Advanced Topics in SE Spring Process Algebra Hossein Hojjat Formal Methods Lab University of Tehran

Advanced Topics in SE Spring Introduction The lambda calculus models the functional computation completely Lambda calculus is unique: There is only one way to observe a functional computation –watch which output values yields when presented with different input values But the concurrent computation is not neat as functional There are many aspects to concurrent programming

Advanced Topics in SE Spring Introduction (cont.) Concurrent systems can be described in terms of many different constructs For creating processes –fork/wait –cobegin/coend, etc. Exchanging information between processes –shared memory –rendezvous –message-passing –data flow, etc.

Advanced Topics in SE Spring Introduction (cont.) For managing the shared resources –semaphores –monitors –transactions This variability has rise to a large class of formal systems: Petri nets, event structures, actor model,… In the process algebra approach every thing is considered to be a process

Advanced Topics in SE Spring Introduction (cont.) We need not distinguish between –active components like senders and receivers –passive components such as communication media All of the processes interact via synchronous message passing This is the only basic mode of interaction

Advanced Topics in SE Spring Process Algebra Process –A behavior of a system –A system is anything showing behavior –Software system, actions of a machine, etc. Algebra –We take an algebraic/axiomatic approach in talking about processes –By using axioms, we can perform calculations with processes

Advanced Topics in SE Spring Process Algebra: Automata Theory Extension An automata has a number of states and a number of transitions There are some initial and final states A behavior is a run: a path from initial state to final state Two automata are equivalent when their languages are equal

Advanced Topics in SE Spring Process Algebra: Automata Theory Extension (cont.) The automata model lacks the notion of interaction During the execution from initial to final state, a system may interact with other systems This is needed in modeling the reactive systems

Advanced Topics in SE Spring Well Known Process Algebras In the early eighties, Milner introduced CCS, Hoare introduced CSP and Bergstra introduced ACP π calculus: In 1989, Milner extended CCS to take full advantage of named channels PEPA (Performance Evaluation Process Algebra): a stochastic process algebra Ambient calculus: a process calculus used to describe and theorize about concurrent systems that include mobility

Advanced Topics in SE Spring CCS The Calculus of Communicating Systems (or CCS) is a process calculus developed by Robin Milner This lecture mainly focus on the CCS process algebra

Advanced Topics in SE Spring The language CCS Processes are called agents, built from a set of actions Actions can be: –Observable, represented by letters a, b, etc. –Unobservable (silent), marked by τ Observable actions –a, b, … input actions –a, b,… output actions Input action a and output action a are complementary

Advanced Topics in SE Spring The language CCS (cont.) If a means the reception of message a from the “in” port, the action a denotes the writing of the message to the “out” port The following identity describes how the complementation of messages works –a = a The most basic operator is 0 (read nill) –Performs no action whatsoever

Advanced Topics in SE Spring Operations Agents may be constructed by employing process algebraic operations on other agents There are primarily five different methods of constructing agents –Action prefixing –Choice operator –Parallel composition –Restriction –Relabeling

Advanced Topics in SE Spring Action Prefixing The most basic process constructor in CCS is action prefixing If a is an action and P is a process, then a.P is a process The "." here is called "action prefixing" and denotes sequentialization –P becomes active only after the action a has been performed a.P → a P

Advanced Topics in SE Spring Example Match = strike.0 def CM = coin.coffee.CM def Clock = tick.Clock def

Advanced Topics in SE Spring Choice Operator If P and Q are processes, then so is P + Q The process P + Q has the initial capabilities of both P and Q Choosing to perform initially an action from P will preempt the further executions of actions from Q, and vice versa

Advanced Topics in SE Spring Example CTM = coin.(coffee.CTM + tea.CTM) tea coffee After having input a coin, the process CTM is willing to deliver either tea or coffee It depends upon the customer’s choice

Advanced Topics in SE Spring Parallel Composition Let Q and R be processes, (Q | R) is a process The semantics of parallel composition: 1. If M M’, and N cannot perform α, then M | N M’ | N 2. If N N’ and M cannot perform α, then M | N M | N’ 3. If M M’, and N N’, then M | N M’ | N’ → α → α → α → α → α → α → τ

Advanced Topics in SE Spring Example CM = coin.coffee.CM def CS = pub.coin.coffee.CS def CS | CM

Advanced Topics in SE Spring Communication The computer scientist and coffee machine may communicate via the ports Given two CCS expression P and Q, the process P | Q describes a system which –P and Q may proceed independently –May communicate via complementary ports

Advanced Topics in SE Spring Example CMCS coin coffee coin pub CM | CS CM|CS|CS’ CMCS coin coffee coin pub CS’ coin coffee pub

Advanced Topics in SE Spring Restriction Let Q be a process and Σ be a set of visible actions, τ  Σ. Then (Q) \ Σ is a process If Q Q’ and α  Σ, α  Σ, then ((Q) \ Σ) ((Q’) \ Σ) Process (Q) \ Σ is like Q, but it cannot execute actions in the set Σ or their complement actions The scope of port names in Σ is restricted to Q → α → α

Advanced Topics in SE Spring Example ((CM|CS)\coin\coffee)|CS’ CMCS pub CS’ coin coffee pub

Advanced Topics in SE Spring Relabeling Let Q be an agent and Σ the set of its visible actions, τ  Σ Let Σ’ be a set of actions and let m: Σ U {τ }→ Σ U {τ’ } such that m(τ) = τ and  α ≠ τ : m(α)=m(α). Then P ::= Q[m] is a process If Q Q’ then Q[m] Q’[m] Process P is like Q, but it actions have obtained by mapping the actions Q through m → α → m(α)

Advanced Topics in SE Spring Example VendingMachine = coin.item.VendingMachine CokeMachine = VendingMachine[coke/item] def CoffeeMachine = VendingMachine[coffee/item] def

Advanced Topics in SE Spring Algebraic Operator Precedence 1. Restriction and relabeling “P\L” “P[f]” 2. Action prefixing “α.P” 3. Parallel composition “P|Q” 4. Summation “P+Q” –Q: How is “R+a.P|b.Q\L” then to be read ? –A: “R+((a.P)|(b.(Q\L)))” ! tightest

Advanced Topics in SE Spring Semantics 1. Operational Semantics –Specifies the behavior of a programming language by defining a simple abstract machine for it 2. Denotational Semantics –Map programs to denotations –Denotations are abstract representations details 3. Axiomatic Semantics –Instead of first defining the behaviors of programs and then deriving laws from this definition, take the laws themselves as the definition of the language

Advanced Topics in SE Spring SOS Structural Operational Semantics Developed by Gordon Plotkin in 1981 Represents computation by means of deductive systems These systems turn the abstract machine into a system of logical interferences With SOS semantics definitions are given by inference rules

Advanced Topics in SE Spring Inference Inference rule consists of a conclusion that follows from a set of premises, possibly under control of some conditions premise 1 premise 2 …premise n conclusion condition

Advanced Topics in SE Spring SOS of CCS The prefix is the only axiom in the system The parallel composition requires two symmetric rules: So as choice operator: α.Pα.PP α PP’ α P | QP’ | Q α QQ’ α P | QP | Q’ α PP’ P + QP’ α α QQ’ P + QQ’ α α

Advanced Topics in SE Spring SOS of CCS (cont.) Communication may happen when compatible prefixes are allowed Restriction and relabeling rule PP’ α P | QP’ | Q’ τ QQ’ α PP’ α P \ LP’ \ L α α, α’  L PP’ P [ f ]P’ [ f ] f(α) α

Advanced Topics in SE Spring Labeled transition system SOS formally defines for each process term the labeled transition system that it stands for A labeled transition system (LTS) is a triple (S, Act, →) consisting of a set S of states a set Act of (action) labels a transition relation →  S × Act × S if (s,α,s’)  → we write s s’ α

Advanced Topics in SE Spring Example C0=is_0?. C0 + set_1. C1 + set_0. C0 C1=is_1?. C1 + set_0. C0 + set_1. C1 C0C1 set_1 set_0 is_0? set_1 is_1?

Advanced Topics in SE Spring Next session –simulation –bisimulation –branching bisimulation