Nondeterminism and divergence created by concealment in CSP

(1)

Nondeterminism and divergence created by concealment in

CSP

Citation for published version (APA):

Verhoeff, T. (1986). Nondeterminism and divergence created by concealment in CSP. (Computing science notes; Vol. 8606). Technische Universiteit Eindhoven.

Document status and date: Published: 01/01/1986

Document Version:

Publisher’s PDF, also known as Version of Record (includes final page, issue and volume numbers)

Please check the document version of this publication:

• A submitted manuscript is the version of the article upon submission and before peer-review. There can be important differences between the submitted version and the official published version of record. People interested in the research are advised to contact the author for the final version of the publication, or visit the DOI to the publisher's website.

• The final author version and the galley proof are versions of the publication after peer review.

• The final published version features the final layout of the paper including the volume, issue and page numbers.

Link to publication

General rights

Copyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights. • Users may download and print one copy of any publication from the public portal for the purpose of private study or research. • You may not further distribute the material or use it for any profit-making activity or commercial gain

• You may freely distribute the URL identifying the publication in the public portal.

If the publication is distributed under the terms of Article 25fa of the Dutch Copyright Act, indicated by the “Taverne” license above, please follow below link for the End User Agreement:

www.tue.nl/taverne Take down policy

If you believe that this document breaches copyright please contact us at: openaccess@tue.nl

providing details and we will investigate your claim.

(2)

by

Tom Verhoeff

86/06

(3)

COMPUTING SCIENCE NOTES

This is a series of notes of the Computing Science Section of the Department of

Mathematics and Computing Science of Eindhoven University of Technology.

Since many of these notes are preliminary versions or may be published elsewhere, they have a limited distribution only and are not for review.

Copies of these notes are available from the author or the editor.

Eindhoven University of Technology

Department of Mathematics and Computing Science P.O. Box 513

(4)

Tom Verlweff

Department of Mathematics and Computing Science Eindhoven University of Technology

Eindhoven, The Netherlands September 1986

ABSTRACT

In [0) the notion of a process is defined. Deterministic processes form

a special subclass of processes. Nondeterministic processes can be obtained from deterministic ones by combining them, for instance, with the choice operator. They can also be obtained by concealment. Apart from their kind of nondeterminism, processes are distinguished by their divergences.

Divergent processes can be created from non divergent ones by unguarded

recursion or by concealment.

This paper shows that any CSP process can be obtained from a suit-ably chosen deterministic CSP process by concealment. The proof is given in the form of an explicit construction. We use the notation and some results of [1), especially relevant is Section 5.3. The reader is assumed to be familiar with CSP [0] and Trace Theory [1].

o

INTRODUCTION

Trace Theory identifies processes that in CSP are distinguished. CSP uses a more refined notion of processes in order to express deadlock and live lock properties under a number of operators. A notoriously difficult operator in Trace Theory is projection, which corresponds to the concealment operator of CSP.

The question that triggered the investigation reported in ,this paper is: Which of the addi-tional features of CSP processes can be considered as having been "caused" by projection? A related question is: In how far are the additional distinctions that CSP offers relevant from the point of view of Trace Theory?

The answer to the first question will be: All of them, since all varieties of CSP processes can be obtained by projecting suitable deterministic processes. The processes of Trace Theory can be identified with the deterministic CSP processes (see [1), Section 5.3). Hence, the second question is answered with: All the way, if one is interested in projection.

(5)

2

-In Section 1 we have collected the most important definitions and a few general properties. Section 2 contains the major result of this paper and its proof in the form of a construc-tion. This construction is applied to some examples in Section 3. while Section 4 presents some alternative constructions. In Section 5 the construction is explained further in terms of state graphs. Section 6 is the conclusion. The appendix presents a different-but for us more useful-formulation of the main theorem of Section 5.3 in [1].

1 PRELIMINARIES

This section establishes the background necessary to formulate the problem and our solu-tion. It does not give additional explanatory interpretations of the definitions. The fol-lowing notions are defined formally: TT-process (process in the sense of Trace Theory). eSP-process (possibly nondeterministic divergent process in the sense of CSP). correspon-dence between TT -processes and eSP-processes. successor set. deterministic eSP-process, projection of eSP-process (called concealment in CSP). Some auxiliary formulae for pro-jection are derived.

A TT-process is a pair <A, V

>

where

A is a set of symbols V is a subset of A

*

such that (alphabet) (traces) eEV (TO) tu E V

*

t E V (Tl)

Let T be a TT-process. When T

=

<A, V

>.

we write aT for A and tT for V. For trace

t , t E tT , its successor set S(t, T) is defined by

Set ,T)

=

{a E aT I ta E

tTl

A esp-process is a triple

<

A ,F ,D > where

A is a set of symbols

F is a set of pairs (t , X) where tEA

*

and X ~ A

D is a subset of A

*

such that (e,0)EF (tu,X)EF

*

(t,0)EF (t,X)EF II Y ~ X

*

(t,Y)EF (t , X ) E F II a E A

*

(t , X U {a }) E F V (ta, 0) E F (alphabet) (failures) (divergences) (CO) (el) (e2) (e3)

(6)

D k {t

I

(t .0) E F)

tED 1\ uEA*~ tuED tED 1\ X k A ~ (t. X) E F

(e4) (e5) (e6) Notice that e4 is actually superfluous since e6 implies e4. For a pair (t . X). (t . X) E F . we call X a refusal set of t .

Let P be a eSP-process. When P

=

<A . F . D

>.

we write aP for A . f P for F. and dP for D.

For a eSP-process P the corresponding TT -process is denoted by tr (P) and is defined by

tr(P)= <aP.{t ICt.0)EfP}>

We write tP as short for ttr (P); e4. for instance. expresses that dP k tP. The succes-sor set Set . tr (p)) is also denoted by set . p). From the definition of tr we see that

Set . P)

=

{a E aP

I

(ta .0) E f p}

A consequence of e3. which we shall need later on. is

(t .X)EF ~ (t.X U (A \S(t .P)))EF (e3a)

Let T be a TT-process. Following [1] the eSP-process corresponding to T is denoted by

pr (T) and is defined by

pr (T)

=

<

aT. {(t. X)

I

t E tT 1\ X k aT\ set . T) l. 0

>

The conjunct X k aT\S(t .T) is equivalent to X kaT 1\ X

n Set .T)

=

0 and also to X k aT 1\ Set .T) k aT\X. Therefore we have

pr (T)

=

<

aT. {Ct. X)

I

t E tT 1\ X k aT 1\ sCt. T) k aT\ X }. 0> (PR)

From the definitions of pr and tr it follows that tr is a left inverse of pr. i.e.

tr (prCT))

=

T (INV)

A eSP-process P is called divergent when dP"'0. P is called deterministic when

(A t.X; : (t .X)EfP

==

X ~ aP\S(t .P)) 1\ dP

=

0

that is. when

(n

it may refuse only those actions that it cannot engage in anyway and (in it is not divergent. In the light of C5 and C6 the second conjunct may be dropped when

aP ~ 0. because in that case it is implied by the first conjunct. Determinism of P can also

be expressed more concisely by

(7)

4

-For every TT -process T. pr (T) is deterministic on account of INV. We also see that every

deterministic eSP-process P corresponds to some TT -process. viz. tr (P). The class of deterministic eSP-processes can. therefore. be identified with the class of TT-processes.

Let P be a CSP-process and let B be a subset of aP. Define C as the complement of B

with respect to aP. that is C

=

aP\B. The projection of P on B. denoted by P

t

B. is the

CSP-process <As.Fs.Ds

>

where

As

=

B

Fs

=

{(u. X)

I

u E Ds " X ~ B} U

{ (t

t

B . X ) I (t . X U C ) Ef P " X ~ B }

Ds

=

(dPtB) U

{(dB)v

I

(A n : n ~O: (E s : s EC* " I(s » n : Is EtP)) " v EB*}

In the terminology of [0] this is called P witlwut C. written as P\C. It corresponds to

the concealment or hiding of events of C in the process P.

Let T be a TT-process and let B be a subset of aT. We now compute pr (T)

t

B. Write

pr(THB as <As.Fs.Ds>. DefineC asaT\B. NoticethatforX~B.aT\(XUC)

equals B\X. Substituting PR in the equations for projection yields

As

=

B (HO)

Fs

=

{(u . X)

I

u E Ds " X ~ B} U

{ (t

t

B . X)

I

t E tT " X ~ B " S(t. T) ~ B \ X} (HI)

DB={(ttB)vl(An:n~0:(E5:sEC*" l(s»n:tsEtT))" vEB*} (H2)

Example

The alphabets A and B . and the TT -process T are defined by

A

=

{a.b.c}

B={a.b}

T

=

<A. {E.a.c.cb}>

The CSP-process corresponding to T. and the projection of this eSP-process on B. denoted

by Po. are given by

pr(T)= <A. clos{(E.{b)). (a.A). (c.{a.c)). (cb.A)). 0>

Po= pr(T)tB

=

<B. clOS{(E.{a)). (a.B). (b.B)}. 0>

where c10s is the closure operator on failure sets defined by

(8)

The TT-process T

r

B and its corresponding CSP-process are given by

TrB

=

<B. {e.a.b}>

pr(rrB)= <B. clos{(e.0). (a.B). (b.B)). 0

>

Notice that here we have Ir (Po)

=

T

r

B . but that Po'" pr (T

r

B). Consequently. Po is not

deterministic.

In the notation for CSP used in [0] the above three CSP-processes would be written as fol-lows.

pr(T)= (a .... STop)l(c ....

(b ....

STOP))

Po

=

((a .... STOP)

I

(b .... STOP))n(b .... STOP)

pr (Tr B)

=

(a .... STOP)

I

(b .... STOP) (End of Example)

2 CONSTRUCTION

Given is a CSP-process Q . Q

=

<

B . G . E

>.

The problem is to find-if possible-a deter-ministic CSP-process P for which P

r

B = Q. Since each deterministic CSP-process corresponds to a TT-process. we construct a TT-process T with B ~ aT such that

pr(THB

=

Q (CLAIM)

The construction of T is carried out in two stages. First it is assumed that E

=

0; that is. Q is not divergent. In the second stage the construction is extended to divergent Q. T is

not uniquely defined by CLAIM. Our construction is only one way of defining a suitable

T. In Section 4 we shall discuss some alternatives. 2.0 First Stage

Assume E = 0. Let cx. for X ~ B. be a fresh symbol and define alphabet C as

{ Cx

I

X ~ B}; we then have B

n

C = 0. The intuitive meaning of symbol Cx will be that immediately after its occurrence the process refuses symbols from X. When C is hidden it means that the process may refuse symbols from X in such a state.

For aT we take B U C . and tT is defined inductively by

eEtT (PO)

For lEtT where I does not end in a symbol of C . and (I

r

B . X ) E G : Icx E tT (PI)

For lEtT where I ends in symbol cx. and b E S(I

r

B . Q ) \ X: Ib E tT (P2)

That this is a sound definition requires a proof. We shall not cover all details. but we do make the following remarks in support of the definition.

The cases PO. PI. and P2 are mutually exclusive; that is. a trace is a member of tT on

(9)

6

-SCt r B . Q) in P2 is well-defined. Notice that T is indeed a TT -process: TO is implied by

PO. and TI is satisfied because PI and P2 extend traces with a single symbol only.

Because SCt r B . Q) k B we see that symbols of Band C alternate in the traces of tT. not

starting with a symbol of B. This is concisely expressed by

(ALT)

Example

Below is given the state grapb of the TT -process To that the construction would yield

when applied to the CSP-process Po of the example in Section 1. A double arrow labeled with a list or a set of symbols is an abbreviation for "parallel" arrows. each labeled with a symbol from that list or set.

(End of Example)

Let us return to the correctness proof for the construction. Again writing pr (T

H

B as

<AB . FB . DB> our proof obligation for CLAIM reduces to

The first of these is trivially fulfilled (see HO). The third line follows from H2 and ALT.

Before proving the second line we derive three properties of the successor sets of T.

Let t be a trace in tT that does not end in a symbol of C. Distinguish two cases. If t

=

e

then (trB .0)

=

(e.0)EG by CO. Otherwise suppose t

=

tob with b EB. Observe that tob E tT can only hold on account of P2. Therefore bE S(tor B . Q) holds. that is

((tor B )b .0) is a member of G. Since (tor B)b

=

tob r B

=

t r B . we have (t r B . 0) E G. PI

can. therefore. be applied to t with X

=

0. This shows that

For t E tT where t does not end in a symbol of C

(10)

On account of PI we have

For t E tT where t does not end in a symbol of C

S(t.n= {cx l(trB.X)EG} (St)

And similarly. on account of P2. we have

For t E tT where T ends in symbol Cx for some X <;;; B

set .

n

=

set

r

B . Q )\ X <;;; B \ X (S2)

Now we are ready to prove FB

=

G. First we show that FB <;;; G.

Assume (u . X)E FB with X <;;; B, Since DB

=

0 there is (see HI) a trace t . t E tT. such

that u

=

trB and Set .T) <;;; B\X, From SO and Set .T) <;;; B we infer that t ends in a

symbol of C, Say t

=

toCy for some Y <;;; B, We now derive

S(t.n <;;; B\X

{ set calculus}

X

n Set .n=

0

{ S2. using t

=

toCy X

n

(S(d B.Q )\Y)

=

0

{ set calculus. using X <;;; B; t

r

B

=

u

.J

X <;;; YU(B\S(u.Q»

Finally we derive

toCy E tT

~ { PI}

(torB .Y)EG

{ property of projection for traces} (tocrr B. Y)E G { t

=

toc,' } (trB .Y)EG {u=trB) (u .Y)EG { C3a}

(u.Y U (B\S(u .Q»)EG

~ { C2. using X <;;; Y U (B \ S(u . Q» as derived above}

(u .X)EG

This concludes the proof of FB <;;; G, We proceed by showing by mathematical induction on the length of trace _{u that (u. X)E G implies (u. X)E FB ,}

Let (u .X)EG with X <;;; B, On account of HI and DB = 0 our proof obligation. i.e,

(11)

set .

T) k B \

x .

Base u = E. Take t = cx. We derive true

{ PO } EEtT

{Pl. using (E.X) = (u .X)EG

Cx EtT

{t

=

Cx

t EtT

8

-From S2 we infer S(t.T)k B\X. hence. by HI. we have (dB.X)EFB • Since

u = E = Cx r B = t r B . we have (u . X ) E F B .

Step u = uob with b EB. We derive (uob.X)EG

*

{

C! }

(uo.0)EG

*

{

induction hypothesis}

(uo.0)EFB

Also taking into account H! and DB = 0. there exists a trace to E tT with Uo = tor Band

S(to.T) k B. From the latter together with SO it follows that to ends in c,· for some

Y k B . say to = t I CJ' . Define I = t I cobey. Notice that b E S(uo. Q ). since

(u ob.0)= (u.0)EG byC!. Now we derive 10E tT

{ 10

=

Ilc,· IlcJ'EtT

{ T1 }

tl E tT

{ SO. using that II does not end in a symbol of C

t]coEtT

{P2. using b ES(uo.Q)= S(t]corB .Q)\0 }

t]cob EtT

{ PI. using (I,

coH

B . X) = (uob. X) = (u . X)E G

tlcobcx E tT

{ choice of I tEtT

By S2 we have S(t. T) k B \ X . Combining this with t E tT and using HI yields

(12)

We have now shown that G <:;; _{F B .}which completes the proof of FB

=

G. 2.1 Second Stage

For a nondivergent process we have presented a construction of a deterministic CSP-process from which it can be obtained by concealment. We now consider the general case. Let Q. Q

=

<B.G.E

>.

be a CSP-process and assume that

S

is a TT-process such that

pr(S)

r

B

=

<B.G. 0

>.

The TT-process T is defined by

T= <aSU{c}. tSU{tc" ItEtS 1\ dBEE 1\

n>OI>

where c is a fresh symbol. c V. as. Notice that T raS

=

S. and that for trace t. t E tT.

set . T) =

set . S)

set .S)U {e} {c

I

if t E tS and t

r

B

v.

E

if t E tS and t

r

BEE

if t V. tS

(S3)

We prove that pr(TH B

=

Q. Write pr (TH B

=

_{<AB .FB . DB>' Our proof obligation}

reduces to

AB

=

B

FB = G

DB =E

The alphabets are correct on account of HO. We prove DB

=

E.

(E <:;; DB) Let u E E. From C4 we infer (u. 0)E G. Since G is also the failure set of the non divergent process pr (S)

r

B. there exists (see HI) a trace t. t E tS. such that

u

=

t

r

B. For any n . n

>

O. we have tc" E tT and. hence. by H2. u

=

t

r

BE DB' (DB <:;; E) Let u E DB' On account of H2 we have u

=

(t

r

B)v where v E B

*

and

(A n : n ;;, 0: (E s : s E (a T \ B)* 1\ 1 (s )

>

n : ts E t T )) (2.1.0)

Because pr (S

H

B is not divergent u E d(pr (S

H

B). Hence (by H2) there is a number N. N ;;'0. such that

(As:sE(aS\B)*/\ (traS)sEtS:I(s)~N) (2.1.1)

Taking n

=

N. let s be a trace according to (2.1.0). Since TraS

=

S and using (2.1.1) we see that I (daS )~N <I (s). Therefore s contains a symbol from

(aT\B )\as. that is. s contains the symbol c. This proves the existence of a trace

So. soE(aS\B)*. such that tSocEtT. From the construction of T and cE as we

then infer t r B

=

tsoc r BEE. Hence. by C5. we have u

=

(t r B )v E E.

Finally we prove FB

=

G.

(F B <:;; G) Let (u . X ) E F B' Distinguish two cases.

(13)

-

10-Case _{ur[DB . By HI we can take lEtT such that u =/tB and S(/.T)!:;; B\X.} Since

It

B = u r[ DB = E. we have lEtS. Looking at S3 we see that

S(I . S) = S(I . T). Hence (by HI) (I

t

B . X ) E G . G being also the failure set of

pr(SHB.

(G _{!:;;FB ) Let (u.X)EG. Sincepr(SHB= <B.G.0> wehave.byH1.u=/tB for}

some lEtS with S(I . S) !:;; B \ X .

CaseuEE=DB . Then (u.X)EFB by HI.

Case u r[ E. Then S(I . T) = S(I . S) !:;; B \ X. From HI we now infer (u . X)E _FB.

This concludes the constructive proof of the Projection Theorem

For every CSP-process Q there exists a deterministic eSP-process P such that P taQ

=

Q.

3 EXAMPLES

Before presenting variations of our construction we give some examples. Consider the

eSP-process P, defined by

P,

=

<!ao.a,.b)

.clos!(e.!ao.a,)).(e.!b)). (ao.aP,). (a,.aP,). (b.aP,))

.0

>

The state graphs for TT-processes TJ and U, are given below. T, is the result of the

con-struction of Section 2 applied to P,. and U, is a different TT -process with

(14)

,

V,

Next consider the eSP-process P2 given by

P

2

=

<Ia.b}, dosl(E.aP2 ). (a.aP2 ). (b.aP2 )}. 0>

Applying the construction to P₂ yields TT -process T2 ; an alternative with smaller alpha-bet is TT -process U 2 .

- - - _

...

__

.

-7;

_•

.,.

C~

..

.

b

.,

.

C{b}

Co

ill

• _Cl

.,.

;

.

1>,

Co

(15)

-

12-Before giving an example with a divergent eSP-process we present the "almost divergent"" eSP-process F 3:

F3 = <{a}

.{(an.X)ln~OA X!:;; {a}A (n=O~X=0))

. 0

>

Again we give two TT -processes: T3 as obtained by the construction and a slightly

simplified U₃for which also pr(U3HaF3

=

F3 .

C¢

Cl

C{<\} Cl

• .

.

..

.

_•

•

• '--./

7;

C~

U

₃

Finally. we come to the divergent eSP-process F.:

F.

=

<{ a}

{(an.X)ln~OA X!:;; {a}A (n=O~X=0)) {anln~l}

>

Co

Oct

.,.

.

Notice that aF3

=

aF. and f F3

=

f F.- TT-process T. was obtained by applying the

second stage of the construction to TT-process U3 of the previous example. TT-process U4

is also sa tisf actory_

Cl

_Co.C

0 c

• - - -... I!:. ; •

(16)

4 ALTERNATIVE CONSTRUCTIONS

In this section we point out some variations on our construction that. in general. give rise

to TT-processes with smaller alphabets and trace sets. The proofs are slightly more com-plicated and have been omitted.

Let us start with the first stage. Consider the extra symbol co. The alphabet aT\ {co

l.

which we shall denote by A. is transparent (see Appendix) with respect to T on account of SO and S2. Therefore. T

r

A also satisfies our requirement. since

prCT

rA

HB

=

{

Transparency Theorem (see Appendix). using transparency of A

(pr(THA

HB

=

{

property of projection. using B ~ A }

pr(THB

=

{

construction of T }

Q

For the TT-process T

r

A property ALT does not hold. since SI is no longer valid. but S2 remains true. The trace set of T

r

A can also be defined inductively by replacing PI with PIa:

For t E tT where T does not end in a symbol of C: if (dB.X)EfQ /\ X;e'" then tcxEtT. and if b E Set

r

B . Q) then tb E tT

(PIa)

A further reduction of the trace set is possible by considering for each trace only its

maxi-mal nonempty refusal sets that are a subset of the successor set. For trace u . u E tQ . these refusal sets are collected in the set M(u.Q) as expressed by the following definition.

M(u.Q)= {XI(u.X)EfQ /\ ",;eX ~ S(u.Q) /\

(AY:(u.Y)EfQ /\ X~Y~S(u.Q):X=Y)}

For trace u . u E tQ . we then have {X l(u.X)EfQ}

=

{

C2 and C3a. using u E tQ

{X I X = '" V (E Y : Y E M(u.Q): X ~ Y U (aQ\S(u.Q ))) }

That is. u's refusal sets are completely determined by S(u.Q) and M(u.Q). The intended additional reduction is accomplished by replacing PI with PI b:

For t E tT where T does not end in a symbol of C : if X EM (t

r

B . Q) then tcx E tT. and

if b E S (t

r

B . Q ) then tb E tT

(17)

-

14-Notice that when using the construction based on PI b a trace is not extended with a sym-bol of C when it cannot be extended with symsym-bols of B. since S(u. Q)

=

0 implies

M(u.Q)= 0.

The last reduction for the first stage that we present is based on the following observation. A trace t . t E tT. that does not end in a symbol of C need only be extended with those symbols of Set

t

B . Q) that do not occur as successors after the extension of t with some symbol of C. Recall that the successors of tcx are given by S2 as S(tcx

t

B . Q)\ X . which equals Set

t

B .Q) since Cx E B. Now define for trace u . u E tQ. the set R (u . Q) as

R (u . Q )

=

S(u . Q ) \ (U X : X EM (u . Q ) : S(u . Q )\ X)

We can simplify this definition by applying De Morgan's Law:

R (u . Q)

=

(n X : X EM (u . Q) : X)

where an intersection over an empty range is taken to be S(u. Q). All reductions are thrown together in PIc:

For t E tT where t does not end in a symbol of C :

if X E M

(rt

B . Q) then tcx E t T. and if b E R (t

t

B . Q ) then tb E tT

(PIc)

With any of the modified definitions proposed above the symbol Co does not occur in the traces of tT. Symbols that never occur can be removed from aT without affecting the

projection of the eSP-process corresponding to T. In fact. the alphabet C can often be reduced even further .. Its size need not exceed

(MAX t : t E tT : # (S(t . T)\ B))

since the only function of the symbols in C is to distinguish among the possible extensions

of each trace separately, they do not relate the extensions of different traces. For an

exam-ple see eSP-process P2 of Section 3. In the constructed TT -process T2 we could have taken the same symbol for cia 1 and C1b) (but different from CO).

To clarify the differences between PIa. Plb. and PIc. we present the state graphs of the TT-processes constructed for the eSP-process Po of Section 1. They are called _{Tao. Tbo.}

(18)

..

a,b

C; faj J c{

1,1'

a,b

a

.

~.

cl",~J

_>.

.~

.

.~.

~.~

c~.~

Tao

no

Teo

The second stage also allows some reductions. An alternative definition of T given S is T=<aTU{e}

.{IEtSlltBEE} U {Ie" IIEmin(S.B.E) II n;'O}

>

where c is a fresh symbol if as

=

B. otherwise c EaS\B; and min(S.B .E) is the set of minimal traces in tS (with respect to the prefix order) for which the projection on B is in

E, that is

min(S.B.E)= {tEtSI(Au:u ~t II utBEE:t =u)}

This definition of T relies for its correctness on the fact that DB and FB in H2 satisfy C5

and C6. no matter what T is projected. For instance. the TT -process U. was constructed with this new definition.

5 STATE GRAPHS

A convenient representation of a TT -process is its state graph. This representation is based

on the following equivalence relation.

Let T be a TT -process. Traces t and u . t E tT and u E tT. belong to the same stale of T. denoted by I eT U • when

(A v : v E (aT)* : Iv E tT

==

uv E tT)

Many definitions and properties of TT-processes can also be expressed in terms of their

states. i.e .. sets of equivalent traces instead of individual traces. A similar relation is

pos-sible for CSP-processes.

Let P be a CSP-process. Traces I and u . I E tP and u E tP. belong to the same slale of P. denoted by t e p u . when

(19)

16

-where the function

f

maps traces over aF on pairs consisting of a subset of

Fowerset (aF) and a Boolean. as defined by

f

(t)

=

<

{X I (t . X ) E f F). (t E d F)

>

Notice that t E tF is equivalent to {X I (t. X)E f F I'" '" on account of C2. For traces t and u in tF with t ep u we have

S(t.F)=S(u.F) II M(t.F)=M(u.F)

In the state graph for CSP-process F we. therefore. label the state contammg trace t.

t EtF. with the refusal sets X in M(t .F). On account of C5 and C6 dP-if

nonempty-forms one state of F; in the state graph of F this state is labeled CHAOS. and

all outgoing arrows and refusal sets are omitted.

A CSP-process is deterministic if and only if its state graph has no labeled states. If it is unlabeled its state graph is also the state graph of the corresponding TT-process.

The state graphs of the CSP-processes Fo (Section 1). and Fl. F_{2 •}F3 • and F4 (Section 3)

are given to illustrate the notation.

{ct}. ==a,=b

:;'»

It

fao.a.} ao.a,.

b

[b} •

)

R

fD.}

• a

.. .----1

fb}

b

__ .

a

{el}-·-:.:...-l ..

...:Ua

For traces t and u . t E tF and u E tF. we have

a

• -":":--1 ...

The converse does not hold. Consider the TT-process Ts given by the state graph below.

Let Fs be the CSP-process pr (TsH{ a. b I. Here we have Ts = _{tr (Fs ). but}

(20)

---

..

i..

_,

.

r '".

a

..

'.

b

fa}

_b

'.

y'---- '"

• ~a/a

-'

y

• ~

,---.-~. Q "

For TT -process T and traces t and u, t E tT and u E tT , we do have

t er U

=

t epr (T ) U

We now describe how the state graph of eSP-process Q can be transformed into the state graph of TT -process T for which pr (T

H

aQ

=

Q.

Let n be the maximum number of labels that occur on states of Q. Let Ci' 0";; <n, be a fresh symbol. that is {Ci 10";; <n}naQ

=

0. Add an arrow labeled Co from state

CHAOS to state CHAOS and omit the label CHAOS from the state graph.

For state q with labels Xi, 0";; <k: add k new vertices qi; for each;, 0";; <k, and each arrow labeled b, b E Xi, from state q to state r, mark that arrow and add a new arrow labeled b from vertex q, to state r; remove all marked arrows leaving state q; for each;, O~i <k. add a new arrow labeled Cj from state q to vertex qj; remove all labels from

state q.

The resulting graph need not be a state graph. The problem is that different vertices may belong to the same state. that is, the graph need not be minimaL For each particular state

q the new vertices qj are in distinct states. because their successor sets differ. But a vertex

qi may belong to some existing state or to the same state as one of the other new vertices. After minimization the resulting graph is the state graph of a deterministic eSP-process whose projection equals Q.

(21)

18

-If this transformation is applied to the state graph of P s above one obtains the state graph for Us depicted above. Here. a new vertex is swallowed by an existing state during

minimization.

As a final example we give the state graph of eSP-process P₆ and the transformed graph

after minimization. Two new vertices were merged.

,

6 CONCLUSION

We have shown that for each eSP-process

Q

there exists a deterministic eSP-process P

such that P taQ

=

Q. The proof we have presented is constructive and has also been explained in terms of state graphs.

esp can be viewed as an extension or refinement of Trace Theory. esp attempts to cap-ture deadlock and livelock phenomena under all "reasonable" operators. In Trace Theory projection is always considered a problematic operator. The main result of this paper shows that esp is a minimal extension of Trace Theory covering the projection operator:

All distinctions that esp makes between processes can be justified by projecting suitable deterministic processes-that is. processes in the sense of Trace Theory. This also means that all problems with deadlock and livelock in Trace Theory can be attributed to the pro-jection operator-insofar these problems can be solved within esp. of course.

Acknowledgment is due to Martin Rem and Anne Kaldewaij for their comments on a draft version of this paper.

(22)

APPENDIX

Let T be a TT-process and let B be a subset of aT. The alphabet B is called transparent

with respect to T (see Section 5.2 of [1]) when

(A t : t E tT : Set . T) ~ B ~ S(t. T)

=

set

t

B . T

t

B)) 1\

(At: t EtT: (En: n ;:'0: (As: s E(aT\B)* 1\ ts EtT :l(s)':;n))

The second conjunct of this definition is abbreviated livelockfree(aT\B .T). We prove the

Transparency Theorem

B is transparent w.r. t. T

==

pr (T )t B

=

pdT

t

B )

Proof Let us write P for pr (T). hence P is deterministic and tr (P)

=

T. We derive B is transparent w.r.t. T

( deL of transparent w.r.t. CSP-process. using P

=

pr (T) and tr (P)

=

T B is transparent w.r.t. P

{ Theorem 5.3.8 in [1] } P

t

B is deterministic

{DET}

P

t

B

=

pr (tr (p

t

B ))

{ definition of pr and calculus}

P

t

B

=

pr (tr (p

t

B)) 1\ d(P

t

B)

=

0

{ Property 5.3.7 in [1]. using that P is deterministic}

ptB

=

pr(tr(PtB)) 1\ livelockfree(aT\B)

{ definition of tr . set calculus. and Property 5.3.6 in [1] }

P

t

B = pr (tr (p)t B) 1\ livelockfree(aT\ B)

{Property 5.3.7 of [1]. using that P is deterministic}

P

t

B

=

pr (tr (P )t B) 1\ d (P

t

B )

=

0

{ definition of pr and calculus}

P

t

B

=

pr (tr (P

)t

B )

{ P

=

pr (T) and tr (P)

=

T }

pr (T

H

B

=

pr

crt

B )

(End of Proof)

N.B. Theorem 5.3.8 in [1] is equivalent to the Transparency Theorem.

REFERENCES

[0] C.A.R. Hoare. Communicating Sequential Processes. Prentice-Hall. 1985.

[1] A. Kaldewaij. A Formalism for Concurrent Processes. Dissertation. Eindhoven

(23)

COMPUTING SCIENCE NOTES

In this series appeared

No.

85/0l

85/02

85/03

85/04

86/0l

86/02 86/03 86/04 86/05

86/06

86/07

Author(s) R.H. Mak W.M.C.J. van Overveld W.J.M. Lemmens T. Verhoeff H.M.J.L. Schols R. Koymans G.A. Bussing K.M. van Hee M. Voorhoeve Rob Hoogerwoord G.J. Houben J. Paredaens K.M. van Hee Jan L.G. Dietz Kees M. van Hee

Tom Verhoeff

R. Gerth L. Shira

Title

The formal specification and derivation of CMOS-circuits

On arithmetic operations with M-out-of-N-codes

Use of a computer for evaluation of flow films

Delay insensitive directed trace structures satisfy the foam rubber wrapper postulate

Specifying message passing anc ceal-time systems

ELISA, A language for formal specifications of information systems

Some reflections on the implementation of trace structures

The partition of an information system in several parallel systems

A framework for the conceptual

modeling of discrete dynamic systems

Nondeterminism and divergence created by concealment in CSP

On proving communication

(24)

86/09 86/10 86/11 86/12 86/13 86/14 87/01 87/02 87/03 87/04 W.P. de Roever R. Gerth S. Arun Kumar C. Ruizing R. Gerth W.P. de Roever J. Hooman W.P. de Roever A. Boucher R. Gerth R. Gerth W.P. de Roever R. Koymans R. Gerth Simon J. Klaver Chris F.M. Verberne G.J. Rouben J.Paredaens T.Verhoeff computing (Inf.&Control 1987)

Full abstraction of a real-time denotational semantics for an OCCAM-like language

A compositional proof theory for real-time distributed message passing

Questions to Robin Milner -

A

responder's commentary (IFIP86)

A timed failure semantics for communicating processes

Proving monitors revisited: a first step towards verifying

object oriented systems (Fund. Informatica IX-4)

Specifying passing systems

requires extending temporal logic

On the existence of sound and complete axiomatizations of

the monitor concept

Federatieve Databases

A formal approach to distri-buted information systems

Delayinsensitive codes -An overview