Categorical Foundations of Modularisation for

Categorical Foundations of Modularisation for Multi-Paradigm Languages R˘azvan Diaconescu Japan Advanced Institute for Science and Technology

Petros Stefaneas National Technical University Athens, Greece

Abstract Multi-paradigm languages, like CafeOBJ provide a very powerfull mechanism for specification of complex systems. Modularisation plays crusial role in the management of such specifications by improving reusabilty and flexibility, while it optimizes the required time for system development. In this paper we present a general framework based on category theory and institutions supporting modularisation for multi-paradigm languages.

1 Introduction Modularisation is considered a fundamental methodological tool for systems design and management. It can be thought in two styles:

the bottom - up approach, that conceives modules as pieces, and the whole system built as a combination of all these pieces, a la mosaic, the top - down approach, that supports the decomposition of the whole system into smaller parts, the modules.

Both approaches have been studied extensively in software engineering and have been used in systems design, management and implementation. It is the requirements gathering stage of a project that determines its needs for a modular approach as well as its possible needs for a formal specification. Only after collecting the proper requirements it can be determined more easily which logical system or combination of logical systems can be used to provide the optimum modular specification of the system. A particularly interesting approach to systems description is to present the system as an expression of specification modules. This has been implemented in the specification language Clear [1], where specification modules are theories over a logic. Specification modules should be coherent, autonomous and of reasonable size. For many applications it is sufficient to consider On

leave from the Institute of Mathematics of the Romanian Academy

1

specification modules as sets of sentences of a logic. In our approach logics are presented as institutions [6], while specification modules as theories, i.e., sets of sentences closed under semantic enteilment, over an institution. Diaconescu, Goguen, and Stefaneas [5] have already proved a number of properties of logical systems that support the definition, combination, parametrisation and reuse of modules as theories over an institution.

1.1 Combining paradigms - CafeOBJ Computing paradigms based on certain formal systems like functional, logical and object oriented programming are often described as alternative approaches to specification and programming rather as complementary ones. To provide an optimal description of a real system in terms of formal specifications it is often necessary to use jointly more than one logical systems. This is the undelying intuition for multi-paradigm languages, like CafeOBJ˙CafeOBJ is a multiparadigm language supporting at once concurrent, object oriented and algebraic specifications. The semantics of CafeOBJ [4] provides a pattern that can lead to a broad theoretical framework including a wide variety of formal multi-paradigm languages. It is based on category theory and institutions and offers the ground for a categorical foundation for modularisation over languages that are based over more than one logical systems. The basic concept is that of extra theory morphisms [3] mapping theories across different institutions.

1.2 Summary of this paper We review first some basic concepts, like institutions, theories for institutions and theory morphisms as well as some important properties of institutions like liberality and exactness. Then, we define institution morphisms (strong embedding, liberal/persistent, [weakly] additive), extra theory morphisms and we present some basic result concerning extra theory morphisms and institution embeddings. Then, we introduce the concept of an expansion of a model along an extra theory morphism and we present liberality over extra theory morphisms and then review a number of results which give sufficient conditions for ”extra” liberality based on ”intra” liberality. The core of paper consists of:

an introduction of inclusion systems for extra theory morphisms and a presentation of some of the most important results in this area, a calculus for modularisation over multiparadigm languages, including definitions and theorems for sums and intersections of modules in a multi-paradigm framework, conditions for the existence of finite limits in the category of specifications over multiparadigm languages, a definition of conservative extra theory extensions and proof of a number of sufficient conditions for conservative extra theory extensions.

1.3 Notations This work assumes familiarity with the basics of category theory, and generally uses the same notation as Mac Lane [7], except that composition is denoted by “;” and written in the diagrammatic order. The application of functions (functors) to arguments may be written either normally 2

using parentheses, or else in diagrammatic order without parentheses. The category of sets is denoted as Set, and the category of categories1 as C at . The opposite of a category C is denoted by C op . The class of objects of a category C is denoted by jC j; also the set of arrows in C having the object a as source and the object b as target is denoted as C (a; b).

1.4 Acknowlegements Both authors are very greateful to Professor Joseph Goguen, for his spiritual and practical influence on institutions, and to Professor G. Koletsos of the NTUA for his warm encouragement and support. Many thanks are also due to Hendrik Hilberdink, a very good friend, for his constant feedback and encouragement.

2 Institutions From a logic perspective, institutions are much more abstract than Tarski’s model theory, and also have another basic ingredient, namely signatures and the possibility of translating sentences and models across signature morphisms. A special case of this translation is familiar in first order model theory: if Σ ! Σ0 is an inclusion of first order signatures and M is a Σ0 -model, then we can form the reduct of M to Σ, denoted M Σ . Similarly, if e is a Σ-sentence, we can always view it as a Σ0 -sentence (but there is no standard notation for this). The key axiom, called the satisfaction condition, says that truth is invariant under change of notation, which is surely a very basic intuition for traditional logic. Definition 1 An institution ℑ = (Sign; Sen; M OD ; j=) consists of 1. a category Sign, whose objects are called signatures, 2. a functor Sen : Sign ! Set, giving for each signature a set whose elements are called sentences over that signature, 3. a functor M OD : Sign ! C at op giving for each signature Σ a category whose objects are called Σ-models, and whose arrows are called Σ-(model) morphisms, and 4. a relation j=Σ jM OD (Σ)j Sen(Σ) for each Σ 2 jSignj, called Σ-satisfaction, such that for each morphism ϕ : Σ ! Σ0 in Sign, the satisfaction condition M 0 j=Σ Sen(ϕ)(e) iff M OD (ϕ)(M 0 ) j=Σ e 0

holds for each M 0 2 jM OD (Σ0 )j and e 2 Sen(Σ). We may denote the reduct functor M OD (ϕ) by ϕ and the sentence translation Sen(ϕ) by ϕ( ). 2 The following table shows the software engineering meaning of institution concepts for the case of specification languages. 1 We

stay away of any foundational problem related to the “category of all categories”; several solutions can be found in the literature, see for example [7].

3

I NSTITUTIONS signatures sentences models model morphisms satisfaction relation signature morphism sentence translation model reduct

S PECIFICATION L ANGUAGES syntactic declarations in modules axioms in modules (possible) implementations of modules refinement between implementations the implementation satisfies the axioms of the module module import importing the module axioms restricting the implementation of the importing module to an implementation of the imported module

Definition 2 Let ℑ = (Sign; Sen; M OD ; j=) be an institution. For any signature Σ the closure of a set E of Σ-sentences is E = fe j E j=Σ eg2 . (Σ; E ) is a theory iff E = E . A theory morphism ϕ : (Σ; E ) ! (Σ0 ; E 0 ) is a signature morphism ϕ : Σ ! Σ0 such that ϕ(E ) E 0 . Let Th (ℑ) denote the category of all theories in ℑ, and signℑ the forgetful functor Th(ℑ) ! Sign. 2 For any institution ℑ, the model functor M OD extends to Th (ℑ), by mapping a theory (Σ; E ) to the full subcategory M OD (Σ; E ) of M OD (Σ) formed by the Σ-models that satisfy E. Theories and theory morphisms have the following meaning in specification languages: I NSTITUTIONS S PECIFICATION L ANGUAGES theory (flattened) module theory morphism module import, view, module parameter Liberality is a desirable property expressing the possibility of free constructions generalizing the principle of “initial algebra semantics”. General results [8] show that liberality is equivalent to the power of Horn axiomatizability. Definition 3 A theory morphism ϕ : (Σ; E ) ! (Σ0 ; E 0 ) is liberal iff the reduct functor ϕ : M OD (Σ0 ; E 0 ) ! M OD (Σ; E ) has a left-adjoint ( )ϕ . M j=Σ E

M h

M 0 j=Σ E 0 0

yy yy yy y y y y h ϕ yy y y y| y

/ (M ϕ )ϕ yy

0

M 0 ϕ

Mϕ

zz zz zz z z zz zz z there exists a unique h z zz z}z z

0

M0

The institution ℑ is liberal iff each theory morphism is liberal. When (Σ; E ) is the “empty” theory for the signature Σ, we denote ( )ϕ by =E 0 . 2 Another very important property expresses the possibility of amalgamation of consistent implementations for different modules (for more details see [5]); the following is its formulation within the framework of institutions: 2 Meaning

that M j=Σ e for any Σ-model M that satisfies all sentences in E.

4

Definition 4 An institution ℑ is exact iff the model functor M OD : Sign ! C at op preserves colimits. ℑ is semi-exact iff M OD preserves only pushouts, and weakly semi-exact iff M OD maps pushouts to weak3 pushouts. 2 Semantics of multi-paradigm systems involves several different institutions which have to be linked together by using the following concept: Definition 5 Let ℑ and ℑ0 be institutions. Then an institution morphism ℑ ! ℑ0 consists of 1. a functor Φ : Sign0 ! Sign,

2. a natural transformation α : Φ; Sen ) Sen0 , and 3. a natural transformation β : Φ; M OD ) M OD 0

such that the following satisfaction condition holds M 0 j=Σ αΣ (e) iff βΣ (M 0 ) j=Σ0 Φ e 0

0

0

0

for any Σ0 -model M 0 from ℑ0 and any Σ0 Φ-sentence e from ℑ.

2

In the literature there are several concepts of institution morphism, each of them being adequate to some specific class of problems. A good survey of various concepts of institution morphism discussing their usefulness can be found in [9]. The definition presented above and originally given by Goguen and Burstall [6] seems to be the most adequate for our approach. However, for obtaining some technical properties for extra theory morphisms, some technically stronger versions of this institution morphism are needed. These are very natural technical conditions which are easily satisfied in practice. The following definition is taken from [3]: Definition 6 An institution morphism (Φ; α; β) : ℑ ! ℑ0 is

a [strong] embedding iff Φ admits a [left-inverse] left-adjoint [with identity units] Φ,

liberal iff βΣ has a left-adjoint βΣ for each Σ0 2 jSign0 j, and persistent iff in addition βΣ are also left-inverses to βΣ with identity units, and 0

0

0

0

[weakly] additive iff the squares defining the naturality of β are [weak] pullbacks. βΣ0

M OD (O Σ0Φ) o M OD (ϕΦ)

M ODO 0 (Σ0 ) M OD (ϕ) 0

M OD (Σ01 Φ) o

βΣ0

M OD 0(Σ01 )

1

2 3 See

[7] for the definition and discussion of the concept of weak universal properties.

5

In the case of specification languages the components of institution embeddings have the following meaning: I NST. S PECIFICATION L ANGUAGES Φ reduces the syntax of modules to syntax in a simpler paradigm regards the syntax of modules as (degenerated) syntax Φ in a more complex paradigm α translates module axioms to axioms in a more complex paradigm β extracts a simpler paradigm implementation from a module implementation

2.1 Extra Theory Morphisms Extra theory morphisms generalize the ordinary concept of theory morphism (Definition 2) in that it maps theories across an institution morphism. Intra (i.e., ordinary) theory morphisms can be regarded as special cases when the institution morphism is an identity. In this section we quickly revise from [3] the main definitions and results about extra theory morphisms. Definition 7 Let (Φ; α; β) : ℑ ! ℑ0 be an institution morphism, and T = (Σ; E ) and T 0 = (Σ0 ; E 0 ) be theories in ℑ and ℑ0 respectively. A extra theory morphism T ! T 0 is an ℑ-signature morphism ϕ : Σ ! Σ0 Φ such that αΣ (ϕ(E )) E 0 . 2 0

Fact 8 Any institution embedding (Φ; α; β) : ℑ ! ℑ0 gives rise to a functor Φ : Th (ℑ) ! Th (ℑ0 ) defined by Φ (Σ; E ) = (ΣΦ; αΣΦ ((Σζ)(E )) ) where ζ is the unit of the adjoint pair of functors Φ; Φ.

2

Proposition 9 Let (Φ; α; β) : ℑ ! ℑ0 be an institution embedding and let T 2 jTh(ℑ)j and T 0 2 jTh(ℑ0)j. Then there is a natural bijection between extra theory morphisms T ! T 0 and ℑ0-theory morphisms Φ (T ) ! T 0. 2 Model reducts are the semantic aspect of theory morphisms, therefore they play a central rôle in any semantics based on institutions. Model reducts for extra theory morphisms generalize ordinary model reducts for intra theory morphisms; they are introduced by the followi ng result which can also be regarded as a Satisfaction Condition for extra theory morphisms: Proposition 10 Let (Φ; α; β) : ℑ ! ℑ0 be an institution morphism. For any extra theory morphism ϕ : (Σ; E ) ! (Σ0; E 0 ) there is a reduct functor ϕ : M OD 0 (T 0 ) ! M OD (T ) defined by M 0 ϕ = βΣ (M 0 )ϕ 0

for M 0 any (Σ0 ; E 0 )-model. If (Φ; α; β) is an embedding, then M 0 ϕ = βΣΦ (M 0 ϕ )Σζ 0

where ϕ0 : ΣΦ ! Σ0 is the free extension of ϕ : Σ ! Σ0 Φ.

2

The concept of model expansion is dual to model reducts, and plays a crucial rôle for defining the denotations of structured specifications: 6

Definition 11 Given an extra theory morphism ϕ : T ! T 0 , and a model M of T , an expansion of M along ϕ is a model M 0 of T 0 satisfying the following properties:

M0ϕ = M iff the expansion is protecting, there is an injective4 model homomorphism M ! M0ϕ iff the expansion is extending, there is an arbitrary model homomorphism M ! M0ϕ iff the expansion is using, and M0 is the free over M with respect to ϕ (see Definition 12) iff the expansion is free. 2 ,

The following extends the concept of liberality (free extensions) to extra theory morphisms: Definition 12 An extra theory morphism ϕ : (Σ; E ) ! (Σ0 ; E 0 ) is liberal iff the reduct functor ϕ : M OD 0 (Σ0 ; E 0 ) ! M OD (Σ; E ) has a left adjoint, i.e., iff for any model M 2 jM OD (Σ; E )j, there exists a model M 0 2 jM OD 0 (Σ0 ; E 0 )j and a model morphism Mη : M ! M 0 ϕ such that for any model N 0 2 jM OD 0 (Σ0 ; E 0 )j and any model morphism h : M ! N 0 ϕ there exists a unique model morphism h0 : M 0 ! N 0 such that h = Mη; h0 ϕ. MA

ηM

/ M 0 ϕ AA AA AA AA AA h ϕ h AAA AA AA

M0

0

N 0 ϕ

2

h0

N0

The following results give sufficient conditions for “extra” liberality based on “intra” liberality. Theorem 13 If ℑ is liberal on signature morphisms, ℑ0 and (Φ; α; β) are liberal, then any extra theory morphism ϕ : (Σ; E ) ! (Σ0 ; E 0 ) is liberal. Moreover, the free (Σ0 ; E 0 )-model over a given (Σ; E )-model M can be obtained as βΣ (M ϕ )=E 0 . 2 0

Theorem 14 If (Φ; α; β) is a strong liberal embedding, ℑ0 is liberal, and β satisfies the following Satisfaction Condition: βΣ (M ) j=Σ αΣ (e) if M j=Σ Φ e 0

0

0

0

for all M 2 jM OD (Σ0Φ)j and e 2 Sen(Σ0Φ), then each extra theory morphism ϕ : (Σ; E ) ! (Σ0 ; E 0 ) is liberal. 2 Corollary 15 If (Φ; α; β) is a persistent strong embedding and ℑ0 is liberal, then any extra theory morphism is liberal. 2 The co-limit of a diagram of extra theory morphisms is computed in a pre-defined fixed institution in which all institutions underlying the nodes of the diagram are embedded. This is more general than just doing it in the co-limit of the underlying diagram of institution embeddings; this generality is useful in applications since in the for multi-paradigm systems the co-cones of the underlying institutions are not necessarily co-limit co-cones. For details see [3], here we will mention only a corollary of the fundamental result on co-limits of theory morphisms: 4 Under

a suitable concept of “injectivity”.

7

Corollary 16 A diagram of extra theory morphisms has a co-limit whenever the co-limit co-cone of the underlying diagram of institution morphisms consists of institution embeddings. 2 In general, extra theory morphisms do not necessarily support semi-exactness. Fortunately, some special cases of exactness for extra theory morphisms are enough to explain most practical situations. An important special case is given by the pushout between an intra and an extra theory morphism. Theorem 17 Consider an institution embedding (Φ; α; β) : ℑ ! ℑ1 and let ϕu2 : T ! T2 be a intra theory morphism in ℑ, and ϕu1 : T ! T1 be a extra theory morphism with (Φ; α; β) the underlying institution morphism. If ℑ1 is (weakly) semi-exact and (Φ; α; β) is (weakly) additive and either of the following holds: - (Φ; α; β) is strong, or - ℑ is (weakly) semi-exact and Φ is surjective on objects and full then the corresponding diagram of model reducts M ODO (T ) o

ϕu1

M ODO 1 (T1 )

ϕu2

M OD (T2 ) o

ϕ1

ϕ2

M OD 1 (T0 )

is a (weak) pullback. 2

3 Inclusion Systems for Extra Theory Morphisms Inclusion systems where first introduced by [5] for the institution-independent study of structuring specifications. They provide the underlying mathematical concept for module imports, which are the most fundamental structuring construct. Weak inclusion systems were introduced in [2], and they constitute a simplification of the original definition of inclusion systems of [5]. Definition 18 hI ; E i is a weak inclusion system for a category C if I and E are two subcategories with jI j = jE j = jC j such that 1. I is a partial order, and 2. every arrow f in C can be factored uniquely as f

= e; i

with e 2 E and i 2 I .

The arrows of I are called inclusions, and the arrows of E are called surjections.5 The domain (source) of the inclusion i in the factorization of f is called called the image of f and denoted as Im( f ). An injection is a composite between an inclusion and an isomorphim. A weak inclusion system hI ; E i is an inclusion system iff I has finite least upper bounds (denoted +) and all surjections are epics (see [5]). 2 5 Surjections

of some weak inclusion systems need not necessarily be surjective in the ordinary sense.

8

Recall from [3] the following technical definition: Definition 19 Let C and C 0 be two categories with weak inclusion systems hI ; E i and hI 0 ; E 0 i respectively. Then a functor U : C ! C 0 lifts inclusions uniquely iff for any inclusion ι0 : A0 ,! BU in I 0 with B 2 jC j, there exists a unique inclusion ι 2 I such that ιU = ι0 . 2 The following theorem from [3] provides the basic construction for the weak inclusion system of extra theory morphisms: Theorem 20 Consider a category of institutions with a weak inclusion system hI INST; E INSTi such that each of institutions involved ℑ = (Sign; M OD ; Sen; j=) has a weak inclusion system hI ℑ; E ℑi for its category of signatures. If

Φ preserves inclusions for each (Φ; α; β) 2 I INST, and Φ preserves both inclusions and surjections and lifts inclusions uniquely for each (Φ; α; β) 2 E INST,

then the corresponding category of extra theory morphisms has an inclusion system where ϕ : (Σ; E ) ! (Σ0 ; E 0 ) is - inclusion iff both the underlying institution morphism (Φ; α; β) : ℑ ! ℑ0 and the signature morphism ϕ : Σ ! Σ0Φ are inclusions, - surjection iff both the underlying institution morphism (Φ; α; β) : ℑ ! ℑ0 and the signature morphism ϕ : Σ ! Σ0Φ are surjections, and if αΣ (ϕ(E )) = E 0 . 0

2

Practical applications use mostly the following much simpler Corollary: Corollary 21 Consider a partial ordered set of institutions and institution morphisms such that each of institutions involved ℑ = (Sign; M OD ; Sen; j=) has a weak inclusion system hI ℑ ; E ℑ i for its category of signatures with Φ preserving inclusions for each institution morphism (Φ; α; β). Then the corresponding category of extra theory morphisms has an inclusion system where ϕ : (Σ; E ) ! (Σ0 ; E 0 ) is - inclusion iff the signature morphism ϕ : Σ ! Σ0 Φ is an inclusion in I ℑ , - surjection iff the underlying institution morphism is identity and it is a surjection in E ℑ

2 In the rest of this section we extend the construction of weak inclusion systems for extra theory morphisms towards inclusion systems by studying the lattice structure of the extra theory inclusion morphisms. The least upper bounds (also called sums) provide one of the basic operations for module imports in logical languages, while the greatest lower bounds are crucially used for hidding operations. For more details on the rôle of the lattice structure of inclusions for Modularisation in logical languages see [5]. We assume a fixed lattice of institutions and institution morphisms INST. For any two institutions ℑ and ℑ0 from INST, we denote their least upper bound by ℑ + ℑ0 and their greatest lower bound by ℑ ^ ℑ0 . Then let Th(INST) be the category of extra theory morphisms corresponding to INST. This assumption of the fixed lattice INST of institutions and institution morphisms allow us to significantly simplify some notations as follows: 9

Σ0 ℑ instead of Φ(Σ0 ), Σℑ instead of Φ(Σ), eℑ instead of αΣ (e), M 0 ℑ instead of βΣ (M 0 ), and M ℑ instead of βΣ (M ) 0

0

0

0

0

where (Φ; α; β) : ℑ ! ℑ0 is an institution morphism in the lattice INST (in fact the only one ℑ ! ℑ0 ), Φ stands for the left-adjoint to Φ (if exists), and β stands for the left-adjoint to β (if exists).

3.1 Sums Proposition 22 Let INST consist only of embeddings and assume each institution in INST has a weak inclusion system with sums. If for each embedding of INST, both the signature functor and the hom-set natural isomorphim given by adjunction between the category of signatures preserve inclusions, then the weak inclusion system of Th (INST) has sums. Proof: Let (Σ; E ) and (Σ0 ; E 0 ) be two theories in the institutions ℑ and, respectively, ℑ0 . We show that (Σℑ+ℑ + Σ0ℑ+ℑ ; (E ℑ+ℑ [ E 0ℑ+ℑ ) ) is the sum (Σ; E ) + (Σ0; E 0 ). First, we show that this is an upper bound of both (Σ; E ) and (Σ0 ; E 0 ). Notice that we have an inclusion Σ ,! Σℑ+ℑ + Σ0 ℑ+ℑ as a composite of the inclusions Σ ,! Σℑ+ℑ and Σℑ+ℑ ,! Σℑ+ℑ + Σ0ℑ+ℑ . The former one is an inclusion since it is the image of the identity on Σℑ+ℑ through the hom-set natural isomorphim given by the adjunction between the category of signatures of ℑ and ℑ + ℑ0 . A similar argument holds for (Σ0 ; E 0 ). 0

0

0

0

0

0

0

0

0

0

0

(Σ; E )

/ (Σ; E ) + (Σ0; E 0 ) o (Σ0 ; E 0 ) M M M q M M M q q M M M q q q q q M M M q M M M q q q & xq q q (Σ00 ; E 00 )

/ ℑ + ℑ0 o ℑCC ℑ0 zz CC CC zz CC zz z CC z CC zz ! }z z ℑ00

Now, we show that this is the least upper bound in the partial order of the inclusions of Th (INST). Assume a theory (Σ00 ; E 00 ) such that (Σ; E ) ,! (Σ00 ; E 00 ) and (Σ0 ; E 0 ) ,! (Σ00 ; E 00 ). Then ℑ + ℑ0 is embedded in the institution ℑ00 of (Σ00 ; E 00 ). Because Σ ,! Σ00 ℑ+ℑ ℑ = Σ00 ℑ , we have that Σℑ+ℑ ,! Σ00ℑ+ℑ . Similarly Σ0ℑ+ℑ ,! Σ00 ℑ+ℑ , therefore Σℑ+ℑ + Σ0ℑ+ℑ ,! Σ00 ℑ+ℑ . 2 0

0

0

0

0

0

0

0

Corollary 23 If each institution in INST has an inclusion system, and INST consists only of embeddings for which the signature right-adjoint functor and the hom-set natural isomorphism given by the adjunction between the category of signatures preserve inclusions, then Th(INST) has an inclusion system. 2 Corollary 24 Assume that each institution in INST has a weak inclusion system, and that INST consists only of strong embeddings for which the signature right-adjoint functor preserves and lifts inclusions uniquely. If the weak inclusion system of each institution in INST has sums, then the weak inclusion system of Th (INST) has sums. If each institution in INST has an inclusion system, then Th (INST) has an inclusion system too. 2

10

3.2 Intersections Theorem 25 If INST consists only of institution embeddings and the category of signatures of each institution in INST has finite co-limits, then Th(INST) has finite co-limits. Proof: This is a direct consequence of Corollary 16. The institution in which the co-limit of a diagram of extra theory morphisms is constructed is the least upper bound in INST of the underlying institutions of the theories in the diagram. 2 Theorem 26 If the category of signatures of each institution in INST has finite limits, and the signature functors for each institution morphism in INST preserve finite limits, then Th(INST) has finite limits. Proof: Consider (Σi ; Ei )i2J a diagram of extra theory morphisms with ℑi being the institution underlying the theory (Σi ; Ei ) for each i 2 jJ j. The limit of this diagram is constructed as follows: 1. Let ℑ0 be the greatest lower bound of (ℑi )i2jJj , 2. Let the signature Σ0 be the limit of the diagram (Σi ℑ0 )i2jJj in the category of signatures of ℑ0 ; with (ϕi )i2jJj the limiting cone, and 3. Let Ei be the theory of ℑ0 for the signature Σ0 generated by fρ 2 Sen0 (Σi ℑ0 ) j ϕi (ρ)ℑi Ei for all i 2 jJ jg.

2

It is obvious to see that (ϕi )i2jJj is a cone for the diagram of extra theory morphisms (Σi ; Ei )i2J . We still have to prove this is a limiting cone.

θi

(Σ1 ; E1 )

δ

3 (:Σi ; Ei ) v vv v ϕi v v v v v vv vv v vv

/ (Σ0 ; E0 ) HH θj

i

ϕu

HH HH HH HH H ϕj H H H HH + $

(Σ j ; E j )

u

j

For this, we consider another cone (θi )i2jJj from a theory (Σ1 ; E1 ) to the diagram (Σi ; Ei )i2J . Let ℑ1 be the institution underlying (Σ1 ; E1 ). Then ℑ1 v ℑi for all i 2 jJ j. Thus ℑ1 v ℑ0 since ℑ0 is the greatest lower bound of ℑi i2jJj . Because the signature functor of the embedding ℑ1 v ℑ0 preserve finite limits, (ϕi ℑ1 )i2jJj is a limiting cone in the category of signatures of ℑ1 , therefore there exists an unique signature morphism δ : Σ1 ! Σ0 ℑ1 such that δ; ϕi ℑ1 = θi . Now we have only to prove that δ is indeed a extra theory morphism (Σ1 ; E1 ) ! (Σ0 ; E0 ). Consider a Σ1 sentence ρ in E1 . Then for all i 2 jJ j, θi (ρ)ℑi 2 Ei . But θi (ρ)ℑi = ϕi (δ(ρ)ℑ0 )ℑi , therefore δ(ρ)ℑ0 2 E0 . 2 Corollary 27 If INST consists only of institution embeddings and the category of signatures of each institution in INST has finite limits, then Th(INST) has finite limits. 2

11

Definition 28 Assume the hypotheses of Proposition 22 and assume that the category of signatures of each institution in INST has finite limits. Then the intersection of two theories T and T 0 in INST is defined as the (unique) pullback of their sum which is included in both T and T 0 . / T +T0 O

TO

T ^T0

2

/

T0

The correctness of this definition is supported by the following: - Pullbacks in Th(INST) exist by Theorem 26, and - We can pick the pullback of two inclusions to be constituted of inclusions too by Corollary 26 of [2]. In practice, one of the very important properties of the sum-intersection square is to be a pushout (besides being a pullback square). Recall from [5] the following definition: Definition 29 Let C be a category with a weak inclusion system. Then pushouts preserve inclusions in C iff whenever a pair of arrows (A ,! A0 ; A ! B) has a pushout, then they have a pushout of the form (B ,! B0 ; A0 ! B0 ). 2 Corollary 30 Let C be a category with a weak inclusion system such that pushouts preserve inclusions. Then, whenever a pair of arrows (A ,! A0 ; A ,! A00 ) has a pushout, they have a pushout of the form (A0 ,! B; A00 ,! B). 2 Proposition 31 Assume the hypotheses of Proposition 22 and assume that the category of signatures of each institution in INST has finite limits and pushouts preserve inclusions. If for each institution in INST, each sum-intersection square of signatures is a pushout, then each sumintersection square in Th (INST) is a pushout. Proof: Let (Σ; E ) and (Σ0 ; E 0 ) be two theories in the institutions ℑ and ℑ0 . We have to prove that the following square is a pushout: / (Σ; E ) + (Σ0 ; E 0 ) O

(Σ; E )

O

(Σ; E )

^ (Σ0 E 0)

/ (Σ0 ; E 0 )

;

Let (Σ00 ; E 00) be the pushout of the intersection between (Σ; E ) and (Σ0 ; E 0). Notice that (Σ00 ; E 00 ) and (Σ; E ) + (Σ0 ; E 0 ) have the same underlying institution, i.e., ℑ + ℑ0 . Because of the construction of pushouts of theories, it is enough to prove that Σ00 and the signature of (Σ; E ) + (Σ0 ; E 0 ) are the same, i.e., Σ00 = Σℑ+ℑ + Σ0ℑ+ℑ (see Proposition 22). 0

0

12

By the definition of intersections, Σ ^ Σ0 ,! Σℑ^ℑ . By the preservation of inclusions by the natural hom-set isomorphism corresponding to the adjunction between the categories of signatures of the embedding ℑ ^ ℑ0 v ℑ, it follows that (Σ ^ Σ0 )ℑ ,! Σ, and further, by a similar argument, that (Σ ^ Σ0 )ℑ+ℑ ,! Σℑ+ℑ . This means that (Σ ^ Σ0 )ℑ+ℑ ,! Σℑ+ℑ ^ Σ0ℑ+ℑ . 0

0

0

0

0

0

ℑ+ℑ0

(Σ

^

9 h h h 4Σ h h h h s s s s h h h h h s h s h s s h h h h s s h h h h h s h h s h h h s s h h h h s s h h h h s s / ℑ+ℑ Σ0)ℑ+ℑ V Σ Σ0KℑK +ℑ V V V V K K V V V V K K V V V V K K V V V V K K V V V V K K V V V V K K V V V V V V V V K K K K V V V * % 0

0

^

K K K K K K K K K K K K K K K K K K %

Σℑ+ℑ9

0

Σ0ℑ+ℑ

s s s s s ss s s s s s ss s s s s

0

0 + Σ0ℑ+ℑ o

/( h

6 Σ00

0

By the definition of pushouts for extra theory morphisms, notice that the outer square is a pushout, and by Corollary 30, we may chose it in such a way that all arrows are inclusions. By the definition of sums and by the fact that in ℑ + ℑ0 the sum-intrsection squares of signatures are pushouts, notice that the inner square is a pushout too. Because diagrams made of only inclusions always commute and because of the universal property of the outer square pushout, we have that Σℑ+ℑ + Σ0ℑ+ℑ ,! Σ00 and that there exists h : Σ00 ! Σℑ+ℑ + Σ0ℑ+ℑ which is a leftinverse to this inclusion. But due to the unique factorization property of inclusions this means that Σℑ+ℑ + Σ0ℑ+ℑ = Σ00 . 2 0

0

0

0

0

0

4 Pushouts of Conservative Extra Extensions Definition 32 An extra theory morphism ϕ : T protecting expansion along ϕ. 2

! T 0 is conservative iff any model M of T has a

Definition 33 An institution embedding (Φ; α; β) : ℑ ! ℑ0 is almost strong iff the model reducts along the units of the adjunction between the categories of signatures are injections, and is conservative iff each model of a signature Σ in ℑ has a protecting expansion along the extra signature morphism Σ ! ΣΦ. 2 Remark 34 Notice that any strong embedding is almost strong too.

2

Proposition 35 Let (Φ; α; β) : ℑ ! ℑ0 be an almost strong weakly additive institution embedding. Consider an extra theory morphism ϕ : (Σ; E ) ! (Σ0 ; E 0 ) across this institution embedding. If ϕ is conservative, then (the intra theory morphism) ϕ0 : Φ (Σ; E ) ! (Σ0 ; E 0 ) is conservative too. Proof: Consider a model M in M OD 0 (Φ (Σ; E )); this means M 2 M OD 0 (ΣΦ). Then βΣΦ (M )Σζ is a (Σ; E )-model. Because ϕ : (Σ; E ) ! (Σ0 ; E 0 ) is conservative, there exists a (Σ0; E 0 )-model M 0 such that M 0 ϕ = βΣΦ (M )Σζ

13

This means that βΣ (M 0 )ϕ Φ Σζ = βΣΦ (M )Σζ 0

0

where ϕ0 : ΣΦ ! Σ0 is the free extension of ϕ. Because the institution embedding is almost strong, βΣ (M 0 )ϕ Φ = βΣΦ (M ) 0

0

Because the institution embedding is weakly additive, there exists a (Σ0 ; E 0 )-model M 00 such that βΣ (M 00 ) = βΣ (M 0 ) and M 00 ϕ = M. 2 0

0

Theorem 36 Consider the following pushout of extra theory morphisms

(Σ; E )

ϕu1

ϕu2

/ (Σ1 ; E1 )

ϕ2

/

ℑ1

(Φu2 ;αu2 ;βu2 )

ϕ1

(Σ2 ; E2 )

(Φu1 ;αu1 ;βu1 )

ℑ

/ (Σ0 ; E0 )

(Φ1 ;α1 ;β1 )

ℑ2

(Φ2 ;α2 ;β2 )

/ℑ

0

where (Φui ; αui ; βui ) : ℑ ! ℑi are institution embeddings underlying ϕui and (Φi ; αi ; βi ) : ℑi ! ℑ0 are institution embeddings underlying ϕi , for i 2 f1; 2g. Assume that 1. 2. 3. 4. 5.

(Φu1 ; αu1 ; βu1 )

is almost strong and weakly additive, ℑ0 is weakly semi-exact, (Φ1 ; α1 ; β1 ) is weakly additive, (Φ2 ; α2 ; β2 ) is conservative, and either of the following holds: 5.1 (Φ1 ; α1 ; β1 ) is strong, or 5.2 ℑ1 is weakly semi-exact and Φ1 is surjective on objects and full.

If ϕu1 is conservative, then ϕ2 is conservative too. Proof: The key to this proof is to notice that the original pushout square of extra theory morphisms gets another pushout square between an extra theory morphism and an intra theory morphism:

Φu1 (Σ; E )

(ϕu1 )0

(ϕu2 )00

/ (Σ1 ; E1 )

ℑ1

(ϕ2 )0

/ℑ

1

(Φ1 ;α1 ;β1 )

ϕ1

Φ2 (Σ2 ; E2 )

=

/ (Σ0 ; E0 )

(Φ1 ;α1 ;β1 )

ℑ0

=

/ℑ

0

Then we are in the hypotheses of Theorem 17, which means that the following square is a weak pullback: 14

(Σ; E )) o M OD 1 (Φu1 O

(ϕu1 )0

M OD 1 (O Σ1 ; E1 )

(ϕu2 )00

ϕ1

M OD 0 (Φ2 (Σ2 ; E2 )) o

(ϕ2 )0

M OD 0 (Σ0 ; E0 )

Also, by Proposition 35, we deduce that (ϕu1 )0 : Φu1 (Σ; E ) ! (Σ1 ; E1 ) is conservative. We are now ready to proceed with the proof of this theorem. Consider a (Σ2 ; E2 )-model M. Let M 0 be a protecting expansion of M along the extra signature morphism Σ2 ! Σ2 Φ2 . Now we consider the reduct M 0 (ϕu2) , which is a Φu1 (Σ; E )-model. Let N be a protecting expansion of M 0 (ϕu2) along the intra theory morphism (ϕu1 )0 . Then N (ϕu1 ) = M 0 (ϕu2) , therefore let M 0 N be the (Σ0 ; E0 )-model such that (M 0 N )ϕ1 = N and (M 0 N )(ϕ2 ) = M 0 . The last equality implies that (M 0 N )ϕ2 = M. 2

00

00

0

00

0

5 Conclusions and Future Work In this paper we have presented a framework based on categories and institutions for modularization of multi-paradigm specification and/or programming languages with rigorous logical semantics. We have developed the basic concepts and proved some basic results supporting a module calculus including (multiple) module imports (with sharing), free extensions, etc. However, this approach still poses some interesting non-trivial mathematical questions. A class of such questions concerns the model amalgamation (exactness) properties across institutions. While a fully general result is not possible, practially good sufficient conditions would be enough (we provided a couple of such theorems, but there is still room for more research in this direction). Also, it is important to extend the conservative extension result of Theorem 36 to the case of persistent extensions a´ la [5].

References [1] Rod Burstall and Joseph Goguen. Semantics of Clear. Unpublished notes handed out at the 1978 Symposium on Algebra and Applications, Stefan Banach Center, Warsaw, Poland, 1978. [2] Virgil Emil C˘az˘anescu and Grigore Ros¸u. Weak inclusion systems. Mathematical Structures in Computer Science, 7(2), 1997. [3] R˘azvan Diaconescu. Extra theory morphisms for institutions: logical semantics for multi-paradigm languages. J. of Applied Categorical Structures, 1998. To appear; a preliminary version appeared as JAIST Technical Report IS-RR-97-0032F in 1997. [4] R˘azvan Diaconescu and Kokichi Futatsugi. Logical semantics for CafeOBJ. In Precise Semantics for Software Modeling Techniques, pages 31–54. Proceedings of an ICSE’98 workshop held in Kyoto, Japan, published as Technical Report TUM-I9803, Technical University Munchen, 1998. Preliminary version appeared as Technical Report IS-RR-96-0024S at Japan Advanced Institute for Science and Technology in 1996.

15

[5] R˘azvan Diaconescu, Joseph Goguen, and Petros Stefaneas. Logical support for modularisation. In Gerard Huet and Gordon Plotkin, editors, Logical Environments, pages 83–130. Cambridge, 1993. Proceedings of a Workshop held in Edinburgh, Scotland, May 1991. [6] Joseph Goguen and Rod Burstall. Institutions: Abstract model theory for specification and programming. Journal of the Association for Computing Machinery, 39(1):95–146, January 1992. [7] Saunders Mac Lane. Categories for the Working Mathematician. Springer, 1971. [8] Andrzej Tarlecki. On the existence of free models in abstract algebraic institutions. Theoretical Computer Science, 37:269–304, 1986. Preliminary version, University of Edinburgh, Computer Science Department, Report CSR-165-84, 1984. [9] Andrzej Tarlecki. Moving between logical systems. In Magne Haveraaen, Olaf Owe, and Ole-Johan Dahl, editors, Recent Trends in Data Type Specification, Lecture Notes in Computer Science, pages 478–502. Springer, 1996. Proceedings of 11th Workshop on Specification of Abstract Data Types. Oslo, Norway, September 1995.

16