Results 1  10
of
49
The Linear TimeBranching Time Spectrum II  The semantics of sequential systems with silent moves
, 1993
"... ion Rule (KFAR) (Baeten, Bergstra & Klop [3]), expresses a global fairness assumption. It says that when possible a system will escape from any cycle of internal actions. Some form of KFAR is crucial for many protocal verifications with unreliable channels, and for that reason preorders and equivale ..."
Abstract

Cited by 290 (17 self)
 Add to MetaCart
ion Rule (KFAR) (Baeten, Bergstra & Klop [3]), expresses a global fairness assumption. It says that when possible a system will escape from any cycle of internal actions. Some form of KFAR is crucial for many protocal verifications with unreliable channels, and for that reason preorders and equivalences that satisfy KFAR are of special interest. Must preorders and divergence sensitive ones cannot satisfy KFAR. In Bergstra, Klop & Olderog [7] it is shown that the combination of KFAR with failure semantics is inconsistent, but they formulate a weaker version of KFAR that is satisfied in failure maysemantics. Still the combination of KFAR \Gamma and the liveness requirement appears to require global testing, and is only satisfied in the semantics between contrasimulation (C) and stability respecting branching bisimulation (BB s ). These requirements would reduce the number of suitable preorders to 18. It is in general a good strategy to do your verifications using the finest preorde...
Branching Time and Abstraction in Bisimulation Semantics
 Journal of the ACM
, 1996
"... Abstract. In comparative concurrency semantics, one usually distinguishes between linear time and branching time semantic equivalences. Milner’s notion of ohsen~ation equirlalence is often mentioned as the standard example of a branching time equivalence. In this paper we investigate whether observa ..."
Abstract

Cited by 249 (14 self)
 Add to MetaCart
Abstract. In comparative concurrency semantics, one usually distinguishes between linear time and branching time semantic equivalences. Milner’s notion of ohsen~ation equirlalence is often mentioned as the standard example of a branching time equivalence. In this paper we investigate whether observation equivalence really does respect the branching structure of processes, and find that in the presence of the unobservable action 7 of CCS this is not the case. Therefore, the notion of branching hisimulation equivalence is introduced which strongly preserves the branching structure of processes, in the sense that it preserves computations together with the potentials in all intermediate states that are passed through, even if silent moves are involved. On closed KSterms branching bisimulation congruence can be completely axiomatized by the single axiom scheme: a.(7.(y + z) + y) = a.(y + z) (where a ranges over all actions) and the usual laws for strong congruence. WC also establish that for sequential processes observation equivalence is not preserved under refinement of actions, whereas branching bisimulation is. For a large class of processes, it turns out that branching bisimulation and observation equivalence are the same. As far as we know, all protocols that have been verified in the setting of observation equivalence happen to fit in this class, and hence are also valid in the stronger setting of branching hisimulation equivalence.
Regular Types for Active Objects
, 1993
"... Previous work on typetheoretic foundations for objectoriented programming languages has mostly focused on applying or extending functional type theory to functional "objects." This approach, while benefiting from a vast body of existing literature, has the disadvantage of dealing with state change ..."
Abstract

Cited by 186 (5 self)
 Add to MetaCart
Previous work on typetheoretic foundations for objectoriented programming languages has mostly focused on applying or extending functional type theory to functional "objects." This approach, while benefiting from a vast body of existing literature, has the disadvantage of dealing with state change either in a roundabout way or not at all, and completely sidestepping issues of concurrency. In particular, dynamic issues of nonuniform service availability and conformance to protocols are not addressed by functional types. We propose a new type framework that characterizes objects as regular (finite state) processes that provide guarantees of service along public channels. We also propose a new notion of subtyping for active objects, based on Brinksma's notion of extension, that extends Wegner and Zdonik's "principle of substitutability" to nonuniform service availability. Finally, we formalize what it means to "satisfy a client's expectations," and we show how regular types canbe used...
The πcalculus as a theory in linear logic: Preliminary results
 3rd Workshop on Extensions to Logic Programming, LNCS 660
, 1993
"... The agent expressions of the πcalculus can be translated into a theory of linear logic in such a way that the reflective and transitive closure of πcalculus (unlabeled) reduction is identified with “entailedby”. Under this translation, parallel composition is mapped to the multiplicative disjunct ..."
Abstract

Cited by 101 (17 self)
 Add to MetaCart
The agent expressions of the πcalculus can be translated into a theory of linear logic in such a way that the reflective and transitive closure of πcalculus (unlabeled) reduction is identified with “entailedby”. Under this translation, parallel composition is mapped to the multiplicative disjunct (“par”) and restriction is mapped to universal quantification. Prefixing, nondeterministic choice (+), replication (!), and the match guard are all represented using nonlogical constants, which are specified using a simple form of axiom, called here a process clause. These process clauses resemble Horn clauses except that they may have multiple conclusions; that is, their heads may be the par of atomic formulas. Such multiple conclusion clauses are used to axiomatize communications among agents. Given this translation, it is nature to ask to what extent proof theory can be used to understand the metatheory of the πcalculus. We present some preliminary results along this line for π0, the “propositional ” fragment of the πcalculus, which lacks restriction and value passing (π0 is a subset of CCS). Using ideas from prooftheory, we introduce coagents and show that they can specify some testing equivalences for π0. If negationasfailuretoprove is permitted as a coagent combinator, then testing equivalence based on coagents yields observational equivalence for π0. This latter result follows from observing that coagents directly represent formulas in the HennessyMilner modal logic. 1
On Asynchronous Communication Semantics
, 1992
"... This paper presents some results concerning equational theories for an elementary calculus based on a fragment of Milner's ßcalculus. The system is interesting because it realises asynchronous message passing not by extending but reducing the original fragment, while preserving the computational po ..."
Abstract

Cited by 67 (3 self)
 Add to MetaCart
This paper presents some results concerning equational theories for an elementary calculus based on a fragment of Milner's ßcalculus. The system is interesting because it realises asynchronous message passing not by extending but reducing the original fragment, while preserving the computational power. The bisimulation based on a novel asynchronous transition system is introduced and studied. Presented results include congruence of the bisimilarity for the calculus, its relationship with two other asynchronous theories based on traces and failures, strict inclusion of its synchronous counterpart in the asynchronous theory, and the method called the I completion that transforms two asynchronously bisimilar terms into synchronously bisimilar ones. 1 Introduction This paper presents some results concerning equational theories for an elementary calculus based on a fragment of Milner's ßcalculus [22]. The calculus, which first appeared in its present form in [12], expresses asynchronous...
Probabilistic Extensions of Process Algebras
 Handbook of Process Algebra
, 2001
"... INTRODUCTION Classic process, algebras such as CCS, CSP and ACP, are wellestablished techniques for modelling and reasoning about functional aspects of concurrent processes. The motivation for studying probabilistic extensions of process algebras is to develop techniques dealing with nonfunctiona ..."
Abstract

Cited by 67 (5 self)
 Add to MetaCart
INTRODUCTION Classic process, algebras such as CCS, CSP and ACP, are wellestablished techniques for modelling and reasoning about functional aspects of concurrent processes. The motivation for studying probabilistic extensions of process algebras is to develop techniques dealing with nonfunctional aspects of process behavior, such as performance and reliability. We may want to investigate, e.g., the average response time of a system, or the ? This chapter is dedicated to the fond memory of Linda Christoff. probability that a certain failure occurs. An analysis of these and similar properties requires that some form of information about the stochastic distribution over the occurrence of relevant events is put into the model. For instance, performance evaluation is often based on modeling a system as a continuoustime Markov process, in which distributions over delays between actions and over the choice between different actions are specified. Similar
A Calculus of Broadcasting Systems
 SCIENCE OF COMPUTER PROGRAMMING
, 1991
"... CBS is a simple and natural CCSlike calculus where processes speak one at a time and are heard instantaneously by all others. Speech is autonomous, contention between speakers being resolved nondeterministically, but hearing only happens when someone else speaks. Observationally meaningful laws dif ..."
Abstract

Cited by 61 (8 self)
 Add to MetaCart
CBS is a simple and natural CCSlike calculus where processes speak one at a time and are heard instantaneously by all others. Speech is autonomous, contention between speakers being resolved nondeterministically, but hearing only happens when someone else speaks. Observationally meaningful laws differ from those of CCS. The change from handshake communication in CCS to broadcast in CBS permits several advances. (1) Priority, which attaches only to autonomous actions, is simply added to CBS in contrast to CCS, where such actions are the result of communication. (2) A CBS simulator runs a process by returning a list of values it broadcasts. This permits a powerful combination, CBS with the host language. It yields several elegant algorithms. Only processes with a unique response to each input are needed in practice, so weak bisimulation is a congruence. (3) CBS subsystems are interfaced by translators; by mapping messages to silence, these can restrict hearing and hide speech. Reversi...
Fair testing
 Concur ’95: Concurrency Theory, volume 962 of Lecture Notes in Computer Science
, 1995
"... In this paper we present a solution to the longstanding problem of characterising the coarsest livenesspreserving precongruence with respect to a full (TCSPinspired) process algebra. In fact, we present two distinct characterisations, which give rise to the same relation: an operational one base ..."
Abstract

Cited by 58 (0 self)
 Add to MetaCart
In this paper we present a solution to the longstanding problem of characterising the coarsest livenesspreserving precongruence with respect to a full (TCSPinspired) process algebra. In fact, we present two distinct characterisations, which give rise to the same relation: an operational one based on a De NicolaHennessylike testing modality which we call shouldtesting, and a denotational one based on a refined notion of failures. One of the distinguishing characteristics of the shouldtesting precongruence is that it abstracts from divergences in the same way as Milner’s observation congruence, and as a consequence is strictly coarser than observation congruence. In other words, shouldtesting has a builtin fairness assumption. This is in itself a property long soughtafter; it is in notable contrast to the wellknown musttesting of De Nicola and Hennessy (denotationally characterised by a combination of failures and divergences), which treats divergence as catrastrophic and hence is incompatible with observation congruence. Due to these characteristics, shouldtesting supports modular reasoning and allows to use the proof techniques of observation congruence, but also supports additional laws and techniques.
TGV: theory, principles and algorithms
, 2002
"... This paper presents the TGV tool allowing the automatic synthesis of conformance test cases from a formal specification of a reactive system. TGV has been developped by Irisa Rennes and Verimag Grenoble, with the support of the Vasy team of Inria RhnesAlpes. The paper describes the main elements of ..."
Abstract

Cited by 45 (3 self)
 Add to MetaCart
This paper presents the TGV tool allowing the automatic synthesis of conformance test cases from a formal specification of a reactive system. TGV has been developped by Irisa Rennes and Verimag Grenoble, with the support of the Vasy team of Inria RhnesAlpes. The paper describes the main elements of the underlying testing theory, based on a model of transitions system which distinguishes inputs, outputs and internal actions, and based on the concept of conformance relation. The principles of the test synthesis process are explained as well as the main algorithms. We then describe the main characteristics of the TGV tool. As a conclusion, we describe some on going works in test synthesis.