Concurrency Þ Non-deterministism
Suppose x is a global variable.
At beginning, x=0
Consider
P = [x := x+1; x := x+1 || x:= 2*x]
after P, then
x may have several values (x Î { 2, 3, 4 })
Hence P is not a function from memory states to memory states.
In concurrent programming, execution is not deterministic since
it is upto an external agent (the scheduler).
Let S = Variables |® Values be the set of
memory states.
Let [[ P ]] be the meaning of P.
A concurrent program is not a (partial) function from memory states to
memory states. [[ P ]] ÏS |® S.
A concurrent program is a relation on memory states.
[[ P ]] Î S |® 2S.
Concurrency Þ Interaction
Consider
P = [x := 1 ]
Q = [x := 0; x := x+1 ]
P and Q are same functions on memory states: s |®
s[1/x]
However
after P || P, then x Î { 1 }
after P || Q, then x Î {1,2}
A semantic (meaning) is compositional iff
[[ P ]] = [[ Q ]] implies
[[ C[P] ]] = [[ C[Q] ]]
for any context C[ ].
In previous example,
in any compositional semantics,
[[ P ]] ¹ [[ Q ]].
Conclusion
P and Q are not equivalent processes.
Concurrency Û Termination
Concurrent processes are often non terminating.
An operating system never terminates; same for the software of
a vending machine, or a traffic-light controler, or a human, etc.
A process P is a set of pairs (fi, Pi), atomic action and a
derivative process. It starts by performing fi and then becomes process
Pi.
Atomic steps usually terminate.
Roughly speaking, let P be the set of processes.
Then
P = 2(S |® S) × P
Is this equation meaningful? Answer: Scott's domains, denotational
semantics. Remarkable and difficult theory of Plotkin (Scott's
powerdomains 1976).
We try the simpler theory of labeled transition systems.
Labeled Transition Systems
A LTS is triple (P, Act, T) where
-
P is the set of processes
- Act is the set of actions
- T Í P × Act × P
is the transition relation
Let write P ¾®µ Q for (P, µ, Q) Î T.
Read P interacts with environment with action µ, then becomes Q.
Q is a derivative of P if
P=P0 ¾®µ1 P1 ¾®µ2 P2 ··· ¾®µn Pn=Q
for n ³ 0.
Example (1/3)
A vending machine for coffee/tea.
At beginning, P0
Example (2/3)
A different vending machine for coffee/tea.
At beginning, P0'
Is this LTS equivalent to previous one?
Example (3/3)
Two new vending machines P''0 and P'''0
Why these LTS are not equivalent to previous ones?
Concurrency Û Automata (1/2)
Let abstract Act (actions) as an alphabet
{a, b, c, ...}.
(Act may be infinite)
Then LTS look like automata (with possibly infinite number of
states).
Consider the language of traces.
Let P=P0 ¾®µ1 P1 ¾®µ2 P2 ··· ¾®µn Pn
(n ³ 0),
then
trace(P=P0 ¾®µ1 P1 ¾®µ2 P2 ··· ¾®µn Pn)
= µ1µ2···µn
We say that µ1µ2···µn is a trace of P
Let Traces(P) = { w | w is a trace of P }
Concurrency Û Automata (2/2)
In previous examples, write k for coffee, t for tea, c for
.20, d for drink.
Traces(P0) = prefixes((c(k+t)d)*),
Traces(P'0) = prefixes(c((k+t)dc)*),
Traces(P''0) = prefixes((ckd + ctd)*,
Traces(P'''0) = prefixes((c+c(k+t)dc)*),
Exercice 1 Show
Traces(P0) = Traces(P'0) = Traces(P''0) = Traces(P'''0)
However, P0 and P0' seem equivalent
but both P0'' and P0''' look distinct from P0.
Why?
After c, the set of choices are distinct in P0 and P''0.
Coffee button is always enabled in P0, but not in P''0.
Same
for tea button.
In P'''0, both tea and coffee may be disabled after c.
Simulation -- Bisimulation
Definition
1
Q simulates P (we write P Q) if whenever
P ¾®µ P', there is Q' such that
Q ¾®µ Q' and P' Q'.
Definition
2
P strongly bisimilar to Q (we write P ~ Q) if whenever
- P ¾®µ P', there is Q' such that
Q ¾®µ Q' and P' ~ Q'.
- Q ¾®µ Q', there is P' such that
P ¾®µ P' and P' ~ Q'.
Graphically,
Exercice 2 Give intuition for P0 P0''' P0
Exercice 3 Give intuition for P0 ~ P0', P0 ¬ ~P0'',
P0 ¬ ~P0'''
Definition of bisimulation (1/3)
Definition
3
A bisimulation is a binary relation R on processes
such that P R Q implies whenever
- P ¾®µ P', there is Q' such that
Q ¾®µ Q' and P' R Q'.
- Q ¾®µ Q', there is P' such that
P ¾®µ P' and P' R Q'.
An alternative definition for strong bisimulation is:
Definition
4
Let ~ = È {R | R is a
bisimulation}
Proposition
5
~ is an equivalence relation.
(reflexive, symmetric, transitive)
Exercice 4 Show above proposition.
Exercice 5 What is the least bisimulation?
Definition of bisimulation (2/3)
First definition of bisimulation is circular. To make it clear,
better is to return to standard theory on fixpoints in complete
lattices.
A complete lattice D is any set with
-
a partial ordering (reflexive, transitive, antisymmetric)
- for any subset E Í D, there is an upper bound È E
and a lower bound Ç E in D.
Examples: 2P with Í,
2P×P with Í, etc.
f function D |® D is monotonic iff x
y implies f(x) f(y).
Theorem
6[Tarski]
In a complete lattice D, any monotonic function f has a least
fixpoint lfp(f) and greatest fixpoint gfp(f).
Moreover lfp(f) = Ç{x | f(x) x}
and gfp(f) = È{x | x f(x)}
Exercice 6 Prove it.
Definition of bisimulation (3/3)
Proposition
7
~ is the largest relation ~' such that
P ~' Q implies whenever
- P ¾®µ P', there is Q' such that
Q ¾®µ Q' and P' ~' Q'.
- Q ¾®µ Q', there is P' such that
P ¾®µ P' and P' ~' Q'.
Proof: Consider the complete lattice of binary relations on
P with Í.
Take P f(R) Q defined as
whenever
- P ¾®µ P', there is Q' such that
Q ¾®µ Q' and P' R Q'.
- Q ¾®µ Q', there is P' such that
P ¾®µ P' and P' R Q'.
Then f is monotonic, since R Í S
implies f(R) Í f(S).
Moreover R is a bisimulation iff R Í
f(R).
Hence ~ = È{R | R Í
f(R)} = gfp(f).
Therefore ~ = f(~) and ~ is largest ~' such
that ~' = f(~').
First definition of ~ was correct (just add ``largest'').
Co-induction
In order to show P ~ Q, it is sufficient to show that
P R Q for some bisimulation R.
I.e. (P R Q for some relation R such that
R Í f(R)) Þ P~ Q.
Exercice 7 Show P0 ~ P0', P0 ¬ ~P0'',
P0 ¬ ~P0''' in vending machines.
Exercice 8 Give an alternative definition for .
Exercice 9 Show P0 P0''' P0.
Co-continuity (1/2)
Let D be a complete lattice. Then
f function D |® D is co-continuous iff f(Ç S) =
Ç f(S) for any descending chain S = {d1, d2, ... dn
... } where d1 d2 ··· dn ···
Theorem
8[Kleene]
gfp(f) = Ç { fn() | n ³ 0 } where is maximum
element of D.
Consider lattice of binary relations 2P×P
with Í.
Let the graph of derivatives of P be finitely branching,
i.e. {Q | P ¾®µ Q} is finite for any P.
Take P f(R) Q defined as
whenever
- P ¾®µ P', there is Q' such that
Q ¾®µ Q' and P' R Q'.
- Q ¾®µ Q', there is P' such that
P ¾®µ P' and P' R Q'.
Then f is co-continuous.
If the graph of derivatives is finitely branching, then
~ = Ç { fn(D) | n ³ 0 }
Co-continuity (2/2)
Exercice 10 Suppose P has a finite graph of derivatives. Give an
algorithm for computing its minimal graph of derivatives, i.e. a graph
where distinct states are not bisimilar.
O(nlogn) algorithm by Paige and Tarjan,
(analogous of Hopcroft/Ullman algorithm for
computing minimal finite automata).
Exercice 11 Suppose P and Q have finite graphs of derivatives. Give an
algorithm for testing P ~ Q.
Exercices
Definition
9
R is a bisimulation up-to ~ if P R Q implies
whenever
- P ¾®µ P', there is Q' such that
Q ¾®µ Q' and P' ~R~ Q'.
- Q ¾®µ Q', there is P' such that
P ¾®µ P' and P' ~R~ Q'.
Exercice 12 Let R is a bisimulation up-to ~. Show
R Í ~.
(by firstly showing that ~R~ is a bisimulation).
Let µ+ Î Act+ (not empty words of actions)
Write P ¾®µ+ Q if
P=P0 ¾®µ1 P1 ¾®µ2 P2 ··· ¾®µn Pn=Q
and µ = µ1µ2···µn (n > 0).
Exercice 13 Show that following definition of strong bisimulation is
equivalent to previous one.
Definition
10
R is a (strong) bisimulation if P R Q implies
whenever
- P ¾®µ+ P', there is Q' such that
Q ¾®µ+ Q' and P' ~R~ Q'.
- Q ¾®µ+ Q', there is P' such that
P ¾®µ+ P' and P' ~R~ Q'.
History
David Park invented bisimulation as maximal fixpoints. (1975)
Robin Milner wrote a full book on them for CCS. (1979)
Samson Abramsky added them in the lazy lambda calculus. (1984)
See also phD of his student Luke Ong.
Davide Sangiorgi did the theory of bisimulation in the
pi-calculus. (1990)
Marcelo Fiore et al put them in data types. (1992)
Many people speak now of bisimulations, as a generic names for
equivalences on infinite computations.
For instance, Dave Sands and others use them for equivalence of Bohm
trees in the lambda-calculus (which I never understood!!).
This document was translated from LATEX by
HEVEA.
