The importance of the left merge operator in process ... - CiteSeerX

The Importance of the Left Merge Operator in Process Algebras Faron Moller D e p a r t m e n t of C o m p u t e r Science University of E d i n b u r g h

Abstract. In this paper, we examine equational a~xiomatisations for PA, the process algebra of Bergstra and Klop, which is a simple subset of their full language ACP. The language PA has two combinators for concurrent execution: the usual full merge operator ~ and the more esoteric left merge operator [. Though this latter combinator is somewhat semantically unusual, we demonstrate its importance by proving that, whereas a finite sound and complete equational theory exists for PA, no such finite theory can exist for PA in the absence of the left merge operator.

1

Introduction

There are a number of different approaches in existence to the algebraic description of processes. One of the original and more influential treatments is that of Milner's Calculus of Communicating Systems ([Mil80], [Mi189]). In his approach, Milner considers only a minimal set of primitive operators, in order to maintain simplicity in his analyses. Thus he has for instance only one operator allowing for causality or sequentiality (atomic action prefix a. ), one operator allowing choice between various computation paths (nondeterministic sum q-), and one operator allowing concurrent computation (parallel composition 10- Milner's approach is very much operational in nature, in particular giving an operational notion of equivalence (the so-c~led bisimulation equivalence of [Par81]), but also involves the development of equational theories for reasoning about equivalences between process terms. The approach taken by Bergstra and Klop in their Algebra of Communicating Processes ([Ber84], [Ber85]) on the other hand is very much algebraic in nature. They supply a set of operators to define a language of process terms, and then specify their equivalence by providing a set of equational axioms which are to hold between terms in their language. Thus for instance their process algebra PA is defined to consist of the following operators. Firstly, atomic actions taken from some finite set Act are the most primitive processes, and are ranged over by a, b, c, .... Then processes may be combined using sequential composition., nondeterministic choice + , concurrent composition ~, and left merge [. Thus the collection of processes p is defined by the following BNF-like notation:

p ::=o

I pp

I p+p

I pllp I

753

The informal semantic interpretation of these operators is for the most part straightforward. Atomic action processes represent indivisible events which can be performed, sequential composition Mlows for processes to follow one another, nondeterministic choice allows for options in computation paths, and concurrent composition allows for processes to proceed in parallel. In this basic system PA, communication is prohibited between concurrent processes, so the concurrency operator is also referred to as full merge, as its effect is to merge the actions of the combined processes in some arbitrary interleaved fashion. The left merge operator is unique in not having a natural interpretation. Its purpose is solely to fascilitate the easy axiomatisation of the PA equivalence. Semantically, it represents an operator identical to the full merge operator, with the proviso that the first action of the parallel composition must come from the process given by its first operand. Thus we see that the full merge operator can actually be defined, in terms of left merge and nondeterministic choice by the axiom

However, the left merge operator enjoys a particular distributivity property not enjoyed by full merge, namely

whereas

(~ + ~)Lz = =~z + y[~. The reason for this is that in the first case, if the first action of the composition were to come from the z process, then on the left-hand side of the inequality, after the first action there would still be a choice available as to whether the x process or the y process were to participate in the computation with z; on the right-hand side of the inequMity, this choice must be made at the time of the first action performed by z. This is not so in the second case involving left merge, as here the z process is not allowed to contribute the first action of the parallel composition, so on both sides of the equality, the choice between whether x or y should participate in the computation must be made at the time of the first action performed by the composition. This property allows the system PA to have a simple finite equational theory consisting of the axioms presented in Figure 1 (where we see that the sequential composition

(=+y)+z =+= (~)z

= =+(y+z)

= x = =(yz)

~y

= =[y + y[=

aLx = a= (= + ~)Lz = =tz + ~[z

(x + y)z = x z + yz

Figure 1: Axioms for PA operator is usually omitted); this is the set of axioms presented by Bergstra and Klop as the definition of their process equivalence. In this paper, we justify the claim that without left merge we could not have such a simple axiomatisation by demonstrating

754

that in the absence of the left merge operator, you cannot finitely axiomatise the equivalence. That is, the congruence generated by the axioms of Figure 1, restricted to the sublanguage of terms not involving the left merge operator, cannot be characterised by any finite set of equational laws over this sublanguage. In order to do this, we first characterise the congruence generated by the laws of Figure 1 as an observational congruence in order to exploit properties of the accompanying theory of transition systems and bisimulations. We shall henceforth restrict our attention to the process language PA without the left merge operator [, which we shall refer to as BPA!. (BPA is the Basic Process Algebra consisting of the sequential PA terms). We can show (see [Mo189]) that an equivalent axiomatisation for this sublanguage is provided by the axioms given in Figure 2. Notice

sl. (xu)z = =(yz)

A 1. ( x + y ) + z = x + ( y + z ) A 2. x + y = y + x A 3.

Exp...

X+X

= ra

D.

(x + y)z = xz + yz

X M

Fort = ~ a i x ~+ y~a~ i=1

n

i=m+l m

N

and u = E ~ Y i + j=l

Ebj(M,N>O), j=n+l N

M

t~u = E ai(xi]u) + i=1

E i=m+l

alu +

+ j=l

j=n+a

Figure 2: Axioms for BPAI that this gives an infinite axiomatisation, due to the presence of the axiom schema Expr~,n, commonly referred to as the Expansion Theorem [Mil80]. This paper will prove that such a sound and complete axiomatisation is by necessity infinite. As a corollary, we get the weaker result reported in [Mol90] that the theory for the analogous language of CCS terms where we have action prefixing rather than full sequential composition is not finitely axiomatisable. However, the result of the present paper does not follow from the former, due to the extra expressive power given by the BPA sequential composition operator.

2

Transitional

Semantics

In this section, we provide the language BPAt with an operational semantic definition based on the notion of labelled transition sytems. This method gives a derivation relation on terms in a language which defines the possible actions which a term may perform. In order to accomplish this, we must include in our language an empty process constant 0 representing a process which can perform no actions. This extended language of terms we shall refer to as BPAI°. Upon giving our transitional semantics, an equivalence relation is then defined over pairs of terms using the notion of bisimulation based on this transition system. Before we present our semantic definition, we must define a predicate on terms P E BPAI° which will syntactically decide when a term is semantically equivalence to the empty process 0. This is easily accomplished by the isnil predicate defined as follows.

755

Definition 2.1

isnil(O) = true; isnil(a) = false (a e Act);

isnil(P + Q) = isnil(P) A isni1(Q); isnil(P.Q) = isnil(P) A isnil(Q); isnil(P~Q) = isn//(p) A isnil(Q).

With this definition, the operational semantics for BPAI° is given by the transition system ,~C BPAl° x Act × SPAi° (written as P ~ Q for (P, Q) e--~) defined to be the least relation satisfying the inferential derivation laws presented in Figure 3. Thus using the

a

tt

~0

(for all a E Act)

p a p, P+Q ~,P'

pop, p.Q

~ p,.Q

Q--~Q' p+Q ~Q' '~Q ' , (isnil(P)) p .QQ ~ ..... ~Q

F.~ p'

Q~)Q'

PIIQ ~ P']Q

P i Q "~"~PIQ'

Figure 3: Derivation Laws first rule we have a ~ ) 0 for all a E Act, and for each of the other rules, whenever we can derive the transition above the line, then we can derive the transition below the line (with the proviso given by the side condition on the second sequencing rule). Our equivalence ,~c BPAI° x BPAI° is then defined to be the largest relation satisfying the following bisimulation conditions: P ~ Q if and only if for all a E Act,

(i) P

a ~ p, implies 3Q' such that Q ~ ~ Qi and P' ~ Q'; and

(ii) Q ~ ~ Q' implies 3P' such that P

~ >P' and P' ~ Q'.

This relation can be shown to be a congruence over the sublanguage BPA I (referred to as strong observational congruence [Mil80]), and to be completely characterised by the equational theory given in Figure 2. Hence we have managed to give a semantic characterisation of the equational theory for BPA !. In the remainder of this paper, we shall often use = to represent semantic equality ,-% and ~ to represent syntactic identity modulo associativity of + , ] and -, and commutativity of + and ]. We shall also extend the transition system > to allow P ~ ~ R whenever there exists some P' = R such that P ~ ~ P'.

3

Approach to the Problem

We want to prove that no finite set of sound laws can completely characterise our semantic congruence for BPA !. Consider then what it means for an equational axiomatisation T (i.e., a set of equations) to be complete for a given congruence. What we require is that

756

any valid statement P = Q can be derived in a natural deduction style proof system using a small collection of inferences. These inferences are as follows: Firstly, we need to allow our axioms to be instantiated. Thus for every closed instantiation p = q of every axiom t = u in our set T, we have the inference p = q (t = u) Then we need only to allow inferences based on the laws of equational reasoning (reflexivity, symmetry, transitivity, and substitutivity). These are as follows: p = p(vefl) P'=q~' ~qq= Pl'P2 = 1"

P = pq ~l s ~ m~"m ~ J q= (sub.)

p = q p, = r q = r

(tvans)

P'=q" P 2 = q 2 (sub+) Pl q-P2 ~- ql + q2

Pl = ql, P2 = q~ (sub~ Pl IIP2 = ql lq=

A proof of the statement P = Q will then be a (finite) proof tree built up from the above inferences with the statement P = Q at the bottom of the tree, and with no premises left open on top. To prove our non-finite-axiomatisability result, we shall show that no matter what finite set T of (valid) equations you may take as an axiomatisation, we can demonstrate a valid statement (based on the maximum number of operators in any given axiom in ~', which shall be finite, due to the finiteness of 2- itself) which cannot have a (finite) proof. To do this, we shall present a property 0 of statements P = Q such that whenever 0 holds for a statement P = Q which is the conclusion of some rule of inference (as listed above), there will necessarily be a statement P ' = Q' in the list of premises of the inference rule for which the property 0 also holds. Hence, there cannot be a proof of any statement P = Q satisfying O. To get the proof of our result off the ground, we just need show that for any finite axiomatisation, we can produce such a property O, and a valid statement P = Q satisfying O, and hence which cannot be proven. Before we tackle our problem, we must address a few formalities regarding our syntactic analysis. Firstly, the proofs of several preliminary results are often going to use induction on the depths ]'l of terms as defined as follows. D e f i n i t i o n 3.1 tal = 1 (a e Act); Ip+ql = max(lpl, lql);

Ip'ql

= IPl + Iql; lP~ql = Ipl+lql.

Some important properties of depth which we shall exploit in our inductive proofs are given by the following proposition. L e m m a 3.2

(i)

IpI>0;

(iv)

(ii) (iii)

IP'ql > tpl, ]ql; Ipl ql > IPl, Iq[;

(v) (vi)

IPt=I iffp=aforsomeaeAct; p - - ~ p' implies IPl > IP'I; p ,,~ q implies IPl = Iql.

Next, we can define two special semantic classes of terms which shall be useful in our analysis. They will give us a handle on syntactically classifying terms.

757

Definition 3.3 A term p E BP/~ is seq-prime iff it cannot be expressed as p = q.r for any q, r E BPAI. a term p E BPA! is prime iff it cannot be expressed as p = q ~r for any q, r E BPA!. A useful (and somewhat surprising) result about these prime and seq-prime terms is given by the following proposition regarding the decomposition of terms. L e m m a 3.4 ( U n i q u e F a e t o r i s a t i o n T h e o r e m s ) Any process term p E BPA! can be expressed uniquely as a sequential composition of seq-primes, and uniquely as a parallel composition of primes. Proof:

See [Mo1891 or [Mil90] for the (idea of the) proof.

[]

Generally, we shall work with processes defined using only a single atomic action symbol a e Act. Thus we shall make no other assumptions on Act than that it be nonempty. Indeed if this were not the case, then our language (of dosed terms) would be empty. Two important sequences of terms which we shall make extensive use of are given in the following definition. Definition 3.5 ~

= a + aa + ... + an;

~n =

a~l

+

a~2 +

"" + a ~ . .

Example primes and seq-primes which will be useful to us are given by the following propositions. L e m m a 3.6 • Forn>l, (i) (ii) (iii} • Forh>l

~ is seq-prime; ~n is seq-prime; ~n is prime;

(iv) (v) (vi)

a [ ~ is seq-prime; a [ ~ is seq-prime; a ] Cn + Q is seq-prime VQ.

andO 0 ,

759

where each ti, ui ~ v + v'; O~(U, V) ==~ for some i, either tier = A I P . or tier =- A ] P , + Q, where A = a and P , = ~ , ;

(by L e m m a

T h u s tier is seq-prime;

(by L e m m a

4.2)

3.6(vi))

Consider t h e s t r u c t u r e of ti:

t i ~ a ==:k tier =-- a (contradiction); ti = t'.t" = ~ tier = (t'er)(t"er) (contradiction, as t~er is seq-prime); t i - t ~ + t" ~ (contradiction); t i =- x =:~ er~ ~- tier and x E f v ( u j ) for some j (as f v ( t ) = f v ( u ) )

~j ¢ a

(a~ = ¢ f~(a))

a n d uj ~ d + u"

(by a s s u m p t i o n on uj 's)

and uj ~ u'.u", u ' ] u "

(as otherwise n + 2 = I"erl > I ~ l

> ter~l = ~ + 2)

~j - = and A l P . e V (contradicting eL(U, V)); T h u s t i - t ~ t " and tier =_ t'er[t"er = alq~,; Hence t i = t ' l t " with t'er = A = a and t"er = P , = ~ , ; (by L e m m a 3.4, as a, q~. are prime, by L e r n m a 3 . 6 ( i i i ) ) Now t" =_ v 1 + v 2 + . . . vt where l < n / 2 and each v h ~ v + v'; ttter :-- Vler + V2er 31- " ' " Vler =

On

=

a ~ l + a ~ 2 + "'" all- a ~ . ,

so some vher = a ~ 1 + a~r 2 + . . . + aq~o for some a > 2, and some rl, r 2 , . . . , r ~ such t h a t 0 < r 1 < r 2 < . . . < %; T h u s clearly v h ~ a, v + v', v . v', v [ v',

(by p r i m a l i t y / s e q - p r i m a l i t y so v h = x for some variable x with % = aqarl + acpr2 q- . . . -t- a~r~;

Clearly x •fv(t'),

as [t'er[ = lal = 1 < r . = ler~l;

Let er'= er{a*o/x}; T h e n t'a' = t'er, and tar'

~ " t'er'[~, = a l e , ;

Therefore for some j , ujer I ~

a ~ ~n;

Now [ujer'[ > n + 2 = Jua[, so clearly x E f v ( u j ) ; Consider the s t r u c t u r e of uj:

o f vher , f r o m L e m m a

3.6}

760

uj = x ==~ uja' = aq). / ~ , a ~¢n (contradiction); uj - a ~ z fg fv(u¢) (contradiction); uj -~ u'.u" ==¢. uffr' = (u'a')(u"a') _2_. a 1 ~ . , which is seq-prime; I

==~ u a

!

a

UttOt

~0 and

= a ] ¢ . with z q fv(u");

(as lu%l