Concurrent Kleene Algebra: Free Model and Completeness

Concurrent Kleene Algebra (CKA) was introduced by Hoare, Moeller, Struth and Wehrman in 2009 as a framework to reason about concurrent programs. We prove that the axioms for CKA with bounded parallelism are complete for the semantics proposed in the original paper; consequently, these semantics are the free model for this fragment. This result settles a conjecture of Hoare and collaborators. Moreover, the techniques developed along the way are reusable; in particular, they allow us to establish pomset automata as an operational model for CKA.Comment: Version 2 includes an overview section that outlines the completeness proof, as well as some extra discussion of the interpolation lemma. It also includes better typography and a number of minor fixes. Version 3 incorporates the changes by comments from the anonymous referees at ESOP. Among other things, these include a worked example of computing the syntactic closure by han

On partial order semantics for SAT/SMT-based symbolic encodings of weak memory concurrency

Concurrent systems are notoriously difficult to analyze, and technological advances such as weak memory architectures greatly compound this problem. This has renewed interest in partial order semantics as a theoretical foundation for formal verification techniques. Among these, symbolic techniques have been shown to be particularly effective at finding concurrency-related bugs because they can leverage highly optimized decision procedures such as SAT/SMT solvers. This paper gives new fundamental results on partial order semantics for SAT/SMT-based symbolic encodings of weak memory concurrency. In particular, we give the theoretical basis for a decision procedure that can handle a fragment of concurrent programs endowed with least fixed point operators. In addition, we show that a certain partial order semantics of relaxed sequential consistency is equivalent to the conjunction of three extensively studied weak memory axioms by Alglave et al. An important consequence of this equivalence is an asymptotically smaller symbolic encoding for bounded model checking which has only a quadratic number of partial order constraints compared to the state-of-the-art cubic-size encoding.Comment: 15 pages, 3 figure

An Event Structure Model for Probabilistic Concurrent Kleene Algebra

We give a new true-concurrent model for probabilistic concurrent Kleene algebra. The model is based on probabilistic event structures, which combines ideas from Katoen's work on probabilistic concurrency and Varacca's probabilistic prime event structures. The event structures are compared with a true-concurrent version of Segala's probabilistic simulation. Finally, the algebraic properties of the model are summarised to the extent that they can be used to derive techniques such as probabilistic rely/guarantee inference rules.Comment: Submitted and accepted for LPAR19 (2013

Probabilistic Rely-guarantee Calculus

Jones' rely-guarantee calculus for shared variable concurrency is extended to include probabilistic behaviours. We use an algebraic approach which combines and adapts probabilistic Kleene algebras with concurrent Kleene algebra. Soundness of the algebra is shown relative to a general probabilistic event structure semantics. The main contribution of this paper is a collection of rely-guarantee rules built on top of that semantics. In particular, we show how to obtain bounds on probabilities by deriving rely-guarantee rules within the true-concurrent denotational semantics. The use of these rules is illustrated by a detailed verification of a simple probabilistic concurrent program: a faulty Eratosthenes sieve.Comment: Preprint submitted to TCS-QAP

SPDL Model Checking via Property-Driven State Space Generation

In this report we describe how both, memory and time requirements for stochastic model checking of SPDL (stochastic propositional dynamic logic) formulae can significantly be reduced. SPDL is the stochastic extension of the multi-modal program logic PDL.\ud SPDL provides means to specify path-based properties with or without timing restrictions. Paths can be characterised by so-called programs, essentially regular expressions, where the executability can be made dependent on the validity of test formulae. For model-checking SPDL path formulae it is necessary to build a product transition system (PTS)\ud between the system model and the program automaton belonging to the path formula that is to be verified.\ud In many cases, this PTS can be drastically reduced during the model checking procedure, as the program restricts the number of potentially satisfying paths. Therefore, we propose an approach that directly generates the reduced PTS from a given SPA specification and an SPDL path formula.\ud The feasibility of this approach is shown through a selection of case studies, which show enormous state space reductions, at no increase in generation time.\u

From computability to executability : a process-theoretic view on automata theory

The theory of automata and formal language was devised in the 1930s to provide models for and to reason about computation. Here we mean by computation a procedure that transforms input into output, which was the sole mode of operation of computers at the time. Nowadays, computers are systems that interact with us and also each other; they are non-deterministic, reactive systems. Concurrency theory, split off from classical automata theory a few decades ago, provides a model of computation similar to the model given by the theory of automata and formal language, but focuses on concurrent, reactive and interactive systems. This thesis investigates the integration of the two theories, exposing the differences and similarities between them. Where automata and formal language theory focuses on computations and languages, concurrency theory focuses on behaviour. To achieve integration, we look for process-theoretic analogies of classic results from automata theory. The most prominent difference is that we use an interpretation of automata as labelled transition systems modulo (divergence-preserving) branching bisimilarity instead of treating automata as language acceptors. We also consider similarities such as grammars as recursive specifications and finite automata as labelled finite transition systems. We investigate whether the classical results still hold and, if not, what extra conditions are sufficient to make them hold. We especially look into three levels of Chomsky's hierarchy: we study the notions of finite-state systems, pushdown systems, and computable systems. Additionally we investigate the notion of parallel pushdown systems. For each class we define the central notion of automaton and its behaviour by associating a transition system with it. Then we introduce a suitable specification language and investigate the correspondence with the respective automaton (via its associated transition system). Because we not only want to study interaction with the environment, but also the interaction within the automaton, we make it explicit by means of communicating parallel components: one component representing the finite control of the automaton and one component representing the memory. First, we study finite-state systems by reinvestigating the relation between finite-state automata, left- and right-linear grammars, and regular expressions, but now up to (divergence-preserving) branching bisimilarity. For pushdown systems we augment the finite-state systems with stack memory to obtain the pushdown automata and consider different termination styles: termination on empty stack, on final state, and on final state and empty stack. Unlike for language equivalence, up to (divergence-preserving) branching bisimilarity the associated transition systems for the different termination styles fall into different classes. We obtain (under some restrictions) the correspondence between context-free grammars and pushdown automata for termination on final state and empty stack. We show how for contrasimulation, a weaker equivalence than branching bisimilarity, we can obtain the correspondence result without some of the restrictions. Finally, we make the interaction within a pushdown automaton explicit, but in a different way depending on the termination style. By analogy of pushdown systems we investigate the parallel pushdown systems, obtained by augmenting finite-state systems with bag memory, and consider analogous termination styles. We investigate the correspondence between context-free grammars that use parallel composition instead of sequential composition and parallel pushdown automata. While the correspondence itself is rather tight, it unfortunately only covers a small subset of the parallel pushdown automata, i.e. the single-state parallel pushdown automata. When making the interaction within parallel pushdown automata explicit, we obtain a rather uniform result for all termination styles. Finally, we study computable systems and the relation with exective and computable transition systems and Turing machines. For this we present the reactive Turing machine, a classical Turing machine augmented with capabilities for interaction. Again, we make the interaction in the reactive Turing machine between its finite control and the tape memory explicit

Foundations of Software Science and Computation Structures

This open access book constitutes the proceedings of the 22nd International Conference on Foundations of Software Science and Computational Structures, FOSSACS 2019, which took place in Prague, Czech Republic, in April 2019, held as part of the European Joint Conference on Theory and Practice of Software, ETAPS 2019. The 29 papers presented in this volume were carefully reviewed and selected from 85 submissions. They deal with foundational research with a clear significance for software science

Posets with Interfaces for Concurrent Kleene Algebra

We introduce posets with interfaces (iposets) and generalise the serial composition of posets to a new gluing composition of iposets. In partial order semantics of concurrency, this amounts to designate events that continue their execution across components. Alternatively, in terms of decomposing concurrent systems, it allows cutting through some events, whereas serial composition may cut through edges only. We show that iposets under gluing composition form a category, extending the monoid of posets under serial composition, and a 2-category when enriched with a subsumption order and a suitable parallel composition as a lax tensor. This generalises the interchange monoids used in concurrent Kleene algebra. We also consider gp-iposets, which are generated from singletons by finitary gluing and parallel compositions. We show that the class includes the series-parallel posets as well as the interval orders, which are also well studied in concurrency theory. Finally, we show that not all posets are gp-iposets, exposing several posets that cannot occur as induced substructures of gp-iposets