The Tau-Laws of Fusion
Joachim Parrow Bjorn Victor y
DRAFT of March 18, 1998, 15:59
Abstract
We present complete axiomatizations of weak hypercongruence in the nite fragment of the fusion calculus, an extension and simplication of the -calculus. We
treat both the full fusion calculus and the subcalculus without mismatch operators.
The axiomatizations are obtained from the laws for hyperequivalence and adding
so called tau-laws. These are similar to the well known tau-laws for CCS and the
-calculus, but there is an interesting dierence which highlights an aspect of the
higher expressive power of the fusion calculus.
1 Introduction
The fusion calculus [PV97] is an extension of the -calculus [MPW92], allowing actions
with a special kind of side eect. The idea is that these so called fusion actions make names
identical, and that this fact can be tested by all agents within the scope of the names. Its
theory of strong bisimulations (i.e., bisimulations that make no special provisions for an
internal action to be \unobservable") has been completely axiomatized in [PV97]. In this
paper we shall provide the extra axioms for weak bisimulation, and prove completeness for
a few dierent varieties.
As we have demonstrated in our previous papers the fusion calculus gains not only in
expressiveness but also in simplicity over . There is only one scoping operator, and there
is a complete duality between input and output actions, neither of which needs to bind
names. A typical example is
fy=zg P j Q j R
xy : P j xz : Q j R ???!
Here the action prex xy can be though of as \receive y along x" and xz as \send z
along x"; their interaction results in a fusion fy = zg aecting all agents in the scope of y
and z. In particular, if R is within this scope it can use a match construct [y = z] to test
if y and z are equal. For example,
1 (y )((P j Q j [y = z ]R)fy=z g)
(y)(z)(xy : P j xz : Q j [y = z]R) ?!
y
Dept. of Teleinformatics, Royal Institute of Technology, Sweden. Email: joachim@it.kth.se.
Dept. of Computer Systems, Uppsala University, Sweden. Email: Bjorn.Victor@DoCS.UU.SE.
1
DRAFT of March 18, 1998, 15:59
Parrow & Victor: The Tau-Laws of Fusion
In the agent to the left R cannot execute since y and z are not the same. The interaction
results in the internal action 1, and in that y and z are fused (formally, that means they are
substituted by the same name). Assume that y and z are only used in the match [y = z],
then the agent to the right can be written P j Q j [y = y]R, and [y = y]R has exactly the
actions of R. Thus the fusion aects the rightmost parallel component [y = z]R even
though it does not take part in the interaction.
In our previous paper [PV97] we have explored the algebraic theory of bisimulation
congruence. A bisimulation here is a binary relation on agents such that if two agents are
related and one has an action, then the other has the same action so that the derivatives are
again related. The example above makes clear that for an equivalence to be a congruence
it must be closed under substitution of names (since an environment of an agent can
accomplish a substitution without the agent taking part). Although this is true also for the
standard equivalences in the -calculus the eect is more dramatic in the fusion calculus,
where it turns out that this substitution closure is required after every transition. In
other words, the bisimulation congruence (called hyperequivalence) comes out as the largest
bisimulation which is closed under arbitrary substitutions.
The eect on the algebraic theory is perhaps most clearly demonstrated through an
example. Consider the law
[x 6= y] : P = [x 6= y] : [x 6= y]P
()
This law holds in the -calculus equivalences: If x 6= y then these names will continue
to be distinct within the agent, so inserting an extra test for inequality is harmless. In
the fusion calculus this law is invalid since the agent may be a component in a parallel
composition where another agent may fuse x and y; so even if x 6= y holds initially it may
not hold after .
In this paper we shall study the theory of weak bisimulation equivalence. The main
idea is that the internal action 1 needs not be simulated. This can be expressed formally
in dierent ways, leading to dierent weak equivalences. To nd the most appropriate
one we use the barbed equivalence in [VP98]. This means that we dene an observation
predicate (corresponding to the ability to observe the ports where communications occur)
1 ). In CCS the resulting
and a reduction relation (corresponding to internal transitions ?!
congruence becomes observation congruence, and in the -calculus it becomes weak early
congruence. In the fusion calculus with guarded summation it becomes weak hyperequivalence, , which can be given a pleasant bisimulation-like denition, without quantifying
over contexts. One characteristic of it is that fusion actions cannot be \observed" as such,
although their eects on other agents may be observable. However, the eect of two fusions
fx = yg and fu = vg in sequence is exactly the same as the eect of one polyadic fusion
fx = y; u = vg. Therefore it will hold that
fx = yg : fu = vg : P fx = yg : fu = vg : P + fx = y; u = vg : P
()
since the eect of the extra summand in the right hand side is simulated by the left hand
side performing two fusions in sequence.
2
DRAFT of March 18, 1998, 15:59
Parrow & Victor: The Tau-Laws of Fusion
Algebraic laws for observation equivalence were rst presented in [Mil80], and the rst
completeness proof for weak bisimulation equivalence is by Hennessy and Milner [HM85].
For the -calculus weak early and late bisimulation has been axiomatized by Lin [Lin95a].
Axiomatizations are usually formulated in a set of so called tau-laws, being the name of
the unobservable action in CCS. We will in this paper keep the by now well established
epithet \tau-law" even though the unobservable action in the fusion calculus is denoted 1.
Milner's original tau-laws can thus be written
T1
:1:P = :P
T2
P + 1:P = 1:P
T3 : (P + 1 : Q) = : (P + 1 : Q) + : Q
The main result in this paper is to give a complete axiomatization of weak hypercongruence
in the fusion calculus. It might be expected that adding the three laws T1-T3 to an
axiomatization of hyperequivalence would be enough, just as in CCS and in the -calculus.
However this turns out not to be the case, for two independent reasons.
The rst reason has to do with the mismatch operator [x 6= y]P . In the fusion calculus
we have fewer laws for it since () above does not hold. So it turns out that we actually
need a stronger version of T3, involving an arbitrary sequence M~ of mismatches
~ :Q
T3a : (P + M~ 1 : Q) = : (P + M~ 1 : Q) + M
In the -calculus all instances of T3a are derivable from the other axioms including T3;
this is not the case in the fusion calculus.
The second reason is that weak hyperequivalence allows a fusion to be simulated by
several smaller fusions with the same combined eect, as in () above. None of T1-T3
caters for this. So we need an additional law. As in T3a it needs a sequence of mismatches.
T3b ' : (P + M~ : Q) = ' : (P + M~ : Q) + M~ (' ^ ) : Q
Here ' and are fusion actions, ' ^ is a fusion with the same eect as ' and combined,
and a side condition says that if M~ ) x 6= y then x and y may not be fused by ' (otherwise
the law would be unsound).
The rest of the paper is organized as follows. In Section 2 we recapitulate the syntax
and semantics of the fusion calculus, and in Section 3 the denition of hyperequivalence
and its algebraic theory. The paper is formally self contained but a reader is referred to
our previous papers [PV97, VP98] for explanations and motivations. In Section 4 we recall
the denition of weak hyperbisimulation, and there the original contribution of the present
paper starts. We dene weak hypercongruence and prove it is the largest congruence
in weak hyperequivalence (this is analogous to observation congruence being the largest
congruence in observation equivalence). We then show that T1, T2, T3a and T3b yield a
complete axiomatization. In Section 5 we consider the subcalculus without mismatch and
show that simpler versions of T3a and T3b, without the mismatch sequences, suce for
completeness. Finally in Section 6 we characterize the equivalence obtained by omitting
T3b. Although this it turns out to be ner than the weak barbed congruence it may hold
interest since its algebraic theory is closer to the weak equivalences in the -calculus.
3
DRAFT of March 18, 1998, 15:59
Parrow & Victor: The Tau-Laws of Fusion
2 Syntax and Semantics
We assume an innite set N of names ranged over by u; v; : : : ; z. We write x~ for a (possibly
empty) nite sequence x xn of names. ' ranges over total equivalence relations over
N (i.e. equivalence relations with dom(') = N ) with only nitely many non-singular
equivalence classes. We write fx~ = y~g to mean the smallest such equivalence relation
relating each xi with yi, and write 1 for the identity relation.
Denition 1 The free actions, ranged over by , and the agents, ranged over by P; Q; : : :,
are dened by
::= ux~
(Input)
P ::= 0
(Inaction)
ux~
(Output)
:Q
(Prex)
'
(Fusion)
Q+R
(Summation)
QjR
(Composition)
(x)Q
(Scope)
[x = y]Q (Match)
[x 6= y]Q (Mismatch)
Input and output actions are collectively called communication actions. In these x~ are the
objects of the action, and the name u is the subject. We write a to stand for either u or u,
thus ax~ is the general form of a communication action. Fusion actions have neither subject
nor objects.
We often omit a trailing 0 and write for : 0 if no confusion can arise. The name
x is said to be bound in (x)P . We write (~x)P for (x ) (xn )P . The free names in P ,
denoted fn(P ), are the names in P with a non-bound occurrence, here the names occurring
in the fusion ' is dened to be the names in the non-singular equivalence classes, i.e. in
the relation ' ? 1. As usual we will not distinguish between alpha-variants of agents, i.e.,
agents diering only in the choice of bound names. We use M; N to stand for a match or
a mismatch operator, and write \match sequence" for a sequence of match and mismatch
operators, ranged over by M~ , N~ , and we say that M~ implies N~ , written M~ ) N~ , if the
conjunction of all matches and mismatches in M~ logically
implies all elements in N~ , and
P
that M~ , N~ if M~ and N~ imply each other. We write i2I Pi for nite general summation,
P + + Pn .
The action of a transition may be free or bound:
Denition 2 The actions, ranged over by , consist of the fusion actions and of communication actions of the form (z ) (zn)ax~ (written (~z )ax~), where n 0 and all elements
in z~ are also in x~. If n > 0 we say it is a bound action.
In the bound actions above, z~ are the bound objects and the elements in x~ that are not in
z~ are the free objects. Free actions have no bound objects. We further write n( ) to mean
all names occurring in (i.e., also including the subject of communication actions and the
names in non-singular equivalence classes in fusion actions).
For convenience we dene 'nz to mean ' \ (N ? fzg) [ f(z; z)g, i.e., the equivalence
relation ' with all references to z removed (except for the identity). For example,
fx = z; z = ygnz = fx = yg, and fx = ygny = 1.
1
1
1
1
2
4
DRAFT of March 18, 1998, 15:59
pref
?
P
: P ?!
sum
Parrow & Victor: The Tau-Laws of Fusion
P0
?!
P + Q ?! P 0
P
?! P 0
[x = x]P ?!
P0
com P
x P 0; Q ?
u!
y Q0; jx
?u!
~j = jy~j
f
x
y
g
0
P j Q ???! P j Q0
pass P
?!
P 0 ; z 62 n()
(z)P ?!
(z)P 0
~
P ?! P 0
P j Q ?! P 0 j Q
0
mismatch P ?! P ; x 6= y0
[x 6= y]P ?! P
match
P
par
scope P
~
~=~
open P
'
?!
P 0 ; z ' x; z 6= x
z P 0 fx=z g
(z)P ?'?n!
y ax
???
! P 0; z 2 x~ ? y~; a 62 fz; zg
zy a x
(z)P ????
! P0
(~) ~
( ~) ~
Table 1: The Fusion Calculus: Laws of action.
We now dene a structural congruence which equates all agents we will never want
to distinguish for any semantic reason, and then use this when giving the transitional
semantics.
Denition 3 The structural congruence, , between agents is the least congruence satisfying the abelian monoid laws for Summation and Composition (associativity, commutativity
and 0 as identity), and the scoping laws
(x)0 0; (x)(y)P (y)(x)P; (x)(P +Q) (x)P +(x)Q (x)MP M (x)P; if x 62 n(M )
and also the scope extension law P j (z )Q (z )(P j Q) where z 62 fn(P ).
Denition 4 The family of transitions P ?!
Q is the least family satisfying the laws in
Table 1. In this denition structurally equivalent agents are considered the same, i.e., if
Q then also P 0 ?!
Q0 .
P P 0 and Q Q0 and P ?!
3 Hyperequivalence
This section recalls pertinent denitions and results from [PV97].
Denition 5 A substitution agrees with the fusion ' if 8x; y : x ' y , (x) = (y). A
substitutive eect of a fusion ' is a substitution agreeing with ' such that 8x; y : (x) =
y ) x ' y (i.e., sends all members of the equivalence class to one representative of the
class). The only substitutive eect of a communication action is the identity substitution.
Denition 6 A bisimulation is a binary symmetric relation S between agents such that
P S Q implies:
P 0 with bn( ) \ fn(Q) = ; then
If P ?!
Q0 and P 0 S Q0 for some substitutive eect of .
Q ?!
5
DRAFT of March 18, 1998, 15:59
Parrow & Victor: The Tau-Laws of Fusion
Summation
S1
P +0 =P
S2
P +Q=Q+P
S3 P + (Q + R) = (P + Q) + R
Scope
R0
(x)0 = 0
R1
(x)(y)P = (y)(x)P
R2
(x)(P + Q) = (x)P + (x)Q
Match and Scope
RM1 (x)[y = z]P = [y = z](x)P if x 6= y; x 6= z
Table 2: Axioms from structural congruence.
A hyperbisimulation is a substitution closed bisimulation, i.e., a bisimulation S with the
property that P S Q implies P S Q for any substitution . Two agents P and Q are
hyperequivalent, written P Q, if they are related by a hyperbisimulation.
For the axiomatization of hyperequivalence we subsume the fact that the equivalence
is a congruence. We also use some of the laws for structural congruence (see Table 2). The
axioms are given in Table 3, and in Table 4 we present some derived rules (whose names
start with D).
Denition 7 A substitution agrees with a match sequence M~ , and M~ agrees with , if
for all x; y which appear in M~ it holds that (x) = (y) i M~ ) [x = y].
Denition 8 The depth of an agent P , d(P ), is dened inductively as follows:
d(0) = 0, d( : P ) = 1 + d(P ), d((~x)P ) = d(MP ) = d(P ), d(P j Q) = d(P ) + d(Q),
d(P + Q) = max(d(P ); d(Q)).
Denition 9 A match sequence M~ is complete on a set of names V if for some equivalence
relation R on V , called the equivalence relation corresponding to M~ , it holds that M~ )
[x = y] i x R y; and M~ ) [x 6= y] i :(x R y)
Lemma 1 [PS95] Let V be a set of names and let M~ be complete on V .
1. If N~ is another match sequence with names in V , then either M~ N~ is unsatisable or
M~ N~ , M~ .
2. If N~ is another match sequence complete on V such that M~ and N~ both agree with
the same substitution , then M~ , N~ .
Denition 10 An agent P is in head normal form (HNF) on V (a nite set of names) if
P is on the form
X M~ (~x ) : P
i2I
i
i
i
i
where for all i, x~i \ V = ;, x~i obj(i) and M~ i is complete on V .
6
DRAFT of March 18, 1998, 15:59
Parrow & Victor: The Tau-Laws of Fusion
Summation
S4
P +P = P
Match
~ = NP
~
M1
MP
if M~ , N~
M2
[x = y]P = [x = y](P fx=yg)
M3 MP + MQ = M (P + Q)
M4
[x =
6 x]P = 0
M5
P = [x = y ]P + [x =
6 y]P
Scope
R3
(x) : P = : (x)P
if x 62 n()
R4
(x) : P = 0
if x is the subject of Match and Scope
RM2 (x)[x = y]P = 0
if x =
6 y
Fusion
F1
' : P = ' : [x = y ]P
if x ' y
F2
(z)' : P = 'nz : P
if z 62 fn(P )
Expansion
E
for P iMi (~xi)P
i :Pi , Q j Nj (~yj )j :Q
j,
P
P jQ =
Mi (~xi )i : (Pi j Q) + Nj (~yj )j : (P j Qj )
iP
j
Mi Nj (~xi y~j )[ui = vj ]fz~i = w~j g : (Pi j Qj )
+
where ioppj means i uiz~i and j vj w~j .
i opp j
Table 3: Axioms.
Match
DM1
[x = x]P = P
DM2 [x = y] : P = [x = y] : [x = y]P
~ = M~ (P )
DM3
MP
DM4
M0 = 0
DM5
MP + P = P
Match and Scope
DRM1 (x)[y =6 z]P = [y 6= z](x)P
DRM2 (x)[x =6 y]P = (x)P
Fusion
DF1
' : P = ' : (P )
DF2
(z)' : P = 'nz : (P fw=zg)
Table 4: Derived rules.
7
for agreeing with M~
if x 6= y; x 6= z
if x 6= y
where agrees with '
if z'w and z 6= w
DRAFT of March 18, 1998, 15:59
Parrow & Victor: The Tau-Laws of Fusion
For the sake of brevity we will use the derived bound prex ((~x)az~) : P to mean (~x)az~ : P
when x~ z~ and a 62 x~, and let range over any (free or bound) prex. A HNF can then
~ :P.
be written as a sum of terms of type M
Lemma 2 [PV97] For all agents P and nite V such that fn(P ) V , there is an agent
H such that d(H ) d(P ), H is in HNF on V , and ` P = H from the axioms of tables 2
and 3.
Theorem 3 [PV97] P Q i ` P = Q from the axioms of tables 2 and 3.
4 Weak hypercongruence
The denition of weak hyperequivalence is from [VP98]. The original contribution in this
paper begins with the denition of weak hypercongruence and its axiomatization.
4.1 Denitions
Denition 11 Dene the composition
of two transitions, , by P (?!
?!
)Q i there
0
0
0
exists an agent P such that P ?! P and P ?! Q, where is a substitutive eect of
. Dene the conjunction of two fusions ' and , written ' ^ , to be the least equivalence
relation containing ' and . Dene the weak transition =) by the following: P =) Q
Q and either of
means that for some n 0, P ?!
?!
1. is a communication and = i for some i and j = 1 for all j =
6 i, or
2. and all i are fusions and = ^ ^ n . Here we allow n = 0 where the empty
conjunction is 1, in other words P =1) P holds for all P .
Denition 12 A weak simulation is a binary relation S between agents such that P S Q
0
0
1
n
1
implies:
If P ?!
P 0 with bn( ) \ fn(Q) = ; then
Q =) Q0 and P 0 S Q0 for some substitutive eect of A weak bisimulation is a relation S such that both S and S ?1 are weak simulations. A
weak hyperbisimulation is a substitution closed weak bisimulation. Two agents P and Q
are weakly hyperequivalent, written P Q, if they are related by a weak hyperbisimulation.
1 =) Q if = 1.
Denition 13 Dene P =)+ Q to mean P =) Q if 6= 1, and P ?!
Two agents P and Q are weakly hypercongruent, written P + Q, i for any substitution
P 0 and bn( ) \ fn(Q) = ; implies Q =) Q0 and P 0 Q0
P ?!
+
(where is a substitutive eect of ) and vice versa.
Proposition 4 Weak hypercongruence is the largest congruence in weak hyperequivalence.
Proof: Very much as for the corresponding result in [Mil89], pages 153{154.
8
2
DRAFT of March 18, 1998, 15:59
T1
T2
T3a
T3b
Parrow & Victor: The Tau-Laws of Fusion
:1:P = :P
P + 1:P = 1:P
~ : Q if is a communication
: (P + M~ 1 : Q) = : (P + M~ 1 : Q) + M
' : (P + M~ : Q) = ' : (P + M~ : Q) + M~ (' ^ ) : Q
if 8x; y : M~ ) x 6= y implies :x'y
Table 5: Axioms for weak hypercongruence
4.2 Axiomatization
Table 5 contains the additional axioms for weak hypercongruence. Let W be the axioms
in the axioms in tables 2,3 and 5. We write `W P = Q if P and Q can be proven equal
from W .
Axioms T1 and T2 are direct counterparts of the familiar two rst \tau-laws" from
Milner. The third law, which in Milner reads : (P + : Q) = : (P + : Q) + : Q, needs
more care. Here, in T3a and T3b we need to distinguish between communication and
fusion actions, and in both these cases a sequence M~ appear. Note the condition in T3b
which forbids e.g. ' = fx = yg and M~ = [x 6= y]. Without this condition the law would
be invalid.
T3a generalizes to bound prexes. For any free or bound prex with bn( ) \ fn(M~ ) =
; we can use R2, RM1, DRM1 to derive the more general form of T3a where a bound
communication prex replaces .
Proposition 5 The axioms in Table 5 are sound for .
~ is true the so is
Proof: Directly from the denition of . For T3b, note that if M
~ ' because of the side condition.
M
2
The completeness proof stretches over several lemmas.
P 0 then P 0 P 0 .
Lemma 6 If P ?!
Proof: By alpha-conversion we can assume does not bind names in dom( ). By
induction over transitions it is easy to establish that fn(P 0) fn(P ) [ bn( ). So dom() \
fn(P 0) is empty and the result follows.
2
0
Lemma 7 Let P be in HNF on V , where fn(P ) V . If P ?! P then `W P =
~ : P 0 where M~ agrees with and is complete on V .
P + M
~ 0 : Q such that (N
~ 0 : Q) ?!
Proof: Since P is in HNF it has a summand N
P 0,
for N~ complete on V and agreeing with . So = 0 and P 0 = Q. So by DM3,
~ 0 : Q = N~ ( 0 : Q) N
~ : P 0. Now M~ and N~ are complete on V and agree with ,
`W N
~ : P 0 = M
~ : P 0. So by S4, `W P = P + M
~ : P:
2
so M~ , N~ . So by M1, `W N
Lemma 8 (Saturation lemma) Let P be in HNF on V , where fn(P ) V . If P =)
~ : P 0 where M~ agrees with and is complete on V .
P 0 then `W P = P + M
Proof: By induction on the depth of P . There are four cases for P =) P 0 , the rst
of which also covers the base of the induction.
+
+
+
+
9
DRAFT of March 18, 1998, 15:59
Parrow & Victor: The Tau-Laws of Fusion
Case 1 P ?!
P 0 . The result is immediate from Lemma 7.
Q and Q =1) P 0 , where is a communication ( a fusion is handled
Case 2 P ?!
+
by Case 4 below). Let M~ agree with and be complete on V . By Lemma 7 we
~ : Q. By alpha-conversion we can assume fn(M~ ) \ bn( ) = ;.
get `W P = P + M
By Lemma 6 Q Q. So Q =1) P 0. By induction then `W Q = Q + N~ 1 : P 0.
Since M~ and N~ are complete and agree with we have M~ , N~ . So by M1,
`W Q = Q + M~ 1 : P 0. In summary,
~ : (Q + M~ 1 : P 0)
`W P = P + M
()
T3a
~ : P 0)
= P + M~ ( : (Q + M~ 1 : P 0) + M
M3
~ : (Q + M~ 1 : P 0) + M~ M
~ :P0
= P + M
M1
~ : (Q + M~ 1 : P 0) + M
~ :P0
= P + M
~ :P0
= P + M
+
( )
as required.
1 Q and Q =)
Case 3 P ?!
P 0 , where is a communication ( a fusion is handled
by Case 4 below). Let M~ agree with and be complete on V . By Lemma 7 we
get `W P = P + M~ 1 : Q. By Lemma 6 Q Q. So Q =)+ P 0. By induction
~ : P 0. Since M~ and N~ are complete and agree with we have
then `W Q = Q + N
~ : P 0. In summary,
M~ , N~ . So by M1, `W Q = Q + M
+
`W P =
T2
=
S4
=
T2
=
M3
=
M1
=
=
~ : P 0)
P + M~ 1 : (Q + M
~ : P 0) + Q + M
~ : P 0)
P + M~ (1 : (Q + M
~ : P 0) + Q + M
~ : P 0 + M
~ : P 0)
P + M~ (1 : (Q + M
~ : P 0) + M
~ : P 0)
P + M~ (1 : (Q + M
~ : P 0) + M~ M
~ :P0
P + M~ 1 : (Q + M
~ : P 0) + M
~ :P0
P + M~ 1 : (Q + M
~ :P0
P + M
as required.
Case 4 P ?'! Q, and Q' =) P 0 where ' agrees with ', and is a fusion with
= ' ^ . Let M~ agree with and be complete on V . By Lemma 7 we get
~ : Q. By Lemma 6 Q Q. So Q' =) P 0. By induction then
`W P = P + M'
Q `W Q + N~ : P 0 where N~ agrees with ' and is complete on V . So,
~ : (Q + N~ : P 0)
`W P = P + M'
~ : (Q + N~ : P 0) + M~ (' ^ ) : P 0
= P + M'
= P + M~ (' ^ ) : P 0
+
+
( )
~ :P0
= P + M
10
DRAFT of March 18, 1998, 15:59
Parrow & Victor: The Tau-Laws of Fusion
as required, where there remains to prove (). Let [F ] be a sequence of matches
corresponding to the fusion ', i.e. [F ] ) x = y i x'y. Let M~ ? be formed from M~
by removing every mismatch [x 6= y] where x'y. It follows that M~ ? [F ] , N~ since
both are complete on V and agree with '. Now,
`W ' : (Q + N~ : P 0) M1
=
' : (Q + M~ ? [F ] : P 0 )
DF1;DM1
=
' : (Q + M~ ? : P 0 )
T3b
=
' : (Q + M~ ? : P 0 ) + M~ ? (' ^ ) : P 0
=
' : (Q + N~ : P 0 ) + M~ ? (' ^ ) : P 0
Note that the side condition in T3b is fullled by construction of M~ ? . Therefore,
~ : (Q + N~ : P 0) = M~ (' : (Q + N~ : P 0) + M~ ? (' ^ ) : P 0)
`W M'
M3
~ : (Q + N~ : P 0) + M~ M~ ? ' ^ ) : P 0
= M'
M1
~ : (Q + N~ : P 0) + M~ (' ^ ) : P 0
= M'
as required, where the last step follows since all matches/mismatches in M~ ? are also
in M~ .
This completes Case 4 and the proof of the lemma.
2
Denition 14 A HNF P on V is called a full HNF on V if it has all summands implied
by Lemma 8.
Proposition 9 For any HNF on V there is a provably equivalent full HNF on V .
Proof: Just apply Lemma 8 repeatedly. Eventually the HNF becomes a full HNF since
there are only a nite number of derivatives and a nite number of substitutions on V to
consider.
2
Lemma 10 P Q i (P Q or P 1 : Q or 1 : P Q).
Proof: Precisely as in [Mil89], Proposition 11 on page 156{157.
2
Theorem 11 (Completeness) P Q implies `W P = Q.
Proof: By induction on the sum of the depths of P and Q. We can assume that P and
Q are full HNFs on V , for fn(P ) [ fn(Q) V , by Proposition 9. The base case P Q 0
~ : P 0 be a summand of of P . By
is trivial. For the inductive step assume P Q. Let M
alpha-conversion we can assume that does not bind any name in M~ . We shall prove that
Q has a provably equivalent summand.
Let agree with M~ and be complete on V . Then
+
+
+
+
+
From P Q we get that
P ?! P 0 +
Q =)+ Q00
where P Q00 for a substitutive eect of . Since Q is a full HNF, Q must have
a summand
~ 0 : Q0
N
11
DRAFT of March 18, 1998, 15:59
Parrow & Victor: The Tau-Laws of Fusion
such that Q0 Q00 and 0 = and agrees with N~ and N~ is complete on V . So
M~ , N~ and P 0 Q0 . Therefore,
~ : P 0 DM3
`W M
= M~ ( : P 0)
= M~ ( : P 0)
DF1
= M~ ( : P 0 )
(where the last step is void if is a communication). We cannot immediately apply induction to P 0 since we only know P 0 Q0 , and not that they are hypercongruent.
So we use Lemma 10 to consider three cases.
Case 1 P 0 Q0 . Then by induction they are provably equal, so
`W M~ ( : P 0 ) = M~ ( : Q0 )
= M~ ( : Q0 )
= M~ ( 0 : Q0 )
M1
= N~ ( 0 : Q0 )
~ 0 : Q0
= N
+
Case 2 P 0 1 : Q0 . We can now apply induction because the sum of the depths
+
is one less than that for P and Q. So
`W M~ ( : P 0 ) = M~ ( : 1 : Q0 )
T1
= M~ ( : Q0 )
~ 0 : Q0
= N
where the last equality is similar to Case 1 above.
Case 3 1 : P 0 Q0 . This is symmetric to Case 2.
We have proved that each summand in P has a provably equal summand in Q. The
converse is symmetric. S1-S4 thus completes the induction and proof of the theorem,
giving us `W P = Q.
2
+
5 The subcalculus without mismatch
In this section we consider the calculus without Mismatch, and let M~ etc. range over
sequences of Match operators. From [PV97] we recall that by dropping axioms M4 and
M5, and promoting DM5 to an axiom, we get an axiomatization of hyperequivalence
without mismatch. Call the new set of axioms M.
Denition
P 15 An agent P is in mismatch-free head normal form (mHNF) if P is on the
form i2I M~ i(x~i )i : Pi , where
1. 8i : x~i \ fn(P ) = ;, and x~i obj(i)
12
DRAFT of March 18, 1998, 15:59
Parrow & Victor: The Tau-Laws of Fusion
2. if i 6= j then M~ i (x~i)i : Pi 6 M~ i (x~i )i : Pi + M~ j (x~j )j : Pj
As in the previous section we use the derived bound prex, so the terms in a mHNF are
~ :P.
on the form M
Lemma 12 [PV97] For all agents P there is an agent H such that d(H ) d(P ), H is in
mHNF, and `M P = H .
Theorem 13 [PV97] If P and Q contain no mismatch operators, then P Q i `M P = Q.
For the weak hypercongruence it turns out that simpler versions of T3a and T3b
suce: there is no longer a need for the match sequences to be part of the axioms. The
simpler versions are called Tm3a and Tm3b and are given in Table 6.
Tm3a
Tm3b
: (P + 1 : Q) = : (P + 1 : Q) + : Q
' : (P + : Q) = ' : (P + : Q) + (' ^ ) : Q
Table 6: T3-laws for the calculus without mismatch
Let MW be the axioms T1, T2, Tm3a and Tm3b plus the axioms in M. Then MW
is easily seen to be sound for . Note that in Tm3a can be a fusion (that would be
equivalent to Tm3b with = 1). Again the completeness proof stretches over several
lemmas.
~ : P 0 where M~ agrees with .
Lemma 14 If P ?!
P 0 then `MW P = P + M
Proof: By Lemma 12 we can assume that P is in mHNF. Suppose P ?!
P 0 . Let
~ 0 : Q0 such that M~ ) N~ , this means that
M~ agree with . Then P has a summand N
M~ , L~ N~ for some L~ , and further 0 = and Q0 P 0 . So we have:
+
`MW P S4
=
~ 0 : Q0
P + N
DM5
~ 0 : Q0 + L~ N
~ 0 : Q0
= P + N
M1
~ 0 : Q0 + M
~ 0 : Q0
= P + N
S4
~ 0 : Q0
= P + M
DM3
~ 0 : Q0 = P + M
~ :P0
= P + M
2
The proof of the saturation lemma (Lemma 8) does not carry over immediately since
it relies on complete match sequences. Without mismatches we instead prove it as follows.
~ : P 0 where M~
Lemma 15 (Saturation lemma) If P =) P 0 then `MW P = P + M
agrees with .
Proof: By induction on the depth of P . There are four cases for P =) P 0 , the rst
of which also covers the base of the induction.
Case 1 P ?!
P 0 . The result is immediate from Lemma 14.
+
+
13
DRAFT of March 18, 1998, 15:59
Parrow & Victor: The Tau-Laws of Fusion
Case 2 P ?!
Q and Q =1)
P 0 , where is a communication ( a fusion is handled by
~ : Q.
Case 4 below). Let M~ agree with . By Lemma 14 we get that `MW P = P + M
By induction and DM1, `MW Q = Q + 1 : P 0. So,
+
`MW P
=
Tm3a
=
M3
=
=
~ : (Q + 1 : P 0)
P + M
P + M~ ( : (Q + 1 : P 0 ) + : P 0 )
~ : (Q + 1 : P 0) + M
~ :P0
P + M
~ :P0
P + M
1 Q and Q =) P 0 , where is a communication ( a fusion is handled by
Case 3 P ?!
Case 4 below). Let M~ agree with . By Lemma 14 we get that `MW P = P + M~ 1 : Q.
By induction, `MW Q = Q + : P 0. So,
`MW P = P + M~ 1 : (Q + : P 0)
T2
= P + M~ (1 : (Q + : P 0) + Q + : P 0)
S4;T2
= P + M~ (1 : (Q + : P 0) + : P 0)
M3
~ : P 0)
= P + M~ 1 : (Q + : P 0) + M
+
~ :P0
P + M
=
Case 4 P ?'! Q, and Q' =) P 0 where ' agrees with ', and is a fusion with
= ' ^ . Let M~ agree with . By Lemma 14 we get
~ : Q DF1
~ : Q'
`MW P = P + M'
= P + M'
Induction gives `MW Q' = Q' + : P 0. So,
~ : (Q' + : P 0)
`MW P = P + M'
Tm3b
= P + M~ (' : (Q' + : P 0) + (' ^ ) : P 0)
M3
~ : (Q' + : P 0) + M~ (' ^ ) : P 0
= P + M'
= P + M~ (' ^ ) : P 0
+
~ :P0
P + M
=
This completes the proof of the lemma.
2
For the completeness proof we need a variant of mHNF which uses weak hypercongruence:
Denition 16
An agent P is in mismatch-free weak head normal form (mwHNF) if P is
P
on the form i2I M~ i (x~i)i : Pi , where
1. 8i : x~i \ fn(P ) = ;, and x~i obj(i)
2. if i 6= j then M~ i (x~i)i : Pi 6 M~ i (x~i)i : Pi + M~ j (x~j )j : Pj
+
14
DRAFT of March 18, 1998, 15:59
Parrow & Victor: The Tau-Laws of Fusion
~ :P.
Again we use the derived bound prexes, so the terms in a mwHNF are on the form M
Denition 17 A substitution satises a match/mismatch sequence M , written j= M ,
if for all x; y, M ) x = y implies (x) = (y) and M ) x 6= y implies (x) 6= (y).
Denition 18 A full mwHNF is a mwHNF with the property that if P =) P 0 then P
~ 0 : Q0 such that j= M~ , 0 = and Q0 P 0 .
has a summand M
The following lemma and theorem are proved by a simultaneous induction on depth:
Lemma 16 For all agents P there is an agent H such that d(H ) d(P ), H is in full
mwHNF, and `MW P = H .
Theorem 17 P Q i `MW P = Q.
Soundness is easily established, and we turn to completeness. We here only outline how
the proof diers from previous completeness proofs. It uses induction on the depth of the
agents involved. Lemma 16 uses Theorem 17 for agents of strictly smaller depth than the
agents in the lemma. Theorem 17 uses Lemma 16 for agents of equal or smaller depth than
the agents in the theorem.
For Lemma 16 rst apply Lemma 15 repeatedly to P ; there are only a nite number of
substitutions that matter (those aecting fn(P )) and a nite number of derivatives. The
resulting agent P 0 has all terms implied by Lemma 15. But it may not be in full mwHNF
because of condition 2 in the denition of mwHNF. Let Q and R be two summands in P 0
such that Q Q + R. We can then prove `MW Q = Q + R much as in the proof of
Lemma 17 in [PV97]. Thus we can repeatedly remove such summands R from P 0 until we
gain a mwHNF. Obviously removing summands in that way will preserve the condition in
the denition of a full mHNF.
Also the proof of Theorem 17 follows the proof of Theorem 18 in [PV97] closely. The
dierences here (and also in the proof that `MW Q = Q + R mentioned above) are the
following. Obviously replaces , and therefore simulating transitions are =) , but
by saturation we obtain that there are simulating transitions ?!
. Resulting derivatives
are related by (rather than ) and we then use Lemma 10 to consider three cases.
Any actions 1 introduced by that lemma will disappear by T1, just as in the proof of
Theorem 3.
+
+
+
+
+
+
6 A more traditional T3
The law T3b (and similarly Tm3b) captures the circumstance when two fusions can be
simulated by one. In the same way, in CCS and in the -calculus, the tau-laws say when
two actions can be simulated by one. In those calculi one of the actions has to be the
unobservable action . It is therefore natural to ask what the eect would be if T3b were
restricted to the case = 1. Call this restricted form T3b0:
~ : Q if 8x; y : M~ ) x 6= y implies :x ' y
T3b0 ' : (P +M~ 1 : Q) = ' : (P +M~ 1 : Q)+M'
15
DRAFT of March 18, 1998, 15:59
Parrow & Victor: The Tau-Laws of Fusion
This is structurally more similar to T3a. In fact, by dening \x y" to never hold when
is a communication, T3a and T3b0 can now easily be formulated as one law:
~ : Q if 8x; y : M~ ) x 6= y implies :x y
T30 : (P + M~ 1 : Q) = : (P + M~ 1 : Q)+ M
Given the tau-laws of CCS and the -calculus, the laws T1, T2 and T30 might be thought
of as the \traditional" laws of the fusion calculus. Let W 0 consist of these axioms plus
the axioms for hypercongruence in tables 2 and 3. We will here characterize the equivalence generated by W 0 coinductively, and demonstrate that it is strictly ner than weak
hypercongruence.
For the purpose of this section, make the following changes in the previous denitions:
In Denition 11, redene the weak transition =) by the following:
1
i
P =) Q means that for some n 0, P ?!
?! Q and = i for some
and j = 1 for all j 6= i. We allow n = 0 and = 1, in other words P =1) P
holds for all P .
Note that the special case when is a fusion has disappeared. This has consequences
for the denitions of weak hyperequivalence and weak hypercongruence, which with the
amended denition are denoted 0 and 0 . That these are smaller than and can be
seen with a simple instance of T3b:
' : : P 60 ' : : P + (' ^ ) : P
'^
since RHS ==
) P can no longer be simulated by LHS. However, fusions still exhibit some
absorptions that communications do not. For example,
n
+
+
' : ' : P 0 ' : P
holds by DF2 and T1.
Theorem 18 P 0
+
Q i `W P = Q.
0
Proof: Soundness is easily established. For completeness we only indicate where the
proofs of Theorem 11 and its supporting lemmas change. The only signicant change is in
the proof of Lemma 8. Here Case 4 disappears because of the amended denition of =).
On the other hand Case 2 and 3 must now also consider the case that is a fusion. For
Case 3 this represents no problem, the demonstrated derivation works also for a fusion.
For Case 2, if is a fusion we need to apply T3b0. This is proved exactly as in Case 4 with
the additional requirement that = 1 (since T3b0 is just the special case of T3b where
= 1). The rest of the completeness proof is unchanged.
2
In the subcalculus without mismatch a similar eect is obtained by requiring = 1
in Tm3b. Since Tm3a admits to be a fusion this means that Tm3b can be dropped
altogether. Let MW 0 be the axioms of M plus T1, T2 and Tm3b. Note that these three
laws correspond exactly to the three tau-laws of CCS!
Theorem 19 In the subcalculus without mismatch, P 0 Q i `MW P = Q.
Proof: The proof is completely analogous to the proof of Theorem 18. Only Lemma 15
changes in that in case 4, = 1 is now sucient. So Tm3a suces for this case. Cases 2
and 3 need to be strengthened to consider that is a fusion, but that is trivial.
2
+
16
0
DRAFT of March 18, 1998, 15:59
Parrow & Victor: The Tau-Laws of Fusion
with mismatch S
no mismatch
M3
M4
R
M1,M2 DM5
RM
F
E
T3a
(T3b')
T1
T2
Tm3a
strong
traditional weak
Tm3b
T3b
weak
Figure 1: Overview of the axiom systems.
7 Conclusion
We have given complete axiomatizations of weak hypercongruence in the fusion calculus,
both with and without mismatch. An overview is shown in Figure 1.
There are several obvious avenues of further work. The axiomatization can presumably
be extended to cover the nite-control fragment of the fusion calculus, following ideas
from Lin [Lin95b]. A variant for weak open equivalence in the -calculus is also probably
straightforward by extending Victor's proofs for strong open equivalence in [Vic98].
Proving the axioms independent is probably less straightforward. Indeed, formal independence proofs have attracted very little attention so far. For example, we are not aware
of a formal proof that the three tau-laws of CCS are independent (though such a proof is
probably not very hard). Of the laws presented in this paper we conjecture that T3a, with
its sequences of matches and mismatches, cannot be derived from Tm3a (without these
sequences) and the other laws. On the other hand it is not dicult to show that a version
of T3a with only mismatches is sucient.
There is a wide spectrum of behavioural equivalences which do not discriminate on
the basis of internal actions, for an overview see e.g. [Gla93]. It is not at this point clear
how interesting they are for the fusion calculus and its applications, though our work on
concurrent constraints in the fusion calculus [VP98] indicates that relevant equivalences
should in some ways respect divergence.
17
DRAFT of March 18, 1998, 15:59
Parrow & Victor: The Tau-Laws of Fusion
References
[Gla93]
R. v. Glabbeek. The linear time { branching time spectrum II; the semantics of sequential
systems with silent moves (extended abstract). In E. Best, ed, Proceedings of CONCUR'93,
volume 715 of LNCS, pages 66{81. Springer, 1993.
[HM85] M. Hennessy and R. Milner. Algebraic laws for nondeterminism and concurrency. Journal of
the ACM, 32(1):137{161, 1985.
[Lin95a] H. Lin. Complete inference systems for weak bisimulation equivalences in the -calculus. In
P. D. Mosses, M. Nielsen and M. I. Schwarzbach, eds, Proceedings of TAPSOFT '95, volume
915 of LNCS, pages 187{201. Springer, 1995. Presented in the CAAP-section. Available as
Technical Report ISCAS-LCS-94-11, Institute of Software, Chinese Academy of Sciences, 1994.
[Lin95b] H. Lin. Unique xpoint induction for mobile processes. In I. Lee and S. A. Smolka, eds,
Proceedings of CONCUR '95, volume 962 of LNCS, pages 88{102. Springer, 1995.
[Mil80] R. Milner. A Calculus of Communicating Systems, volume 92 of LNCS. Springer, 1980.
[Mil89] R. Milner. Communication and Concurrency. Prentice-Hall, 1989.
[MPW92] R. Milner, J. Parrow and D. Walker. A calculus of mobile processes, Parts I and II. Journal of
Information and Computation, 100:1{77, Sept. 1992.
[PS95] J. Parrow and D. Sangiorgi. Algebraic theories for name-passing calculi. Journal of Information
and Computation, 120(2):174{197, 1995.
[PV97] J. Parrow and B. Victor. The fusion calculus: Expressiveness and symmetry in mobile processes.
Technical Report 97/96, Department of Computer Systems, Uppsala University, Sweden, Dec.
1997. Extended abstract accepted for publication in the Proc. of LICS'98. Available from
http://www.docs.uu.se/~victor/tr/fusion.html.
[Vic98] B. Victor. Symbolic characterizations and algorithms for hyperequivalence and open bisimulation. Submitted for publication. Available from http://www.docs.uu.se/~victor/tr/
symhyper.html, Mar. 1998.
[VP98] B. Victor and J. Parrow. Concurrent constraints in the fusion calculus. Accepted for publication
in the Proc. of ICALP'98. Available from http://www.docs.uu.se/~victor/tr/ccfc.html,
Jan. 1998.
18