Unifying Theories of Concurrency: CCSandCSP
description
Transcript of Unifying Theories of Concurrency: CCSandCSP
![Page 1: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/1.jpg)
Unifying Theories of Concurrency:
CCS and CSP
He Jifeng and Tony Hoare
BCTCS April 6, 2006
![Page 2: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/2.jpg)
Why?
• just for the sake of it– as a scientific achievement
• to explain differences between theories– and what they are good for
• to integrate more general toolsets– for coherence and consistency– in system design, implementation, ...
![Page 3: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/3.jpg)
A Transition System
• a set P of processes: nil, p, q, Lp,…
• a set A of observations: a, b, …– communications: x, y,...– hidden events: , ,...– meaningful barbs: ref(X), δ …
• a relation T P × A × P a {(p,q) | (p,a,q) T}
![Page 4: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/4.jpg)
ab
a c
ref(X)x
b
![Page 5: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/5.jpg)
Traces
• p q p = q
• p <a>s r q. p a q & q s r
• p s _ q. p s q
• traces(p) { s | p s _ }
![Page 6: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/6.jpg)
(Strong) Simulation
• ≤ is the weakest x P×P such that
a:A, x ; a a ; x– describes efficient model checking algorithm
• ≡ ≤ ∩ ≥
Theorem: ≤ and ≡ are pre-orders– Id and ≤ ; ≤ satisfy the defining equation
![Page 7: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/7.jpg)
Refinement
⊑ is the weakest x P×P such that
s:A*, x ; s s ; U
Theorem: ≤ ⊑– one defining equation implies the other
Theorem: p ⊑ q iff traces(q) traces(p)
![Page 8: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/8.jpg)
L : P → P
• is a link if it maps all processes of its source theory to all processes of its target theory.
• ≤ L L ; ≤ ; L
– i.e., p ≤ L q iff Lp ≤ Lq
• ⊑ L L ; ⊑ ; L
• Theorem: ≤ L , ⊑ L are preorders – L ; L = Id
![Page 9: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/9.jpg)
L is monotonic ≤ ≤ L
or equivalently:– p ≤ q Lp ≤ Lq , all p, q– ≤ ; L L ; ≤
consequently:– all order-theorems of source theory are valid
in the target theory
![Page 10: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/10.jpg)
L is idempotent L ; L ; ≤ = L ; ≤
or equivalently: – L(Lp) ≡ Lp , all p
consequently:– ≤ L = ≤ (restricted to target theory)
– Lp ≡ p iff p is in target theory
![Page 11: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/11.jpg)
L is decreasing L ≤
or equivalently:– Lp ≤ p , for all p – ≤ L ; ≤
consequently:– the target theory is more abstract– Lp is the closest abstraction of p within the
target theory.
![Page 12: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/12.jpg)
L is efficient L ; ≤ = ≤ L
or equivalently:– Lp ≤ q iff Lp ≤ Lq , all p, q
consequently:– to test : spec ≤ L imp,
model-check : L(spec) ≤ imp,– (as is done in FDR)
![Page 13: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/13.jpg)
L is a retraction iff
• it is decreasing ≤ L ; ≤• it is idempotentL ; L ; ≤ L ; ≤• it is monotonic ≤ ; L L ; ≤
Theorem: L is a retraction
iff L is efficient
iff L ; ≤ is a preorder
![Page 14: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/14.jpg)
quarter of the proof
• L is a retraction (L ; ≤) is a preorder
– Id (≤) (L ; ≤) {L dec}
– (L ; ≤ ; L ; ≤) (L ; L ; ≤ ; ≤) {L mon}
L ; ≤ {L idem}
![Page 15: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/15.jpg)
Weak Simulation
p =a=> q ----------------------- Wp <a> Wq
where ==> *
and =a=> * <a> * for a and * <> < > …
Theorem: W is a retraction
![Page 16: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/16.jpg)
The original graph
a
b
![Page 17: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/17.jpg)
W only adds transitionsso it is decreasing
a
bW
W
W
W
a
a
a
W
![Page 18: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/18.jpg)
W W adds no moreso it is idempotent
a
bW W
W W
W W
WW
a
a
a
W W
![Page 19: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/19.jpg)
(W; ≤ ) is weak simulation
Theorem: it is the weakest solution of the defining equations– x ; <a> * <a> * ; x, for a – x ; * ; x
• CCS/weak simulation is a retract (by W)
of CCS/strong simulation
![Page 20: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/20.jpg)
After
• p / s is the most general behaviour of pafter performing all of trace s
p s <a> _
-----------------------
p/s a p/(s<a>)
![Page 21: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/21.jpg)
The original graph
b c
a a
p
![Page 22: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/22.jpg)
The effect of _ /a
b
b c
c
a a
p/a
p/ac
p
p/ab
![Page 23: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/23.jpg)
Trace refinement
p a _ _ & p/a = q& p/a = q
-----------------------------
Tp a Tq
Theorem: T is a retraction
and (T ; ≤ ) = ⊑
![Page 24: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/24.jpg)
The original graph
b
b c
c
a a
p/a
p/ac
p
p/ab
![Page 25: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/25.jpg)
The effect of T
b
b c
c
a a
T(p/a)
T(p/ac)
Tp
T(p/ab)
a
![Page 26: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/26.jpg)
CSP is a retract of CCS
Theorem: (W;T) is a retraction
and (W; T; ≤) is CSP trace refinement
Conclusion: CSP/trace refinement is a retract of CCS/weak simulation.
![Page 27: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/27.jpg)
ref(X) is a refusal
where X is a set of communications
x X {}
p x _ p x q
-------------------- ---------------
Rp ref(X) Rp Rp x Rq
Theorem: (R ; ≤ ; R) is ⅔ simulation
![Page 28: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/28.jpg)
Divergences
p p' p'' … forever------------------------------------------
Dp δ Dr & Dp a Dr
p a q--------------- Dp a Dq
Theorem: D is a retraction
![Page 29: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/29.jpg)
CSP/FDR = L(CCS /≤)• where L = D ; R ; W ; T is a retraction
– with respect to ≤D;R
• L is defined by SOS transition rules.
• CSP healthiness conditions are expressed
p ≡ L(p)
• CSP refinement coincides with simulation
• variations of CSP and CCS defined by
selection from: T, D, R, W,…
![Page 30: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/30.jpg)
CCS
• is more general– applies to all edge-labelled graphs
• has less laws– the minimum reasonable set
• is less expressive– uses equivalence rather than ordering
![Page 31: Unifying Theories of Concurrency: CCSandCSP](https://reader036.fdocuments.us/reader036/viewer/2022062321/56813626550346895d9d9db2/html5/thumbnails/31.jpg)
CSP• describes distributed computing
– graphs restricted by healthiness conditions
• has more laws– for optimisation and reasoning– the maximum reasonable set
respecting deadlock and divergence
• is more expressive– ordering represents correctness– and refinement of system from specification