The phenomena of branching time and true or noninterleaving concurrency find their respective homes in automata and schedules. But these two models of computation are formally equivalent via Birkhoff duality, an equivalence we expound on here in tutorial detail. So why should these phenomena prefer one home over the other? We identify dimension as the culprit: 1dimensional automata are skeletons permitting only interleaving concurrency, whereas true n-fold concurrency resides in transitions of dimension n. The truly concurrent automaton dual to a schedule is not a skeletal distributive lattice but a solid one. We introduce true nondeterminism and define it as monoidal homotopy; from this perspective nondeterminism in ordinary automata arises from forking and joining creating nontrivial homotopy. The automaton dual to a poset schedule is simply connected whereas that dual to an event structure schedule need not be, according to monoidal homotopy though not to group homotopy. We conclude...

. We proposed a syntactical format, the path format, for structured operational semantics in which predicates may occur. We proved that strong bisimulation is a congruence for all the operators that can be defined within the path format. To show that this format is useful we provided many examples that we took from the literature about CCS, CSP, and ACP; they do satisfy the path format but no formats proposed by others. The examples include concepts like termination, convergence, divergence, weak bisimulation, a zero object, side conditions, functions, real time, discrete time, sequencing, negative premises, negative conclusions, and priorities (or a combination of these notions). Key Words & Phrases: structured operational semantics, term deduction system, transition system specification, structured state system, labelled transition system, strong bisimulation, congruence theorem, predicate. 1980 Mathematics Subject Classification (1985 Revision): 68Q05, 68Q55. CR Categories: D.3.1...

In this paper, we ask if the traditional relational query acceleration techniques of summary tables and covering indexes have analogs for branching path expression queries over tree- or graph-structured XML data. Our answer is yes --- the forward-and-backward index already proposed in the literature can be viewed as a structure analogous to a summary table or covering index. We also show that it is the smallest such index that covers all branching path expression queries. While this index is very general, our experiments show that it can be so large in practice as to o#er little performance improvement over evaluating queries directly on the data. Likening the forward-and-backward index to a covering index on all the attributes of several tables, we devise an index definition scheme to restrict the class of branching path expressions being indexed. The resulting index structures are dramatically smaller and perform better than the full forward-and-backward index for these classes of branching path expressions. This is roughly analogous to the situation in multidimensional or OLAP workloads, in which more highly aggregated summary tables can service a smaller subset of queries but can do so at increased performance. We evaluate the performance of our indexes on both relational decompositions of XML and a native storage technique. As expected, the performance benefit of an index is maximized when the query matches the index definition.

: The state/transition paradigm has been used extensively for the description of event-driven, parallel systems. However, the lack for hierarchic structure in such descriptions usually prevents us from using this paradigm in a real programming language. We propose the Argos language for reactive systems. The basic components of a program are input/output-labeled transition systems verifying reactivity (a property similar to input-enabling in IOautomata) . The composition operations (parallel composition and refinement, providing hierarchy) are based upon the synchronous broadcast mechanism of Esterel. We define the language formally in an algebraic framework, and give an operational semantics. The main result is the compositionality of the semantics; we prove that the bisimulation of models induces an equivalence which is a congruence for the operators we propose. An interesting point is the way we introduce hierarchy in a compositional way. 1 1 Introduction The problem ...

In this tutorial we give an overview of the process algebra EMPA, a calculus devised in order to model and analyze features of real-world concurrent systems such as nondeterminism, priorities, probabilities and time, with a particular emphasis on performance evaluation. The purpose of this tutorial is to explain the design choices behind the development of EMPA and how the four features above interact, and to show that a reasonable trade off between the expressive power of the calculus and the complexity of its underlying theory has been achieved.

) Glenn Bruns and Patrice Godefroid Bell Laboratories, Lucent Technologies fgrb,godg@bell-labs.com Abstract. We address the problem of relating the result of model checking a partial state space of a system to the properties actually possessed by the system. We represent incomplete state spaces as partial Kripke structures, and give a 3-valued interpretation to modal logic formulas on these structures. The third truth value ? means "unknown whether true or false". We define a preorder on partial Kripke structures that reflects their degree of completeness. We then provide a logical characterization of this preorder. This characterization thus relates properties of less complete structures to properties of more complete structures. We present similar results for labeled transition systems and show a connection to intuitionistic modal logic. We also present a 3-valued CTL model checking algorithm, which returns ? only when the partial state space lacks information needed ...

We present an efficient algorithm for bisimulation equivalence. Generally, bisimulation equivalence can be tested in O(mn) for a labeled transition system with m transitions and n states. In order to come up with a more efficient algorithm, we establish a relationship between bisimulation equivalence and the relational coarsest partition problem, solved by Paige & Tarjan in O(m log n) time. Given an initial partition and a binary relation, the problem is to find the coarsest partition compatible with them. Computing bisimulation equivalence can be viewed both as an instance and as a generalization of this problem: an instance, because only the universal partition is considered as an initial partition and a generalization since we want to find a partition compatible with a family of binary relations instead of one single binary relation. We describe how we have adapted the Paige & Tarjan algorithm of complexity O(m log n) to minimize labeled transition systems modulo bisimulation equivalence. This algorithm has been implemented in C and is used in Aldebaran, a tool for the verification of concurrent systems.

Many stochastic planning problems can be represented using Markov Decision Processes (MDPs). A difficulty with using these MDP representations is that the common algorithms for solving them run in time polynomial in the size of the state space, where this size is extremely large for most real-world planning problems of interest. Recent AI research has addressed this problem by representing the MDP in a factored form. Factored MDPs, however, are not amenable to traditional solution methods that call for an explicit enumeration of the state space. One familiar way to solve MDP problems with very large state spaces is to form a reduced (or aggregated) MDP with the same properties as the original MDP by combining "equivalent" states. In this paper, we discuss applying this approach to solving factored MDP problems--- we avoid enumerating the state space by describing large blocks of "equivalent" states in factored form, with the block descriptions being inferred directly from the original factored representation. The resulting reduced MDP may have exponentially fewer states than the original factored MDP, and can then be solved using traditional methods. The reduced MDP found depends on the notion of equivalence between states used in the aggregation. The notion of equivalence chosen will be fundamental in designing and analyzing algorithms for reducing MDPs. Optimally, these algorithms will be able to find the smallest possible reduced MDP for any given input MDP and notion of equivalence (i.e. find the "minimal model" for the input MDP). Unfortunately, the classic notion of state equivalence from non-deterministic finite state machines generalized to MDPs does not prove useful. We present here a notion of equivalence that is based upon the notion of bisimulation from th...

Many process algebras are defined by structural operational semantics (SOS). Indeed, most such definitions are nicely structured and fit the GSOS format of [15]. We give a procedure for converting any GSOS language definition to a finite complete equational axiom system (possibly with one infinitary induction principle) which precisely characterizes strong bisimulation of processes.

We introduce a definition of bisimulation for cryptographic protocols. The definition includes a simple and precise model of the knowledge of the environment with which a protocol interacts. Bisimulation is the basis of an effective proof technique, which yields proofs of classical security properties of protocols and also justifies certain protocol optimizations. The setting for our work is the spi calculus, an extension of the pi calculus with cryptographic primitives. We prove the soundness of the bisimulation proof technique within the spi calculus.