SOS Partial Ordering Semantics of -calculus. Pierpaolo Degano. Dipartimento di Informatica, Universita di Pisa

Transcription

1 SOS Partial Ordering Semantics of -calculus Pierpaolo Degano Dipartimento di Informatica, Universita di Pisa Corso Italia, 4, I-5625 Pisa, Italy - degano@di.unipi.it Corrado Priami Departement de Matemathique et d'informatique, Ecole Normale Superieure 45, rue d'ulm, 7523 Paris, France - priami@dmi.ens.fr November, 996 bstract In this paper we present a partial ordering semantics for the -calculus. The model we adopt is transition system based. In spite of their interleaving nature, we show that it is possible to completely abstract from the generation ordering of transitions. The denition of this semantics drive us in dening a standard SOS semantics that directly yields the partial ordering semantics of -calculus. Introduction In recent times, distributed systems are receiving more and more attention due to their widespread dissemination. The design, implementation and maintenance of these systems is a dicult task because of the large amount of details that must be taken into account. This imposes the use of formal techniques to ensure reliability. Since the life-cycle of distributed and concurrent systems involves people with many dierent backgrounds, the formalisms used to drive the realization must be simple and must allow different views of the same system. In fact, the designer may be interested in the event-history of a run or in the distribution of resources, while the nal Work partially supported by ESPRIT Basic Research ction n LOMPS. The second author is also partially supported by UE TMR grant number ERBFMBICT965

2 user simply needs to observe the external behaviour of the system. Therefore, we need a class of descriptions of the same system strongly related to one another. We study here a portion of this class by taking -calculus as specication language. We dene an SOS semantics that allows us to derive the class of semantics mentioned above. We consider the proved transition system [6, 2] whose transitions are labelled by encodings of their proofs. The rich labelling of transitions permits us to retrieve the main semantic models presented in the literature as shown in [8, 9]. These models are obtained from the proved one simply by relabelling the transitions in order to drop unwanted details for the problem at hand. The intrinsic structure of transition systems records the temporal ordering in which transitions are red. In fact, a computation (i.e., a path in the transition system) totally orders its transitions. This description is often called interleaving and it is sometimes too concrete. Multistep semantics, whose labels are sets of actions that can occur simultaneously, is an exception. However, this cannot fully express enabling. In order to express time-independent properties, like enabling or allocation of processes on processors, descriptions of concurrent systems have been introduced essentially based on partial orders of events. mong these, we mention Petri nets and event structures. Partial ordering (po) semantics directly express truly concurrent computations, i.e. computations whose evolution steps are sets of transitions that can occur concurrently. This may help dening abstract concurrent machines. Some attempts to describe po semantics in the transition systems framework are presented in the literature. There are two approaches. The rst one decomposes the states of systems to identify their sequential components [7]. The operational semantics that shows up is not standard because a decomposition function must be applied before deriving any transitions. The other approach records in the states and in the labels of a transition an information on the activating transitions of the current one [5, ]. This solution, even if simpler than the previous one, does not yield a proper po semantics. In fact, the pointers to the activating transitions implicitly encode information on the temporal ordering in which the transitions occur. The semantics that is retrieved has been called mixed ordering (mo) in [7]. mo is a po enriched with a total ordering that describes the temporal ordering between transitions. t the best of our knowledge there is no po semantics dened in the standard SOS style. Transition systems have been considered a suitable tool to study also non-interleaving properties, but only 2

3 time-dependent ones. Many non interleaving equivalences have been presented in the literature to compare the behaviour of systems. Most of them are ad hoc adaptations of the bisimulation equivalence [4] to the po or mo representations of systems. The po and mo equivalences are dierent as shown in [6] by the example depicted in Fig. (events are denoted by their labels, enabling by arrows and mutual exclusion by arcs labelled #). The two event structures and B are not mo bisimilar because the execution of an a in determines also the b that will be red, while in B it does not happen. Instead, and B are po equivalent, because the po corresponding to computations are considered up to isomorphism. a a a a a a # # # b b b b B Figure : Two labelled event structures po, but no mo, equivalent # s a matter of fact po and mo semantics are distinguished because of autoconcurrency. It occurs when two concurrent transitions share the same label. For instance, the two a actions in the CCS-like process a:bja are autoconcurrent. In these cases a confusion may arise between the occurrences of the a's, for example in computation aab. It is possible to say explicitly which a enables the b, thus taking temporal ordering into account and yielding a mo, or simply say that b depends on (one of the) a, yielding a po. We show here that a po description of distributed systems is possible also by transition systems, in spite of their interleaving nature. We introduce relabelling functions of the proved transition system that yield po semantics, unlike the ones dened in [8, 9] which originate mo semantics. Furthermore, we show that po semantics can be retrieved from the mo one through a simple relabelling function. Finally, the classical interleaving description of systems can be obtained in straightforward way from the po semantics (and hence from the mo and proved one, as well). Note that it is not possible to go in the other way around because in passing from a mo semantics to a po and to an interleaving one, we discard essential information. In fact, the temporal ordering between independent transitions is lost when going from mo to po, 3

4 and the enabling relation is lost in deriving interleaving semantics. We also prove that our po semantics coincides with the one dened in [7], when we restrict ourselves to CCS. Our semantics is however more compact and simpler because we do not modify the states of transition systems. similar correspondence theorem could be given for locality semantics [3] to show the equivalence with the semantics presented in [3]. The denition of the po relabelling function drive us in dening in SOS style a po semantics of -calculus that directly originates a po transition system. The semantics is shown equivalent to the ones obtained by relabelling the proved transition system. s a consequence, the denition of the po semantics in SOS style allows us to use the classical denition of bisimulation together with its axiomatizations with almost no change, as well as the modal characterizations of systems. The paper is organized as follows. In the next section we recall from [9] the basic notions of the (mo) enabling semantics for -calculus. Then, we dene the po relabelling in Sect. 3. The comparison of our po semantics with the mo, the proved and the interleaving semantics is reported in Sect. 4. The main theorem of the section which states that our po relabelling actually yields a po semantics is proved in Sect. 6. Section 5 introduces the SOS denition of the po semantics for -calculus. 2 -calculus and enabling In this section we briey recall -calculus [2, ], a model of concurrent communicating processes based on the notion of naming. Then, we recall how to derive an enabling semantics (actually an mo semantics) from the proved transition system of -calculus. Finally, we report the denition of partial ordering that will be used later. Denition 2. (syntax) Let N be a countable innite set of names ranged over by a; b; : : :; x; y; : : : with N \ fg = ;. We also assume a set of agent identiers ranged over by ; ; : : :. Processes (denoted by P; Q; R; : : : 2 P) are built from names according to the syntax P ::= j :P j P + P j P jp j (x)p j [x = y]p j (y ; : : :; y n ) where may be either x(y) for input, or xy for output (where x is the subject and y the object) or for silent moves. Hereafter, the trailing will be omitted. 4

5 The prex is the rst atomic action that the process :P can perform. The input prex binds the name y in the prexed process. Intuitively, some name y is received along the link named x. The output prex does not bind the name y which is sent along x. The silent prex denotes an action which is invisible to an external observer of the system. Summation denotes nondeterministic choice. The operator j describes parallel composition of processes. The operator (x) acts as a static binder for the name x in the process P that it prexes. In other words, x is a unique name in P which is dierent from all the external names. Finally, matching [x = y]p is an if-then operator: process P is activated if x = y. (y ; : : :; y n ) is the denition of constants (hereafter, ~y denotes y ; : : :; y n ). Each agent identier has a unique dening equation of the form (y ; : : :; y n ) = P, where the y i are distinct and fn(p ) fy ; : : :; y n g (see below for the denition of free names fn). The early operational semantics for -calculus is dened in the SOS style, and the labels of the transitions are for silent actions, xy for input, xy for free output, and x(y) for bound output. We will use as a metavariable for the labels of transitions (it is distinct from, the metavariable for prexes, though it coincides in two cases). We sometimes write (x; y)p for (x)(y)p. We recall the notion of free names fn(), bound names bn(), and names n() = fn() [ bn() of a label. Kind fn() bn() Silent ; ; xy; xy Input and Free Output fx; yg ; x(y) Bound Output fxg fyg Functions fn, bn and n are extended in the obvious way to processes. Below we assume that the structural congruence on processes is dened as the least congruence satisfying the following clauses: P and Q -equivalent (they only dier in the choice of bound names) ) P Q, (P= ; +; ) is a commutative monoid, [x = x]p P, (x)(y)p (y)(x)p; (x)(r j S) (x)r j S if x 62 fn(s), (x)(r j S) R j (x)s if x 62 fn(r), and (x)p P if x 62 fn(p ). 5

6 Note that the j is neither associative nor commutative. variant of P?! Q is a transition which only diers in that P and Q have been replaced by structurally congruent processes, and has been -converted, where a name bound in includes Q in its scope. We enrich the labels of the standard interleaving transition system in the style of [6, 2]. This allows us to derive dierent semantic models for -calculus by relabelling functions as done in [8] for CCS. We start with the denition of the new labels (proof terms). In addition, we introduce a function (`) that takes a proof term to the corresponding standard action label. Denition 2.2 (proof terms) Let # 2 fjj ; jj g. Then proof terms (with metavariable ) are dened by the following syntax ::= # j #hjj # ; jj # i with = xy i is either x(y) or xy, or vice versa. Function ` is dened as `(#) = and `(#h# ; # i) =. Our version of the early transition system for -calculus is reported in Tab., where the symmetric rules for communication (Com and Close ) are omitted. The transitions in the conclusion of each rule stand for all their variants. We call this transition system proved, because the labels of the transitions are encodings of portions of their proofs. Here, for the sake of presentation, only the parallel structure of processes is encoded, as this is sucient for deriving the non-interleaving relations being investigated. The proved transition system diers from the standard one in the rules for parallel composition and communication. Rule P ar (P ar ) adds to the label a tag jj (jj ) to record that the left (right) component is moving. The rules Com and Close have in their conclusion a pair instead of a to record the components which interacted.?! Q simply as, when unambigu- Hereafter, we will write a transition P ous. The standard interleaving semantics is obtained from the proved transition system by relabelling each transition through function ` in Def We now dene proved computations. 6

7 ct : :P?! P; not input Ein : x(y):p?! xw P fw=yg P ar : P ar : P?! P P jq jj?! P jq P?! P P ; bn(`()) \ fn(q) = ; Sum : P + Q QjP?! jj ; bn(`()) \ fn(q) = ; Open : QjP P?! #xy P ; Q # xy?! Q Com : Ide : P f~y=~xg P jq hjj#xy;jj# xyi?! P jq Q(~y)?! P?! P P?! #xy P ; x 6= y (y)p #x(y)?! P?! P ; Q(~x) = P?! P Close : P Res : (x)p P #x(y)?! P ; Q # xy?! Q P jq hjj#x(y);jj# x(y)i?! (y)(p jq )?! P?! ; x 62 n(`()) (x)p ; y62fn(q) Table : Early proved transition system for -calculus. Denition 2.3 (proved computation) Let P?! P be a transition. Then, P is the source of the transition and P is its target. proved computation of P is a sequence of transitions P = P?! P?! : : : starting from P, and such that the target of any transition coincides with the source of the next one. We let ; ; ; : : : range over proved computations. The notions of source and target are extended in the obvious way to computations. Finally, a computation P?! P?! : : : is fresh when 8i if `(i ) = x(a) or `( i ) = xa, then a \ fn(p i ) = ; and 8j < i, a \ n(`( j )) = ;; in this case we say that name a has been introduced in i. Hereafter we consider only fresh computations, and we omit the adjective fresh. 7

8 We now recall from [9] how to derive an enabling semantics from the proved transition system of -calculus. The denition of enabling between the transitions of a computation is given in three steps. Roughly, the rst pertains to structural dependencies. It says that a transition labelled n depends on a transition labelled h if the proof part of h is a prex of the proof part of n (with the tuning needed to cover communications). The underlying idea is that the two transitions have been derived using the same initial set of rules and thus they are nested in a prex chain (or they are connected by communications in a similar way). Denition 2.4 Let P?! P?! : : : n?! P n+ be a proved computation, and in the following let i, as well as j, be either or. Then, h has a structural dependency on n (written h str n) i h n, and either n = #, h = # and # is a prex of #; or n = #, h = # h# ; # i and # # j is a prex of #; or n = #h# ; # i, h = #, # is a prex of ## i ; or n = #h# ; # i, h = # h# ; # i), # # j is a prex of ## i. The structural dependencies of n are obtained by reexive and transitive closure of str, i.e., str = ( str). The second step denes name dependencies. It is simplied by noting that only extrusions do actually generate these dependencies. In fact, an input which binds a name y and its following usage always induces also a structural dependency. In the process P = x(y):q the scope of the binding occurrence of y is Q. Since Q is guarded by x(y), the prexes in which y occurs are structurally dependent upon the input. The binding rules show that the input x(y) in P jr has no inuence upon R. Later on we will combine structural and name dependencies, thus we may safely ignore input bindings in the following denition. Denition 2.5 (name enabling) Let P?! P?! : : : n?! P n+ be a proved computation. Then, the name enabler of n, if any, is the unique h ( h nam n ) such that `( h ) = x(a), and `( n ) 2 faz; a(z); az; yag. 8

9 Note that there is no need for implementing the cross inheritance of link dependencies after a communication. Indeed, if one component of a communication has the form #x(a), the link is made local to the residual of the communicating processes via (a) (as a Close rule is used, if the sender performs a bound output). The enablers of a transition t are the union of its structural dependencies, of its link dependency t, and of the set containing the link and structural enablers of t [9]. Thus the enabling relation is = ( str [ lnk ) : We relabel each visible proved transition with a pair ct = h; Ki where the rst component is the standard action label and the second component is the set of its enablers. For simplifying the presentation, we adopt the reference mechanism of unique names for transitions introduced by Kiehn []. s usual, we omit from the set of enablers the self-reference (condition h 6= k in Def. 2.6). Denition 2.6 Let = P?! P?! : : : n?! P n+ be a proved computation. Its associated enabling computation Et() is derived by relabelling any transition k as ct k, where ( if `(k ) = et k = h`( k ); fh 6= kj h k ; `( h ) 6= gi otherwise 3 po relabelling In this section we show how to relabel the proved transition system in order to obtain a po description of the enabling relation between transitions. This makes our representations more compact than other po representations that modify the structure of congurations (e.g., [7]). We rst report the denitions of partial and mixed orderings. Denition 3. (po and mo) partial ordering po = hd; D i is a set D equipped with a binary relation D which is reexive, anti-symmetric and transitive. The relation D is usually called ordering relation. mixed ordering mo = hd; D ; D i is a partial ordering hd; Di equipped with a total ordering relation D. 9

10 Hereafter, when the set D is clear from the context, we omit the subscript of the relations. Sometimes, we will denote a po simply by its set component when no ambiguity arises. Note that the relabelling function Et() in Def. 2.6 originates a mo on the transitions of the computation. In fact, let = P?! P?! : : : n Pn??! P n. Then, the mo originated by Et() is hfj i j i n; `( i ) 6= jg; fjh i ; j i j i j ; `( i ) 6= 6= `( j )jg; fjh i ; j i j i < j; `( i ) 6= 6= `( j )jgi We use multisets instead of sets to represent transitions with their labels only. Similarly, we can derive the mo generated by Et() using the relabelled transitions hfjet i j i n; et i = h; Kijg; fjhet i ; et j i j et i = h; Ki; et j = h ; fig [ K ijg; fjhet i ; et j i j i < j; et i = h; Ki; et j = h ; fig [ K ijgi gain, we use multisets because two transition may share the same label (e.g., ha; ;i in a j a). The total orderings in the mo's above represent the temporal ordering in which transitions are red. It is encoded in the referencing mechanism of unique names of transitions. Hence, to abstract from the generation ordering of transitions, we let dependencies be multisets of actions. For instance, consider again process We label the b-transition as a j ab: hb; fjajgi: Instead in process a:a:b the transition which res b will be labelled by hb; fja; ajgi. Denition 3.2 (po relabelling) Let = P?! P?! : : : n?! P n+ be a proved computation. Its associated po computation is P Et(). It is obtained by relabelling any transition k as pet k, where ( if `(k ) = pet k = h`( k ); fj`( h )jh 6= k; h k ; `( h ) 6= jgi otherwise

11 Consider the process P = ( b)(a j a:(xz j z(w))) and its computation P jj a?! P jj a?! P 2 jj jj x(z)?! P 3 jj 2 zz?! P 4 = (b)(j(j)) Its po enabling computation is P ha;;i?! P ha;;i?! P 2 hx(z);fjajgi?! P 3 hzz;fja;x(z)jgi?! P 4 () while the mo enabling computation (see Def. 2.6) is P ha;;i?! P ha;;i?! P 2 hx(z);f;gi?! P 3 hzz;f;;3gi?! P 4 (2) In the po computation above it is not possible to discriminate between the two a's. We loose the generation ordering, yielding a po semantics. utoconcurrency alone (two concurrent transitions that share the same action) may raise ambiguities in the identication of the dependencies of a transition in po semantics. We have the following fact. (Recall that two transitions h and k of a computation are concurrent if they are not related by ). Fact 3.3 Let = P?! P?! : : : n?! P n+ be a proved computation such that i ^ j ) `( i ) 6= `( j ) Then, P Et() and Et() are isomorphic. Whenever all concurrent transitions describe dierent actions, their names act as unique pointers up to isomorphism. Note that two transitions which are not concurrent may share the same label. In this case one transition enables the other, and the use of multisets rules out ambiguities (see the example before Def. 3.2). Needless to say, besides po enabling, we can dene the po version of any other dependency relation introduced simply by replacing in Def. 3.2 with the relation selected. For instance, we can obtain po semantics for locality, precedence, causality, concurrency (see [9, 5] for their denition).

12 4 mo versus po semantics The relabelling functions of the proved transition system give an encoding of partial and mixed ordering of events without a precise identication of the events. In this section we show that our po relabelling (Def. 3.2) actually yields the po semantics in [7], when we restrict our attention to processes without objects (e.g., to CCS). The semantics obtained is also called history preserving in [7]. Hereafter, we restrict ourselves to labelled orderings. More precisely we assume that any po and mo is equipped with a function f that associates to each element a label. Furthermore, let [P ] mo and [P ] po be the transition systems obtained by relabelling any computation of P with the same mo and po relations. The following theorem states that the ordering we extract from [P ] mo and [P ] po are actually a mo and a po. The po is isomorphic to the ordering obtained from mo by discarding the generation ordering. The extraction of events from [P ] mo and [P ] po are described in the step () of the proof of the theorem below, reported in Sect. 4.. We devote a distinct section to the proof because it is quite long and technical. Theorem 4. Let o = he; ; f; i and o = he ; po ; f i be the orderings of events extracted from [P ] mo and [P ] po, respectively. Then, o is a mixed ordering, o is a partial ordering and he; ; fi and o are isomorphic. We use Theorem 4. to prove the following. Theorem 4.2 Let P be a process in which no object appears, and let [P ] po; be the transition system obtained by the po enabling relabelling of P. Then, the partial ordering extracted from [P ] po; is isomorphic to the one obtained from P according to [7]. Proof. he; ; f; i originates the same relation between transitions dened in [5] (for a proof of this see [5]). Moreover, the mixed ordering extracted from the causal trees of [5] is the same of the one dened in [7], as proved in [4]. Finally, the partial ordering relation introduced in [7] is isomorphic to the mixed ordering introduced in the same paper when the generation ordering is discarded from the latter. Now, Theorem 4. suces. 2 The following theorem states the correspondence between our semantics and the one introduced in [7], when we restrict our attention to -calculus without objects. 2

13 Theorem 4.3 Let P be a process in which no object appears, and let [P ] po; be the transition system obtained by the po enabling relabelling of P. Then, the equivalence relation induced by bisimulation on [P ] po; coincides with the one dened in [7]. Proof. (Sketch) Recall that the transition system obtained by observing the proved one through P Et has the same nodes and transitions (up to x+x=x) of the standard interleaving one. The derivations that are allowed in [7] are in one-to-one correspondence with those allowed by the standard interleaving semantics. Hence, the structure and the actions compared in our approach and in [7] are the same. s the dependencies associated to a system in both approaches coincides, we are done. 2 5 SOS po semantics In this section we show that there exists a hierarchy of models for distributed systems. In fact, in previous sections we dened relabelling functions from proved to mo and po transition systems. We now discuss how to dene a relabelling function that maps mo transition systems to po ones. Recall that mo dependencies are expressed through set of pointers (unique names of transitions) to the activating transition of the current one. Instead, po dependencies are expressed through multisets of actions. Therefore, we only need to replace unique names with their corresponding actions. More formally, we have the following denition. ct Denition 5. (from mo to po) Let = P ct?! P?! : : : ctn?! P n+ be an mo computation. Its associated po computation is D() and is obtained by relabelling any transition ct k as pct k, where ( h; fj`(h ) j pct k = h 2 Sjg if ct k = h; Si otherwise We have established the hierarchy of models expressed in the following theorem. Theorem 5.2 We have the hierarchy of models proved! mixed! partial where! is a non-bijective homomorphism. 3

14 Proof. The denitions of observation functions shows that! is an homomorphism. We now show that the above arrows cannot be reversed. Consider for instance computation. We do not know x(z) depends on the rst or on the second a. Therefore, we cannot correctly rebuild computation 2. Furthermore, we loose information on the concurrency structure of processes while passing from proved to mo transition systems. Hence, we cannot rebuild a proved computation from an mo one. 2 Transition systems that directly dene mo semantics have been presented in the literature. The idea consists in enriching congurations with sets of references to the activating transitions of the enabled ones. The denition of the relabelling function D that maps an mo computation to a corresponding po one provide us with the basis to translate an SOS denition of an mo transition system into an SOS denition of the corresponding po transition system. ccording to this relabelling function, we dene a transition system that directly yields a po enabling transition system of -calculus. We extend the language by prexing each process P with a pair of multisets that denote the structural (K) and the link (L) dependencies. These dependencies will be encoded as transitions labels because we want to loose the generation ordering of transitions. The multiset L is made up of pairs whose rst component is the name extruded by a transition and the second component is the multiset of (link and structural) enablers of. The syntax of enabling processes is ::= (K; L) ) j j j (x) j P where P is a standard process as in Def. 2.. Some notation can help. We dene n(l) = fxjhx; Ki 2 Lg, (K; L) ) (K ; L ) ) = (K [ K ; L [ L ) ) and L? fyg = L? fhx; Ki j x = yg. We assume that (K; L) ) distributes over all operators apart from prex. We write K() for the enablers of. The rules for visible transitions are reported in Tab. 2, where only one of the two symmetric rules for binary operators is reported. We use an auxiliary transition relation (K;L); that records in (K; L) all its enablers and the extruded names needed to obtain the link dependencies. The name index is used to refer the current 4

15 transition. The actual transition relation?! K forgets L, and is obtained via rule T rans. Note that variants of transitions are extended to the enabling transition system by including in the scope of the -convertions also the names in the set L. ctually, these names are bound as they are originated by bound outputs. The invisible transitions are standard, except for the rules Com and Close dened below Com : j B xy (K ;L );xy ; B xy (K ;L );xy B?! ( fk =xy; (L [ L )=L g j B fk =xy; (L [ L )=L g) where and Close : x(y) (K ;L );x(y) ; B j B xy (K ;L );xy B?! (y)( j B ) ; y 62 fn(b) = fk =x(y); ((L [ L )? fyg)=l g B = B fk =xy; ((L [ L )? fyg)=l g with x(y) 62 K(B), xy 62 K(). We use the notation fk =g to mean that an occurrence of in is replaced by K. The whole set of rules for invisible transitions is reported in Tab Proof of Theorem 6.3. We prove the statement by using the proved transition system instead of the one observed through Et. Indeed, the labelling of mo transitions is based on proof terms. We do the following steps.. We build the sets of events from [P ] and [P ] po, showing that the two sets are isomorphic as well as their labels; 2. we show a property of the enabling relation that permits to lift the denition of dependency between transitions to dependency between events; 5

16 ct : : Ein : x(y): C : C2 : Open : Res : P ar : (;;;); (fjjg; ;) ) ; not input xz (;;;);xz (K ; L ) ) (K ; L ) ) (y) (x) jb (fjxzjg; ;) ) fz=yg (K;L); ; (K[K ;L[L ); (K ; L ) ) n(l) \ n(l ) = ;; not input xy (K;L);k ; n(l) \ n(l ) = ; xy (K[K ;L[L );xy (K ; L ) ) xy (K;L);k x(y) (K;L[fhy;fkg[Kig);x(y) (K;L);k (K;L); (K;L); (K;L); (;; fhy; fjx(y)jg [ Kig) ) f~y=~xg ; x 62 n() Ide : (x) B(~y) jb ; bn() \ fn(b) = ; Sum : T rans : (K;L);?! K (K;L); (K;L); + B ; x 6= y; y 62 n(l) ; B(~x) = (K;L); (K;L); In C and C2 it is K = K [ fjh 2 Hjhx; Hi 2 L jg with x subject of Table 2: Early po enabling transition system for visible actions 6

17 ct : :?! (;; ;) ) C :?! (K ; L ) )?! (K ; L ) ) ; Com : j B Close : xy (K ;L );xy ; B xy (K ;L );xy B?! ( fk =xy; (L [ L )=L g j B fk =xy; (L [ L )=L g) x(y) (K ;L ; B );x(y) j B xy (K ;L );xy B?! (y)( j B )?! Res : (x)?! Ide : f~y=~xg (x) B(~y) ; y 62 fn(b)?! ; B(~x) =?! P ar : jb?!?! jb Sum : + B?!?! In C and C2 it is K = K [ fh 2 Hjhx; Hi 2 L g with x subject of Table 3: Early po enabling transition system for invisible actions. denition of and B in the conclusion of rule Close is in the text. The 3. we extract the po relation from [P ] po ; and 4. nally we establish the isomorphism. Step (). We resort to set of transitions that are originated by the same prex of the considered process. The interleaving structure of transition systems duplicates transitions corresponding to a single prex in presence of concurrency because of the expansion theorem of process algebras. ctually, all these transitions represent the occurrence of the same event. For instance, consider the process a j b where the prex a only originates one event, but two transitions: one red before b and the other afterhand. The use of prexes can be avoided in all the treatment, if we adopt complete proof terms in which all constructors of the language are recorded. This would give proof terms isomorphic to terms of the language. 7

18 ccording to Def. 3., we build a partial ordering of events he; ; fi by discarding the generation ordering of the mo obtained from a proved computation through Et(). We build a po he ; po ; f i from the corresponding observed computation P Et(), as well. The two orderings turns out to be isomorphic, thus establishing the correctness of the relabelling. We introduce the set of transitions that originates the events of the mo and po. n Let = P?! P?! : : :?! P n+ be a proved computation. Each process and label of transition is annotated with the name of the computation in which it occurs. Let =^ be the set of computations obtained by swopping concurrent transitions of. lso, let ; ; : : :; n be the prexes of the language that originate ; ; : : :; n. (For simplicity, we assume that all actions are visible. In the general case, we only need to consider pairs of prexes as generators of transitions, as well). It is routine proving that all computations in are originated by the same set of prexes =^ ; ; : : :; n. Thus, we let i=^ = fjp j j?! P j+ 2 j 2 =^jg be the multiset of transitions occurring in a computation of originated =^ by i. Note that i=^ is actually a multiset because of recursion. For instance, the term rec x a:x originates innite many identical transitions. In the sequel, we restrict us to sets, as the treatment of multisets (and thus of recursion) needs only technical adjustments. Since the proved computation has the same transitions of the observed po computation P Ct(), we can adapt the above denition to po computations as follows: po = fp i=^ j h j ;M j i?! P j+ 2 P Et( ) j P j j?! P j+ 2 i=^g Note that 2 follows from the denition of =^ i=^. It is immediate to verify that i=^ and po are isomorphic. Hence, we i=^ dene E = f j i = ; : : :; ng and i=^ E = f po j i = ; : : :; ng i=^ as the sets of events of the mixed and partial ordering of events, respectively. The labelling functions f and f yield the same label for the corresponding events as they only take the action name, and P Et does not modify it. 8

19 Step (2). Consider a computation in which n depends on k. ll the occurrences of the transitions in event e 3 n are enabled by a transition in event e 3 k. Property 6. Let = P?! P be a proved computation such that k v n. Then, 8 P l such that j v k=^ l?! : : :, and viceversa. n?! P n+ l?! P 2 l+ n=^; 9 P j j?! P j+ 2 Proof. Since there is no inference rule in Tab. that discards j from contexts, all transitions in a set i=^ have the same proof part. Since, k and n cannot be swopped in any computation 2 =^ as they are not concurrent, we conclude the proof by denition of enabling. 2 The above property lifts to events the denition of dependency between the transitions of a computation as follows k=^ n=^, k v n Step (3). It shows how to associate a partial order of events with P Et() =^, i.e., with the set of equivalent computations =^, observed according to P Ct. h ;M i h ;M i Let P Et() = P?! P?! : : : hn;m ni?! P n+ be the po computation obtained from. We dene the class of sets of transitions Tn that potentially enables a given transition Pn all sets I k = fp i hn;mni?! P n+, as follows. Consider h i ;M i i?! P i+ j i 2 M ng such that ji k j = jm nj. Then T n = [ k2k I k. Now, we dene the possible dependency between the transitions of P Et(). P i h i ;M i i?! P i+ P j h j ;Mj?! i P j+, 9I 2 T j : P h i ;Mi i i?! P i+ 2 I From the above denition follows that any po computation originates a set of partial orderings P O. For instance, consider the process ab j ac and its computation ab j ac jj a?! b j ac jj a?! b j c jj b?! nil j c jj c?! nil j nil 9

20 that observed becomes ab j ac ha;;i?! b j ac ha;;i?! b j c hb;fjajgi?! nil j c hc;fjajgi?! nil j nil which originates, up to isomorphism, the two partial orderings (represented through their Hasse diagrams growing downwards) a a a a b c b c By applying Property 6., we instantiate the denition of to sets of computations. The new po relation is po = \ 2 =^ P O The left part of the above equation is a set, actually a singleton. Proposition 6.2 po is a singleton. Proof. Per absurdum. If po is not a singleton, two enabling related transitions in have been swopped to originate =^. 2 Finally, we lift our ordering to events as follows. po k=^ po po n=^, P k h k ;Mk?! i P k+ po Pn hn;mni?! P n+ The proposition below is used to end the proof. Proposition 6.3 k=^ n=^, po k=^ po po n=^. References [] M. Boreale and D. Sangiorgi. fully abstract semantics of causality in the -calculus. In Proceedings of STCS'95, LNCS. Springer Verlag, 995. [2] G. Boudol and I. Castellani. non-interleaving semantics for CCS based on proved transitions. Fundamenta Informaticae, XI(4):433{452, 988. [3] G. Boudol, I. Castellani, M. Hennessy, and. Kiehn. theory of processes with localities. Theoretical Computer Science, 4,

21 [4] P. Conte. Confronti tra semantiche ad ordinamento parziale per sistemi concorrenti. Master's thesis, Dipartimento di Informatica, Universita di Pisa, 99. [5] Ph. Darondeau and P. Degano. Causal trees. In Proceedings of ICLP'89, LNCS 372, pages 234{248. Springer-Verlag, 989. [6] P. Degano, R. De Nicola, and U. Montanari. Partial ordering derivations for CCS. In Proceedings of FCT, LNCS 99, pages 52{533. Springer-Verlag, 985. [7] P. Degano, R. De Nicola, and U. Montanari. partial ordering semantics for CCS. Theoretical Computer Science, 75:223{262, 99. [8] P. Degano and C. Priami. Proved trees. In Proceedings of ICLP'92, LNCS 623, pages 629{64. Springer-Verlag, 992. [9] P. Degano and C. Priami. Causality for mobile processes. In Proceedings of ICLP'95, LNCS 944, pages 66{67. Springer-Verlag, 995. []. Kiehn. Local and global causes. Technical report, TUM 342/23/9, 99. [] R. Milner. The polyadic -calculus: a tutorial. Technical Report ECS-LFCS- 9-8, University of Edinburgh, 99. [2] R. Milner, J. Parrow, and D. Walker. calculus of mobile processes (I and II). Information and Computation, ():{77, 992. [3] U. Montanari and D. Yankelevich. parametric approach to localities. In Proceedings of ICLP'92, LNCS 623, pages 67{628. Springer-Verlag, 992. [4] D. Park. Concurrency and automata on innite sequences. In Proceedings of GI, LNCS 4, pages 67{83. Springer-Verlag, 98. [5] C. Priami. Enhanced Operational Semantics for Concurrency. PhD thesis, Dipartimento di Informatica, Universita di Pisa, March 996. vailable as Tech. Rep. TD-8/96. [6]. Rabinovich and B. Trakhtenbrot. Nets of processes. Fundamenta Informaticae, XI(4):357{44, 988. [7] R.J. van Glabbeek and U. Goltz. Equivalence notions for concurrent systems and renement of actions. In Proceedings of MFCS'89, LNCS 379. Springer- Verlag,