4/25/20151 Metodi formali nello sviluppo software a.a.2013/2014 Prof.Anna Labella

4/25/ Process Equivalences Sameness of behaviour = equivalence of states Many process equivalences have been proposed For instance: q 1 ~ q 2 iff –q 1 and q 2 have the same paths, or –q 1 and q 2 may always refuse the same interactions, or –q 1 and q 2 pass the same tests, or –q 1 and q 2 satisfy the same temporal formulas, or –q 1 and q 2 have identical branching structure CCS: Focus on bisimulation equivalence

4/25/ Bisimulation Equivalence Intuition: q 1 ~ q 2 iff q 1 and q 2 have same branching structure Idea: Find relation which will relate two states with the same transition structure, and make sure the relation is preserved Example: aaa b b bc c c q1q1 q2q2

4/25/ Strong Bisimulation Equivalence Given: Labelled transition system T = (Q, ,R) Looking for a relation S  Q  Q on states S is a strong bisimulation relation if whenever q 1 S q 2 then: –q 1   q 1 ’ implies q 2   q 2 ’ for some q 2 ’ such that q 1 ’ S q 2 ’ –q 2   q 2 ’ implies q 1   q 1 ’ for some q 1 ’ such that q 1 ’ S q 2 ’ q 1 and q 2 are strongly bisimilar iff q 1 S q 2 for some strong bisimulation relation S q 1  q 2 : q 1 and q 2 are strongly bisimilar Peled uses ´ bis for »

4/25/ Example q1q1 q0q0 q2q2 p0p0 p1p1 p2p2 a a a a a a a b b b Does q 0 ~ p 0 hold?

4/25/ Example q1q1 q0q0 q2q2 p0p0 p1p1 p2p2 c aa a c b b Does q 0 ~ p 0 hold? q3q3 q4q4 p3p3

4/25/ Weak Transitions What to do about internal activity?  : Transition label for activity which is not externally visible q   q’ iff q = q 0   q 1  ...   q n = q’, n  0 q   q’ iff q   q’ q   q’ iff q   q 1   q 2   q’ (    ) Beware that   =   (non-standard notation) Observational equivalence, v.1.0: Bisimulation equivalence with  in place of  Let q 1  q 2 iff q 1 ~ q 2 with   in place of  

4/25/ Observational Equivalence Let S  Q  Q. The relation S is a weak bisimulation relation if whenever q 1 S q 2 then: –q 1   q 1 ’ implies q 2   q 2 ’ for some q 2 ’ such that q 1 ’ S q 2 ’ –q 2   q 2 ’ implies q 1   q 1 ’ for some q 1 ’ such that q 1 ’ S q 2 ’ q 1 and q 2 are observationally equivalent, or weakly bisimulation equivalent, if q 1 S q 2 for some weak bisimulation relation S q 1  q 2 : q 1 and q 2 are observationally equivalent/weakly bisimilar

4/25/ Examples a a a a a a a a b b c c c        

4/25/ Examples b a  b a  a  b All three are inequivalent

4/25/ Bisimulazioni Strong Weak Branching

4/25/ Bisimulazioni Strong Se un processo/stato può fare una mossa, allora può farla anche l ’ altro e viceversa. a c bc b b a a bc

4/25/ Bisimulazioni weak Un processo può passare attraverso più stati (non equivalenti e non allineati) con mosse invisibili, tentando di simulare l ’ altro. a b c b a b c a

4/25/ Bisimulazioni branching Un processo può passare attraverso più stati (equivalenti) con mosse invisibili, mentre l ’ altro è fermo, ma mantiene le stesse potenzialità. a b b a bc b a c

4/25/ Proving Equivalences The bisimulation proof method: To establish P  Q: 1. Identify a relation S such that P S Q 2. Prove that S is a weak bisimulation relation This is the canonical method There are other methods for process verification: 1. Equational reasoning 2. Temporal logic specification/proof/model checking

4/25/ Bisimilarità: massimo punto fisso

4/25/

4/25/

4/25/

4/25/

4/25/

4/25/

4/25/

4/25/

4/25/

4/25/

4/25/

4/25/

4/25/

4/25/

4/25/

4/25/

4/25/