Symbolic Equivalences for Open Systems Roberto Bruni (Pisa – Illinois) Paolo Baldan (Pisa – Venezia) Andrea Bracciali (Pisa) FM seminar UIUC, 6 Dec. 2002 Research supported by • IST Programme on FET-GC Projects AGILE, MYTHS, SOCS • Italian MIUR Project COMETA • CNR Fellowship on Information Sciences and
FM seminar UIUC, 6 Dec. 2002. Symbolic Equivalences for Open Systems. Roberto Bruni (Pisa – Illinois) Paolo Baldan (Pisa – Venezia) Andrea Bracciali (Pisa). Research supported by IST Programme on FET-GC Projects AGILE, MYTHS, SOCS Italian MIUR Project COMETA - PowerPoint PPT Presentation
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Symbolic Approach Bisimulation Without Instantiation
– Facilitate analysis & verification of coordinators’ properties
Distinguishing Features– Symbolic LTS
• states are coordinators• labels are spatial/modal formulae
– Avoids universal closure– Allows for coalgebraic techniques– Constructive definition for Algebraic SOS and GSOS specs– (In general yields equivalences finer than univ )
Notation We start from a PC specified by
– Syntax & Structural Equivalence: (,E)• T,E is the set of Components p,q,r, …• T,E(X) is the set of Coordinators C, D, …• C[X1,…,Xn] means var(C) {X1,…,Xn}
– Labels: ranged by a,b,…
– LTS: L (defined on T,E & )• possibly defined via SOS inference rules
Symbolic Transition Systems
Ordinary SOS approach: – Behavior of a coordinator can depend on:
1. The spatial structure of the components that are inserted/connected/substituted
2. The behavior of those componentsIdea: to borrow formulae from a suitable “logic” to express the most general class of components that can take part in the coordinators’ evolution
What Logic Do We Need? Formulae must express the minimal amount of information on components for enabling the step:
– “Most general” active components needed for the step
– Assumptions not only on the structure of components, but also on their behavior
– Components not playing active role in the step
Spatial / Modal Formulae Logic L must include, as atomic formulae:
– Place-holders (process variables) X: q╞ X– Components p: q╞ p iff q E p
We will also consider:– Spatial formulae (for operators f): – q╞ f(1,…,n) iff q1╞ 1… qn╞ n. q E f(q1,…,qn)
– Modality a (for labels a): – q╞ a. iff p╞ . q –a p
Symbolic Transitions
C[X] –(Y)a D[Y]
intuitively: whenever p╞ (q), then C[p] –a D[q]
( q is to some extent the residual of p after satisfying )
Properties of irred• In general irred can lack transitivity irred is coarser than strict
irred and large are not comparable irred is strictly finer than univ
large
(large irred)*
uni
v
stri
ct
irred
PC specified in Algebraic SOS Format
(Yi is either Xi (if iI) or Zi (if iI))
ASOS, unlike De Simone, allows a generic context C in the source of the conclusion (instead of f)
Bisimulation by Unification
C[X1,…,Xn] –a D[Y1,…,Yn]{Xi –ai Zi}iI
trs( box(A,X) , A , X ) :- !.trs( C[X1,…,Xn],a,D[Y1,…,Yn] ) :-
trs(Xi1 , ai1 , Zi1), … , trs(Xin , ain , Zin).
The program can be seen as the specification of the STS– Goals have the form ?- trs(C[X1,…,Xn], a , Z).– Computed answer substitutions “give” the transitions– Backtracking mechanism + meta-logic ops (bagof) can be
used to collect all symbolic transitions for C[X1 ,…, Xn]
THEOREM:The resulting STS is correct & complete
The Prolog Algorithm
trs( box(A,X) , A , X ) :- !.trs( C[X1,…,Xn],a,D[Y1,…,Yn] ) :-
trs(Xi1 , ai1 , Zi1), … , trs(Xin , ain , Zin).
The program can be seen as the specification of the STS– Goals have the form ?- trs(C[X1,…,Xn], a , Z).– Computed answer substitutions “give” the transitions– Backtracking mechanism + meta-logic ops (bagof) can be
used to collect all symbolic transitions for C[X1 ,…, Xn]
THEOREM:The resulting STS is correct & complete
The Prolog Algorithm
trs( box(A,X) , A , X ) :- !.trs( C[X1,…,Xn],a,D[Y1,…,Yn] ) :-
trs(Xi1 , ai1 , Zi1), … , trs(Xin , ain , Zin).
The program can be seen as the specification of the STS– Goals have the form ?- trs(C[X1,…,Xn], a , Z).– Computed answer substitutions “give” the transitions– Backtracking mechanism + meta-logic ops (bagof) can be
used to collect all symbolic transitions for C[X1 ,…, Xn]
THEOREM:The resulting STS is correct & complete
The “Algorithm”
trs( box(A,X) , A , X ) :- !.trs( C[X1,…,Xn],a,D[Y1,…,Yn] ) :-
trs(Xi1 , ai1 , Zi1), … , trs(Xin , ain , Zin).
The program can be seen as the specification of the STS– Goals have the form ?- trs(C[X1,…,Xn], a , Z).– Computed answer substitutions “give” the transitions– Backtracking mechanism + meta-logic ops (bagof) can be
used to collect all symbolic transitions for C[X1 ,…, Xn]
THEOREM:The resulting STS is correct & complete
The Prolog Algorithm
(D linear, Yk is either Xi (if iI) or Zi,j (if iI))
Linear Positive GSOS Format
f(X1,…,Xn) –a D[Y1,…,Ym]{Xi –ai,j Zi,j | 1jmi} iI
The first clause this time becomes:trs( box(X) , A , ref(X,A,Y) ) :- !.(because the same variable can appear as the source of many goals, with different actions and conclusions)
Conjunction needed in the logic
De Simone format can be dealt with equivalently with any of the two encodings
Conclusions (almost)• General formal framework for open
systems– Meta-theoretic foundations
• Under suitable hypothesis: strict implies large / irred implies univ
• For suitable SOS format, a minimal STS can be defined constructively in Prolog– cut + unification– AC1 parallel operator (see AMAST paper)
Traces• Branching structure can be irrelevant in
many situations– Finite step sequences (traces) can suffice!– p –a1 p1 –a2 p2 –a3 … –an pn
– also written p –a1a2a3… an pn
– or just p –a1a2a3… an • Trace language:
– L(p) = { + | p – }• Trace equivalence :
– p q if L(p)=L(q)• Universal trace equivalence univ:
– C[X] univ D[X] if p. C[p] D[p]
Traces• Branching structure can be irrelevant in
many situations– Finite step sequences (traces) can suffice!– p –a1 p1 –a2 p2 –a3 … –an pn
– also written p –a1a2a3… an pn
– or just p –a1a2a3… an • Trace language:
– L(p) = { + | p – }• Trace equivalence :
– p q if L(p)=L(q)• Universal trace equivalence univ:
– C[X] univ D[X] if p. C[p] D[p]
Symbolic Traces• Traces of pairs (formula,action):