Why components ?

The title of this paper announces a calculus for higher-order distributed components. So far, however, we have not mentioned components. What gives ? A first element of answer can actually be found in Section 3.4, where we showed that the Kell calculus (and in fact thedKsubcalculus) provided an easy intepretation of objects as active kells. Beyond objects, an active kell may have several

subkells, and can provide different forms of control over these subkells. As we saw in Section 3.5, a kell can interrupt a subkell and later resume it execution. The encoding of theM-calculus in Section 4.2 illustrates the possibility for a kell to act as interceptor for messages ultimately destined to subkells. This suggests that kells with subkells look very much like composite components with subcomponents. Since communication between subkells of a kellkmust be mediated by kellk, we can implement different forms of communication paths or connectors [13] between subkells. One can also control explicitly within kellkthe establishment and release of such connectors, providing the basis for a dynamic component-based structure. For instance, a receiving port namedaof a component can readily be represented as a receiver of a kell, able to match messages of the formah.i.

Likewise, a sending port namedacan be equated with the possibility for a kell to emit messages of the formah.i. Given two kellsk1andk2, the first one with a sending portaand the second one with a receiving portb, a simple connector between portsaandbcan be defined asC(a, b) =ahxi bhxi.

If some control needs to be exercized on a connector, then it is possible to use some shared lockt as inC(t, a, b) = t | ahxi t | bhxi. If the lock is consumed by the controller process, then the connector ceases functioning. Alternatively, one could define the connector as a kellC(a, b) = c•(ahxi bhxi), and use trivial connectorsahxi |t ahxi |tandbhxi |t bhxi |tto ensure connectivity between ports and connectors. Deleting or suspending the connectorccan then be done easily.

As another illustration of the possibility to use the Kell calculus as a basic composition language, we can define a direct encoding of theπL⁶, calculus, which serves as a basis for the Piccola com- position language [19]. TheπLcalculus is an asynchronousπ-calculus, which handles formsF instead of names. Forms are records of fieldsl=V, whereV is value, which can be either a name aor a field selectionxl, wherexis a form variable.

[[a]]k=khai [[xl]]_k=x|(l◦x . khxi)

[[E]]=0 [[Fhl=Vi]]=[[F]]|l◦[[V]]

[[F x]]=[[F]]|x [[0]]=0

[[A|B]]=[[A]]|[[B]] [[νa.A]]=νa.[[A]]

[[V(x).A]]=νk.[[V]]_k|(kh(a)i. ahxi.[[A]]) [[V(F).A]]=νk.[[V]]_k|(kh(a)i. ah[[F]]i) [[!V(x).A]]=νk.[[V]]_k|(kh(a)i ahxi.[[A]])

We can therefore develop, using the Kell calculus as a basis, the same type of constructs that have been developed in Piccola, such as generic wrappers, complex and active forms, composition scripts, etc. In fact, the above encoding ofπLcalculus provides a direct way to extend Piccola to a distributed setting by just adding the active kell construct of the Kell calculus.

6 Conclusion

We have introduced in this paper a new process calculus, called the Kell calculus, and demonstrated, through various encodings, its expressive power. In particular, we have shown that it faithfully

6For simplicity, we make one slight alteration to theπLcalculus defined in [19]: forms can have multiple fields with the same label, as in theπLcalculus, but we do not guarantee that a field selection will return the rightmost one.

captures the semantics of locations in several process calculi such as ambient calculi, the DJoin calculus and theM-calculus. We have discussed how suitable restrictions of the calculus yield sub- calculi which can be implemented efficiently in a distributed environment, lending some weight to the belief that the Kell calculus could constitute a suitable basis for distributed computing. Further work remains to confirm that belief, through. First, we would like to apply the same techniques used in theM-calculus to derive a type system for the Kell calculus which can ensure the linearity of chosen names. We have seen that this is a crucial point for the distributed interpretation of the calculus. Second, we need to investigate the bisimulation semantics of the calculus. Indeed, apart from the context rules, the rules of reduction of the calculus are essentially local rules, i.e. rules which involve only a single location. We believe this feature of the calculus can allow us to directly leverage the results obtained in the past decade on the bisimulation semantics of process algebras with localities [8]. Third, we believe a crucial feature for a distributed process calculus is to be able to deal with overlapping locations, i.e. locations that may share processes. This is necessary to deal properly with the physical and logical aspects of locations in a distributed setting. How overlapping locations can be defined remains as a challenge, though.

Acknowledgments

Many thanks to G. Boudol for a fruitful discussion on the different features of the Kell calculus, and to members of the Mikado project for interesting comments on early versions of the calculus presented in this report.

References

[1] M. Abadi and L. Cardelli. A theory of objects. Springer, 1996.

[2] R. Amadio. An asynchronous model of locality, failure, and process mobility. Technical report, INRIA Research Report RR-3109, INRIA Sophia-Antipolis, France, 1997.

[3] G. Berry and G. Boudol. The chemical abstract machine. Theoretical Computer Science, vol. 96, 1992.

[4] G. Boudol. Theπ-calculus in direct style. Higher-Order and Symbolic Computation, vol.11, 1998.

[5] M. Bugliesi, G. Castagna, and S. Crafa. Boxed ambients. In 4th International Symposium on Theoretical Aspects of Computer Software (TACS), 2001.

[6] L. Cardelli. Types for mobile ambients. In Proceedings 26th Annual ACM Symposium on Principles of Programming Languages (POPL), 1999.

[7] L. Cardelli and A. Gordon. Mobile ambients. In Foundations of Software Science and Computational Structures, M. Nivat (Ed.), Lecture Notes in Computer Science, Vol. 1378. Springer Verlag, 1998.

[8] I. Castellani. Process algebras with localities. In Handbook of Process Algebra, J. Bergstra, A. Ponse and S. Smolka (eds). Elsevier, 2001.

[9] C. Fournet. The Join-Calculus. PhD thesis, Ecole Polytechnique, Palaiseau, France, 1998.

[10] C. Fournet and G. Gonthier. The reflexive chemical abstract machine and the join-calculus. In In proceed- ings 23rd ACM Symposium on Principles of Programming Languages (POPL), 1996.

[11] C. Fournet, G. Gonthier, J.J. Levy, L. Maranget, and D. Remy. A calculus of mobile agents. In In Proceed- ings 7th International Conference on Concurrency Theory (CONCUR ‘96), Lecture Notes in Computer Science 1119. Springer Verlag, 1996.

[12] C. Fournet, J.J. Levy, and A. Schmitt. An asynchronous distributed implementation of mobile ambients. In Proceedings of the International IFIP Conference TCS 2000, Sendai, Japan, Lecture Notes in Computer Science 1872. Springer, 2000.

[13] D. Garlan, R. Monroe, and D. Wile. Acme: Architectural Description of Component-Based Systems, chapter 3. In [15], 2000.

[14] A. Gordon and P. Hankin. A Concurrent Object Calculus. In 3rd International Workshop on High-Level Concurrent Languages, ENTCS, 1998.

[15] G. Leavens and M. Sitaraman (eds). Foundations of Component-Based Systems. Cambridge University Press, 2000.

[16] L. Leth and B. Thomsen. Some facile chemistry. Formal Aspects of Computing Vol.7, No 3, 1995.

[17] F. Levi and D. Sangiorgi. Controlling interference in ambients. In Proceedings 27th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 2000), 2000.

[18] L. Lopes, F. Silva, A. Figueira, and V. Vasconcelos. DiTyCO: An Experiment in Code Mobility from the Realm of Process Calculi. In Proceedings 5th Mobile Object Systems Workshop (MOS’99), 1999.

[19] M. Lumpe, F. Achermann, and O. Nierstrasz. A Formal Language for Composition, chapter 4. In [15], 2000.

[20] M. Merro and M. Hennessy. Bisimulation congruences in safe ambients. In 29th ACM Symposium on Principles of Programming Languages (POPL), Portland, Oregon, 16-18 January, 2002.

[21] R. Milner. Calculi for interaction. Acta Informatica, Vol.33, No 8, 1996.

[22] R. Milner. Communicating and mobile systems : theπ-calculus. Cambridge University Press, 1999.

[23] D. Sangiorgi and A. Valente. A Distributed Abstract Machine for Safe Ambients. In Proceedings of the 28th International Colloquium on Automata, Languages and Programming, volume 2076 of Lect. Notes in Comp. Sci. Springer-Verlag, 2001.

[24] D. Sangiorgi and S. Walker. Theπ-calculus: A Theory of Mobile Processes. Cambridge University Press, 2001.

[25] A. Schmitt and J.B. Stefani. The M-calculus: A Higher-Order Distributed Process Calculus. In Proceed- ings 30th Annual ACM Symposium on Principles of Programming Languages (POPL), 2003.

[26] D. Teller, P. Zimmer, and D. Hirschkoff. Using Ambients to Control Resources. In to appear in Proceed- ings CONCUR 02, 2002.

[27] B. Thomsen. A Theory of Higher Order Communicating Systems. Information and Computation, Vol.

116, No 1, 1995.

[28] J. Vitek and G. Castagna. Towards a calculus of secure mobile computations. In Proceedings Workshop on Internet Programming Languages, Chicago, Illinois, USA, Lecture Notes in Computer Science 1686, Springer, 1998.

[29] P. Wojciechowski and P. Sewell. Nomadic Pict: Language and Infrastructure. IEEE Concurrency, vol. 8, no 2, 2000.

[30] N. Yoshida and M. Hennessy. Subtyping and locality in distributed higher-order processes. In Proceedings CONCUR 99, Lecture Notes in Computer Science no 1664. Springer, 1999.

[31] S. Dal Zilio. Le calcul bleu : types et objets. PhD thesis, U. of Nice-Sophia Antipolis, France, 1999.

A Proofs

We gather in this section the proofs of theorems appearing in the main text, together with auxiliary lemmas.

Lemma A.1 (Substitution Lemma) For allθ,C,P,Q, ifP ≡Qandθ^Cn∩bn(P |Q) =∅, thenP θ^C≡ Qθ^C.

Proof: A simple induction on the derivation ofP ≡Q. 2

Lemma A.2 IfP −−−−−→K:A P⁰, then we havefn(K)⊆fn(P)andbn(A)⊆bn(P).

Proof: A simple induction on the derivation ofP −−−−−→K:A P⁰. 2 We define recursively the operation{.}on actions by: recursively:{}=,{τ}=τ,{α}=α,{β}=β, {hAi}={A},{A|B}={A} | {B}. Note that ifA6=, τ, then{dAe}is a Kell calculus process. When {A} ≡β| _i∈Jαi,β= (ξ, θ^C), we say thatβorθoccurs inA. By the following lemma, an actionβcan occur only at most once in a given actionAobtained in a derivationP K:A

−−−−−→ P⁰. By convention, we set

i∈JAi=ifJ=∅.

Lemma A.3 IfP −−−−−→K:A P⁰, then we have (i)A=τ, or (ii){A} ≡ _i∈Jαior (iii){A} ≡β| _i∈Jαi. Furthermore, in case (i) and (ii)·does not occur inK, and in case (iii)· occurs exactly once inK.

Proof: By induction on the derivation ofP −−−−−→K:A P⁰. The key induction step is the case whenP −−−−−→K:A P⁰ is derived through the use of rule L.PAR. In this case, we have P = R1 | R2, Ri

K_i:Ai

−−−−−−→ R⁰i, A=A1|A2,K=K₁|K₂, with the constraint that· occurs at most once inK, and if one of theAiis equal toτ, then the other must be. Because of this constraint, and using the induction hypothesis forA1andA2, we then have five possible cases: (1)A1verifies (ii) andA2verifies (ii), in which caseAverifies (ii); (2)A1

verifies (ii) andA2verifies (iii), in which caseAverifies (iii); (3)A1verifies (iii) andA2verifies (ii), in which caseAverifies (iii); (4)A1verifies (i) andA2 =, i.e.A2verifies (ii) withJ=∅, andAverifies (i). (5)A2

verifies (i) andA1=, i.e.A2verifies (ii) withJ=∅, andAverifies (i). HenceAverifies (i), (ii) or (iii), as

required. 2

Lemma A.4 IfP −−−−−→K:A P⁰, thenfn(A)⊆fn(P)∪fn(β)andfn(P⁰)⊆fn(P)∪bn(A)∪fn(β)if βoccurs inA; otherwise,fn(A)⊆fn(P)andfn(P⁰)⊆fn(P)∪bn(A).

Proof: By induction on the derivation ofP −−−−−→K:A P⁰. By convention, we setfn(β) =∅ifβdoes not occur inA.

L.NULL. In this case, we have A = , and P⁰ = K = P. Hence fn(A) = ∅ ⊆ fn(P) and fn(P⁰) =fn(P), as required.

L.ACTand L.PASS. In these cases, we haveA=P,K=P andP⁰=0. Hencefn(A) =fn(P)and fn(P⁰) =∅ ⊆fn(P), as required.

L.TRIG. In this case, we haveP = ξ . R, A = (ξ, θ^C) = β, K = ·, P⁰ = Rθ^C,fn(P) = fn(ξ)∪(fn(R)\bn(ξ)). Hencefn(A) =fn(β), andfn(P⁰) =fn(R)\bn(ξ)∪fn(θ^C.cosupp)⊆ fn(P)∪fn(β), as required.

L.LOC. In this case, we haveP =a•R,R K⁰:A⁰−−−−−−→ R⁰,A =hA⁰i,K = a•K⁰,P⁰ =a•R⁰, fn(P) = {a} ∪fn(R),fn(P⁰) = {a} ∪fn(R⁰). By induction hypothesis, we havefn(A⁰) ⊆ fn(R)∪fn(β). Hencefn(A) =fn(A⁰)⊆fn(P)∪fn(β), as required. Also by induction hypothesis, we havefn(R⁰)⊆fn(R)∪bn(A⁰)∪fn(β). Hencefn(P⁰)⊆fn(R)∪ {a} ∪bn(A)∪fn(β) = fn(P)∪bn(A)∪fn(β), as required.

L.NU.NF. In this case, we haveP =νa.R,R K⁰:A⁰−−−−−−→ R⁰,A =A⁰,K =νa.K⁰,P⁰ =νa.R⁰, fn(P) =fn(R)\ {a},ln(P) =ln(R),fn(P⁰) =fn(R⁰)\ {a}. By induction hypothesis, we have fn(A⁰)⊆fn(R)∪fn(β)andfn(R⁰)⊆fn(R)∪fn(β)∪bn(A⁰). Hencefn(A)⊆fn(P)∪fn(β) andfn(P⁰)⊆fn(P)∪fn(β)∪bn(A), as required.

L.NU.F. In this case, we haveP =νa.R,R K⁰:A⁰−−−−−−→ R⁰,A =νa.A⁰,K=νa.K⁰,P⁰ =νa.R⁰, Γ = Γ⁰∪ {a},fn(P) =fn(R)\ {a},fn(A) =fn(A⁰)\ {a},bn(A) =bn(A⁰)∪ {a},fn(P⁰) = fn(R⁰)\ {a}. By induction hypothesis, we havefn(A⁰)⊆fn(R)∪fn(β)andfn(R⁰)⊆fn(R)∪ fn(β)∪bn(A⁰). Hencefn(A)⊆(fn(R)∪fn(β))\ {a} ⊆fn(R)\ {a} ∪fn(β) =fn(P)∪fn(β) andfn(P⁰) =fn(R⁰)\ {a} ⊆⊆fn(R)\ {a} ∪bn(A⁰)∪fn(β)⊆fn(()P)∪bn(A)∪fn(β), as required.

L.PAR. In this case, we haveP =R1 | R2, Ri

K_i:Ai

−−−−−−→ Ri,A = A1 | A2,K = K₁ | K₂, P⁰=R⁰₁|R⁰₂,fn(P) =fn(R1)∪fn(R2),fn(A) =fn(A1)∪fn(A2),bn(A) =bn(A1)∪bn(A2), fn(P⁰) = fn(R⁰₁)∪fn(R⁰₂). By induction hypothesis, we havefn(Ai) ⊆ fn(Ri)∪fn(βi)and fn(R⁰_i)⊆fn(Ri)∪ ∪bn(Ai∪fn(βi). By Lemma A.3, there is at most oneβoccurring inA. So at least one offn(βi) =∅. Letβbe the potentially occurring one. Hence, we havefn(A)⊆fn(R1)∪ fn(R2)∪fn(β) =fn(P)∪fn(β)andfn(P⁰)⊆fn(R1)∪fn(R2)∪bn(A1∪bn(A2)∪fn(β) = fn(P)∪bn(A)∪fn(β), as required.

L.RED.S. In this case, we haveP K⁰:A⁰

−−−−−−→ P⁰⁰, A = τ, K = P, c = bn(A⁰) P⁰ = νc.P⁰⁰, fn(P⁰) =fn(P⁰⁰)\c,A⁰=A1|β|A2,β= (ξ, θK0),ξθK0 = [A1|A2]. By induction hypothesis, we have fn(A⁰) ⊆ fn(P)∪fn(β)and fn(P⁰⁰) ⊆ fn(P)∪bn(A⁰)∪fn(β). By Lemma A.3, we know that noβaction occurs inAi, hence we have, by induction hypothesis sinceAi must have appeared in an earlier derivation step involving subterms ofP,fn(Ai) ⊆fn(P)∪c. By definition fn(β) =fn(ξ)∪fn(θ^K.cosupp). Butξθ^K= [A1|A2], hencefn(θ^K.cosupp) =fn(A1 |A2) andfn(β)⊆fn(P)∪c. As a result, we havefn(A) =∅ ⊆fn(P), andfn(P⁰)⊆(fn(P)∪c∪ fn(β))\c⊆fn(P), as required.

L.RED.H. This case is handled as the case L.RED.S above.

2 Proof of Theorem 1: The proof proceeds by induction on the depth of the inference ofP −−−−−→K:A P⁰and by induction on the depth of the derivation ofP≡Qby means of the structural congruence rules.

We first consider the case whenP ≡Qhas been obtained by the application of a single structural con- gruence rule, and we consider the last rule that has been applied in the derivation ofP −−−−−→K:A P⁰. In the

different cases below, several subcases can be dispatched immediately. Because we consider only derivations ofP ≡Qwhich only involve a single inference step, rule S.CONTEXTis not applicable. Also, ifP ≡Qhas been derived using rule S.α, then by definition of the transition relation (which is defined up toα-conversion), if P K:A

−−−−−→ P⁰andP =αQ, thenQ K:A

−−−−−→ P⁰. Finally, ifP ≡Qhas been obtained through S.PAR.NIL, i.e.Q =P |0, then by rule L.PAR.L we getQ K:A

−−−−−→ P⁰|0, and we have foundQ⁰ =P⁰ | 0≡P⁰, K⁰=KandB=A, as required. In the sequel, we do not consider these subcases any more.

Case:P −−−−−→K:A P⁰derived by L.NULL. In this case we haveK=P,A=andP⁰=P. We have by L.NULLQ Q:

−−−−→ Q. Hence we have foundQ⁰=Q≡P =P⁰,K⁰=Q≡P =K, andB ==A, as required.

Case:P K:A

−−−−−→ P⁰derived by L.ACT. In this case, we haveP =a•R,P⁰ =0andK=A=P. SinceP ≡Q, we havea•R ≡Q. This could only have been derived by rule S.NU.KELL(apart from the three rules which have been considered above). Thus, we haveP =a•νb.SandQ=νb.a•S, withb6=a.

There are now two possibilities: either (i)b∈fn(S)or (ii)b6∈fn(S).

In case (i), we have in factb∈fon(a•S); hence we can apply rule L.ACTfollowed by L.NU.F to get:

Q Q:νb.a•S

−−−−−−−−−→ 0. Sinceb6=a, we haveνb.a•S≡a•νb.S: we have foundB=νb.a•S ≡a•νb.S= A,K⁰=Q≡K=PandQ⁰=0=P⁰, as required.

In case (ii), we can apply rule L.ACTfollowed by L.NU.NF to get: Q Q:a•S

−−−−−−−→ νb.0. But we have νb.0≡0and , sincea6=b, we havea•νb.S≡νb.a•S ≡νb.a•S |≡a•S |νb.≡a•S, hence we have foundB=a•S≡a•νb.S=A,K⁰=Q≡P =KandQ⁰=νb.0≡0=P⁰as required.

Case:P K:A

−−−−−→ P⁰derived by L.PASS. In this case, we haveP =a◦R,P⁰=0andK=A=P. SinceP ≡Q, we havea◦R≡Q. This could only have been derived by rules: (a) S.α, (b) S.CONTEXT, or (c) S.PAR.NIL, which have all been considered above.

Case: P −−−−−→K:A P⁰derived by L.TRIG. In this case, we haveP = ξ . R,K = ·, A = (ξ, θ^C), and P⁰ = P θ^C. But thenP = ξ . R ≡ Qcould only have obtained through S.TRIG. Thus, we have Q=ζ . R. But then by L.TRIG, we haveQ · : (ζ, θ^C)

−−−−−−−−→ RθC. Hence we have obtainedQ⁰=RθC=P⁰, K⁰= · =K, andB= (ζ, θ^C)≡(ξ, θ^C) =A, as required.

Case: P K:A

−−−−−→ P⁰derived by L.NU.NF. In this case we haveP = νa.R,R K₁:A

−−−−−−→ R⁰with a6∈fn(A),P⁰ =νa.R⁰, andK =νa.K₁. SinceP ≡Qwe haveQ≡νa.R. This could only have been derived by rules: (a) S.NIL, (b) S.NU.KELL, (c) S.NU.COMM, (d) S.NU.PAR.

In case (a), we haveR=0,P =νa.0, andQ=0. But thenR K₁:A

−−−−−−→ R⁰could only have been derived by L.NULL, henceK₁ =0,A=,R⁰=0, andK=νa.0≡νa.0=P,P⁰=νa.0=P. By L.NULLwe haveQ Q:

−−−−→ Q, hence we have foundQ⁰=Q≡P =P⁰,K⁰ =Q≡P ≡K, andB==A, as required.

In case (b), we haveR=b•S, withb6=a, andQ=b•νa.S. NowR K₁:A

−−−−−−→ R⁰could only have been derived through rules (i) L.ACT, (ii) L.LOC, (iii) L.RED.S, (iv) L.RED.H, (v) L.NULL.

– In case (i) we haveb•S b−−−−−−−−−→•S:b•S 0. HenceK₁ = b•S,A = b•S, andR⁰ =0. By rule L.ACTone gets:b•νa.S b−−−−−−−−−−−−−−→•νa.S:b•νa.S 0. Sincea6∈fn(A), we havea6∈fn(S),

hence we have: νa.b•S ≡ b•S. Hence we have found :Q⁰ = R⁰ = 0 ≡ νa.R⁰ = P⁰, B =b•νa.S ≡νa.b•S ≡ b•S = A, andK⁰ =b•νa.Sequivb•S ≡ νa.b•S =K, as required.

– In case (ii), we haveb•S b•K₂:hA⁰i

−−−−−−−−−−→ b•S⁰, withS K₂:A⁰

−−−−−−→ S⁰, A = hA⁰i,K₁ = b•K₂, and R⁰ = b•S⁰. Sincea 6∈ fn(A), thena 6∈ fn(A⁰), and by rule L.NU.NF one gets: νa.S νa.K₂:A⁰

−−−−−−−−−→ νa.S⁰. Applying rule L.LOCyields: b•νa.S b•νa.K₂:hA⁰i

−−−−−−−−−−−−→

b•νa.S⁰. Sinceb6=a, we have:b•νa.S⁰≡νa.b•S⁰, andb•νa.K₂ ≡νa.b•K₂. Hence we have foundQ⁰=b•νa.S⁰≡νa.b•S⁰=νa.R⁰=P⁰,B=hA⁰i=A, andK⁰=b•νa.K₂≡ νa.b•K₂=νa.K₁=K, as required.

– In case (iii), we must haveK₁=R,A=τandR K₂:A2

−−−−−−→ R⁰⁰withdA2e=A⁰1|(ξ, θ^C)| A⁰2. But we haveR=b•S, henceR K₂:A2

−−−−−−→ R⁰⁰could only have been obtained via L.LOC, henceA2shold be such thatA2=hA3i, a contradiction. Hence this case is void.

– In case (iv) we haveA = τ, K₁ = b•S =R,R⁰ = νc.R⁰⁰, withR K₂:A2

−−−−−−→ R⁰⁰,c = bn(A2),dA2e ≡ A⁰3 | hA⁰1 |(ξ, θ^C) |A⁰2i |A⁰4,C= dK₂e,ξθ^C =A⁰3 |[A⁰1 | A⁰2] |A⁰4,

|A⁰3|,|A⁰4|= 0,|A⁰1|,|A⁰2| ≤1. Now,R=b•S K₂:A2

−−−−−−→ R⁰⁰could only have been obtained through rule L.LOC(rule L.ACTdoes not apply because of the form of actionA2). Hence we must have: A⁰₃ =A⁰₄=,S K₃ :A3

−−−−−−→ S⁰,K₂ =b•K₃,A2 =hA3i, andR⁰⁰ =b•S⁰. We now have two cases to consider: (1)a6∈fn(A3)and (2)a∈fn(A3).

In case (1), we can apply L.NU.NF to get:νa.S νa.K₃:A3

−−−−−−−−−→ νa.S⁰. Now, by L.LOC, we get:

b•νa.S b•νa.K₃:hA3i

−−−−−−−−−−−−−→ b•νa.S⁰. The conditions of premises of rule L.RED.H still apply, in particular sincehA3i=A2, and sincedK₂e=db•K₃e=db•νa.K₃e. Hence, by L.RED.H we get:

b•νa.S b•νa.S:τ

−−−−−−−−−→ νc.b•νa.S⁰

Now, sincea is bound inP, and since the transition rules are defined up to α-conversion, it is always possible to chooseasuch thata 6∈ c. Hence we have found Q⁰ = νc.b•νa.S⁰ ≡ νa.νc.b•S⁰ = νa.νc.R⁰⁰ = νa.R⁰ = P⁰,K⁰ = b•νa.S ≡νa.b•S = νa.K₁ = K, and B=τ=A, as required.

In case (2) we can consider thatafon(A3)for if that were not the case, then by Lemma A.4, we would havea6∈ fn(S), a contradiction with the fact thatξθC = [A⁰₁ |A⁰₂]. We can then apply L.NU.F to get:νa.S νa.K₃:νa.A3

−−−−−−−−−−−→ S⁰. Now, applying rule L.LOC, we get:

b•νa.S b•νa.K₃:hνa.A3i

−−−−−−−−−−−−−−−→ b•S⁰

Sincedhνa.A3ie = dhA3ie = dA2e, anddK₂e = db•K₃e = db•νa.K₃e, we can apply L.RED.H to get:

b•νa.S b•νa.S:τ

−−−−−−−−−→ νa.νc.b•S⁰

Hence we have found K⁰ = b•νa.S ≡ νa.b•S = νa.K₁ = K, Q⁰ = νa.νc.b•S⁰ = νa.νc.R⁰⁰=νa.R⁰=P⁰, andB=τ =A, as required.

– In case (v), we haveK₁=R,A=, andR⁰=R. Now, by L.NULL, we haveb•νa.S b−−−−−−−−−→•νa.S: b•νa.S, hence we have foundQ⁰ = Q ≡P = νa.b•S = νa.R⁰ = P⁰,K⁰ =Q ≡ P = νa.b•S≡νa.b•S=νa.R=νa.K₁=K, andB==A, as required.

In case (c), we haveR=νb.S,Q=νb.νa.Sandb6=a. Now, we could only have hadR K₁:A

−−−−−−→

R⁰ through one of the following rules: (i) L.NU.NF, (ii) L.NU.F, (iii) L.RED.S, (iv) L.RED.H, (v) L.NULL.

– In case (i), we haveνb.S νb.K₂:A

−−−−−−−−→ νb.S⁰, withR⁰=νb.S⁰,S K₂:A

−−−−−−→ S⁰,K₁=νb.K₂, andb6∈fn(A). Sincea 6∈fn(A), by rule L.NU.NF we get: νa.S νa.K₂ :A

−−−−−−−−→ νa.S⁰, and sinceb 6∈ fn(A), applying again rule L.NUNF we get: νb.νa.S νb.νa.K₂:A

−−−−−−−−−−→ νb.νa.S⁰. Sinceb6=awe haveνb.νa.S⁰≡νa.νb.S⁰, andνb.νa.K₂ ≡νa.νb.K₂. Hence we have found Q⁰ =νb.νa.S⁰ ≡ νa.νb.S⁰ = νa.R⁰ = P⁰,B = A, andK⁰ = νb.νa.K₂ ≡νa.νb.K₂ = νa.K₁=K, as required.

– In case (ii), we haveνb.S νb.K₂:νb.A1

−−−−−−−−−−−→ R⁰, withK₁ = νb.K₂ andA = νb.A1, with b∈fn(A1)andS K₂:A1

−−−−−−→ R⁰. Sincea6∈fn(A)anda6=b, thena6∈fn(A1)and by rule L.NU.NF we get:νa.S νa.K₂:A1

−−−−−−−−−→ νa.R⁰. Applying rule L.NU.F we get:

νb.νa.S νb.νa.K₂:νb.A1

−−−−−−−−−−−−−→ νa.R⁰

Hence we have foundK⁰ = νb.νa.K₂ ≡νa.νb.K₂ = νa.K₁ =K,B = νb.A1 = Aand Q⁰=νa.R⁰=P⁰, as required.

– In case (iii), we haveR R−−−−→:τ R⁰withK₁ =R,A=τ,R⁰ =νc.R⁰⁰,R K₂:A1

−−−−−−→ R⁰⁰, c =bn(A1),dA1e =A⁰1 |(ξ, θ^C) |A⁰2,C= dK₂e,ξθ^C = [A⁰1 | A⁰2]. SinceR = νb.S, we could only have hadR=νb.S K₂:A1

−−−−−−→ R⁰⁰through either (1) rule L.NU.NF or (2) rule L.NU.F.

In case (1), we have K₂ = νb.K₃,R⁰⁰ = νb.S⁰, b 6∈ fn(A1)and S −−−−−−→K₃:A1 S⁰. We havedA1e= A⁰₁ |(ξ, θC) |A⁰₂, andC=dK₂e =dνb.K₃e =ceilK₃, hence we can apply L.RED.S to get:S S−−−−→:τ νc.S⁰. Applying L.NU.NF twice we get:νb.νa.S νb.νa.S−−−−−−−−−→:τ νb.νa.νc.S⁰. Hence we have found:K⁰ =νb.νa.S≡νa.νb.S=νa.R=K,B=τ=A, and Q⁰=νb.νa.νc.S⁰≡νa.νc.νb.S⁰=νa.νc.R⁰⁰=νa.R⁰=P⁰, as required.

In case (2), we haveK₂ =νb.K₃,A1 =νb.A2,b ∈fn(A2), andS K₃:A2

−−−−−−→ R⁰⁰. Since b ∈ bn(A1), we haveb ∈ c. We havedA2e =dνa.A2e =dA1e =A⁰1 |(ξ, θ^C) | A⁰2, and C=dK₂e=dνb.K₃e=ceilK₃, hence we can apply L.RED.S withc⁰=bn(A2) =c\ {b}, to get: S −−−−→S:τ νc⁰.R⁰⁰. Applying rule L.NU.NF twice we get: νb.νa.S −−−−−−−−−→νb.νa.S:τ νb.νa.νc⁰.R⁰⁰. Hence we have found:Q⁰=νb.νa.νc⁰.R⁰⁰≡νa.νc.R⁰⁰=νa.R⁰=P⁰,K⁰ = νb.νa.S≡νa.νb.S=νa.R=K,B=τ =A, as required.

– In case (iv), we reason exactly as in case (iii) above.

– In case (v), we haveK₁=R,A=,R⁰=R, henceP⁰=νa.R=P, andK=νa.R≡P. By L.NULL, we haveQ Q:

−−−−→ Q, hence we have foundQ⁰=Q≡P =P⁰,K⁰=Q≡P≡K, andB==A, as required.

In case (d), we haveP = νa.R, R = S | T,R K₁:A

−−−−−−→ R⁰ witha 6∈ fn(A), P⁰ = νa.R⁰, K=νa.K₁,Q= (νa.S)|Twitha6∈fn(T). Now,R K₁:A

−−−−−−→ R⁰could only have been derived via one of the following rules: (i) L.PAR, (ii) L.RED.S, (iii) L.RED.H, (iv) L.NULL.

– In case (i), we haveS K₂:A2

−−−−−−→ S⁰, T K₃:A3

−−−−−−→ T⁰,K₁ = K₂ | K₃,A = A2 | A3, R⁰ =S⁰ |T⁰,bn(A2)∩bn(A3) =∅,bn(A2)∩fn(T) =∅,bn(A3)∩fn(S) =∅, and the conditions that if one of theA2, A3 isτ, then the other must be. Sincea 6∈ fn(A), we have a6∈ fn(A2)∪fn(A3), hence by rule L.NU.NF:νa.S νa.K₂:A2

−−−−−−−−−→ νa.S⁰.Sincebn(A3)∩ fn(νa.S) =∅,bn(A2)∩bn(A3) =∅,bn(A2)∩fn(T) =∅, we can apply L.PARto get:

(νa.S)|T (νa.K₂)|K₃:A2|A3

−−−−−−−−−−−−−−−−−−→ (νa.S⁰)|T⁰

Sincea6∈fn(T), thena6∈fn(K₃)by Lemma A.2. Also, sincea6∈fn(A3)anda6∈fn(T), then by Lemma A.4 we have thata 6∈ fn(T⁰)unlessa ∈ bn(T). In the latter case, since the transition rules are given up toα-conversion, it is possible toα-convertT so thata 6∈ bn(T).

Hence we havea 6∈ fn(K₃)anda 6∈fn(T⁰). But then we have foundQ⁰ = (νa.S⁰) |T⁰ ≡ νa.S⁰ | T⁰ = νa.R⁰ = P⁰, K⁰ = (νa.K₂) | K₃ ≡ νa.K₂ | K₃ = νa.K₁ = K, and B=A2|A3=A, as required.

– In case (ii), we haveK₁=R,A=τ,R⁰=νc.R⁰⁰,R K⁰₁:A⁰₁

−−−−−−→ R⁰⁰,dA⁰1e=A⁰2|(ξ, θ^C)| A⁰₂,C=dK⁰₁e,ξθC= [A⁰₂ |A⁰₃]. Now,R K⁰₁:A⁰1

−−−−−−→ R⁰⁰ could only have been obtained by rule L.PAR, hence we haveS K₂:A2

−−−−−−→ S⁰,T K₃:A3

−−−−−−→ T⁰,K⁰₁ =K₂ |K₃,A⁰1 =A2 | A3,R⁰⁰ =S⁰ |T⁰,bn(A2)∩bn(A3) =∅,bn(A2)∩fn(T) =∅bn(A3)∩fn(S) =∅, and the constraint that if oneA2, A3equalsτ, then the other must be. We now have to consider to subcases: (1)a6∈fn(A2)and (2)a∈fn(A2).

In case (1), we can apply rule L.NU.NF to get:νa.S −−−−−−−−−→νa.K₂:A2 νa.S⁰. We havebn(A3)∩ fn(νa.A2) =∅,bn(A2)∩bn(A3) =∅,bn(A2)∩fn(T) =∅, thus we can apply L.PARto get:

(νa.S)|T (νa.K₂)|K₃:A2|A3

−−−−−−−−−−−−−−−−−−→ (νa.S⁰)|T⁰

Now, we havedA2 |A3e=dA⁰1e,C=dK⁰₁e =dK₂ |K₃e =d(νa.K₂)| K₃e, hence by L.RED.S we get:

(νa.S)|T (νa.S)|T :τ

−−−−−−−−−−−→ νc.(νa.S⁰)|T⁰

Hence we have foundQ⁰=νc.(νa.S⁰)|T⁰≡νa.νc.S⁰|T⁰=νa.R⁰=P⁰,B=τ =A, and K⁰= (νa.S)|T ≡νa.S|T =νa.R=νa.K₁=K, as required.

In case (2), we can consider thata∈fon(A2), for otherwise by Lemma A.4 we would havea6∈

fn(S)and we would then have thata ∈fn(β) =fn(ξ, θ^C); but sinceξθ^C) = [A⁰₂ |A⁰₃], we

No documento A Calculus of Higher-Order Distributed Components (páginas 37-59)