure that there is a unique solution in CG for xg in the equations
Correspondence to: M. Mowbray, Hewlett Packard Pisa Science Centre, Corso Italia 115, 56100 Pisa, Italy. Email: [email protected]. 0020.0190/92/$05.00
0 1992 - Elsevier
Science
Publishers
B.V. All rights reserved
161
Volume
42, Number
3
INFORMATION
PROCESSING
where C,,, C,, . . . , C,, are recursion-free contexts, and xi is guarded in C,(x,, . . . , x,,) for i, j > 1. Say that such a set of equations has guarded form. Each a t CG is the solution of some guarded form equations. The dynamic behaviour of CCS is given by the inference rules in Fig. 1.
LETTERS
25 May 1992
f,( NIL) = NIL. . Mx,,,) = x;,v 00, where P 0 Q(k) l f&L.E) = Nj_L).f,(E). l f&5, + E,) =f@(E,) +f,,(f.5,). l f&E, I E,) =f&,)I f,(E,). l
l l
f,(E\a) =fJE)\(A f@(E[~l) =fqo@(E).
If a is the solution equations Some notation
0 .N(NZL> =“N(a + 6) =N(v.a) 0 ./V(a \a) = “N(a[@l> = “N(u). l &a I b) = &-(a> +./V(b).
of parallelism in on the structure
for xg in the guarded
form
then define co/(u) to be the solution for xg,, (where I is the identity permutation) in the equations
= 1.
X r,~~==f~(C~(XI.I,.“,X,12.1))
O
@EPerm.
For example, The equation ,/(a + b) = 1 comes from an assumption that applying the choice operator gives a global state with just one autonomous component, that is, there is a centralized mechanism for nondeterministic choice. An alternative definition of N would have _&“(a + b) = max{.N(u), M(b)), and the results of this paper can also be proven for this alternative definition. A CCS computation of length m a 0 from a,
if @ 0 @ = I, then
col(recx.(p.x[@]))
=recx.(p.@(p).x).
co/(u) is a collapsed expression in CG, can be shown that it is independent of the of guarded form equations for which a solution. Define the collapsing function on CCS tions and computations, also called col, lows.
a,, I,, ~~,...,a,,,, t,,, a,,,,, to Qrr2+ I isawuence such that for each 1 < i G m there is some p(i) such that t, : a, +@(‘) a;+ ,. A CCS context or expression is collapsed if it does not involve any operators [@I. For each @ E Perm, define a renaming function f@ on recursion-free terms with variables in the set {x,,~: i 2 1, T E Perm), as follows.
l
and it choice is the transias fol-
co1 commutes with operations yielding transitions except those of the form [@I; that is, co/(/L “a)
=j_L “)ff,
col(t < +a) =cof(t) cof(u+
>t)=col(a)+
< +col(u), >col(t),
p-+13::.a1;a
t:nz;B t<+c:a$c%b
t:al;b c+>t:c+a1;b
t:al;b tjc:ajcl;blc
t:azb c[t:cla1;clb
tl:a,.L;bl,tz:&b~ t, I tz : al I az A 4 I bz
t:a1;b,/1 a,a t\a : .\a 1; b\a
t:al;b t[@] : a[@]$2’ b[@] Fig. I
162
f- I@(u), @(a>}).
O,
x;=CI(x,,...,x,,) Define _&‘(a>, “the amount the top level of a”, by induction of a as follows.
= @(q(p)).
Volume
42, Number
INFORMATION
3
col(t]u)
=col(t)]col(a),
col(a[t)
=cof(a)[col(t),
coqt,If*)
=col(t,)
col(t\(Y)
=col(t)\a.
PROCESSING
Icol(t,),
col(t[@]) is the result of (syntactically) replacing each occurrence of the operator v -+ in of \cu col(t) by Q’(V) -+, and each occurrence by \(A n (@(a), @(Z))>,for each V, (Y. If c is the sequence a,, t,, . . , a,, t,,,, a,, ,, then col(c) is the sequence col(u,), col(t,),..., COl(Um), col(t,), col(u,+ ,). If c is a CCS computation, then co/(c) is a CCS computation. In fact, it can be shown by structural induction that a sequence c’ with first entry co/(u) is a CCS computation iff there is some CCS computation c from a such that c’ = col(c).
Observational
bisimulations
and logics
Suppose @ is an observation map from a set of computations (this is not necessarily the set of CCS computations, it could be the set of computations of any process algebra) to a domain 8. Use c: p ad q as shorthand for “a computation c from p to 4 with &j’(c) = d”. Let P be the set of source states of computations, and let f(p, d) = (q: there exists c :p adq}. @’ is image finite if Z(p, d) is finite for all p E P, d EL3. Given an observation map @“,define the bisimulation R, on P to be the maximal equivalence relation R such that whenever p,Rp, and q, E Z(p,, d) there is some qZ EZ(~~, d) such that q,Rq,. Let pfl be the following Hennessy-Mimer type modal logic (51. The syntax of the logic is F::=
TRUE 1~ F 1 A ;E,Fl I(d)F
where d ranges over 9 The satisfaction relation l l l l
and I is any index set. F c P X_!$ is given by:
pb=TRUEforallpEP, p k 7 F iff p # F, , t, F, iff p k F, for all i E I, pbA p b (d)F iff there is some q EZ(~, that q k F.
d) such
LETTERS
25 May lYY2
Write 2@(p) for (F ~2~: p k F). The proof of Proposition 6, Section 10.5 of (71 can be applied to show that p R,. q iff _Y&Xp) =2$(q). The disadvantage of 9p is that some of its formulae cannot be written as a finite string of symbols. Let -E”,: be the sublanguage consisting of expressions in which the logical operator A , t, is only ever used with finite index sets I. Each formula in A’$ can be written as a finite string of symbols. Theorems 2.1 and 2.2 of [51give the following, which will be used in the proof of Theorem 3. Lemma 1. If 9$(p) =2$(q).
B
is image finite, then p R,
q iff
Conditions. Theorem 3 will use the following conditions on the CCS observation map b. 1. @Xcol(c)> = @(c> for all CCS computations c. 2. @‘(t\,) = @‘c’(t)for all transitions t and (YEA. 3. (_/Y(b): b ~/(a, d)) is finite for all a E CG and d EL??. Informally, these conditions state that c” interprets the restriction and relabelling operators in a similar way to the usual interpretation of CCS, and that the observation of a computation together with its source state gives a bound on the top-level parallelism of its target state. Theorem 3 will show that these conditions on d are sufficient (although they are not necessary) for the bisimulation R, to be characterized by the finitar-y logic _9$. If @ is any CCS observation fies condition 1, then (cy.NIL)[@]
R,
map which satis-
@(cr).NIL,
so the identity relation on CG is not equal to R, for any such @‘.However, the author knows of no other proposed observational bisimulation for CCS whose observation map does not satisfy conditions 1 and 2. If 6 is image finite then condition 3 certainly holds. Condition 3 uses information about the internal structure of the target expression, which is not available in any semantics using a monolithic global state. In particular, the observation 163
Volume 42. Number 3
INFORMATION
PROCESSING
map associated with the ordinary weak interleaving semantics for CCS does not satisfy this condition. The observation maps for the weak versions of Concurrent History Equivalence, Causal Stream Equivalence, and Spatial Pomset Equivalence [3,4,2] satisfy all three conditions, but are not image finite. 2. Suppose P is a CCS ohserr~ation map satisfying conditions 1, 2, 3, a E CG, and d ~9. Then I(a, d) contains elements of only finitely many equir~alence classes under R,. Proof (Sketch). Suppose Then a is the solution guarded form equations x.,=C,(x
,,...,
x,,,)
first that a is collapsed. for x,) in some set of
OGiGrn
such that each C, is collapsed. Define the sets S,,S,‘, i > 1 of expressions as set of expressions follows. s, is the finite a,,,) that C a subcontext C, Ch,,..., for 0 < < m, is the for X, the set equations above, Lt*(C(a,, . . . , a,,,)) = 1. For each i > 1, S,’ is the set {s\a,
“.\a,,:
.YES,,
n>O,
(not necessarily
(Y,)...,
N,,EA
distinct)}.
For each i 2 2, S, is the set (s, ( s2: s, E S,_j, s2 E S, for some 1 <.i < i - 1). Let S= U,,, S,‘. S contains a. Condition 2 ensures that for any h the equivalence relation R,, contains (b\cu, h\~\a) and ence if S, contains ele@\a\P, h\P\a). H ments of only finitely many equivalence classes, so does S,‘. It is straightforward to show that if h,R, h; and h2 R, h:, then 6,) bz R, hi hi. It that for T> 1, contains elements only finitely equivalence classes R,. Suppose there is t :a, a2 such that a, E S, a2 E S. Choose such a t whose derivation using the inference rules uses a minimal number of steps. A contradiction follows, by examination of each possibility for the last step.
LETTERS
25 May 1992
Therefore, S contains the targets of all computations from a. Condition 3 on Cn ensures that there is some integer N such that ,9”(b)
d=P’(a.NIL+
N, a, is not is weak
the set E finite. For History
+~.x[@]),
>(~-a[@])),
the set a[@], a[@][@], a[@l[@l[@l, and so on. If A is infinite rather than finite, then col(c) is not well defined for all computations c, and so condition 1 on f does not make sense. However, col(c) is defined for all computations from an expression in CG’, where CG’ is the set of b E CG for which each permutation occurring syntactically in b fixes all but finitely many elements of A uA. If CG is replaced by CG’ in all the conditions and definitions, then the resulting lemma holds even if A is infinite. Theorem 3. If fl is a CCS obsertlation map satisfying conditions 1, 2, 3, then a R, b iff Y&(a) = Y;(b). Proof. Let R be the equivalence set of computations satisfying (c:a iff
d(‘b) a R,
relation
R (c’:a’*“‘b’) a’, b R,
b’, and d = d’.
on the
Volume
42, Number
3
INFORMATION
PROCESSING
Let the map 8’ from equivalence classes under R to 9 send the class containing c to B(c). By Lemma 2, b’ is image finite. Say that [a] K F iff a E F, where [a] is the equivalence class under R, containing a, and F EL$ This definition is consistent, since members of the same equivalence class under R, satisfy the same formulae of _Y$. By definition, Y;,([a]) =_Y~(a> for all a. Applying Lemma 1, ~~~([a]) =Pb,([bl) iff [a] R,, [b]. By construction, R,, is the identity relation on equivalence classes under R,. The result follows. 0 If the CCS observation map @’ does not satisfy conditions 1, 2, 3, then the result may not hold. For example, let H(t) = v whenever t : a +y b, R(t) = the empty string whenever t : a -+’ b, and @(a,, t,,...,tm, a,,, > = the string concatenation of B(t,), . . . , act,). Then R, is Milner’s weak bisimulation, and this is not the same as the relation induced by the logic 9;. For example, if a, = ret x.( 7.( a.NIL
1x))
and a2 = ret x.((Y.x>, then a, and LI, + a2 satisfy the same formulae of 9; but are not related by R P’ If instead B is any of the observation maps satisfying conditions 1, 2, 3 which have been mentioned by name in this paper, then this counterexample does not work, because a, + a2 satisfies the formula <@(a,
+ a*, a1 + > (a -+a*),
a*, (CT -+ a2),
but a, does not.
a2) > TRUE
LETTERS
25 May 1992
The proof of Theorem 3 can be applied directly to the general case, where B is an observation map on the computations of any process algebra. In this case it shows that R, is completely characterized by _Y$ provided that for each p, d the set I(p, d) contains elements of only finitely many equivalence classes under R,. This generalizes Lemma 1.
Acknowledgment Thanks to two anonymous helpful suggestions.
referees,
for their
References Ill G. Boudol and I. Castellani, Concurrency and atomicity, Theoret. Comput. Sci. 59 (1,2) (1988) 25-84. [2] G. Ferrari and U. Montanari, The observation algebra of spatial pomsets, in: Proc. 2nd Internat. Co@ on Concurrency Theory, Lecture Notes in Computer Science 527 (Springer, Berlin, 1991) 188-202. [3] G. Ferrari, U. Montanari and M. Mowbray, On causality observed incrementally, finally, in: Proc. Internat. Joint ConJ on Theory and Practice of Software Deoelopment, Lecture Notes in Computer Science 493 (11 (Springer, Berlin, 19911 26-41. I41 G. Ferrari, U. Montanari and M. Mowbray, Causal streams: Tracing causality in distributed systems, in: Proc. 3rd Workshop on Concurrency and Compositionality GMD-Studien 191 (19911 99-108. [5] M. Hennessy and R. Mimer, Algebraic laws for nondeterminism and concurrency, J. ACM 32 (1985) 137-161. I61 R. Mimer, A Calculus of Communicating Systems, Lecture Notes in Computer Science 92 (Springer, Berlin, 1980). [7] R. Mimer, Communication and Concurrency (PrenticeHall, Englewood Cliffs, NJ, 1989).
165
Letters
25 May 1992
42 (1992) 161-165
Finitary logics for some CCS observational bisimulations Miranda
Mowbray
Hewlett Packard Pisa Science Centre, Corso Italia 115, 56100 Piss, Italy Communicated by V. Kotov Received 28 October 1991 Revised 10 February 1992 Keywords: Concurrency,
formal
semantics,
modal
logic, finitary
Introduction This paper proves that observational bisimulations for CCS which satisfy certain conditions have a finitary associated modal logic. The conditions involve information on the amount of top-level parallelism of states. This result may add fuel to the interleaving-versustrue-concurrency debate, since it suggests that the ability to observe internal structure of states (which is what distinguishes noninterleaving semantics from interleaving semantics) can lead not only to semantics which are more expressive, but also to semantics which are in some way simpler - their associated modal logics are finitary. Some cases of the result (for instance, Strong Equivalence [7] and Pomset Bisimulation Equivalence [l]) were already known, due to Lemma 1, which was proved in [51 and is generalized here.
The language
CCS
The process description language CCS was introduced in [6]. Its syntax and behaviour are recalled here.
Throughout this paper (Y will range over the finite set A, I, over A U A, p over A U AU {T}, and x over an infinite set of variables. @ will range over Perm, the set of permutations of A U AU (7) such that Q(7) = 7 and NV) = Q(u) for all v. The syntax for CCS expressions is E::=NILIxI~.EIE+EI
EIE
I
E\aIE[@]Irecx.E
A closed guarded CCS expression a is an expression with no free variables, such that x is guarded in E (i.e. each occurrence of x in E is within some subexpression of the form p.E’) whenever ret x.E is a subexpression of a. ret is treated as a fiipoint operator. Suppose x is guarded in E, and E has no other free variables. Then ret x.E is defined to be a solution for x in the equation x = E, and in this paper all solutions for x in this equation are identified with ret x. E. a, b (and a,, b ,, etc.) will denote elements of the set CG of closed guarded CCS expressions, modulo the identifications for recursion. The identifications ensure that there is a unique solution in CG for xg in the equations
Correspondence to: M. Mowbray, Hewlett Packard Pisa Science Centre, Corso Italia 115, 56100 Pisa, Italy. Email: [email protected]. 0020.0190/92/$05.00
0 1992 - Elsevier
Science
Publishers
B.V. All rights reserved
161
Volume
42, Number
3
INFORMATION
PROCESSING
where C,,, C,, . . . , C,, are recursion-free contexts, and xi is guarded in C,(x,, . . . , x,,) for i, j > 1. Say that such a set of equations has guarded form. Each a t CG is the solution of some guarded form equations. The dynamic behaviour of CCS is given by the inference rules in Fig. 1.
LETTERS
25 May 1992
f,( NIL) = NIL. . Mx,,,) = x;,v 00, where P 0 Q(k) l f&L.E) = Nj_L).f,(E). l f&5, + E,) =f@(E,) +f,,(f.5,). l f&E, I E,) =f&,)I f,(E,). l
l l
f,(E\a) =fJE)\(A f@(E[~l) =fqo@(E).
If a is the solution equations Some notation
0 .N(NZL> =“N(a + 6) =N(v.a) 0 ./V(a \a) = “N(a[@l> = “N(u). l &a I b) = &-(a> +./V(b).
of parallelism in on the structure
for xg in the guarded
form
then define co/(u) to be the solution for xg,, (where I is the identity permutation) in the equations
= 1.
X r,~~==f~(C~(XI.I,.“,X,12.1))
O
@EPerm.
For example, The equation ,/(a + b) = 1 comes from an assumption that applying the choice operator gives a global state with just one autonomous component, that is, there is a centralized mechanism for nondeterministic choice. An alternative definition of N would have _&“(a + b) = max{.N(u), M(b)), and the results of this paper can also be proven for this alternative definition. A CCS computation of length m a 0 from a,
if @ 0 @ = I, then
col(recx.(p.x[@]))
=recx.(p.@(p).x).
co/(u) is a collapsed expression in CG, can be shown that it is independent of the of guarded form equations for which a solution. Define the collapsing function on CCS tions and computations, also called col, lows.
a,, I,, ~~,...,a,,,, t,,, a,,,,, to Qrr2+ I isawuence such that for each 1 < i G m there is some p(i) such that t, : a, +@(‘) a;+ ,. A CCS context or expression is collapsed if it does not involve any operators [@I. For each @ E Perm, define a renaming function f@ on recursion-free terms with variables in the set {x,,~: i 2 1, T E Perm), as follows.
l
and it choice is the transias fol-
co1 commutes with operations yielding transitions except those of the form [@I; that is, co/(/L “a)
=j_L “)ff,
col(t < +a) =cof(t) cof(u+
>t)=col(a)+
< +col(u), >col(t),
p-+13::.a1;a
t:nz;B t<+c:a$c%b
t:al;b c+>t:c+a1;b
t:al;b tjc:ajcl;blc
t:azb c[t:cla1;clb
tl:a,.L;bl,tz:&b~ t, I tz : al I az A 4 I bz
t:a1;b,/1 a,a t\a : .\a 1; b\a
t:al;b t[@] : a[@]$2’ b[@] Fig. I
162
f- I@(u), @(a>}).
O,
x;=CI(x,,...,x,,) Define _&‘(a>, “the amount the top level of a”, by induction of a as follows.
= @(q(p)).
Volume
42, Number
INFORMATION
3
col(t]u)
=col(t)]col(a),
col(a[t)
=cof(a)[col(t),
coqt,If*)
=col(t,)
col(t\(Y)
=col(t)\a.
PROCESSING
Icol(t,),
col(t[@]) is the result of (syntactically) replacing each occurrence of the operator v -+ in of \cu col(t) by Q’(V) -+, and each occurrence by \(A n (@(a), @(Z))>,for each V, (Y. If c is the sequence a,, t,, . . , a,, t,,,, a,, ,, then col(c) is the sequence col(u,), col(t,),..., COl(Um), col(t,), col(u,+ ,). If c is a CCS computation, then co/(c) is a CCS computation. In fact, it can be shown by structural induction that a sequence c’ with first entry co/(u) is a CCS computation iff there is some CCS computation c from a such that c’ = col(c).
Observational
bisimulations
and logics
Suppose @ is an observation map from a set of computations (this is not necessarily the set of CCS computations, it could be the set of computations of any process algebra) to a domain 8. Use c: p ad q as shorthand for “a computation c from p to 4 with &j’(c) = d”. Let P be the set of source states of computations, and let f(p, d) = (q: there exists c :p adq}. @’ is image finite if Z(p, d) is finite for all p E P, d EL3. Given an observation map @“,define the bisimulation R, on P to be the maximal equivalence relation R such that whenever p,Rp, and q, E Z(p,, d) there is some qZ EZ(~~, d) such that q,Rq,. Let pfl be the following Hennessy-Mimer type modal logic (51. The syntax of the logic is F::=
TRUE 1~ F 1 A ;E,Fl I(d)F
where d ranges over 9 The satisfaction relation l l l l
and I is any index set. F c P X_!$ is given by:
pb=TRUEforallpEP, p k 7 F iff p # F, , t, F, iff p k F, for all i E I, pbA p b (d)F iff there is some q EZ(~, that q k F.
d) such
LETTERS
25 May lYY2
Write 2@(p) for (F ~2~: p k F). The proof of Proposition 6, Section 10.5 of (71 can be applied to show that p R,. q iff _Y&Xp) =2$(q). The disadvantage of 9p is that some of its formulae cannot be written as a finite string of symbols. Let -E”,: be the sublanguage consisting of expressions in which the logical operator A , t, is only ever used with finite index sets I. Each formula in A’$ can be written as a finite string of symbols. Theorems 2.1 and 2.2 of [51give the following, which will be used in the proof of Theorem 3. Lemma 1. If 9$(p) =2$(q).
B
is image finite, then p R,
q iff
Conditions. Theorem 3 will use the following conditions on the CCS observation map b. 1. @Xcol(c)> = @(c> for all CCS computations c. 2. @‘(t\,) = @‘c’(t)for all transitions t and (YEA. 3. (_/Y(b): b ~/(a, d)) is finite for all a E CG and d EL??. Informally, these conditions state that c” interprets the restriction and relabelling operators in a similar way to the usual interpretation of CCS, and that the observation of a computation together with its source state gives a bound on the top-level parallelism of its target state. Theorem 3 will show that these conditions on d are sufficient (although they are not necessary) for the bisimulation R, to be characterized by the finitar-y logic _9$. If @ is any CCS observation fies condition 1, then (cy.NIL)[@]
R,
map which satis-
@(cr).NIL,
so the identity relation on CG is not equal to R, for any such @‘.However, the author knows of no other proposed observational bisimulation for CCS whose observation map does not satisfy conditions 1 and 2. If 6 is image finite then condition 3 certainly holds. Condition 3 uses information about the internal structure of the target expression, which is not available in any semantics using a monolithic global state. In particular, the observation 163
Volume 42. Number 3
INFORMATION
PROCESSING
map associated with the ordinary weak interleaving semantics for CCS does not satisfy this condition. The observation maps for the weak versions of Concurrent History Equivalence, Causal Stream Equivalence, and Spatial Pomset Equivalence [3,4,2] satisfy all three conditions, but are not image finite. 2. Suppose P is a CCS ohserr~ation map satisfying conditions 1, 2, 3, a E CG, and d ~9. Then I(a, d) contains elements of only finitely many equir~alence classes under R,. Proof (Sketch). Suppose Then a is the solution guarded form equations x.,=C,(x
,,...,
x,,,)
first that a is collapsed. for x,) in some set of
OGiGrn
such that each C, is collapsed. Define the sets S,,S,‘, i > 1 of expressions as set of expressions follows. s, is the finite a,,,) that C a subcontext C, Ch,,..., for 0 < < m, is the for X, the set equations above, Lt*(C(a,, . . . , a,,,)) = 1. For each i > 1, S,’ is the set {s\a,
“.\a,,:
.YES,,
n>O,
(not necessarily
(Y,)...,
N,,EA
distinct)}.
For each i 2 2, S, is the set (s, ( s2: s, E S,_j, s2 E S, for some 1 <.i < i - 1). Let S= U,,, S,‘. S contains a. Condition 2 ensures that for any h the equivalence relation R,, contains (b\cu, h\~\a) and ence if S, contains ele@\a\P, h\P\a). H ments of only finitely many equivalence classes, so does S,‘. It is straightforward to show that if h,R, h; and h2 R, h:, then 6,) bz R, hi hi. It that for T> 1, contains elements only finitely equivalence classes R,. Suppose there is t :a, a2 such that a, E S, a2 E S. Choose such a t whose derivation using the inference rules uses a minimal number of steps. A contradiction follows, by examination of each possibility for the last step.
LETTERS
25 May 1992
Therefore, S contains the targets of all computations from a. Condition 3 on Cn ensures that there is some integer N such that ,9”(b)
d=P’(a.NIL+
N, a, is not is weak
the set E finite. For History
+~.x[@]),
>(~-a[@])),
the set a[@], a[@][@], a[@l[@l[@l, and so on. If A is infinite rather than finite, then col(c) is not well defined for all computations c, and so condition 1 on f does not make sense. However, col(c) is defined for all computations from an expression in CG’, where CG’ is the set of b E CG for which each permutation occurring syntactically in b fixes all but finitely many elements of A uA. If CG is replaced by CG’ in all the conditions and definitions, then the resulting lemma holds even if A is infinite. Theorem 3. If fl is a CCS obsertlation map satisfying conditions 1, 2, 3, then a R, b iff Y&(a) = Y;(b). Proof. Let R be the equivalence set of computations satisfying (c:a iff
d(‘b) a R,
relation
R (c’:a’*“‘b’) a’, b R,
b’, and d = d’.
on the
Volume
42, Number
3
INFORMATION
PROCESSING
Let the map 8’ from equivalence classes under R to 9 send the class containing c to B(c). By Lemma 2, b’ is image finite. Say that [a] K F iff a E F, where [a] is the equivalence class under R, containing a, and F EL$ This definition is consistent, since members of the same equivalence class under R, satisfy the same formulae of _Y$. By definition, Y;,([a]) =_Y~(a> for all a. Applying Lemma 1, ~~~([a]) =Pb,([bl) iff [a] R,, [b]. By construction, R,, is the identity relation on equivalence classes under R,. The result follows. 0 If the CCS observation map @’ does not satisfy conditions 1, 2, 3, then the result may not hold. For example, let H(t) = v whenever t : a +y b, R(t) = the empty string whenever t : a -+’ b, and @(a,, t,,...,tm, a,,, > = the string concatenation of B(t,), . . . , act,). Then R, is Milner’s weak bisimulation, and this is not the same as the relation induced by the logic 9;. For example, if a, = ret x.( 7.( a.NIL
1x))
and a2 = ret x.((Y.x>, then a, and LI, + a2 satisfy the same formulae of 9; but are not related by R P’ If instead B is any of the observation maps satisfying conditions 1, 2, 3 which have been mentioned by name in this paper, then this counterexample does not work, because a, + a2 satisfies the formula <@(a,
+ a*, a1 + > (a -+a*),
a*, (CT -+ a2),
but a, does not.
a2) > TRUE
LETTERS
25 May 1992
The proof of Theorem 3 can be applied directly to the general case, where B is an observation map on the computations of any process algebra. In this case it shows that R, is completely characterized by _Y$ provided that for each p, d the set I(p, d) contains elements of only finitely many equivalence classes under R,. This generalizes Lemma 1.
Acknowledgment Thanks to two anonymous helpful suggestions.
referees,
for their
References Ill G. Boudol and I. Castellani, Concurrency and atomicity, Theoret. Comput. Sci. 59 (1,2) (1988) 25-84. [2] G. Ferrari and U. Montanari, The observation algebra of spatial pomsets, in: Proc. 2nd Internat. Co@ on Concurrency Theory, Lecture Notes in Computer Science 527 (Springer, Berlin, 1991) 188-202. [3] G. Ferrari, U. Montanari and M. Mowbray, On causality observed incrementally, finally, in: Proc. Internat. Joint ConJ on Theory and Practice of Software Deoelopment, Lecture Notes in Computer Science 493 (11 (Springer, Berlin, 19911 26-41. I41 G. Ferrari, U. Montanari and M. Mowbray, Causal streams: Tracing causality in distributed systems, in: Proc. 3rd Workshop on Concurrency and Compositionality GMD-Studien 191 (19911 99-108. [5] M. Hennessy and R. Mimer, Algebraic laws for nondeterminism and concurrency, J. ACM 32 (1985) 137-161. I61 R. Mimer, A Calculus of Communicating Systems, Lecture Notes in Computer Science 92 (Springer, Berlin, 1980). [7] R. Mimer, Communication and Concurrency (PrenticeHall, Englewood Cliffs, NJ, 1989).
165