SLIDE 1
Concurrent Kleene Algebra: Free Model and Completeness
Tobias Kapp´ e Paul Brunet Alexandra Silva Fabio Zanasi
University College London
ESOP 2018
Introduction
Let’s write a program that outputs n > 0 space-separated ’s.
- T. Kapp´
Concurrent Kleene Algebra: Free Model and Completeness Tobias Kapp - - PowerPoint PPT Presentation
Concurrent Kleene Algebra: Free Model and Completeness Tobias Kapp - - PowerPoint PPT Presentation
Concurrent Kleene Algebra: Free Model and Completeness Tobias Kapp e Paul Brunet Alexandra Silva Fabio Zanasi University College London ESOP 2018 Introduction Lets write a program that outputs n > 0 space-separated s. T.
SLIDE 2
SLIDE 3
Introduction
Let’s write a program that outputs n > 0 space-separated ’s. i := 1 while i < n do print print i := i + 1 end print
- T. Kapp´
SLIDE 4
Introduction
Let’s write a program that outputs n > 0 space-separated ’s. i := 1 while i < n do print print i := i + 1 end print i := 1 print while i < n do print print i := i + 1 end
- T. Kapp´
SLIDE 5
Introduction
Let’s write a program that outputs n > 0 space-separated ’s. i := 1 while i < n do print print i := i + 1 end print i := 1 print while i < n do print print i := i + 1 end Are these programs equivalent?
- T. Kapp´
SLIDE 6
Introduction
Programs are expressions
- T. Kapp´
SLIDE 7
Introduction
Programs are expressions, thus we should be able to reason equationally.
- T. Kapp´
SLIDE 8
Introduction
Programs are expressions, thus we should be able to reason equationally. Kleene Algebra (KA) provides an algebraic framework to do this.
- T. Kapp´
SLIDE 9
Introduction
program expression atomic action a, b, . . . ∈ Σ
- T. Kapp´
SLIDE 10
Introduction
program expression atomic action a, b, . . . ∈ Σ abort execution
- T. Kapp´
SLIDE 11
Introduction
program expression atomic action a, b, . . . ∈ Σ abort execution no-operation 1
- T. Kapp´
SLIDE 12
Introduction
program expression atomic action a, b, . . . ∈ Σ abort execution no-operation 1 nondeterministic choice e + f
- T. Kapp´
SLIDE 13
Introduction
program expression atomic action a, b, . . . ∈ Σ abort execution no-operation 1 nondeterministic choice e + f sequential composition e · f
- T. Kapp´
SLIDE 14
Introduction
program expression atomic action a, b, . . . ∈ Σ abort execution no-operation 1 nondeterministic choice e + f sequential composition e · f repetition e∗
- T. Kapp´
SLIDE 15
Introduction
i := 1 while i < n do print print i := i + 1 end print i := 1 print while i < n do print print i := i + 1 end
- T. Kapp´
SLIDE 16
Introduction
i := 1 while i < n do print print i := i + 1 end print i := 1 print while i < n do print print i := i + 1 end
( · )∗ ·
- T. Kapp´
SLIDE 17
Introduction
i := 1 while i < n do print print i := i + 1 end print i := 1 print while i < n do print print i := i + 1 end
( · )∗ · · ( · )∗
- T. Kapp´
SLIDE 18
Introduction
Axioms of KA: e + 0 ≡ e e + e ≡ e e + f ≡ f + e e + (f + g) ≡ (e + f) + g e · 0 ≡ 0 ≡ 0 · e e · 1 ≡ e ≡ 1 · e e · (f · g) ≡ (e · f) · g e · (f + g) ≡ e · f + e · g
(e + f) · g ≡ e · g + f · g
1 + e · e∗ ≡ e∗ e · f + g ≦ f =
⇒ e∗ · g ≦ f
- T. Kapp´
SLIDE 19
Introduction
Axioms of KA: e + 0 ≡ e e + e ≡ e e + f ≡ f + e e + (f + g) ≡ (e + f) + g e · 0 ≡ 0 ≡ 0 · e e · 1 ≡ e ≡ 1 · e e · (f · g) ≡ (e · f) · g e · (f + g) ≡ e · f + e · g
(e + f) · g ≡ e · g + f · g
1 + e · e∗ ≡ e∗ e · f + g ≦ f =
⇒ e∗ · g ≦ f
- T. Kapp´
SLIDE 20
Introduction
· ( · )∗ ≡ ( · )∗ ·
- T. Kapp´
SLIDE 21
Introduction
Theorem (Kozen 1990)
The axioms for KA are sound & complete for equivalence: e ≡ f ⇐
⇒ L(e) = L(f)
L(e) is the regular language interpretation of e.
- T. Kapp´
SLIDE 22
Introduction
Theorem (Kozen 1990)
The axioms for KA are sound & complete for equivalence: e ≡ f ⇐
⇒ L(e) = L(f)
L(e) is the regular language interpretation of e.
Upshot: to check KA equivalence is to check regular language equivalence through Kleene’s theorem, this means checking DFA equivalence sophisticated (near-linear) algorithms exist to do this
- T. Kapp´
SLIDE 23
Adding concurrency
Which new axioms do we need for parallel composition?
- T. Kapp´
SLIDE 24
Adding concurrency
Which new axioms do we need for parallel composition? e f ≡ f e
- T. Kapp´
SLIDE 25
Adding concurrency
Which new axioms do we need for parallel composition? e f ≡ f e e (f g) ≡ (e f) g
- T. Kapp´
SLIDE 26
Adding concurrency
Which new axioms do we need for parallel composition? e f ≡ f e e (f g) ≡ (e f) g e 1 ≡ e
- T. Kapp´
SLIDE 27
Adding concurrency
Which new axioms do we need for parallel composition? e f ≡ f e e (f g) ≡ (e f) g e 1 ≡ e e 0 ≡ 0
- T. Kapp´
SLIDE 28
Adding concurrency
Which new axioms do we need for parallel composition? e f ≡ f e e (f g) ≡ (e f) g e 1 ≡ e e 0 ≡ 0 e (f + g) ≡ e f + e g
- T. Kapp´
SLIDE 29
Adding concurrency
g h e f time Thread #2 Thread #1
- T. Kapp´
SLIDE 30
Adding concurrency
g h e f time Thread #2 Thread #1
- T. Kapp´
SLIDE 31
Adding concurrency
g h e f time Thread #2 Thread #1
- T. Kapp´
SLIDE 32
Adding concurrency
g h e f time Thread #2 Thread #1
- T. Kapp´
SLIDE 33
Adding concurrency
g h e f time Thread #2 Thread #1 Equationally: (e g) · (f h) ≦ (e · f) (g · h).
- T. Kapp´
SLIDE 34
Adding concurrency
g h e f time Thread #2 Thread #1 Equationally: (e g) · (f h) ≦ p ≦ q ⇐
⇒ p + q ≡ q (e · f) (g · h).
- T. Kapp´
SLIDE 35
Adding concurrency
g h e f time Thread #2 Thread #1 Equationally: (e g) · (f h) ≦ (e · f) (g · h). Nondeterministic interleaving as special case: e · f + f · e ≦ e f.
- T. Kapp´
SLIDE 36
Adding concurrency
Question
Can we have a regular interpretation − such that e ≡ f ⇐
⇒ e = f?
- T. Kapp´
SLIDE 37
Adding concurrency
Question
Can we have a regular interpretation − such that e ≡ f ⇐
⇒ e = f?
NB: − should generalize L(−): for -less terms, L(e) should resemble e.
- T. Kapp´
SLIDE 38
Regular interpretation: first attempt
Partially ordered multiset (pomset): a · b ∼
= a
b
- T. Kapp´
SLIDE 39
Regular interpretation: first attempt
Partially ordered multiset (pomset): a · b ∼
= a
b a b
∼ =
b a
- T. Kapp´
SLIDE 40
Regular interpretation: first attempt
Partially ordered multiset (pomset): a · b ∼
= a
b c · (a b)
∼ =
b a c
- T. Kapp´
SLIDE 41
Regular interpretation: first attempt
Partially ordered multiset (pomset): a · b ∼
= a
b c · (a b) · d ∼
=
b a c d
- T. Kapp´
SLIDE 42
Regular interpretation: first attempt
Partially ordered multiset (pomset): a · b ∼
= a
b c · (a b) · d ∼
=
b a c d Composition lifts to sets of pomsets in the obvious way.
- T. Kapp´
SLIDE 43
Regular interpretation: first attempt
Straightforward semantics: − : T → 2Pomsets given by
0 = ∅ e + f = e ∪ f e∗ = e ∗ 1 = {1} e · f = e · f a = {a} e f = e f
- T. Kapp´
SLIDE 44
Regular interpretation: first attempt
Straightforward semantics: − : T → 2Pomsets given by
0 = ∅ e + f = e ∪ f e∗ = e ∗ 1 = {1} e · f = e · f a = {a} e f = e f
Problem: − is not sound for the exchange law.
- T. Kapp´
SLIDE 45
Regular interpretation: first attempt
Straightforward semantics: − : T → 2Pomsets given by
0 = ∅ e + f = e ∪ f e∗ = e ∗ 1 = {1} e · f = e · f a = {a} e f = e f
Problem: − is not sound for the exchange law. For instance: a · b ≦ a b should imply that a · b ⊆ a b , but
a · b =
- a
b
- a b =
- a
b
- T. Kapp´
SLIDE 46
Regular interpretation: first attempt
Axioms to build ≈ are axioms for ≡, minus exchange law.
- T. Kapp´
SLIDE 47
Regular interpretation: first attempt
Axioms to build ≈ are axioms for ≡, minus exchange law.
Theorem (Laurence and Struth 2014)
The axioms for ≈ are sound & complete w.r.t. − : e ≈ f ⇐
⇒ e = f
- T. Kapp´
SLIDE 48
Regular interpretation: second attempt
We define the subsumption order ⊑ on pomsets. Intuition: U ⊑ V if
i
U and V have the same events, and
ii U has all order in V (and possibly more)
- T. Kapp´
SLIDE 49
Regular interpretation: second attempt
We define the subsumption order ⊑ on pomsets. Intuition: U ⊑ V if
i
U and V have the same events, and
ii U has all order in V (and possibly more)
For example: a b ⊑ a b
- T. Kapp´
SLIDE 50
Regular interpretation: second attempt
We define the subsumption order ⊑ on pomsets. Intuition: U ⊑ V if
i
U and V have the same events, and
ii U has all order in V (and possibly more)
For example: a b c d
⊑
a b c d
- T. Kapp´
SLIDE 51
Regular interpretation: second attempt
“Fixed” semantics: e = e ↓ downward closure w.r.t. ⊑ .
- T. Kapp´
SLIDE 52
Regular interpretation: second attempt
“Fixed” semantics: e = e ↓. Previous problem no longer occurs:
a · b =
- a
b
- ⊆
- a
b , a b , a b
- = a b
- T. Kapp´
SLIDE 53
Regular interpretation: second attempt
“Fixed” semantics: e = e ↓. Previous problem no longer occurs:
a · b =
- a
b
- ⊆
- a
b , a b , a b
- = a b
Lemma (Hoare et al. 2009)
The axioms for ≡ are sound w.r.t. −, i.e., e ≡ f implies e = f.
- T. Kapp´
SLIDE 54
Closure
Definition
Let e ∈ T; a closure of e is a term e↓ such that
1 e↓ ≡ e 2 e = e↓
- T. Kapp´
SLIDE 55
Closure
Definition
Let e ∈ T; a closure of e is a term e↓ such that
1 e↓ ≡ e 2 e = e↓
Lemma (Laurence and Struth 2017)
If closures exist for all terms, then ≡ is complete w.r.t. −, i.e., e = f implies e ≡ f.
- T. Kapp´
SLIDE 56
Closure
Definition
Let e ∈ T; a closure of e is a term e↓ such that
1 e↓ ≡ e 2 e = e↓
Lemma (Laurence and Struth 2017)
If closures exist for all terms, then ≡ is complete w.r.t. −, i.e., e = f implies e ≡ f.
Proof.
If e = f,
- T. Kapp´
SLIDE 57
Closure
Definition
Let e ∈ T; a closure of e is a term e↓ such that
1 e↓ ≡ e 2 e = e↓
Lemma (Laurence and Struth 2017)
If closures exist for all terms, then ≡ is complete w.r.t. −, i.e., e = f implies e ≡ f.
Proof.
If e = f, then e↓ = f↓ ,
- T. Kapp´
SLIDE 58
Closure
Definition
Let e ∈ T; a closure of e is a term e↓ such that
1 e↓ ≡ e 2 e = e↓
Lemma (Laurence and Struth 2017)
If closures exist for all terms, then ≡ is complete w.r.t. −, i.e., e = f implies e ≡ f.
Proof.
If e = f, then e↓ = f↓ , thus e↓ ≈ f↓.
- T. Kapp´
SLIDE 59
Closure
Definition
Let e ∈ T; a closure of e is a term e↓ such that
1 e↓ ≡ e 2 e = e↓
Lemma (Laurence and Struth 2017)
If closures exist for all terms, then ≡ is complete w.r.t. −, i.e., e = f implies e ≡ f.
Proof.
If e = f, then e↓ = f↓ , thus e↓ ≈ f↓. Therefore, e↓ ≡ f↓ .
- T. Kapp´
SLIDE 60
Closure
Definition
Let e ∈ T; a closure of e is a term e↓ such that
1 e↓ ≡ e 2 e = e↓
Lemma (Laurence and Struth 2017)
If closures exist for all terms, then ≡ is complete w.r.t. −, i.e., e = f implies e ≡ f.
Proof.
If e = f, then e↓ = f↓ , thus e↓ ≈ f↓. Therefore, e ≡ e↓ ≡ f↓ ≡ f.
- T. Kapp´
SLIDE 61
Main contribution
Theorem
If e ∈ T, then we can compute a term e↓ that is a closure of e.
- T. Kapp´
SLIDE 62
Main contribution
Theorem
If e ∈ T, then we can compute a term e↓ that is a closure of e.
Corollary
The axioms for CKA are sound & complete w.r.t. −: e ≡ f ⇐
⇒ e = f
- T. Kapp´
SLIDE 63
Main contribution
Theorem
If e ∈ T, then we can compute a term e↓ that is a closure of e.
Corollary
The axioms for CKA are sound & complete w.r.t. −: e ≡ f ⇐
⇒ e = f
The latter can be decided; c.f. [Brunet, Pous, and Struth 2017].
- T. Kapp´
SLIDE 64
Further work
Explore coalgebraic perspective:
Efficient equivalence checking through bisimulation? Can completeness be shown coalgebraically?
Add “parallel star” operator — closure method does not apply. Extend Kleene Algebra with Tests (KAT) to add concurrency. Extend extend NetKAT with concurrency.
- T. Kapp´
SLIDE 65
Thank you for your attention
CoNeCo
Implementation: https://doi.org/10.5281/zenodo.926651. Extended paper: https://arxiv.org/abs/1710.02787.