On infinite guarded recursive specifications in process algebra
aa r X i v : . [ c s . L O ] M a y On Infinite Guarded Recursive Specificationsin Process Algebra
R.J. van Glabbeek , and C.A. Middelburg Data61, CSIRO, Sydney, Australia School of Computer Science and Engineering, University of New South Wales,Sydney, Australia [email protected] Informatics Institute, Faculty of Science, University of Amsterdam,Amsterdam, the Netherlands
Abstract.
In most presentations of ACP with guarded recursion, recur-sive specifications are finite or infinite sets of recursion equations of whichthe right-hand sides are guarded terms. The completeness with respectto bisimulation equivalence of the axioms of ACP with guarded recursionhas only been proved for the special case where recursive specificationsare finite sets of recursion equations of which the right-hand sides areguarded terms of a restricted form known as linear terms. In this note,we widen this completeness result to the general case.
Keywords: process algebra, guarded recursion, completeness, infinitaryconditional equational logic.
F.1.2, F.4.1
In ACP with guarded recursion, guarded recursive specifications, i.e. sets ofrecursion equations of which the right-hand sides are guarded terms, are usedfor recursive definitions of processes (see e.g. [1]). In most cases where ACP or avariant of it is extended with guarded recursion, guarded recursive specificationsmay be infinite. Moreover, countably infinite guarded recursive specificationsare used in many applications of the process algebras concerned. Nevertheless,the completeness with respect to bisimulation equivalence of the axioms of ACPwith guarded recursion has only been proved for the special case where recursivespecifications are finite sets of recursion equations of which the right-hand sidesare guarded terms of a restricted form known as linear terms.The second author of this note realized in March 2017 that the completenessproof given in [2] for the above-mentioned special case could be widened tothe general case. He communicated this at the time with several colleagues andforgot about it until it was recently mentioned in [3]. This mention motivatedhim to write a note about the general completeness result. It is noteworthy thatthe proof of the fact on which the widening of the existing completeness proof isased (Theorem 1) turned out to be less straightforward than the second authorthought in March 2017 and comes from the first author.In order to make this note self-contained, it contains short surveys of ACPand its extension with guarded recursion. We did not attach much importanceto preventing any text overlap with surveys from earlier papers.
In this section, we give a survey of ACP (Algebra of Communicating Processes).For a comprehensive overview of ACP, the reader is referred to [1,2].In ACP, it is assumed that a fixed but arbitrary set A of actions , with δ / ∈ A ,has been given. We write A δ for A ∪ { δ } . It is further assumed that a fixed butarbitrary commutative and associative communication function γ : A δ × A δ → A δ ,with γ ( δ, a ) = δ for all a ∈ A δ , has been given. The function γ is regarded togive the result of synchronously performing any two actions for which this ispossible, and to give δ otherwise.The signature of ACP consists of the following constants and operators: – for each a ∈ A , the action constant a ; – the inaction constant δ ; – the binary alternative composition operator + ; – the binary sequential composition operator · ; – the binary parallel composition operator k ; – the binary left merge operator ⌊⌊ ; – the binary communication merge operator | ; – for each H ⊆ A , the unary encapsulation operator ∂ H .We assume that there is an infinite set X of variables which contains x , y and z with and without subscripts. Terms over the signature of ACP, also referred toas ACP terms, are built as usual. We use infix notation for the binary operators.The precedence conventions used with respect to the operators of ACP are asfollows: + binds weaker than all others, · binds stronger than all others, and theremaining operators bind equally strong.The constants of ACP can be explained as follows ( a ∈ A ): – δ denotes the process that cannot do anything; – a denotes the process that first performs action a and after that terminatessuccessfully.Let t and t ′ be closed ACP terms denoting processes p and p ′ . Then the operatorsof ACP can be explained as follows: – t + t ′ denotes the process that behaves as p or behaves as p ′ (but not both); – t · t ′ denotes the process that first behaves as p and on successful termina-tion of p next behaves as p ′ ; – t k t ′ denotes the process that behaves as p and p ′ in parallel;2 able 1. Axioms of ACP x + y = y + x A1( x + y ) + z = x + ( y + z ) A2 x + x = x A3( x + y ) · z = x · z + y · z A4( x · y ) · z = x · ( y · z ) A5 x + δ = x A6 δ · x = δ A7 ∂ H ( a ) = a if a / ∈ H D1 ∂ H ( a ) = δ if a ∈ H D2 ∂ H ( x + y ) = ∂ H ( x ) + ∂ H ( y ) D3 ∂ H ( x · y ) = ∂ H ( x ) · ∂ H ( y ) D4 x k y = x ⌊⌊ y + y ⌊⌊ x + x | y CM1 a ⌊⌊ x = a · x CM2 a · x ⌊⌊ y = a · ( x k y ) CM3( x + y ) ⌊⌊ z = x ⌊⌊ z + y ⌊⌊ z CM4 a · x | b = ( a | b ) · x CM5 a | b · x = ( a | b ) · x CM6 a · x | b · y = ( a | b ) · ( x k y ) CM7( x + y ) | z = x | z + y | z CM8 x | ( y + z ) = x | y + x | z CM9 a | b = γ ( a, b ) CF – t ⌊⌊ t ′ denotes the same process as t k t ′ , except that it starts with performingan action of p ; – t | t ′ denotes the same process as t k t ′ , except that it starts with performingan action of p and an action of p ′ synchronously; – ∂ H ( t ) denotes the process that behaves the same as p , except that actionsfrom H are blocked.The operators ⌊⌊ and | are of an auxiliary nature. They are needed to axiomatizeACP.The axioms of ACP are the equations given in Table 1. In these equations, a and b stand for arbitrary constants of ACP, and H stands for an arbitrarysubset of A . In D1 and D2, side conditions restrict what a and H stand for.In the sequel, we will use the sum notation P i
0, the term P i Axioms for guarded recursion h X | E i = h t | E i if X = t ∈ E RDP E ⇒ X = h X | E i if X ∈ V( E ) RSP Let t be a term over the signature of ACP or an extension of ACP in whicha variable X occurs. Then an occurrence of X in t is guarded if t has a subtermof the form a · t ′ where a ∈ A and t ′ contains this occurrence of X . An ACP term t is a guarded ACP term if all occurrences of variables in t are guarded.A guarded recursive specification over ACP is a set { X i = t i | i ∈ I } , where I is a finite or infinite set, each X i is a variable from X , each t i is either a guardedACP term in which only variables from { X i | i ∈ I } occur or an ACP termrewritable to such a term using the axioms of ACP in either direction and/orthe equations in { X j = t j | j ∈ I ∧ i = j } from left to right, and X i = X j for all i, j ∈ I with i = j .We write V( E ), where E is a guarded recursive specification, for the set ofall variables that occur in E . The equations occurring in a guarded recursivespecification are called recursion equations .A solution of a guarded recursive specification E in some model of ACP isa set { p X | X ∈ V( E ) } of elements of the carrier of that model such that eachequation in E holds if, for all X ∈ V( E ), X is assigned p X . We are only inter-ested in models of ACP in which guarded recursive specifications have uniquesolutions.We extend ACP with guarded recursion by adding constants for solutionsof guarded recursive specifications over ACP and axioms concerning these addi-tional constants. For each guarded recursive specification E over ACP and each X ∈ V( E ), we add a constant h X | E i that stands for the unique solution of E for X to the constants of ACP. We add the equation RDP and the conditionalequation RSP given in Table 2 to the axioms of ACP. In RDP and RSP, X stands for an arbitrary variable from X , t stands for an arbitrary ACP term, E stands for an arbitrary guarded recursive specification over ACP, and the nota-tion h t | E i is used for t with, for all X ∈ V( E ), all occurrences of X in t replacedby h X | E i . Side conditions restrict what X , t and E stand for. We write ACP rec for the resulting theory. Terms over the signature of ACP rec are also referred toas ACP rec terms.The equations h X | E i = h t | E i and the conditional equations E ⇒ X = h X | E i for a fixed E express that the constants h X | E i make up a solution of E and thatthis solution is the only one.Because we have to deal with conditional equational formulas with an infinitenumber of premises in ACP rec , it is understood that infinitary conditional equa-tional logic is used in deriving equations from the axioms of ACP rec . A completeinference system for infinitary conditional equational logic can be found in [4]. Itis noteworthy that in the case of infinitary conditional equational logic derivationtrees may be infinitely branching (but they may not have infinite branches).4e write T ⊢ t = t ′ , where T is ACP or ACP rec , to indicate that the equation t = t ′ is derivable from the axioms of T using a complete inference system forinfinitary conditional equational logic. In this section, we show that each guarded recursive specification over ACPcan be reduced to one in which the right-hand sides of recursion equations areguarded terms of a restricted form known as linear terms. This result will beused in Section 6. In its proof, we make use of the fact that each guarded ACPterm has a head normal form.Let T be ACP or ACP rec . The set HNF of head normal forms of T is induc-tively defined by the following rules: – δ ∈ HNF ; – if a ∈ A , then a ∈ HNF ; – if a ∈ A and t is a term over the signature of T , then a · t ∈ HNF ; – if t, t ′ ∈ HNF , then t + t ′ ∈ HNF .Each head normal form of T is derivably equal to a head normal form of theform P i For each guarded ACP rec term t , thereexists a head normal form t ′ of ACP rec such that ACP rec ⊢ t = t ′ .Proof. First we prove the following weaker result about head normal forms: For each guarded ACP term t , there exists a head normal form t ′ of ACP such that ACP ⊢ t = t ′ .The proof is straightforward by induction on the structure of t . The case where t is of the form δ and the case where t is of the form a ( a ∈ A ) are trivial. The casewhere t is of the form t + t follows immediately from the induction hypothesis.The case where t is of the form t · t follows immediately from the inductionhypothesis and the claim that, for all head normal forms t and t of ACP, thereexists a head normal form t ′ of ACP such that t · t = t ′ is derivable from theaxioms of ACP. This claim is easily proved by induction on the structure of t .The cases where t is of one of the forms t ⌊⌊ t , t | t or ∂ H ( t ) are proved alongthe same lines as the case where t is of the form t · t . In the case that t is ofthe form t | t , each of the cases to be considered in the inductive proof of theclaim demands a proof by induction on the structure of t . The case that t is ofthe form t k t follows immediately from the case that t is of the form t ⌊⌊ t and the case that t is of the form t | t . Because t is a guarded ACP term, thecase where t is a variable cannot occur.5he proof of the proposition itself is also straightforward by induction onthe structure of t . The cases other than the case where t is of the form h X | E i is proved in the same way as in the above proof of the weaker result. The casewhere t is of the form h X | E i follows immediately from the weaker result andRDP. ⊓⊔ The set LT of linear ACP terms is inductively defined by the following rules: – δ ∈ LT ; – if a ∈ A , then a ∈ LT ; – if a ∈ A and X ∈ X , then a · X ∈ LT ; – if t, t ′ ∈ LT , then t + t ′ ∈ LT .Clearly, each linear ACP term is also a guarded ACP term (but not vice versa).A linear recursive specification over ACP is a guarded recursive specification E over ACP such that, for each equation X = t ∈ E , t ∈ LT .Each guarded recursive specification over ACP can be reduced to a linearrecursive specification over ACP. Theorem 1 (Reduction). For each guarded recursive specification E over ACP and each X ∈ V( E ) , there exists a finite or countably infinite linear recur-sive specification E ′ over ACP such that ACP rec ⊢ h X | E i = h X | E ′ i .Proof. We approach this algorithmically. In the construction of the linear recur-sive specification E ′ , we keep a set V of recursion equations from E ′ that arealready found and a sequence W of equations of the form X k = h t k | E i that stillhave to be transformed. The algorithm has a finite or countably infinite numberof stages. In each stage, V and W are finite. Initially, V is empty and W containsonly the equation X = h X | E i .In each stage, we remove the first equation from W . Assume that this equa-tion is X k = h t k | E i . We bring the term h t k | E i into head normal form. If t k isnot a guarded term, then we use RDP here to turn t k into a guarded term first.Thus, by Proposition 1, we can always bring the term h t k | E i into head normalform. Assume that the resulting head normal form is P i In this section, we present a structural operational semantics of ACP rec anddefine a notion of bisimulation equivalence based on this semantics.We start with presenting a structural operational semantics of ACP rec . Thefollowing relations on closed ACP rec terms are used: – for each a ∈ A , a unary relation a −→ √ ; – for each a ∈ A , a binary relation a −→ .We write t a −→ √ instead of a −→ √ ( t ) and t a −→ t ′ instead of a −→ ( t, t ′ ). The relations a −→ √ and a −→ can be explained as follows: – t a −→ √ : t can perform action a and then terminate successfully; – t a −→ t ′ : t can perform action a and then behave as t ′ .The structural operational semantics of ACP rec is described by the rules givenin Table 3. In these tables, a , b , and c stand for arbitrary actions from A , X stands for an arbitrary variable from X , t stands for an arbitrary ACP term,and E stands for an arbitrary guarded recursive specification over ACP.A bisimulation is a binary relation R on closed ACP rec terms such that, forall closed ACP rec terms t , t with R ( t , t ), the following conditions hold: – if t a −→ t ′ , then there exists a closed ACP rec term t ′ such that t a −→ t ′ and R ( t ′ , t ′ ); – if t a −→ t ′ , then there exists a closed ACP rec term t ′ such that t a −→ t ′ and R ( t ′ , t ′ ); – t a −→ √ iff t a −→ √ .Two closed ACP rec terms t , t are bisimulation equivalent , written t ↔ t , ifthere exists a bisimulation R such that R ( t , t ). Proposition 2 (Congruence). ↔ is a congruence with respect to the opera-tors of ACP rec . The axioms of ACP rec are sound with respect to bisimulation equivalence forequations between closed terms. Theorem 2 (Soundness). For all closed ACP rec terms t and t ′ , t ↔ t ′ if ACP rec ⊢ t = t ′ . The proofs of Proposition 2 and Theorem 2 can, for example, be found in [1].7 able 3. Rules for the operational semantics of ACP rec a a −→ √ x a −→ √ x + y a −→ √ y a −→ √ x + y a −→ √ x a −→ x ′ x + y a −→ x ′ y a −→ y ′ x + y a −→ y ′ x a −→ √ x · y a −→ y x a −→ x ′ x · y a −→ x ′ · yx a −→ √ x k y a −→ y y a −→ √ x k y a −→ x x a −→ x ′ x k y a −→ x ′ k y y a −→ y ′ x k y a −→ x k y ′ x a −→ √ , y b −→ √ x k y c −→ √ γ ( a, b ) = c x a −→ √ , y b −→ y ′ x k y c −→ y ′ γ ( a, b ) = cx a −→ x ′ , y b −→ √ x k y c −→ x ′ γ ( a, b ) = c x a −→ x ′ , y b −→ y ′ x k y c −→ x ′ k y ′ γ ( a, b ) = cx a −→ √ x ⌊⌊ y a −→ y x a −→ x ′ x ⌊⌊ y a −→ x ′ k yx a −→ √ , y b −→ √ x | y c −→ √ γ ( a, b ) = c x a −→ √ , y b −→ y ′ x | y c −→ y ′ γ ( a, b ) = cx a −→ x ′ , y b −→ √ x | y c −→ x ′ γ ( a, b ) = c x a −→ x ′ , y b −→ y ′ x | y c −→ x ′ k y ′ γ ( a, b ) = cx a −→ √ ∂ H ( x ) a −→ √ a H x a −→ x ′ ∂ H ( x ) a −→ ∂ H ( x ′ ) a H h t | E i a −→ √ h X | E i a −→ √ X = t ∈ E h t | E i a −→ x ′ h X | E i a −→ x ′ X = t ∈ E It follows from Theorem 1 and the completeness proof given in [2] for the specialcase of finite linear recursive specifications over ACP that the axioms of ACP rec are also complete with respect to bisimulation equivalence for equations betweenclosed terms. Theorem 3 (Completeness). For all closed ACP rec terms t and t ′ , t ↔ t ′ only if ACP rec ⊢ t = t ′ . roof. Theorem 4.4.1 from [2] states that, for all closed ACP rec terms t and t ′ inwhich only constants h X | E i occur where E is a finite linear recursive specifica-tion, t ↔ t ′ only if ACP rec ⊢ t = t ′ . We can strengthen this theorem by droppingthe finiteness condition because the proof given in [2] does not rely on it. It fol-lows immediately from the strengthened version of Theorem 4.4.1 from [2] andTheorem 1 from the current paper that, for all closed ACP rec terms t and t ′ , t ↔ t ′ only if ACP rec ⊢ t = t ′ . ⊓⊔ To the best of our knowledge, the completeness of the axioms of ACP rec withrespect to bisimulation equivalence has as yet only been proved for the specialcase of finite linear recursive specifications. Crucial for the completeness for thegeneral case is that infinitary conditional equational logic is used in derivingequations from the axioms of ACP rec . The use of this logic is inescapable withinfinite guarded recursive specifications. This speaks for itself, but it is virtuallyunmentioned in the literature on process algebra. We have widened the existing completeness result for ACP rec . A by-product ofthis work is the following expressiveness result: in each model of ACP rec , theprocesses that can be described by a guarded recursive specification over ACPand the processes that can be described by a finite or countably infinite linearrecursive specification over ACP are the same. Notice that even uncountablyinfinite guarded recursive specifications over ACP can be reduced to finite orcountably infinite linear recursive specifications over ACP. References 1. Baeten, J.C.M., Weijland, W.P.: Process Algebra, Cambridge Tracts in TheoreticalComputer Science, vol. 18. Cambridge University Press, Cambridge (1990)2. Fokkink, W.J.: Introduction to Process Algebra. Texts in Theoretical ComputerScience, An EATCS Series, Springer-Verlag, Berlin (2000)3. van Glabbeek, R.J.: Failure trace semantics for a process algebra with time-outs. arXiv:2002.10814v1 [cs.LO] (2020)4. van Glabbeek, R.J., Vaandrager, F.W.: Modular specification of process algebras.Theoretical Computer Science 113(2), 293–348 (1993)(2020)4. van Glabbeek, R.J., Vaandrager, F.W.: Modular specification of process algebras.Theoretical Computer Science 113(2), 293–348 (1993)