bisimulation by unification roberto bruni (univ. pisa – univ. illinois) paolo baldan (univ. pisa...

52
Bisimulation by Bisimulation by Unification Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) AMAST’02, La Réunion 9-13 Sept. 2002

Post on 20-Jan-2016

233 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Bisimulation by Bisimulation by UnificationUnification

Roberto Bruni (Univ. Pisa – Univ. Illinois)Paolo Baldan (Univ. Pisa – Univ. Venezia)Andrea Bracciali (Univ. Pisa)

AMAST’02, La Réunion 9-13 Sept. 2002

Page 2: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Acknowledgements

• Research Supported by:• IST Programme on FET-GC Projects

• AGILE (IST-2001-32747)• MYTHS• SOCS

• Thanks also to• Italian CNR• University of Illinois at Urbana-

Champaign

Page 3: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Roadmap

I. Introduction & Motivation II. Running Example (toy PC with

ambients)III. Symbolic Bisimulation

I. Symbolic Transition SystemsII. Strict & Large Bisimilarity

IV. Bisimulation by UnificationV. ConclusionsVI. (Related Work & Future Work)

Page 4: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

“Mission”

Methodology for the formal analysis of open systems

– Algebraic Representations of Processes– Properties as Equivalences

• Process Calculi + Bisimilarity• Closed Terms = Components• Contexts = Coordinators

– Compact (Symbolic) Transition Systems

Page 5: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Open Systems are…Interactive, Autonomous, Accessible via Interfaces, Dynamic, Programmable, … Ex. Web Services, WAN Computing, Mobile Code

Components Coordinators

p

q

rC[X1,X2,X3]

Page 6: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Interaction

Components can be dynamically connectedEx. Access to Network Services

Boundaries: access policies

(Typed) Holes: constrained dynamic binding

C[p,q,r]

Page 7: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Let’s Get Formal

Process Calculi “Ingredients”– Structure (,E): Signature + Structural

Axioms– Operational Semantics (SOS, LTS/RS)– Linguistic abstraction for holes and binding

• Variables & Substitutions

– Logic for expressing and proving properties• Specification & Verification

– Tool for focusing e.g. on distribution, communication, causal dependencies

Page 8: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

AbstractionEquivalence on Components: p q

– Bisimulation, Traces, May/Must Testing

Equivalence on Coordinators– C[X] univ D[X] iff p. C[p] D[p]

(for simplicity, we consider one-holed contexts in most slides)

– needs universal quantification (on instantiations)!

Focus on Bisimilarity (largest bisimulation): p q– if p –a p’ then q –a q’ with p’ q’– (and vice versa)

Page 9: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

GraphicallyComponents

p

p1a1

an pn

q

q1a1

an qn

Coordinators

C[X] D[X]

a1

an

a1

an

Page 10: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Example: Async. CCS + Ambients

p ::= 0 | a’ | a.p | n[p] | open n.p | in n.p | out n.p | p|p

n[P]|open n.Q P|Q

n[P|m[out n.Q|R]] n[P]|m[Q|R]

n[P] n[Q]P Q P Q

P|R Q|R

n[a.P|a’|Q] n[P|Q]

n[P]|m[in n.Q|R] n[P|m[Q|R]]

(Assume AC1 parallel composition)

Page 11: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

A Problem on Components

n[P]|open n.Q P|Q

n[P|m[out n.Q|R]] n[P]|m[Q|R]

n[P] n[Q]P Q P Q

P|R Q|R

n[a.P|a’|Q] n[P|Q]

n[P]|m[in n.Q|R] n[P|m[Q|R]]

n[a.0|a’] - n[0] -/ ? m[b.0|b’] - m[0] -/

Page 12: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

A Problem on Components

n[P]|open n.Q P|Q

n[P|m[out n.Q|R]] n[P]|m[Q|R]

n[P] n[Q]P Q P Q

P|R Q|R

n[a.P|a’|Q] n[P|Q]

n[P]|m[in n.Q|R] n[P|m[Q|R]]

n[a.0|a’] - n[0] -/ ? m[b.0|b’] - m[0] -/

Page 13: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

A Problem on Components

n[P]|open n.Q P|Q

n[P|m[out n.Q|R]] n[P]|m[Q|R]

n[P] n[Q]P Q P Q

P|R Q|R

n[a.P|a’|Q] n[P|Q]

n[P]|m[in n.Q|R] n[P|m[Q|R]]

n[a.0|a’] - n[0] -/ ? m[b.0|b’] - m[0] -/

Page 14: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

A Problem on Components

n[P]|open n.Q P|Q

n[P|m[out n.Q|R]] n[P]|m[Q|R]

n[P] n[Q]P Q P Q

P|R Q|R

n[a.P|a’|Q] n[P|Q]

n[P]|m[in n.Q|R] n[P|m[Q|R]]

n[a.0|a’] - n[0] -/ ? m[b.0|b’] - m[0] -/

Page 15: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

A Problem on Components

n[P]|open n.Q P|Q

n[P|m[out n.Q|R]] n[P]|m[Q|R]

n[P] n[Q]P Q P Q

P|R Q|R

n[a.P|a’|Q] n[P|Q]

n[P]|m[in n.Q|R] n[P|m[Q|R]]

n[a.0|a’] - n[0] -/ ? m[b.0|b’] - m[0] -/

Page 16: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

A Problem on Components

n[P]|open n.Q P|Q

n[P|m[out n.Q|R]] n[P]|m[Q|R]

n[P] n[Q]P Q P Q

P|R Q|R

n[a.P|a’|Q] n[P|Q]

n[P]|m[in n.Q|R] n[P|m[Q|R]]

n[a.0|a’] - n[0] -/ ? m[b.0|b’] - m[0] -/

Page 17: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

A Problem on Components

n[P]|open n.Q P|Q

n[P|m[out n.Q|R]] n[P]|m[Q|R]

n[P] n[Q]P Q P Q

P|R Q|R

n[a.P|a’|Q] n[P|Q]

n[P]|m[in n.Q|R] n[P|m[Q|R]]

n[a.0|a’] - n[0] -/ ? m[b.0|b’] - m[0] -/

Page 18: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

A Problem on Coordinators

n[P]|open n.Q P|Q

n[P|m[out n.Q|R]] n[P]|m[Q|R]

n[P] n[Q]P Q P Q

P|R Q|R

n[a.P|a’|Q] n[P|Q]

n[P]|m[in n.Q|R] n[P|m[Q|R]]

n[X] ? m[X]

Page 19: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Symbolic Approach Bisimulation Without Instantiation

– Facilitate analysis & verification of coordinators’ properties

Distinguishing Features– Symbolic LTS

• states are coordinators• labels are spatial/modal formulae

– Avoids universal closure– Allows for coalgebraic techniques– Constructive definition for Algebraic SOS– (In general yields equivalences finer than univ )

Page 20: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Notation

We start from a PC specified by – Syntax & Structural Equivalence: (,E)

• T,E is the set of Components p,q,r…

• T,E(X) is the set of Coordinators C[X], D[X],…

• C[X1,…,Xn] means var(C) {X1,…,Xn}

– Labels: ranged by a,b,…

– LTS: L (defined on T,E & )• possibly defined by SOS rules

Page 21: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Symbolic Transition Systems

Ordinary SOS approach: – Behavior of a coordinator can depend on:

1. The spatial structure of the components that are inserted/connected/substituted

2. The behavior of those components

Idea: to borrow formulae from a suitable “logic” to express the most general class of components that can take part in the coordinators’ evolution

Page 22: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

What Logic Do We Need? Formulae must express the minimal amount of information on components for enabling the step:

– Components that are not playing active role in the step– “Most general” active components needed for the step– Assumptions not only on the structure of components,

but also on their behavior

Logic L must include, as atomic formulae:– Place-holders (process variables) X: q╞ X

– Components p: q╞ p iff q E p

Page 23: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Symbolic Transitions

C[X] –(Y)a D[Y]

intuitively: whenever p╞ (q), then C[p] –a D[q]

( q is to some extent the residual of p after satisfying )

Coordinators

Formula Ordinary label

Page 24: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Correctness

C[p] –a D[q]

C[X] –(Y)a D[Y]STS

LTS L

C[p1] –a D[q1]

C[p2] –a D[q2]

C[pn] –a D[qn]

pi,qi. pi╞ (qi)

components that can make a

p╞ (q)

Page 25: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Completeness

r E C[p] –a q

STS

LTS L

,s. C[X] –(Y)a D[Y]with p╞ (s) and q D[s]

Page 26: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Strict Bisimilarity Strict Bisimilarity: largest (strict) bisimulation s.t.

C[X] –(Y)a C’[Y]

strict strict

D[X] –(Y)a D’[Y]

THEOREM: If the STS is correct & complete, then

strict univ

Page 27: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Strict Bisimilarity Strict Bisimilarity: largest (strict) bisimulation s.t.

C[X] –(Y)a C’[Y]

strict strict

D[X] –(Y)a D’[Y]

THEOREM: If the STS is correct & complete, then

strict univ

Page 28: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Strict Bisimilarity Strict Bisimilarity: largest (strict) bisimulation s.t.

C[X] –(Y)a C’[Y]

strict strict

D[X] –(Y)a D’[Y]

THEOREM: If the STS is correct & complete, then

strict univ

Page 29: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Strict Bisimilarity Strict Bisimilarity: largest (strict) bisimulation s.t.

C[X] –(Y)a C’[Y]

strict strict

D[X] –(Y)a D’[Y]

THEOREM: If the STS is correct & complete, then

strict univ

Page 30: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Strict Bisimilarity Strict Bisimilarity: largest (strict) bisimulation s.t.

C[X] –(Y)a C’[Y]

strict strict

D[X] –(Y)a D’[Y]

THEOREM: If the STS is correct & complete, then

strict univ

Page 31: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Back to the Open Problem

n[P]|open n.Q P|Q

n[P|m[out n.Q|R]] n[P]|m[Q|R]

n[P] n[Q]P Q P Q

P|R Q|R

n[a.P|a’|Q] n[P|Q]

n[P]|m[in n.Q|R] n[P|m[Q|R]]

n[X] –Y|k[out n.Z|W]] n[Y]|k[Z|W] strict? m[X]

Page 32: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Back to the Open Problem

n[P]|open n.Q P|Q

n[P|m[out n.Q|R]] n[P]|m[Q|R]

n[P] n[Q]P Q P Q

P|R Q|R

n[a.P|a’|Q] n[P|Q]

n[P]|m[in n.Q|R] n[P|m[Q|R]]

n[X] –Y|k[out n.Z|W]] n[Y]|k[Z|W] strict? m[X] –Y|k[out n.Z|W]] -/

Page 33: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Back to the Open Problem

n[P]|open n.Q P|Q

n[P|m[out n.Q|R]] n[P]|m[Q|R]

n[P] n[Q]P Q P Q

P|R Q|R

n[a.P|a’|Q] n[P|Q]

n[P]|m[in n.Q|R] n[P|m[Q|R]]

n[X] –Y|k[out n.Z|W]] n[Y]|k[Z|W] strict m[X] –Y|k[out n.Z|W]] -/

Page 34: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Back to the Open Problem

n[P]|open n.Q P|Q

n[P|m[out n.Q|R]] n[P]|m[Q|R]

n[P] n[Q]P Q P Q

P|R Q|R

n[a.P|a’|Q] n[P|Q]

n[P]|m[in n.Q|R] n[P|m[Q|R]]

n[X] univ m[X]

(take X = k[out n.0])

Page 35: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

A Last Problem

n[P]|open n.Q P|Q

n[P|m[out n.Q|R]] n[P]|m[Q|R]

n[P] n[Q]P Q P Q

P|R Q|R

n[a.P|a’|Q] n[P|Q]

n[P]|m[in n.Q|R] n[P|m[Q|R]]

n[m[out n.X]] –Y n[0]|m[0] strict ?n[0]|m[a’|a.X] –Y n[0]|m[0]

Page 36: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

A Last Problem

n[P]|open n.Q P|Q

n[P|m[out n.Q|R]] n[P]|m[Q|R]

n[P] n[Q]P Q P Q

P|R Q|R

n[a.P|a’|Q] n[P|Q]

n[P]|m[in n.Q|R] n[P|m[Q|R]]

n[m[out n.X]] –Y n[0]|m[Y] strict n[0]|m[a’|a.X] –Y n[0]|m[Y]

Page 37: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

A Last Problem

n[P]|open n.Q P|Q

n[P|m[out n.Q|R]] n[P]|m[Q|R]

n[P] n[Q]P Q P Q

P|R Q|R

n[a.P|a’|Q] n[P|Q]

n[P]|m[in n.Q|R] n[P|m[Q|R]]

n[m[out n.X]] strict n[0]|m[a’|a.X]

n[m[out n.X]] univ n[0]|m[a’|a.X]

Page 38: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Large Bisimilarity What if strict is too fine?

We can relax the strict bisimilarity when the logic L includes generic spatial formulae:

– Operators f: • q╞ f(1,…,n) iff qi. q E

f(q1,…,qn) qi╞ i

We call spatial formulae those composed by spatial operators and place-holders only

– Ambivalent view of Spatial Formulae as Coordinators

Page 39: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Large Bisimilarity Large Bisimilarity: largest (large) bisimulation s.t.

C[X] –(Y)a C’[Y] large D’[(Y)]large

D[X] –(Z)a D’[Z] (Y) = ((Y))(Y) spatial

THEOREM: If the STS is correct & complete, then

large univ

Page 40: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Large Bisimilarity Large Bisimilarity: largest (large) bisimulation s.t.

C[X] –(Y)a C’[Y] large D’[(Y)]large

D[X] –(Z)a D’[Z] (Y) = ((Y))(Y) spatial

THEOREM: If the STS is correct & complete, then

large univ

Page 41: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Large Bisimilarity Large Bisimilarity: largest (large) bisimulation s.t.

C[X] –(Y)a C’[Y] large D’[(Y)]large

D[X] –(Z)a D’[Z] (Y) = ((Y))(Y) spatial

THEOREM: If the STS is correct & complete, then

large univ

Page 42: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Large Bisimilarity Large Bisimilarity: largest (large) bisimulation s.t.

C[X] –(Y)a C’[Y] large D’[(Y)]large

D[X] –(Z)a D’[Z] (Y) = ((Y))(Y) spatial

THEOREM: If the STS is correct & complete, then

large univ

Page 43: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Large Bisimilarity Large Bisimilarity: largest (large) bisimulation s.t.

C[X] –(Y)a C’[Y] large D’[(Y)]large

D[X] –(Z)a D’[Z] (Y) = ((Y))(Y) spatial

THEOREM: strict large If the STS is correct & complete, then

large univ

Page 44: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Large Bisimilarity Large Bisimilarity: largest (large) bisimulation s.t.

C[X] –(Y)a C’[Y] large D’[(Y)]large

D[X] –(Z)a D’[Z] (Y) = ((Y))(Y) spatial

THEOREM: strict large If the STS is correct & complete, then

large univ

Page 45: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Why Use strict & large • As an approximation method for univ

univ is not defined coinductively

univ requires the verification of infinitely many equivalences

• Bonus Theorems:– C[X] large D[X] implies C[E[Y]] univ D[E[Y]]

– C[X] strict D[X] implies C[E[Y]] univ D[E[Y]]

• Note that in general large is not transitive

• Bonus Theorem:– if C[X] large D[X] implies C[E[Y]] large D[E[Y]], then

large is transitive and thus it is an equivalence relation

Page 46: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Algebraic SOS Format (spatial/modal constraints)

(Yi is either Xi (if iI) or Zi (if iI))

Formulae: ::= X | p | a. | f(,…,)– Modality a: q╞ a. iff q –a p p ╞

Bisimulation by Unification

C[X1,…,Xn] –a D[Y1,…,Yn]

{Xi –ai Zi}iI

Page 47: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

trs( box(A,X) , A , X ) :- !.

trs( C[X1,…,Xn],a,D[Y1,…,Yn] ) :-

trs(Xi1 , ai1 , Zi1), … ,

trs(Xin , ain , Zin).

The program can be seen as the specification of the STS

– Goals have the form ?- trs(C[X1,…,Xn], a , Z).– Backtracking mechanism + meta-logic ops (bagof) can be

used to compute all symbolic transitions for C[X]

THEOREM:The resulting STS is correct & complete

The Prolog Algorithm

Page 48: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Conclusions• General formal framework for open systems

– Meta-theoretic foundations

• Under suitable hypothesis: strict implies large implies univ

• For the Algebraic SOS format, a minimal STS can be defined constructively in Prolog– cut + unification– extension to AC1 parallel operator (see paper)

Page 49: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Dual View• Instantiation Contextualization• When is not a congruence:

– p q iff C[X]. C[p] C[q] is not a bisimulation (unless is a congruence)

• (the largest congruence which is also a bisimulation is called dynamic bisimulation)

• Sewell, Leifer & Milner: minimal contexts as labels– Transitions: p –C[ _ ,X1,…,Xn] D[X1,…,Xn]

1. pi. C[p,p1,…,pn] - D[p1,…,pn]2. C[.] minimal (not necessarily minimum)– Universal quantification moved from contexts to

components!

Page 50: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Related Work / Source of Inspiration

• Sewell, Leifer & Milner– categorical characterization of the most general

interaction (relative pushout)

• Caires, Cardelli & Gordon• Fiadeiro, Maibaum, Martì-Oliet, Meseguer &

Pita– elegant mathematical tool for expressing

structural & temporal aspects

• Bruni, Montanari & Rossi – interactive view of Logic Programming

Page 51: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Future Work• Deal with names

– Name restriction & Logical notion of freshness

• Duality– Categorical formulation (relative pullback?)

• Symbolic approach to the verification of infinite state cryptographic protocols

• Extension to meta and abductive LP– Programmable definition of proofs– To answer questions like “under which assumptions

can p|X evolve so to satisfy a certain property?” that are relevant in dynamic system engineering

Page 52: Bisimulation by Unification Roberto Bruni (Univ. Pisa – Univ. Illinois) Paolo Baldan (Univ. Pisa – Univ. Venezia) Andrea Bracciali (Univ. Pisa) AMAST’02,

Bisimulation By Unification

a paper by Andrea Bracciali Paolo Baldan Roberto Bruni

AMAST presentation by Roberto Bruni

Research supported by IST Programme on FET-GC Projects AGILE, MYTHS,

SOCS Italian CNR University of Illinois at Urbana-Champaign