SDS Foil no 1 Process Algebra Process Algebra – calculating with behaviours

SDS Foil no 2 What Languages for behaviour expressions: CCS, LOTOS, CSP, ACP, … with focus on concurrency and interactions Semantics in terms of transition systems Calculus with theorems and equivalences Languages for behaviour expressions: CCS, LOTOS, CSP, ACP, … with focus on concurrency and interactions Semantics in terms of transition systems Calculus with theorems and equivalences Language: 0,1, 2, 3, … I, II, III, IV,... Language: 0,1, 2, 3, … I, II, III, IV,... Semantics: {}, {●}, {●●}, {●●●},... 0, succ(0), succ(succ(0)),... Semantics: {}, {●}, {●●}, {●●●},... 0, succ(0), succ(succ(0)),... Calculus: 0+x = x x+y = y+x Calculus: 0+x = x x+y = y+x

SDS Foil no 3 Why? Reasoning about behaviours: understanding transforming and composing comparing deriving properties verifying and validating Using mathematics Reasoning about behaviours: understanding transforming and composing comparing deriving properties verifying and validating Using mathematics

SDS Foil no 4 Reasoning about specification and design Specification Design Verification objects properties Validation Common representation

SDS Foil no 5 Rigid Synchronization Threes - RST S2 = a; b + c; dS1=a; b; cS3 = a; (b + c )S4 = a; b + a; c a b c a b c a d a b a c b c Behaviour S1 = action a followed by action b followed by action c note the non-determinism here

SDS Foil no 6 Is S3 equivalent to S4? S3 = a; (b + c )S4 = a; b + a; c aa b a c b c S3 ~ S4 ??

SDS Foil no 7 It depends... Traces: S3 and S4 represents the same traces Observation: after a S3 will accept b and c S4 will accept b or c S3 = a; (b + c )  ~ S4 = a; b + a; c aa b a c b c S3 = a; (b + c ) S4 = a; b + a; c aa b a c b c Trace equivalence is less restrictive than observation equivalence

SDS Foil no 8 Recursion Substitute ocurrence by definition loops represented by tail recursion Substitute ocurrence by definition loops represented by tail recursion a S1 S0 = a; S1S1 = b + g; S3S3 = d; S0 d S0 S0 = a; (b + g; d; S0) b S3 g a b g d S0

SDS Foil no 9 Algebra over RST L  - a set of actions a, b, c  L Operations: NIL: rst = NIL +: rst = rst + rst prefix: rst = a; rst Laws: a + (b + c) = (a + b) + c a + b = b + a a + NIL = a L  - a set of actions a, b, c  L Operations: NIL: rst = NIL +: rst = rst + rst prefix: rst = a; rst Laws: a + (b + c) = (a + b) + c a + b = b + a a + NIL = a ST + S T = S a

SDS Foil no 10 Parallel composition B = b; DA = a; C a E = A | B = a; (C | B) + b; (A | D) C b D a C|B b A|D A a B b A a B b E Note: a,b is visible outside E, but not connected

SDS Foil no 11 Interaction (or Synchronization) Complementing action pairs (a, a’) may interact Interaction is represented by  - the unobservable action Interaction is synchronous or rigid - like pushing a button Complementing action pairs (a, a’) may interact Interaction is represented by  - the unobservable action Interaction is synchronous or rigid - like pushing a button B = a’; DA = a; C a E = A | B = a; (C | B) + a’; (A | D) +  ;(C | D) C a’ D a C|B a’ A|D A a B a’ A a E C|D  B a’

SDS Foil no 12 Restriction (or hiding) The restriction operator \ serves to hide gates from the environment \a means hiding a and a’ from the environment The restriction operator \ serves to hide gates from the environment \a means hiding a and a’ from the environment B = a’; DA = a; C a E = (A | B)\a =  (C | D)\a C a’ D A a B A a E C|D\a  B a’ (A | B)\a = A||B

SDS Foil no 13 Basic CCS  - set of unmarked actions  ’ - set of marked actions L =  U  ’ - set of visible actions (labels) Act =  U  - total set of actions (labels) E - a process expression a – an action in L  – an action in Act Operators: E = NIL E = E + E choice (sum) composition E = a; Eprefix (sequence) composition E = E | E parallel composition E = E \ a restriction - hiding a and a’ in st E = E || Ecombined composition and restriction = S | T \A where A is the set of labels that have complements in S and T  - set of unmarked actions  ’ - set of marked actions L =  U  ’ - set of visible actions (labels) Act =  U  - total set of actions (labels) E - a process expression a – an action in L  – an action in Act Operators: E = NIL E = E + E choice (sum) composition E = a; Eprefix (sequence) composition E = E | E parallel composition E = E \ a restriction - hiding a and a’ in st E = E || Ecombined composition and restriction = S | T \A where A is the set of labels that have complements in S and T

SDS Foil no 14 What is the structure defined by E = R | S | T E = R | S | T \ b E = R | S | T \ b\d\g E = R || S || T Where: ??? E = R | S | T E = R | S | T \ b E = R | S | T \ b\d\g E = R || S || T Where: ??? b S a g T b’ g’ d R b’ d’

SDS Foil no 15 The results E = R | S | T E = R | S | T \ b E = R | S | T \ b\d\g E = R || S || T E = R | S | T E = R | S | T \ b E = R | S | T \ b\d\g E = R || S || T b S a g T b’ g’ d R b’ d’ E b S a g T b’ g’ d R b’ d’ E b S a g T b’ g’ d R b’ d’ E a

SDS Foil no 16 Try to expand yourself Given: A = a; A1 + b; A2 B= a’; B1 + b’; B2 expand: A|B = and: A|B\a,b = Given: A = b; A +  ; a’; A B =  ; b’; B + a; B expand: A||B = (Models two-way synchronised method calls) any problems? any lessons to be learned? Given: A = a; A1 + b; A2 B= a’; B1 + b’; B2 expand: A|B = and: A|B\a,b = Given: A = b; A +  ; a’; A B =  ; b’; B + a; B expand: A||B = (Models two-way synchronised method calls) any problems? any lessons to be learned?

SDS Foil no 17 Semantics - Labeled Transition Systems A labelled transition system (LTS) is a 4-tuple where: S is a (countable) non-empty set of states; L is a (countable) set of observable actions; T  S x (L U {  }) x S is the transition relation; s 0  S is the initial state There are several notations: Synchronization Trees are (graphical) notation for LTS CCS contains textual notation for LTS LOTOS is a textual notation for LTS A labelled transition system (LTS) is a 4-tuple where: S is a (countable) non-empty set of states; L is a (countable) set of observable actions; T  S x (L U {  }) x S is the transition relation; s 0  S is the initial state There are several notations: Synchronization Trees are (graphical) notation for LTS CCS contains textual notation for LTS LOTOS is a textual notation for LTS

SDS Foil no 18 and this LTS: Transitions and LTS These expressions: S 0 = a; S 1 S 1 = b + g; S 3 S 3 = d; S 0 define these transitions: These expressions: S 0 = a; S 1 S 1 = b + g; S 3 S 3 = d; S 0 define these transitions: S 0 = a; S 1 S 1 = b + g; S 3 NILS 3 = d; S 0 S0S0 a gb d

SDS Foil no 19 Transition Rules Transition rules define the precise semantics of each combinator: prefix, +, |, \, /, Transition rules may be seen as rewrite rules You apply the rules systematically to find out what may happen Transition rules define the precise semantics of each combinator: prefix, +, |, \, /, Transition rules may be seen as rewrite rules You apply the rules systematically to find out what may happen α; E E α→α→ Act E E’ α→α→ Com 1 α→α→ E|F E’|F F F’ α→α→ Com 2 α→α→ E|F E|F’ E E’ α→α→ Com 3 →→ E|F E’|F’ F F’ α’ → E j E’ j α→α→ Sum j α→α→ ∑ i in I E j E’ j (j in I) E E’ α→α→ Res α→α→ E\L E’\L ( α, α’ not in L)

SDS Foil no 20 Towards the expansion theorem only one transition at the time (interleaving semantics) include all possible transitions only one transition at the time (interleaving semantics) include all possible transitions u = a’; u 1 t | u = a; (t 1 | u) + b; (t 2 | u) + a’; (t | u 1 ) +  (t 1 | u 1 ) a’ a t 1 |u a’ t 2 |u t 1 |u 1  ab t = a; t 1 + b; t 2 t1t1 t2t2 u1u1 b t|u 1

SDS Foil no 21 Expansion theorem t =  i  i t i u =  k  k u k expansion without restrictions t | u =  i  i (t i | u) +  k  k (t | u k ) +   i  k’  (t i | u k ) expansion with restrictions A = a1 \ a2 \... t | u \ A=  i (  i    )  i (t i | u) \ A +  k (  k    )  k (t | u k ) \A +  (  i  k’ )  (t i | u k ) \A general expansion t = (t 1 | t 2 | … | t m ) \ A = … try it yourself t =  i  i t i u =  k  k u k expansion without restrictions t | u =  i  i (t i | u) +  k  k (t | u k ) +   i  k’  (t i | u k ) expansion with restrictions A = a1 \ a2 \... t | u \ A=  i (  i    )  i (t i | u) \ A +  k (  k    )  k (t | u k ) \A +  (  i  k’ )  (t i | u k ) \A general expansion t = (t 1 | t 2 | … | t m ) \ A = … try it yourself

SDS Foil no 22 Why bother with expansion? Finding errors: deadlocks, livelocks, etc. (validating internal interfaces) Checking properties: liveness, recurrence, etc Finding the external behaviour of a composite system D Checking the behaviour of a composite system D against specifications S Comparing systems: is S and D equivalent? can S and D replace each other seen from E? Finding systems satisfying a specified behaviour Finding errors: deadlocks, livelocks, etc. (validating internal interfaces) Checking properties: liveness, recurrence, etc Finding the external behaviour of a composite system D Checking the behaviour of a composite system D against specifications S Comparing systems: is S and D equivalent? can S and D replace each other seen from E? Finding systems satisfying a specified behaviour c D1 a g D2 c’ g’ b’ S a D E ea’

SDS Foil no 23 An example: specification and design of ATM Specification: ATM1 = gm; (m’; ATM1 + r’; ATM1) Design: ATMSYSTEM = ATM2 || BANK where: ATM2 = gm; ca’; (ok; m’; ATM2 + nok; r’; ATM2) BANK = ca; (ok’; BANK + nok’; BANK) Specification: ATM1 = gm; (m’; ATM1 + r’; ATM1) Design: ATMSYSTEM = ATM2 || BANK where: ATM2 = gm; ca’; (ok; m’; ATM2 + nok; r’; ATM2) BANK = ca; (ok’; BANK + nok’; BANK) ATM1 gm m’ r’ ATM2 gm m’ r’ BANK ca ok’ nok’ ca’ ok nok ATMSYSTEM gm m’ r’ Is ATMSYSTEM equivalent to ATM1? Is ATMSYSTEM compliant with ATM1? can ATMSYSTEM replace ATM1?

SDS Foil no 24 Expanding the ATMSYSTEM ATMSYSTEM = ATM2 || BANK where: ATM2 = gm; ca’; (ok; m’; ATM2 + nok; r’; ATM2) BANK = ca; (ok’; BANK + nok’; BANK) ATMSYSTEM = gm; (ca’; (ok; m’; ATM2 + nok; r’; ATM2))|| BANK = gm;  ok; m’; ATM2 + nok; r’; ATM2)|| (ok’; BANK + nok’; BANK) = gm;  m’; ATM2 )||BANK) +  r’; ATM2)||BANK)) = gm; (  m’; (ATM2 ||BANK) +  r’; (ATM2||BANK))) Is ATMSYSTEM equivalent to ATM1 = gm; (m’; ATM1 + r’; ATM1)? ATMSYSTEM = ATM2 || BANK where: ATM2 = gm; ca’; (ok; m’; ATM2 + nok; r’; ATM2) BANK = ca; (ok’; BANK + nok’; BANK) ATMSYSTEM = gm; (ca’; (ok; m’; ATM2 + nok; r’; ATM2))|| BANK = gm;  ok; m’; ATM2 + nok; r’; ATM2)|| (ok’; BANK + nok’; BANK) = gm;  m’; ATM2 )||BANK) +  r’; ATM2)||BANK)) = gm; (  m’; (ATM2 ||BANK) +  r’; (ATM2||BANK))) Is ATMSYSTEM equivalent to ATM1 = gm; (m’; ATM1 + r’; ATM1)?

SDS Foil no 25 Some behaviours are more equal than others Strong bisimulation: equally labelled transitions to states with equivalent behaviour (including  transitions): P ~ Q iff, for all α in Act : (i) Whenever P P’ then, for some Q’, Q Q’ and P’ ~ Q’ (ii) Whenever Q Q’ then, for some P’, P P’ and P’ ~ Q’ Weak bisimulation, observation equivalence ≈ P ≈ Q iff, for all α in Act : (i) Whenever P P’ then, for some Q’, Q Q’ and P’ ≈ Q’ (ii) Whenever Q Q’ then, for some P’, P P’ and P’ ≈ Q’ (ignoring  transitions) Trace equivalence: all traces are equal Strong bisimulation: equally labelled transitions to states with equivalent behaviour (including  transitions): P ~ Q iff, for all α in Act : (i) Whenever P P’ then, for some Q’, Q Q’ and P’ ~ Q’ (ii) Whenever Q Q’ then, for some P’, P P’ and P’ ~ Q’ Weak bisimulation, observation equivalence ≈ P ≈ Q iff, for all α in Act : (i) Whenever P P’ then, for some Q’, Q Q’ and P’ ≈ Q’ (ii) Whenever Q Q’ then, for some P’, P P’ and P’ ≈ Q’ (ignoring  transitions) Trace equivalence: all traces are equal α→α→ α→α→ α→α→ α→α→ α→α→ α^  α→α→ α^ 

SDS Foil no 26  - Laws a;  B ≈ a; B B +  B ≈  B a; (B +  C) + a;  C ≈ a; (B +  C)  B ≈ B but  B  ~ B a;  B ≈ a; B B +  B ≈  B a; (B +  C) + a;  C ≈ a; (B +  C)  B ≈ B but  B  ~ B

SDS Foil no 27 Relabelling B [b / a, c / b ] - replace a by b and b by c in B enables meaningful reuse of behaviour: B [b / a, c / b ] - replace a by b and b by c in B enables meaningful reuse of behaviour: B a b’ ThreePlaceBuffer = (B | B [b/a, c/b] | B [c/a, d/b]) \b\c = ?? expand it yourself! B = a b’ B a B b’ B a B b c’ B c d’ ThreePlaceBuffer

SDS Foil no 28 Data in CCS Buffer = in(x); Buffer’(x) Buffer’(x) = out(x)’; Buffer where x belong to some fixed value set V Buffer = in(x); Buffer’(x) Buffer’(x) = out(x)’; Buffer where x belong to some fixed value set V

SDS Foil no 29 Comparing with SDL What is different? Syntax Components Communication/synchronisation Data Time Object-orientation Semantics Mapping SDL on CCS - is it possible? How? What is different? Syntax Components Communication/synchronisation Data Time Object-orientation Semantics Mapping SDL on CCS - is it possible? How?

SDS Foil no 30 MSC and CCS From exam 1998: how to model this in CCS? a b ZYX MSC A –how to model each instance in CCS? –how to model the medium, i.e. the rule that output must precede input? –what is the resulting synchronisation tree when using the expansion theorem? –what if the medium is an SDL fifo queue? Any deadlocks possible?