On affine usages in signal-based communication

On affine usages in signal-based comm unication Rob erto M. Amadio Mehdi Dogg uy Univ ersit ´ e Paris Diderot (P aris 7) , PPS, UMR-7 126 No v em ber 11, 2018 Abstract W e describ e a type s y stem for a synchr onous π -calculus formalis ing the no tion of affine usage in s ignal-b ase d communication. In particular, w e identify a limited num ber of usages that preserve affinit y and that can be comp osed. As a main application of the resulting system, w e show that typable programs are deterministic . 1 In tro duction W e are in terested in synchr onous systems. In these systems, ther e is a notion of i nstant (or phase, o r pulse, or round ) and at eac h instan t eac h comp onen t of the system, a th r e ad , p erforms some ac tions and sync hronizes with all the other threads. One ma y say that all threads pro ceed at the same sp eed and it is in this sp ecific sense that we shall refer to synchr ony in this w ork. Signal-b ase d comm unication is often us ed as the basic int eraction mec hanism in sync hronous systems (see, e.g. , [5, 6]). Signals pla y a role similar to cha nnels in asyn chronous systems. O ur goal in this pap er is to study the notion of affine usage in this con text. In particular, w e shall formalise our ideas in the con text of a synchr o nous π -cal culus ( S π -calculus) in tro duced in [2]. W e assu me that the reader is familiar with th e π -calculus and pro ceed to giv e a flav o ur of the language (the form al defi nition of the S π -calculus is recalled in section 2). The sy ntax of the S π -calculus is similar to the one of the π -calculus, how ev e r th ere are some imp ortan t semantic differences that we highligh t in t he follo wing simple example. Assume v 1 6 = v 2 are t w o d istinct v alues and consider the follo wing program in S π : P = ν s 1 , s 2 ( s 1 v 1 | s 1 v 2 | s 1 ( x ) . ( s 1 ( y ) . ( s 2 ( z ) . A ( x, y ) , B (! s 1 )) , 0) , 0 ) If we forget ab out the und erlined parts and we regard s 1 , s 2 as channel names then P c ould also b e view ed as a π -calculus pro cess. In this case, P w ould reduce to P 1 = ν s 1 , s 2 ( s 2 ( z ) .A ( θ ( x ) , θ ( y )) where θ is a substitution such that θ ( x ) , θ ( y ) ∈ { v 1 , v 2 } and θ ( x ) 6 = θ ( y ). In S π , signals p ersist within the instant and P red uces to P 2 = ν s 1 , s 2 ( s 1 v 1 | s 1 v 2 | ( s 2 ( z ) .A ( θ ( x ) , θ ( y )) , B (! s 1 ))) where a gain θ ( x ) , θ ( y ) ∈ { v 1 , v 2 } but p ossibly θ ( x ) = θ ( y ). What happ ens next? In the π - calculus, P 1 is de ad lo cke d and no fur ther compu tati on is p ossible. In th e S π -calculus, the f ac t that no fur ther computation is p ossib le in P 2 is detec ted and marks the end of the cu rr ent instant . Th en an additional computation represented by the relation N − → mov es P 2 to the follo wing in stan t: P 2 N − → P ′ 2 = ν s 1 , s 2 B ( v ) where v ∈ { [ v 1 ; v 2 ] , [ v 2 ; v 1 ] } . Thus at the end of th e instan t, a der eferen ced signal s uc h as ! s 1 b ecomes a list (p ossibly empt y ) of (distinct) v alues emitted on s 1 during the instan t and th en all signals are reset. 1 W e con tin ue our inform al discussion with an example of a ‘server’ handling a list of requests emitted in the previous in stan t on the signal s . F or eac h requ est o f the shap e re q ( s ′ , x ), it pro vides an answer w hic h is a fun ctio n of x along the signal s ′ (the notation x ☎ p is used to matc h a v alue x against a p att ern p ). The ‘client ’ issues a r equest x on signal s and returns the reply on signal t . Server ( s ) = pause . Hand le ( s, ! s ) Hand le ( s, ℓ ) = [ ℓ ☎ cons ( req ( s ′ , x ) , ℓ ′ )]( s ′ f ( x ) | Hand l e ( s, ℓ ′ )) , Server ( s ) Client ( x, s, t ) = ν s ′ ( s req ( s ′ , x ) | pause .s ′ ( x ) .tx, 0) . Let us fi rst notice that a request con tains a ‘p ointe r’, namely the name o f the signal on whic h to answer the r equest. Then the ‘folklore solution’ of tr an s forming a list of v alues in to one v alue via an asso ciat iv e and commutativ e function do es n ot work her e. Indeed there seems to b e no reasonable wa y to defin e an asso ciativ e and comm u tati v e f u nction on p oin ters. Instead, we lo ok at Hand le as a fun ctio n fr om (a signal and ) a list of requests to b eha viour s whic h is inv ariant u nder p ermuta tions of the list of requests. Note that to express this inv ariance we need a notion of b ehavio ural equiv alence and that this equiv alence must satisfy the u sual asso ciativit y and comm u tativi t y laws of parallel comp osition and must b e preserve d by p arallel comp osition. These consid eratio ns are enough to argue that the Server is a ‘deterministic’ program. No m att er ho w many client s will issu e requests at eac h instan t, the Server will provide an answ er to eac h of them in the follo wing instant in a wa y which is indep end en t of the ord er of the requests. L et us n ow lo ok at the Client . After issuing a request, th e Client wai ts for a reply in the follo w ing instan t. Clearly , if more than one reply comes, the outcome of the computation is not deterministic. F or instance, we could ha ve seve ral ‘Serv ers’ r unning in parallel or a s er ver could somehow dup lica te the request. T his means that the u sage of the signal s must b e such that man y ‘clien ts’ ma y issue a requ est but at most one ‘serv er’ ma y handle them at the end of the instan t in an ‘affine’ w a y . F urther, on the clien t side, the r eturn signal s ′ can only b e used to r ead w hile on the serv er side it can only b e used to emit. This preliminary discussion suggests the need for a form al analysis of the pr inciples that allo w to establish the determinacy of a synchronous program. This analysis will b e obvio usly inspired by p revious wo rk on the foundations of linear logic [7], on linear t yp in g of f unctional programs ( e.g. , [14]), and on linear u sages of c h annels ( e.g. , [10]). F ollo wing this line of w orks, the analysis pr esen ted in section 3 will take the form of a typing system . T h e previous section 2, will recall th e formal definition of the S π -calculus. I n th e fin al section 4 , first we shall in tro duce the prop erties of the typing system leading to a su bje ct r e duction theorem, an d second w e sh all describ e a su ita ble notion of t yp ed bisim ulation and sho w that with resp ect to this notion, t ypable programs can b e regarded as deterministic . 2 Definition of the S π -calculus W e recall the formal definition of th e S π -calculus and its b isim ulation based seman tics w h ile referring the r eader to [2, 4 ] for a deep er an alysis. This section is rather tec h nical b ut to understand th e t yp e system d escrib ed in the follo w in g section 3 there are really just tw o p oin ts th at the reader should k eep in mind: 1. Th e seman tics of the calc ulus is given by the lab elled transition system presen ted in table 2. A reader familiar with a π -calculus with asynchronous communicatio n can 2 understand these rules r ather quic kly . The main differences are (a) the rule for emitting a signal formalises the fact that a signal, unlik e a channel, p ersists within an instan t and (b) the ru les that describ e the computation at the end of the instan t. 2. Th e lab elled transition sys tem ind uces a rather stand ard notion of bisimulati on equiv- alence (defin itio n 1) which is preserv ed by static con texts (fact 2). 1 In section 4, we shall introd uce a ‘typed’ defin ition of the bisim ulation and show that with r esp ect to this defin ition, typable programs are deterministic. 2.1 Programs Programs P , Q, . . . in the S π -calculus are defined in table 1. W e use th e notation m for a v ector m 1 , . . . , m n , n ≥ 0. The in formal b eha viour of programs follo ws . 0 is the terminated thread. A ( e ) is a (tail) recursive call of a thr ead iden tifier A with a vect or e of expr essions as argumen t; as usual the thread ident ifier A is defin ed by a u nique equation A ( x ) = P su c h that the free v ariables of P o ccur in x . se ev aluates the expression e and emits its v alue on the signal s . s ( x ) .P , K is the pr e sent statemen t wh ic h is the fu ndamen tal op erator of the mo del [1]. If the v alues v 1 , . . . , v n ha v e b een emitted on th e signal s then s ( x ) .P, K ev olves non-deterministically into [ v i /x ] P for some v i ([ / ] is our notation for sub stitution). On the other hand, if no v alue is emitted then the con tin uation K is ev aluated at the end of the instan t. [ s 1 = s 2 ] P 1 , P 2 is the usual matc hing function of the π -calculus that runs P 1 if s 1 equals s 2 and P 2 , otherwise. Here b oth s 1 and s 2 are fr ee. [ u ☎ p ] P 1 , P 2 , matc h es u against the pattern p . W e assume u is either a v ariable x or a v alue v and p has the shap e c ( x ), where c is a constructor and x is a ve ctor of d istinct v ariables. W e also assume that if u is a v ariable x then x d o es not o ccur free in P 1 . A t run time, u is alw ays a value and we ru n θ P 1 if θ = match ( u, p ) is the substitution matc hing u against p , an d P 2 if th e sub stitution do es not exist (wr itte n match ( u, p ) ↑ ). Note that as usual the v ariables o ccurring in the pattern p (including s ignal n ames) are b ound in P 1 . ν s P creates a n ew signal name s and runs P . ( P 1 | P 2 ) runs in p aralle l P 1 and P 2 . A contin uation K is simply a r ecursiv e call wh ose argumen ts are either expressions or v alues associated with signals at the end of the in stan t in a sense that w e explain b elo w . W e sh all also write pa use .K f or ν s s ( x ) . 0 , K w ith s not free in K . Th is is the program that wa its till the end of the ins tan t and th en ev aluates K . 2.2 Expressions Expressions are partitioned in s ev eral syntactic categories as sp ecified in table 1. As in the π -calculus, s ignal names stand b oth for signal constants as generated by the ν op erator and signal v ariables as in the formal p arameter of the p resen t op erator. V ariables V ar include signal names as well as v ariables of other types. Constru ctors Cnst includ e ∗ , nil , and cons . V alues V al are terms built out of constru cto rs and signal names. Patt erns P at are terms built out of constructors and v ariables (includin g signal names). If P , p are a program and a pattern th en we den ote with fn ( P ) , fn ( p ) the s et of free signal n ames o ccurring in them, resp ectiv ely . W e also use FV ( P ) , FV ( p ) to denote the set of fr ee v ariables (including signal names). W e assume firs t-order function symbols f , g , . . . and an ev aluation r ela tion ⇓ such that for ev ery fu nction symb ol f and v alues v 1 , . . . , v n of suitable type there is a un iqu e v alue 1 As a matter of fact the lab elled transition system is b uilt so that the definition of bisim ulation equiva lence looks standard [4]. 3 P ::= 0 | | A ( e ) | | se | | s ( x ) .P , K | | (programs) [ s 1 = s 2 ] P 1 , P 2 | | [ u ☎ p ] P 1 , P 2 | | ν s P | | P 1 | P 2 K ::= A ( r ) (contin uation next instant) Sig ::= s | | t | | · · · (signal names) V ar :: = Sig | | x | | y | | z | | · · · (v ariables) Cnst ::= ∗ | | nil | | cons | | c | | d | | · · · (constructors) V al ::= Si g | | Cnst ( V al , . . . , V al ) (v alues v , v ′ , . . . ) Pat ::= Cnst ( V ar , . . . , V ar ) (patterns p , p ′ , . . . ) F un ::= f | | g | | · · · (first-order function symbols) Exp ::= V ar | | Cnst ( Exp , . . . , Exp ) | | F un ( Exp , . . . , Exp ) (expressions e, e ′ , . . . ) R exp ::= ! Si g | | V ar | | C nst ( R exp , . . . , Re xp ) | | F un ( R exp , . . . , R exp ) (exp. with deref. r, r ′ , . . . ) T able 1: Syntax of programs and expressions v su c h that f ( v 1 , . . . , v n ) ⇓ v and fn ( v ) ⊆ S i =1 ,...,n fn ( v i ). Expr essions Exp are terms built out of v ariables, constructors, and function sym b ols. The ev aluation relation ⇓ is extended in a standard w a y to expressions wh ose only free v ariables are signal n ames. Finally , R exp are expressions that ma y in clude th e v alue asso ciated with a signal s at the end of the instan t (whic h is written ! s , follo wing the ML notatio n for d er eferen cia tion). Intuitiv ely , this v alue is a list of values rep r esen ting the set of v alues emitted on the signal du ring the instan t. The defin itio n of a simple type system for the S π -calculus can b e extracted from the more elab orate t yp e system p resen ted in section 3 by confusing ‘set-t yp es’ with ‘list-t yp es’ and b y neglecting all considerations on usages. 2.3 Actions The synt actic category act of actions describ ed in table 2 comprises relev an t, au x iliary , and nested actions. T he op erations fn (free names), bn (b ound n ames), and n (b oth f ree and b ound names) are defin ed as in the π -calculus [13]. The r elevant actions are those that are actually considered in the bisimulatio n game. They consist of: (i) an internal action τ , (ii) an emission action ν t sv where it is assumed that the signal names t are distinct, occur in v , and differ from s , (iii) an input action sv , and (iv) an action N (for Next ) that marks the mov e f rom the current to the next instan t. The auxiliary actions consist of an input action s ? v whic h is coupled with an emission action in order to compute a τ action and an action ( E , V ) w hic h is just needed to compute an action N . T h e latter is an action that can o ccur exactly w h en the program cannot p erf orm τ actions and it amounts to (i) collect in lists th e set of v alues emitted on every signal, (ii) to r eset all signals, and (iii) to in itialise the contin uation K f or eac h present statemen t of the shap e s ( x ) .P , K . In order to form alise these three steps we need to in tro duce s ome notation. Let E v ary o ver fu n ctio ns from signal names to fi nite sets of v alues. Denote with ∅ the fun ctio n that asso ciat es the empty set with ev ery s ignal name, with [ M /s ] the function that asso cia tes the set M w ith the signal name s and the empt y set with all the other signal names, and with ∪ the union of fu nctions defined p oin t-wise. W e r epresen t a set of v alues as a list of the v alues b elonging to th e set. More precisely , w e write v k − M and sa y that v r epr e sents M if M = { v 1 , . . . , v n } and v = [ v π (1) ; . . . ; v π ( n ) ] for some p ermutatio n π o ver { 1 , . . . , n } . Supp ose V is a fun ctio n from signal names to lists 4 of v alues. W e write V k − E if V ( s ) k − E ( s ) for ev ery signal n ame s . W e also wr ite dom ( V ) for { s | V ( s ) 6 = [] } . If K is a con tinuati on, i.e. , a recursiv e call A ( r ), th en V ( K ) is obtained from K by rep lac ing eac h o ccurrence ! s of a der eferen ced signal with the asso ciated v alue V ( s ). W e denote with V [ ℓ/s ] the fun ctio n that b ehav es as V except on s wher e V [ ℓ/s ]( s ) = ℓ . With these con v en tions, a transition P ( E ,V ) − − − → P ′ in tuitiv ely means that (1) P is susp ended, (2) P emits exactly the v alues sp ecified by E , and (3) th e b eha viour of P in the follo w ing instan t is P ′ and dep end s on V . It is con v enien t to compute these transitions on programs where all name generations are lifted at top leve l. W e write P  Q if we can obtain Q from P by rep eatedly transf orming, f or instance, a subpr ogram ν s P ′ | P ′′ in to ν s ( P ′ | P ′′ ) where s / ∈ fn ( P ′′ ). Finally , the neste d actions µ, µ ′ , . . . are certain actions (either relev an t or auxiliary) that can b e pro duced b y a sub-p r ogram and that we need to propagate to th e top lev el. 2.4 Lab elled t ransition system and bisimu lation The lab elled transition system is defin ed in table 2 where r ules apply to programs wh ose only free v ariables are signal names and with standard conv en tions on the renaming of b ound names. As us u al, one can r ename b ound v ariables, and symmetric rules are omitted. Th e first 12 r ules from ( out ) to ( ν ex ) are qu ite close to those of a p oly adic π -calculus with async hronous comm u nicatio n (see [8, 3 ]) with the follo wing exception: rule ( out ) mo dels the fact that the emission of a v alue on a s ignal p ersists within the instan t. The last 5 rules from (0) to ( next ) are quite sp ecific of the S π -calculus and determine ho w the computation is carried on at the end of the instant (cf. discussion in 2.3). W e deriv e from the lab elled transition s ystem a notion of (w eak) lab elled bisimulation. First define α ⇒ as ( τ − → ) ∗ if α = τ , ( τ ⇒ ) ◦ ( N − → ) if α = N , and ( τ ⇒ ) ◦ ( α − → ) ◦ ( τ ⇒ ) otherwise. This is the s tandard d efinition except that we in sist on not ha ving in ternal r eductions after an N action. In tuitiv ely , we assu me that an observ er can con trol the execution of programs so as to b e able to test them at the very b eginnin g of eac h ins tant. W e write P α − → · f or ∃ P ′ ( P α − → P ′ ). Definition 1 (lab elled bisim ulat ion) A symmetric r elation R on pr o gr ams is a lab el le d bisimulation if P R Q , P α − → P ′ , bn ( α ) ∩ fn ( Q ) = ∅ implies ∃ Q ′ ( Q α ⇒ Q ′ , P ′ R Q ′ ) . We denote with ≈ the lar gest lab e l le d bisimulation. F act 2 ([4]) L ab el le d bisimulation is pr eserve d by p ar al lel c omp osition and name gener ation. 3 An affine t yp e system An an alysis of the notion of d eterminacy carried on in [4], along the lines of [12], s uggests that there are basically t wo situations that need to b e analysed in ord er to guaran tee the determinacy of pr og rams. (1) At least tw o distinct v alues comp ete to b e r ece iv ed within an instan t, for instance, consider: sv 1 | sv 2 | s ( x ) .P , K . (2) A t the end of the instant , at least t wo distinct v alues are av ailable on a signal. F or instance, consider : sv 1 | sv 2 | pause .A (! s ). A sensible appr oac h is to av oid completely the fir s t situ ation and to allo w the second pro vided the b ehavio ur of the con tin uation A do es not d ep end on th e order in whic h the v alues are collect ed. T ec h nically , w e consider a n otio n of affine signal usage to guarantee the first condition and a n otio n of set typ e for the s eco nd one. While this is a go od starting p oin t, 5 act ::= α | | aux (actions) α ::= τ | | ν t sv | | sv | | N (relev ant actions) aux ::= s ? v | | ( E , V ) (auxiliary actions) µ ::= τ | | ν t sv | | s ? v (nested actions) ( out ) e ⇓ v se sv − → se ( in aux ) s ( x ) .P , K s ? v − − → [ v /x ] P ( in ) P sv − → ( P | sv ) ( r e c ) A ( x ) = P , e ⇓ v A ( e ) τ − → [ v / x ] P (= sig 1 ) [ s = s ] P 1 , P 2 τ − → P 1 (= sig 2 ) s 1 6 = s 2 [ s 1 = s 2 ] P 1 , P 2 τ − → P 2 (= ind 1 ) match ( v , p ) = θ [ v ☎ p ] P 1 , P 2 τ − → θ P 1 (= ind 1 ) match ( v , p ) = ↑ [ v ☎ p ] P 1 , P 2 τ − → P 2 ( c omp ) P 1 µ − → P ′ 1 bn ( µ ) ∩ fn ( P 2 ) = ∅ P 1 | P 2 µ − → P ′ 1 | P 2 ( synch ) P 1 ν t sv − − − → P ′ 1 P 2 s ? v − − → P ′ 2 { t } ∩ f n ( P 2 ) = ∅ P 1 | P 2 τ − → ν t ( P ′ 1 | P ′ 2 ) ( ν ) P µ − → P ′ t / ∈ n ( µ ) ν t P µ − → ν t P ′ ( ν ex ) P ν t sv − − − → P ′ t ′ 6 = s t ′ ∈ n ( v ) \{ t } ν t ′ P ( ν t ′ , t ) sv − − − − − → P ′ (0) 0 ∅ ,V − − → 0 ( r eset ) e ⇓ v v occurs in V ( s ) se [ { v } /s ] ,V − − − − − − → 0 ( c ont ) s / ∈ dom ( V ) s ( x ) .P , K ∅ ,V − − → V ( K ) ( p ar ) P i E i ,V − − − → P ′ i i = 1 , 2 ( P 1 | P 2 ) E 1 ∪ E 2 ,V − − − − − − → ( P ′ 1 | P ′ 2 ) ( next ) P  ν s P ′ V k − E P ′ E ,V − − − → P ′′ P N − → ν s P ′′ T able 2: Lab elled transition system 6 it falls short of p ro viding a completely satisfying an s w er b ecause th e t yp e constructions d o not comp ose v ery wel l. Th en our goal is to disco ver a collectio n of signal usages with b etter comp ositionali t y prop erties. The outcome of our analysis are three new kinds of usages (kinds 3 − 5 in table 3). 3.1 Usages In fir s t appr o ximation, we ma y r ega rd a usage as an element of the s et L = { 0 , 1 , ∞} with the in tuition that 0 corr esp ond s to n o u sage at all, 1 to at most one u sage , and ∞ to an y us age. W e add u sages w ith a p artial op eration ⊕ suc h that 0 ⊕ a = a ⊕ 0 = a and ∞ ⊕ ∞ = ∞ , and whic h is und efined otherwise (note in particular that 1 ⊕ 1 is un defined). The add ition induces an or der b y a ≤ b if ∃ c a ⊕ c = b . With r esp ect to this order, 0 is th e least elemen t while 1 and ∞ are inc omp ar able . I f a ≥ b then w e defin e a subtr action op eration a ⊖ b as the lar gest c such that a = b ⊕ c . Th erefore: a ⊖ 0 = a , 1 ⊖ 1 = 0, and ∞ ⊖ ∞ = ∞ . This classification of usages is adequate when hand ling purely f u nctional data where the in tuition is that data with usage 1 hav e at most one p oin ter to them [14]. Ho wev er, wh en handling more complex entiti es such as references, channels, or signals it is con v enien t to tak e a more refined view. Sp ecifically , a usage can b e refin ed to includ e inform ati on ab out whether a signal is u sed: (i) to emit, (ii) to receiv e d uring the instan t, or (iii) to receiv e at th e end of the instant. T hen a usage b ecomes an elemen t of L 3 . Among the 27 p ossible usages of the shap e ( a, b, c ) f or a, b, c ∈ L , w e argue that there are 5 main ones as describ ed in table 3 (left part). First of all, we m ust hav e a 6 = 0 and ( b 6 = 0 ∨ c 6 = 0) sin ce a signal on whic h we cannot send or receiv e has n o in terest. No w if a = ∞ then we are forced to tak e b = 0 since w e w an t to preserve the d eterminacy . Th en for c = ∞ we hav e the usage e 1 and for c = 1 w e hav e th e usage e 3 . Su pp ose no w a = 1. O ne choice is to hav e b = c = ∞ and then we ha v e the usage e 2 . On the other hand if w e wa n t to preserve affinit y then we should r ecei v e the emitted v alue at most once. Hence w e ha ve b = 0 , c = 1 or b = 1 , c = 0 wh ic h corresp ond to the usages e 4 and e 5 , resp ectiv ely . F r om these 5 main usages within an instan t, w e obtain the derive d ones (see again table 3 ) by simp ly turnin g one or more 1’s to 0’s. W e only add, subtract, compare usages in L 3 that are derived from the same main usage. In a synchr onous framew ork, it makes sense to consider ho w us ag es v ary o ver time . Th e simplest solution would b e to lo ok at signal usages of the shap e x ω , x ∈ L 3 , wh ic h are invariant under time. Ho wev er, to r eason effectiv ely on pr ograms, w e are led to consider signal usages of the shap e xy ω where x, y ∈ L 3 are derive d from the same main usage. The reader may h a v e noticed that in this discussion w e ha v e referr ed to increasingly complex ‘usages’ v arying o v er L , L 3 , and ( L 3 ) ω . Henceforth a signal usage b elongs to ( L 3 ) ω . Usages are classified in 5 kinds as show ed in table 3. 2 W e d enote with U the set of all these usages and w ith U ( i ) the set of usages of kind i , for i = 1 , . . . , 5. W e consider that the addition op eration ⊕ is defined only if u, u ′ ∈ U ( i ) and u ⊕ u ′ ∈ U ( i ) for some i ∈ { 1 , . . . , 5 } . Similar conv ent ions apply when comparing and subtracting usages. If u ∈ U then ↑ u , the shift of u , is the infi n ite w ord in U obtained fr om u b y remo ving the fir st c h aract er. This op eration is alw a ys defi n ed. If u is a signal u s ag e, then u ( i ) for i ≥ 0 denotes its i th c h aract er and u ( i ) j for j ∈ { 1 , 2 , 3 } the j th comp onen t of u ( i ). W e classify the usages according to 3 p r op er ties: affinity , uniformity , and preserv ation of affinit y . W e say that a usage is affine if it con tains a ‘1 ′ and non-affine otherwise. W e also 2 The fact that, e.g. , (1 , 0 , 0) o ccurs b oth in th e usages of kind 4 and 5 is a sligh t source of ambiguit y which is resolved by assuming th at the kind of the usage is made ex plicit. 7 main usages derived usages e 1 = ( ∞ , 0 , ∞ ) e 2 = (1 , ∞ , ∞ ) (0 , ∞ , ∞ ) e 3 = ( ∞ , 0 , 1) ( ∞ , 0 , 0) e 4 = (1 , 0 , 1) (1 , 0 , 0) , (0 , 0 , 1) , (0 , 0 , 0) e 5 = (1 , 1 , 0) (1 , 0 , 0) , (0 , 1 , 0) , (0 , 0 , 0) xy ω ∈ U ( i ) is affine uniform aff. preserving i = 1 no y es no i = 2 y es/no y es/no no i = 3 y es/no y es/no y es i = 4 y es/no y es/no y es i = 5 y es/no y es/no y es T able 3: Usages and their classification sa y th at it is uniform if it is of the shap e x ω and th at it is neutr al if it is the neutr al elemen t with r esp ect to the add itio n ⊕ on the set of usages U ( i ) to w hic h it b elongs. It turns out th at the non-affine signal usages are alwa ys un iform and moreo ver they coincide with the neutral ones. Finally , b y definition, the usages in the sets U ( i ) for i = 3 , 4 , 5 are affine pr eserving The classification is summarised in the table 3 (righ t part). 3.2 T yp es In fir s t appro ximation, t yp es are either inductive typ es or signal t yp es. As usu al, an ind u ctiv e t yp e s uc h as the type List ( σ ) of lists of elements of t y p e σ is defi ned b y an equ ation List ( σ ) = nil | | cons of σ, List ( σ ) sp ecifying the w a y s in whic h an elemen t of this t yp e can b e built. In our con text, indu ctiv e t yp es come w ith a usage x w hic h b elongs to the set { 1 , ∞} and whic h intuitiv ely sp ecifies whether the v alues of this type can b e u sed at most once or arbitrarily many times (once more we recall that 1 and ∞ are incomparable). T o summarise, if σ 1 , . . . , σ k are t yp es already defin ed then an ind uctiv e typ e C x ( σ 1 , . . . , σ k ) is defined by case on constructors of the sh ap e c of σ ′ 1 , . . . , σ ′ m where the t yp es σ ′ j , j = 1 , . . . , m are either one of the t yp es σ i , i = 1 , . . . , n or the ind uctiv e t yp e C x ( . . . ) b eing defined . There is a further constrain t that has to b e resp ected, namely that if one of the t yp es σ i is ‘affine’ then the usage x must b e affine preserving, i. e. , x = 1. An affine t yp e is simply a t yp e whic h conta ins an affine usage. T he grammar in table 4 will pr o vide a precise d efinition of the affine t yp es. When collecti ng the v alues at the end of the instan t we sh all also need to consid er set typ es . They are describ ed by an equ ati on Set x ( σ ) = nil | | cons of σ, Set x ( σ ) wh ic h is quite similar to the one for lists. Note that s et t yp es to o come with a u sage x ∈ { 1 , ∞} and th at if σ is an affine t yp e th en th e us age x must b e affine p reserving. The reader migh t h a v e n oti ced that w e tak e the freedom of using the constructor ni l b oth w ith the types List u ( σ ) and Set u ( σ ), u ∈ { 1 , ∞} , and the constructor cons b oth with the types ( σ, List u ( σ )) → List u ( σ ) and ( σ , Set u ( σ )) → Set u ( σ ). Ho we v er, one should assu me that a suitable lab el on th e constructors will allo w to d isam biguate the situation. Finally , w e denote with Sig u ( σ ) the t yp e of signals carrying v alues of t yp e σ according to the signal usage u . As for ind u ctiv e and set t yp es, if σ is an affin e t yp e then the signal u sage u must b e affine preserving. T o formalise these distinctions, we are lead to use sev eral names for t yp es as sp ecified in table 4. W e den ote with κ non-affine (or classical) typ es, i.e. , t yp es that carry no affine in formation. These t yp es ha ve a unif orm usage. W e den ote with λ affin e and uniform t yp es. T he t yp es σ , σ ′ , . . . stand for types with uniform usage (either non-affine or affine). Finally , the t yp es ρ, ρ ′ , . . . include all the previous ones p lus t yp es that ha ve a non-uniform usage. W e notice that classical uniform typ es can b e nested in an arb itrary wa y , while affine unif orm t yp es can only b e nested u nder t y p e constructors that preserve affinit y . 8 Moreo ve r, t yp es with non-unif orm usages (either classical or affine) cannot b e nested at all. 3 The partial op eration of addition ⊕ is extended to t y p es so that: Op u 1 ( σ ) ⊕ Op u 2 ( σ ) = Op u 1 ⊕ u 2 ( σ ), where O p can b e C , Set , or Sig , and p ro vided that u 1 ⊕ u 2 is d efi ned. F or instance, List 1 ( λ ) ⊕ List 1 ( λ ) is und efi ned b ecause 1 ⊕ 1 is not defin ed. A t yp e con text (or simply a con text) Γ is a partial fun ction with fin ite domain dom (Γ) f rom v ariables to t yp es. An ad d ition op eration Γ 1 ⊕ Γ 2 on cont exts is d efined, written (Γ 1 ⊕ Γ 2 ) ↓ , if and only if for all x su c h that Γ 1 ( x ) = ρ 1 and Γ 2 ( x ) = ρ 2 , the t yp e ρ 1 ⊕ ρ 2 is defined. The shift op eration is extended to conte xts so that ( ↑ Γ)( x ) = Sig ( ↑ u ) ( σ ) if Γ( x ) = Sig u ( σ ) and ( ↑ Γ)( x ) = Γ( x ) otherwise. W e also denote w ith Γ , x : σ the con text Γ extende d with the pair x : σ (so x / ∈ dom (Γ)). W e sa y that a con text is neutr al ( uniform ) if it assigns to v ariables neutral (uniform) types. 3.3 Seman tic instrumen tation As we hav e seen, eac h s ignal b elongs to exactly one of 5 kinds of usages. Let us consider in particular the kind 5 wh ose m ain usage is e 5 . The forthcoming typ e system is supp osed to guarant ee that a v alue emitted on a signal of kind 5 is r ece iv ed at most once durin g an instan t. No w, consid er the pr ogram st | s ( x ) .x, 0 and attribute a u s ag e e ω 5 to the signals s and t . According to this usage this pr ogram should b e w ell t yp ed . How ev er, if w e apply the lab elled tr ansition system in table 2, this pr ogram reduces to ( st | t ) w hic h fails to b e w ell-t yp ed b ecause the double occur rence of t is not compatible with an affine usage of t . In tuitiv ely , after the signal s h as b een read once n o other s ync hr on isation sh ould arise d uring the instan t either within the program or with the en vironmen t. T o express this f act w e pro ceed as follo ws. First, w e instrument the semant ics so that it marks (underlines) the emissions on signals of kind 5 th at hav e b een used at least on ce du r ing the instant . The emission has no effect on the lab elled transition system in the sens e that se b eha ves exactly as se . ( out ) e ⇓ v se sv − → se ( out ) e ⇓ v se sv − → se ( r eset ) e ⇓ v v occu rs in V ( s ) se [ { v } /s ] ,V − − − − − − → 0 On the other hand, we in tr o du ce a sp ecial rule ( out ) to typ e se whic h requ ires at least a usage (1 , 1 , 0) · (0 , 0 , 0) ω for the signal s w hile neglecting the exp ression e . By doing this, we mak e su re that a second attempt to receiv e on s will pro duce a t yp e error. In other terms, if t yp ing is preserved b y ‘compatible’ transitions, then we can b e sure th at a v alue emitted on a signal of kind 5 is receiv ed at most once within an ins tant. 3.4 T yp e system The typ e sy s tem is built aroun d f ew basic ideas. (1) Usages including b oth in put an d output capabilities can b e d eco mp osed in s impler ones. F or instance, (1 , 1 , 0) ω = (1 , 0 , 0)(0 , 1 , 0) ω ⊕ (0 , 1 , 0)(1 , 0 , 0) ω . (2) A rely-guaran tee kind of reasoning: w hen we emit a v alue we guar ante e certain resources w hile when w e receiv e a v alue w e r ely on certain resources. (3) Ev ery affine usage can b e consumed at most once in the typing j udgemen t (and in the compu tat ion). 3 What’s the m eaning of sending a data structure containing informations whose usage is time-dep endent? Is the time information relativ e to the instant where the data structure is sen t or used? W e leav e op en the problem of developing a type th eory with usages more complex than the ones of the shap e xy ω considered here. 9 When formalising the t yp in g jud ge ments we need to distinguish the t yping of an expr ession e fr om the t yping of an expression with der eferen cia tion r and the typing of a recursive call A ( e 1 , . . . , e n ) fr om the t yping of a recur s iv e call at the end of th e instan t A ( r 1 , . . . , r n ). T o do this we sh all write [ r ] rather than r and [ A ( r 1 , . . . , r n )] rather than A ( r 1 , . . . , r n ). W e shall consider four typing judgements : Γ ⊢ e : ρ , Γ ⊢ [ r ] : ρ , Γ ⊢ P , and Γ ⊢ [ A ( r 1 , . . . , r n )], and we w ish to refer to them with a uniform notation Γ ⊢ U : T . T o th is end, we in tr odu ce a fictious t yp e Pr of programs and regard the judgements Γ ⊢ P : Pr and Γ ⊢ [ A ( r 1 , . . . , r n )] : Pr as an expansion of Γ ⊢ P and Γ ⊢ [ A ( r 1 , . . . , r n )], resp ectiv ely . Th en w e let U stand for one of e , [ r ], P , [ A ( r 1 , . . . , r n )], and T for one of ρ, Pr . W e assu me th at function symb ols are giv en non-affine types of the shap e ( κ 1 , . . . , κ n ) → κ . W e d enote with k either a constructor or a fun ctio n symb ol and we assu me that its type is explicitly giv en. The typing rules are give n in table 4. W e comment firs t on the typing rules for the expressions. W e notice that the argu m en ts and the result of a constructor or a function sym b ol ha v e alw ays a u niform t yp e. The r ules (! Set ) and (! List ) describ e the t yp e of a d er eferen ced signal follo win g its usage. If the usage is of kind 1 then the list of v alues asso ciated with th e signal at th e end of the instant m ust b e treated as a set, if the usage is of kind 2 th en we kno w that th e list of v alues con tains at most one element and therefore its p rocessing will certainly b e ‘order-indep endent’, if the usage is of kind 3 then the list m a y con tain sev eral v alues and it m ust b e pro cessed as an affine set, finally if th e usage is of kind 4 (the u sage of kind 5 f orbids reception at the end of the in stan t) then again the list of v alues will cont ain at most one element so w e can rely on an affine list t yp e. Notice the sp ecial form of th e ru le [ var sig ]. The p oin t here is that in a recur siv e call K = A (! s, s ) at the end of in stan t, w e need to distinguish the resour ces needed to t yp e ! s whic h sh ould relate to the curr ent instant from the resources n eeded to typ e s which should relate to the fol lowing instants . F or instance, w e wan t to t yp e K in a con text s : Sig u ( σ ) where u = (0 , 0 , 1) ω . This is p ossible b ecause we can d eco mp ose u in u 1 ⊕ u 2 , where u 1 = (0 , 0 , 1)(0 , 0 , 0) ω and u 2 = (0 , 0 , 0)(0 , 0 , 1) ω , and we can r ely on u 1 to typ e [! s ] and on u 2 to t yp e [ s ] (b y [ var sig ]). A set-t yp e is a particular case of quotient typ e and therefore its definition go es through the definition of an equiv alence relation ∼ ρ on v alues. This is defined as the least equiv alence relation such that s ∼ Sig u ( σ ) s , c ∼ C ( σ ) c , if c is a constan t of type C ( σ ), and c ( v 1 , . . . , v n ) ∼ C u ( σ 1 ,...,σ n ) c ( u 1 , . . . , u n ) if v i ∼ σ i u i for i = 1 , . . . , n [ v 1 ; . . . ; v n ] ∼ Set u ( σ ) [ u 1 ; . . . ; u m ] if { v 1 , . . . , v n } ∼ Set u ( σ ) { u 1 , . . . , u m } , where: { v 1 , . . . , v n } ∼ Set u ( σ ) { u 1 , . . . , u m } if for a p ermutation π , v i ∼ σ u π ( i ) . F u rthermore, w e assume that eac h function sym b ol f , coming with a (classical) typ e ( κ 1 , . . . , κ n ) → κ , r esp e cts the typing in the follo wing sense: (1) if v i ∼ κ i u i , i = 1 , . . . , n , f ( v 1 , . . . , v n ) ⇓ v and f ( u 1 , . . . , u n ) ⇓ u then v ∼ κ u . (2) If Γ ⊢ f ( v 1 , . . . , v n ) : κ and f ( v 1 , . . . , v n ) ⇓ v then Γ ⊢ v : κ . Finally , w e turn to the t yping of pr og rams. W e assume that eac h thr ead identifier A , defined by an equation A ( x 1 , . . . , x n ) = P , comes with a t yp e ( σ 1 , . . . , σ n ). Hence we r equire these typ es to b e uniform. W e also require that A has the pr operty that: (i) if v i ∼ σ i u i for i = 1 , . . . , n then A ( v 1 , . . . , v n ) ≈ A ( u 1 , . . . , u n ) and (ii) x 1 : σ 1 , . . . , x n : σ n ⊢ P is deriv able. W e also su pp ose th at generated signals n ames are explicitly lab elled with their types as in ν s : ρ P . The lab elled transition system in table 2 is adap ted so that the outp u t action carries the in formation on the types of the extrud ed n ames. This t yp e is lifted by the ru le 10 κ ::= C ∞ ( κ ) | | Set ∞ ( κ ) | | Sig u ( κ ) ( u neu t ral) λ ::= C 1 ( σ ) | | Set 1 ( σ ) | | Sig u ( κ ) | | Sig v ( λ ) ( u affine and u niform , v aff.-pres. and uniform) σ ::= κ | | λ (uniform typ es) ρ ::= σ | | Sig u ( κ ) | | Sig v ( λ ) ( v affine-preserving) ( var ) u ≥ u ′ Op ∈ { Sig , Set , C } Γ , x : Op u ( σ ) ⊢ x : Op u ′ ( σ ) ( k ) Γ i ⊢ e i : σ i i = 1 , . . . , n k : ( σ 1 , . . . , σ n ) → σ k = f or k = c Γ 0 ⊕ Γ 1 ⊕ · · · ⊕ Γ n ⊢ k ( e 1 , . . . , e n ) : σ [ var C ] Op = C Op = Set Γ , x : Op u ( σ ) ⊢ [ x ] : Op u ( σ ) [ var sig ] y ω ≥ u Γ , s : Sig xy ω ( σ ) ⊢ [ s ] : Sig u ( σ ) [ k ] Γ i ⊢ [ r i ] : σ i i = 1 , . . . , n k : ( σ 1 , . . . , σ n ) → σ k = f or k = c Γ 0 ⊕ Γ 1 ⊕ · · · ⊕ Γ n ⊢ [ k ( r 1 , . . . , r n )] : σ [! Set ] ( u (0) ≥ ( ∞ , 0 , ∞ ) ∧ x = ∞ ) ∨ ( u (0) ≥ ( ∞ , 0 , 1) ∧ x = 1) Γ , s : Sig u ( σ ) ⊢ [! s ] : Set x ( σ ) [! List ] ( u (0) ≥ (0 , ∞ , ∞ ) ∧ x = ∞ ) ∨ ( u (0) ≥ (0 , 0 , 1) ∧ x = 1) Γ , s : Sig u ( σ ) ⊢ [! s ] : List x ( σ ) (0) Γ ⊢ 0 ( out ) Γ 1 ⊢ s : Sig u ( σ ) u (0) 1 6 = 0 Γ 2 ⊢ e : σ Γ 1 ⊕ Γ 2 ⊢ se ( ν ) Γ , s : Sig u ( σ ) ⊢ P Γ ⊢ ν s : Sig u ( σ ) P ( in ) Γ 1 ⊢ s : Sig u ( σ ) u (0) 2 6 = 0 Γ 2 , x : σ ⊢ P (Γ 1 ⊕ Γ 2 ) ⊢ [ A ( r )] (Γ 1 ⊕ Γ 2 ) ⊢ s ( x ) .P , A ( r ) ( m s ) s 1 , s 2 ∈ dom (Γ) Γ ⊢ P i i = 1 , 2 Γ ⊢ [ s 1 = s 2 ] P 1 , P 2 ( m c ) c : ( σ 1 , . . . , σ n ) → σ Γ 1 ⊢ u : σ Γ 2 , x 1 : σ 1 , . . . , x n : σ n ⊢ P 1 (Γ 1 ⊕ Γ 2 ) ⊢ P 2 Γ 1 ⊕ Γ 2 ⊢ [ u ☎ c ( x 1 , . . . , x n )] P 1 , P 2 ( p ar ) Γ i ⊢ P i i = 1 , 2 Γ 1 ⊕ Γ 2 ⊢ P 1 | P 2 ( r e c ) A : ( σ 1 , . . . , σ n ) , Γ i ⊢ e i : σ i i = 1 , . . . , n Γ 1 ⊕ · · · ⊕ Γ n ⊢ A ( e 1 , . . . , e n ) ( out ) Γ ⊢ s : Sig u ( σ ) u (0) = (1 , 1 , 0) Γ ⊢ se [ r e c ] A : ( σ 1 , . . . , σ n ) , Γ i ⊢ [ r i ] : σ i i = 1 , . . . , n Γ 1 ⊕ · · · ⊕ Γ n ⊢ [ A ( r 1 , . . . , r n )] T able 4: Affine t y p e system 11 ( next ) so that, e.g. , ν s : ρ s. 0 , A ( s ) N − → ν s : ↑ ρ A ( s ). Example 3 With r efer enc e to the example of client-server in se ction 1, assume an induc- tive (non-affine) typ e D of data. L et σ 1 = Sig u 1 ( D ) wher e u 1 = (1 , 0 , 0) ω b e the typ e of the signals on which the server wil l eventual ly pr ovide an answer. L et R e q 1 ( σ 1 , D ) = req of σ r , D b e the typ e of r e quests which ar e p airs c omp ose d of a sig nal and a datum. L et σ set = Set 1 ( R e q 1 ( σ 1 , D )) b e the typ e of the set of r e quests issue d by the clients. L et σ = Sig u ( R e q 1 ( σ 1 , D )) with u = ( ∞ , 0 , 1) ω b e the typ e of the signal on which the server gets the r e quests and σ ′ = Sig u ′ ( R e q 1 ( σ 1 , D )) , with u ′ = ( ∞ , 0 , 0) ω , the r elate d typ e of the signal on which the clients send the r e que sts. Final ly, let σ t = Sig u ( D ) b e the typ e of the signal on which the client sends the r e c eiv e d answer (with a suitable usage u ). Then we c an typ e Server and Client as fol lows: Server : ( σ ) , Hand le : ( σ, σ set ) , and Client : ( D , σ ′ , σ t ) . Remark 4 In a pr actic al implementation of the typ e system, one c an exp e ct the pr o gr ammer to assign a kind (1 − 5) to e ach sig nal and let the system i nfer a minim um usage which is c omp atible with the op er ations p erforme d by the pr o gr am. 4 Results W e start by stating the exp ected we akening and substitution p rop erties of the t yp e system. Lemma 5 (weak ening) If Γ ⊢ U : T and (Γ ⊕ Γ ′ ) ↓ then (Γ ⊕ Γ ′ ) ⊢ U : T . Lemma 6 (substitut ion) If Γ , x : ρ ⊢ U : T , Γ ′ ⊢ v : ρ , and (Γ ⊕ Γ ′ ) ↓ then (Γ ⊕ Γ ′ ) ⊢ [ v /x ] U : T . Next we sp ecify w h en a con text Γ is c omp atible with an action act , written (Γ , act ) ↓ . Recall th at V and E denote a fu nction from signals to fin ite lists of distinct v alues and fi nite sets of v alues, r esp ect iv ely . If V ( s ) = [ v 1 ; . . . ; v n ] then let ( V \ E )( s ) = { v 1 , . . . , v n }\ E ( s ). Then define a program P ( V \ E ) as the parallel comp osition of emissions sv su c h that v ∈ ( V \ E )( s ). In tuitiv ely , this is the emission on an ap p ropriate signal of all the v alues whic h are in V but not in E . W e also let P V stand for P ( V \∅ ) where ∅ ( s ) = ∅ for ev ery signal s . Definition 7 With e ach action act , we asso ciate a minimal pr o gr am P act that al lows the action to take plac e : P act = 8 > > < > > : 0 if act = τ or act = N sv if act = sv or act = s ? v s ( x ) . 0 , 0 if act = sv P V \ E if act = ( E , V ) Definition 8 (compatibility con text and action) A c ontext Γ is c omp atible with an ac- tion act , written (Γ , act ) ↓ , if ∃ Γ ′ (Γ ⊕ Γ ′ ) ↓ and Γ ′ ⊢ P act . W e can no w in tro duce the concept of typ e d transition wh ic h is a tr an s itio n lab elled with an action act of a pr ogram typable in a con text Γ su c h that Γ and act are compatible. Definition 9 (typed transition) We write P act − − − → Γ Q ( P act ⇒ Γ Q ) if: (1) Γ ⊢ P , (2) (Γ , act ) ↓ , and (3) P act − − → Q ( P act ⇒ Q , r esp e ctively). 12 Next, we introduce the notion of r esidual c ontext wh ic h is in tuitiv ely the con text left after a t yp ed trans ition. (the defi n ition for the auxiliary actions is a v ailable in app endix B.5). First, w e notice that giv en a (un iform) typ e σ and a v alue v w e can define the minimum conte xt ∆( v , σ ) suc h that ∆( v , σ ) ⊢ v : σ . Namely , we set ∆( s, σ ) = s : σ and ∆( c ( v 1 , . . . , v n )) = ∆( v 1 , σ 1 ) ⊕ · · · ⊕ ∆( v n , σ n ) if c : ( σ 1 , . . . , σ n ) → σ . Notice that ∆( v , σ ) is the empty con text if fn ( v ) = ∅ and it is a neutral conte xt if σ is non-affine. Definition 10 ( residual con t ext) Give n a c ontext Γ and a c omp atible and r elevant action α , the r esidual c ontext Γ( α ) is define d as fol lows: Γ( α ) = 8 > > < > > : Γ if α = τ ↑ Γ if α = N (Γ , t : σ ′ ) ⊖ ∆( v : σ ′ ) ⊕ { s : S ig u 5 ( σ ′ ) } if Γ( s ) = S ig u ( σ ′ ) , α = ν t : σ ′ sv , (1) Γ ⊕ ∆( v , σ ′ ) ⊕ { s : S ig u out ( σ ′ ) } if Γ( s ) = S ig u ( σ ′ ) , α = s v , (2) (1) u 5 =  0 , 1 , 0  ·  0 , 0 , 0  ω if u ∈ U (5) and it i s neutr al otherwise ( i.e. , u ∈ U (2) ). (2) u out is the le ast usage of the same kind as u which al lows to p erform an output within the instant (always define d). The notion of residu al conte xt is instrumental to a p recise statemen t of the wa y transitions affect the t y p ing. First we notice that the type of expressions is p r eserv ed by the ev aluation relation. Lemma 11 (expression ev alua t ion) If Γ ⊢ e : ρ and e ⇓ v then Γ ⊢ v : ρ . The follo win g lemma records the effect of the substitution at the end of the in stan t. Lemma 12 (substitut ion, end of instant) (1) If Γ ⊢ [ A ( r )] , Γ ′ ⊢ P V , and (Γ ⊕ Γ ′ ) ↓ then ↑ (Γ ⊕ Γ ′ ) ⊢ V ( A ( r )) . (2) If mor e over ther e ar e V ′ , E such that V , V ′ k − E then V ( A ( r )) ≈ V ′ ( A ( r )) . Finally , the sub ject r eduction theorem states that the residual of a t yp ed transition is t yp able in th e residual context (again, the residu al con text on auxiliary actions is defi n ed in app endix B.5). Theorem 13 (sub ject reduction) If P act − − − → Γ Q then Γ( act ) ⊢ Q . Next w e introdu ce a notion of typ e d b isimulation wh ich refin es the one giv en in definition 1 by f o cusing on typ ed pro cesses and t yp ed transitions. Let Cxt b e the set of contexts and if Γ ∈ Cxt let P r (Γ) b e the set of programs typable in the con text Γ. Definition 14 ( t yp ed bisim ulation) A typ e d bisimulation is a function R indexe d on Cxt such that for eve ry c ontext Γ , R Γ is a symmetric r elation on Pr (Γ) such that: P R Γ Q , P α − − → Γ P ′ , bn ( α ) ∩ fn ( Q ) = ∅ implies ∃ Q ′ ( Q α ⇒ Γ Q ′ , P ′ R Γ( α ) Q ′ ) . We denote with ≈ t the lar gest typ e d lab e l le d bisimulation. An exp ected prop ert y of typed bisim ulation is th at it is a wea k er prop ert y than unt yp ed bisim ulation: if we cannot distinguish tw o pro cesses b y doing arbitrary actions we cannot distinguish them wh en doing actions whic h are compatible with the typing. 13 Prop osition 15 If P , Q ∈ Pr (Γ) and P ≈ Q then P ≈ t Γ Q . W e w r ite P τ ❀ Γ Q if P τ − − → Γ Q or P = Q . Th e f ollo wing lemma states a strong commutatio n prop ert y of typed τ actions and it ent ails that typed bisimulation is inv ariant un der τ -actions. Lemma 16 (1) If P τ − − → Γ P i for i = 1 , 2 then ther e is a Q such P i τ ❀ Γ Q for i = 1 , 2 . (2) If P τ ⇒ Γ Q then P ≈ t Γ Q . The second k ey pr op er ty is that the computation at the end of the instan t is deterministic and com bining the tw o lemmas, we d eriv e th at t yp able programs are deterministic. Lemma 17 If P N − − → Γ P i for i = 1 , 2 then P 1 ≈ t ↑ (Γ) P 2 . Theorem 18 (determinacy) If P N ⇒ Γ · N ⇒ Γ ′ · · · N ⇒ Γ ′ P i , i = 1 , 2 , Γ ′ = ↑ Γ then P 1 ≈ t Γ ′ P 2 . 5 Conclusion The main con tribution of this work is the iden tification of 5 kinds of usages in signal-based comm u nicatio n and of the r u les that allo w their c omp osition wh ile pr eservin g determinacy . This go es wel l-b ey ond previous analyses for Es terel -lik e languages we are a w are of that are essen tially ‘fir st-order’ in the sense that signals are not treated as first-class v alues. T ec hni- cally , w e hav e shown that a t ypable p rocess P is deterministic . Th is result b uilds on previous w ork b y the authors [2, 4] on a mathematical framew ork to reason ab out the equiv alence of programs which is comparable to the one a v ailable for the π -calculus. References [1] R. A madio. The S L synchronous language, revisited. Journal of L o gic and Algeb r aic Pr o gr amming , 70:121-15 0, 2007 . [2] R. Amadio. A sy n c h ronous π -calculus. I nformation and Computation , 205(9):1470–1 490, 2007. [3] R. Amad io, I. Castellani and D. S angiorg i. On bisim u latio ns for the asynchronous π -calculus. In The o- r etic al Computer Scienc e , 195:291-324, 1998. [4] R. Amadio, M. Dogguy . Determinacy in a sy n c h ronous π -calculus. T echnical R eport, U niv ersit´ e Paris 7, Lab oratoire PPS, July 2007. T o app ear in F r om semantics to c omputer scienc e: es says i n honor of Gil les Kahn , Y. Bertot et al (eds.), CUP . [5] G. Berry and G. Gon thier. The Esterel synchronous programming language. Scienc e of c omputer pr o- gr amming , 19(2):87–15 2, 1992. [6] F. Boussinot and R. De Simone. The SL synchronous language. I EEE T r ans. on Softwar e Engine ering , 22(4):256– 266, 1996. [7] J.-Y. Girard. Linear Logic. The or etic al Computer Sci enc e ,50(1):1-102, 198 7. [8] K. Hon d a and N. Y oshida. On red u ction-based pro cess semanti cs. The or etic al Computer Scienc e , 151(2):437 -486, 199 5. [9] N. Kobaya shi. T yp e systems for concu rrent p rogra ms. In Pro c. 10th Anniversary Col lo quium of UNU/IIST , Sprin ger LNCS 2757, 2003. [10] N . Kobay ashi, B. Pierce, and D. T urner. Linearity and t he pi-calculus. AC M T ransactions on Programming Languages and Systems (TOPLAS), 21(5), 1999. 14 [11] L . Mandel and M. Pouzet. ReactiveML, a reactive extension to ML. I n Pr o c. ACM Principles and Pr actic e of De clar ative Pr o gr amm ing , pages 82–93, 2005. [12] R . Milner. Comm unication and concu rren cy . Prentice-Hall, 1989. [13] R . Milner, J. Parro w, and D. W alker. A calculus of mobile pro cesses , parts 1-2. Information and Compu- tation , 100(1):1–77, 1992. [14] Ph . W adler. A T aste of Linear Logic. I n Pro c. Mathematic al F oundations of Com pute r Scienc e , SLNCS 711, pages 185-210, 1993. A T yping examples W e consider tw o examples that are part of the folklore on synchronous programming (see, e.g. , [11]) and a thir d one th at suggests that a certain f orm of single-assignmen t reference can b e mo delled in our framew ork. Example 19 (cell) We describ e the b ehaviour of a generic c el l that might b e u se d in the simulation of a dynamic system. Each c e l l r elies on thr e e p ar ameters: its state q , its own activation signal s , and the list ℓ of activation signals of its neighb ours. The c el l p e rforms the fol lowing op er ations in a cyclic fashion: (i) it emits its curr ent state along the activation signals of its neighb ours, (ii) it waits til l the end of the curr ent instant ( pause ), and (iii) it c ol le cts the values emitte d b y its neighb ours and c omputes its new state. Cel l ( q, s, ℓ ) = Send ( q , s, ℓ, ℓ ) Send ( q , s, ℓ, ℓ ′ ) = [ ℓ ′ ☎ cons ( s ′ , ℓ ′′ )] ( s ′ q | Send ( q , s, ℓ, ℓ ′′ )) , pause . Cel l ( next ( q , ! s ) , s, ℓ ) wher e next is a function that c omputes the fol lowing state of the c el l ac c or ding to its curr ent state and the state of its neighb ours. Assuming that the fu nc tion next is invariant under p ermutations of the list of states, we would like to show that the evolution of the simulation is deterministic. T o expr ess this inv arianc e, a natur al ide a is to tr e at the ‘ list’ of distinct states as a ‘set’, i.e. , as a list quotien ted by a r elation that identifies a list with any of its p ermutations. We now turn to the typing. Assume an inductive (non-affine) typ e State to r epr esent the state of a c el l and let σ = Si g u ( State ) wher e u = ( ∞ , 0 , ∞ ) ω and σ ′ = List ∞ ( σ ) . Then we c an r e qu i r e: Cel l : ( State , σ, σ ′ ) and Send : ( State , σ, σ ′ , σ ′ ) . Be c ause, the usage of the signals u nder c onsider ation is ( ∞ , 0 , ∞ ) ω , the typ e of their der efer enciation is Set ∞ ( State ) and ther e f or e we must r e quir e next : ( State , Set ∞ ( State )) → State , which me ans that the r esult of the function next must b e invariant under p ermutations of the list of (distinct) states. Example 20 (sync hronous data flo w) We pr ovide an example of synchr onous data-flow c omputation. The network i s describ e d by the pr o gr am ν s 2 , s 3 , s 4 , s 5 ( A ( s 1 , s 2 , s 3 , s 4 ) | B ( s 2 , s 3 , s 5 , s 6 ) | C ( s 4 , s 5 ) ) wher e: 8 < : A ( s 1 , s 2 , s 3 , s 4 ) = s 1 ( x ) . ( s 2 f ( x ) | s 3 ( y ) . ( s 4 g ( y ) | pau se .A ( s 1 , s 2 , s 3 , s 4 )) , 0) , 0 B ( s 2 , s 3 , s 5 , s 6 ) = s 2 ( x ) . ( s 3 i ( x ) | s 5 ( y ) . ( s 6 l ( y )) | pau se .B ( s 2 , s 3 , s 5 , s 6 )) , 0) , 0 C ( s 4 , s 5 ) = s 4 ( x ) . ( s 5 h ( x ) | pa use .C ( s 4 , s 5 )) , 0 Assuming that at e ach instant at most one value i s emitte d on the input signal s 1 , we would like to show that at e ach instant at most one value wil l b e emitte d on every other signal. This example suggests that we should intr o duc e a notion of affine u sage in signals. 15 We now turn to the typing. We assume an inductive typ e D of d ata and let σ = Sig u ( D ) , σ I = Sig u I ( D ) , and σ O = Sig u O ( D ) , wher e: u = (1 , 1 , 0) ω , u I = (0 , 1 , 0) ω , and u O = (1 , 0 , 0) ω . Then we c an r e quir e: A : ( σ I , σ O , σ I , σ O ) , B : ( σ I , σ O , σ I , σ O ) , and C : ( σ I , σ O ) . The r estricte d signals s 2 , . . . , s 5 take the typ e σ and the over al l system is wel l- typ e d with r e sp e ct to the c ontext s 1 : σ I , s 6 : σ O . Remark 21 (affinity vs. linearity) With r efer enc e to the data flow example 20, one may notic e that the typ e system guar ante es determinacy by making sur e that at every instant at most one value is emitte d on every signal. One c ould c onsider a mor e r efine d typ e system tha t guar ante es that exact ly one value is emitte d on a signal at every instant. 4 However, to obtain this system it i s not enough to r e quir e that al l line ar hyp otheses in the c ontext ar e use d in the typing. F or i nstanc e, c onsider: ν s, s ′ : σ ( A ( s, s ′ ) | A ( s ′ , s )) wher e: σ = Sig (1 , 1 , 0) ω , A : ( σ, σ ) , and A ( s, s ′ ) = s () . ( s ′ | pause .A ( s, s ′ )) , A ( s, s ′ ) . This pr o gr am c ould b e linearly typ e d but it is stuck at eve ry instant. F ol lowing pr e vious work (se e, e.g. , [9]), one way to addr ess this pr oblem is to p artition signals i n a finite set of r e gions and to or der them. Then one designs typing rules that r e quir e that a r e c eption on a signal b elonging to a given r e gion only guar ds (pr efixes) emissions on signals b elonging to higher r e gions. Example 22 (single-assignment references) We intr o duc e a kind of single-assignmen t r e f er enc es that al low for a shar e d memory among differ ent thr e ads while pr eserving determi- nacy. F or si mplicity, we lo ok at r efer enc es on some b asic i nductive typ e κ . The thr e e b asic op er ations ar e: (1) newref ( s, e ) P cr e ates a r efer enc e s whose sc op e is P and assigns it the value r esulting fr om the evaluation of e ; (2) read ( s, x ) .P r e ads the value v c ontaine d in the r e f er enc e s and runs [ v /x ] P ; and (3) wri te ( s, e ) .P evaluates e and writes its value in the r ef- er enc e s . The written v alue wil l b e available in the fol lowing instant. R e ading and writing ar e non-blo cki ng op er ations, mor e over a value written at a given instant p ersists unless a fol low- ing write op er ation o c curs. T o ensur e determinacy, we have to gu ar ante e that at any instant at most one value is written in a r efer enc e. We mo del this situation by asso ciating with e ach r efe r enc e s a p air of signals ( s, s ′ ) . The first signal s has a usage of kind 2 (one write and arbitr arily many r e ads) while the signal s ′ has a usage of kind 5 (one write and one r e ad during the i nstan t). A r efer enc e s c ontaining the value x is simulate d by the fol lowing r e cursive pr o gr am: R ef ( s , s ′ , x ) = sx | s ′ ( y ) . pause . R ef ( s, s ′ , y ) , R ef ( s, s ′ , x ) wher e the typ e of R ef is ( Sig u ( κ ) , Sig u ′ ( κ ) , κ ) with u = (1 , ∞ , ∞ ) ω and u ′ = (0 , 1 , 0) ω . Thus on the signal s , R ef emits the curr ent value of the r efer enc e while on the signal s ′ it waits for the value for the next instant. The usages we assign to the signals s and s ′ guar ante e that arbitr arily many thr e ads c an r e ad the r e fer enc e but at most one c an write it at any g iven instant. F ormal ly, we c an tr anslate the thr e e b asic op er ations on r efer enc es describ e d ab ove as fol lows: h newref ( s , e ) P i = ν s, s ′ ( R ef ( s, s ′ , e ) | h P i ) , h read ( s, x ) .P i = s ( x ) . h P i , 0 , h write ( s, e ) .P i = s ′ e | h P i . 4 In this system the ‘else’ b ranc h of the input op erator w ould b ecome useless 16 Example 23 (clo c ks) We c onsider a kind of clo ck that stil l al lows for a deterministic exe- cution. 5 The value of a c lo ck is a natur al nu mb er which is emitte d on a sig nal, henc e within an instant al l thr e ads c an r e ad the same clo ck v alue. At e ach instant, one or mor e thr e ads may r e se t the clo ck value. The e ffe ct of this r eset is visible in the fol lowing instant. T o pr o gr am a clo ck , we de clar e the unit typ e and the typ e of natur al numb ers: Unit ∞ () = ∗ Nat ∞ () = Z | | S of Nat () With e ach clo ck we asso ciate a thr e ad Clo ck whose b ehaviour and typ e is define d as fol lows: Clo ck ( s, r, n ) = sn | pause . Clo ck ′ ( s, r, ! r , n ) Clo ck : ( Sig u ( Nat ) , Si g u ′ ( Unit ) , Nat ) , u = (1 , ∞ , ∞ ) ω , u ′ = ( ∞ , 0 , 1) ω Clo ck ′ ( s, r, ℓ, n ) = [ ℓ ☎ n il ] Clo ck ( s, r, S ( n )) , Clo ck ( s, r, Z ) Clo ck ′ : ( Sig u ( Nat ) , Si g u ′ ( Unit ) , Set 1 ( Unit ) , Nat ) Note that the typing guar ante es that the thr e ad Clo ck is the only one that c an emit the clo ck sig nal s and r e ad the r eset signal r . On the other hand, another thr e ad u si ng the clo ck may read the clo ck value on the signal s and may r eset it in the fol lowing instant by emitting on the r eset signal r . B Pro ofs B.1 Pro of of lemma 5 By ind uction on the t yp ing r ules. On e uses several times the f act that ⊕ is asso ciativ e and comm u tat iv e b oth on t yp es and conte xts and the fact that the rules are formulat ed so that the conclusion still holds when the u sages in the con text Γ are increased (see, e.g . , the rule ( var )). B.2 Pro of of lemma 6 The follo win g lemma collects some p reliminary remarks. Lemma 24 (1) If Γ ⊢ U : T , Γ ′ ⊢ v : ρ , (Γ ⊕ Γ ′ ) ↓ , and x / ∈ dom (Γ) then (Γ ⊕ Γ ′ ) ⊢ [ v /x ] U : T . (2) If Γ ⊢ v : κ then ther e is a neutr al c ontext Γ ′ such that Γ ′ ⊢ v : κ and Γ = Γ ′ ⊕ Γ ′′ . (3) If Γ ⊢ v : ρ and ρ = ρ 1 ⊕ · · · ⊕ ρ n then ther e exist Γ 1 , . . . , Γ n such that Γ 1 ⊕ · · · ⊕ Γ n = Γ and Γ i ⊢ v : ρ i for i = 1 , . . . , n . Pr oof (1) If x ∈ FV ( U ) then the only p ossibilit y is that x ∈ FV ( e ) where se is a sub-term of U . But then one can t yp e s [ v /x ] e exactly as on e t y p es se . So Γ ⊢ [ v /x ] U : T and we conclude by weak ening. (2) W e pro ceed by indu ctio n on v . F or the in d uctiv e step, we use th e fact that if c ( v 1 , . . . , v n ) has a neutral t yp e then th e v i m ust ha v e a neutral t yp e to o. (3) If the typ e ρ is neutral then ρ = ρ 1 = · · · = ρ n . By (2), w e can fin d a neutral con text Γ ′ suc h Γ ′ ⊢ v : ρ and Γ ′ ⊕ Γ ′′ = Γ. Then it suffi ces to take Γ 1 = Γ ′ ⊕ Γ ′′ and Γ i = Γ ′ 5 Note that in t he usual semantics of timed automata, t h e fact th at tw o pro cesses ma y atomically r e ad and r eset t h e same clo c k may pro duce race cond itions. 17 for i = 2 , . . . , n . I f the type ρ is affin e and either an inductiv e t yp e or a set t yp e then we m ust hav e n = 1 and the assertion follo ws immediately . Finally , if the t yp e ρ is affine and a signal typ e then the u sages of the signal in the t yp es ρ 1 , . . . , ρ n allo w to construct directly the con texts Γ 1 , . . . , Γ n . ✷ Next, to pr o v e the sub stitution lemma w e pro ceed b y indu ctio n on the typing of U . ( var ) Sup p ose Γ , y : O p u ( σ ) ⊢ y : Op u ′ ( σ ) with u ≥ u ′ . • If Γ = Γ ′′ , x : ρ and x 6 = y then ((Γ ′′ , y : Op u ( σ )) ⊕ Γ ′ )( y ) = Op u ′′ ( σ ) with u ′′ ≥ u . Hence, b y ( var ), (Γ ′′ , y : Op u ) ⊕ Γ ′ ⊢ y : Op u ′ . • If x = y then [ v /x ] y = v . I f Op is n ot Sig th en u = u ′ . By hyp othesis, Γ ′ ⊢ v : Op u ( σ ) and by w eak en in g Γ ′′ ⊕ Γ ′ ⊢ v : O p u ( σ ). On the other hand, if Op is Sig then, b y ( var ), (Γ ′′ ⊕ Γ ′ ) ⊢ v : Op u ( σ ). ( k ) If k is a constan t then app ly weak ening. Otherwise, supp ose Γ , x : ρ = Γ 0 ⊕ Γ 1 ⊕ · · · ⊕ Γ n with Γ i ⊢ e i : σ i , i = 1 , . . . , n . Let I = { i ∈ { 1 , . . . , n } | x ∈ dom (Γ i ) } . If i ∈ I then assum e Γ i = Γ ′′ i , x : ρ i . W e hav e ρ = ⊕ i ∈ I ρ i . By lemma 24(3), we can fi nd Γ ′ i suc h that Γ ′ i ⊢ v : ρ i for i ∈ I and Γ ′ = ⊕ i ∈ I Γ ′ i . If i / ∈ I then Γ i ⊢ [ v /x ] e i : σ i , (cf. lemma 24(1)), and if i ∈ I then (Γ i ⊕ Γ ′ i ) ⊢ [ v /x ] e i : σ i , b y inductive hyp othesis. This kind of argumen t is rep eated seve ral times for th e remaining rules. As already p ointe d out in the pro of of the weak ening lemma 5, another imp ortant p oin t is that th e rules are bu ilt so that add ing extra capabilities to the hyp otheses in the conte xt d oes not affect the conclusion. W e just lo ok in some detail at the rule [ var sig ] in the case where Γ , s : Sig xy ω ( σ ) ⊢ [ s ] : Sig u ( σ ), y ω ≥ u , Γ ′ ⊢ s ′ : Sig xy ω ( σ ) and (Γ ⊕ Γ ′ ) ↓ . Th en Γ ′ ( s ) = s ′ : Sig u ′ ( σ ) with u ′ ≥ xy ω . Hence ↑ ( u ′ ) ≥ y ω ≥ u . ✷ B.3 Pro of of lemma 11 By ind uction on the ev aluation e ⇓ v . If e is a signal s or a constan t c then e = v and the conclusion is immediate. S o supp ose: e = k ( e 1 , . . . , e n ), k : ( σ 1 , . . . , σ n ) → σ , Γ = Γ 0 ⊕ Γ 1 ⊕ · · · ⊕ Γ n , Γ i ⊢ e i : σ i , and e i ⇓ v i , for i = 1 , . . . , n . By indu ctiv e hyp othesis, Γ i ⊢ v i : σ i , for i = 1 , . . . , n . If k is a constru ctor c then v = c ( v 1 , . . . , v n ) and Γ ⊢ v : σ b y the rule ( k ). If k is a fun ction f then again by the rule ( k ), Γ ⊢ f ( v 1 , . . . , v n ) : σ and, by h yp othesis on f , we ha ve that f ( v 1 , . . . , v n ) ⇓ v and Γ ⊢ v : σ . ✷ B.4 Pro of of lemma 12 (1) The effect of V ( A ( r )) is to replace eac h of o ccurrence of ! s in r with V ( s ). First notice that if ! s o ccurs in r then its usage cannot b e of kind 5. Moreo ver, if it is of kind 1 or 2 then w e can h a v e several o ccurrences of ! s in r and the t yp e of the v alues emitted on the signal m ust b e non-affine. Notice that to t yp e a n on-affine v alue, w e just n eed a non-affine con text and since n on-affine t yp es are (exactly the) neutral t yp es, w e can use this con text as many times as needed. On th e other h and, if the signal is of kind 3 or 4 then the v alues emitted on the signal can b e affine but ther e can b e no more than one o ccurrence of ! s in r . F ollo wing these preliminary considerations, we p roceed b y case analysis on the rules [! Set ] and [! List ]. In eac h case, one has a ju d gemen t of the shap e: Γ , s : Sig u ( σ ) ⊢ [! s ] : Op x ( σ ) 18 kno wing that Γ ′ ⊢ V ( s ) = [ v 1 ; . . . ; v n ] : Op x ( σ ), (2) By defin ition, V ( A ( r 1 , . . . , r n )) = A ( V ( r 1 ) , . . . , V ( r n )). S upp ose A : ( σ 1 , . . . , σ n ). W e kno w that v i ∼ σ i u i en tails that A ( v 1 , . . . , v n ) ≈ A ( u 1 , . . . , u n ). Hence, it is en ou gh to show that th at V ( r i ) ∼ σ i V ′ ( r i ) for i = 1 , . . . , n . W e pr oceed b y indu ctio n on the structure of r . If r is a signal or a constan t then by definition r ∼ σ i r . If r is of the shap e ! s then we analyse the kind of usage of s . If it is of kind 2 or 4 then V ( s ) = V ′ ( s ) (there is at most one v alue in the lists). If it is of kind 1 or 3 then V ( s ) and V ′ ( s ) are equal up to p ermutati on, and we rely on the d efinition of ∼ on set types. Finally , if r = k ( r ) w e app ly the indu ctiv e hyp othesis p lus the d efinition of ∼ on constru cto rs if k is a constru cto r and the hyp othesis on the fun ctio ns if k is a function. B.5 Residual c on text on auxilia ry actions W e sp ecify the notion of r esidual c ontext on au x iliary actions. The d efinition for the actions s ? v is similar to the one for th e actions s v . O n the other hand, for the actions ( E , V ), we ha v e to analyse ho w a program exp orts and imp orts usages at the end of the instant. F or instance, consider P = s 1 t 1 | s 2 t 2 | A (! s 1 ), and supp ose P ( E ,V ) − − − − − → Γ A ( V ( s 1 )) where: E = [ { t 1 } /s 1 , { t 2 } /s 2 ] V = [[ t 1 ; t 3 ] /s 1 , [ t 4 ; t 2 ] /s 2 ] . The fun ctio n E repr esen ts wh at P emits, the fun ction V repr esen ts what P assumes to b e emitted, moreo ver lo oking at the con text Γ, w e ma y determine w hat the pro cess P ma y receiv e at the end of the in stan t (note that P ma y r ece iv e what it emits and that a v alue with an affine typing can b e receiv ed at m ost once). In computing the residual context , w e ha v e to sub tract wh at is exp orted to the environmen t while addin g w hat is imp orted fr om it. Going bac k to our example, clearly the con text Γ m ust sp ecify that P may receiv e on s 1 at the end of the instant. S u pp ose moreo ver that it sp ecifies that P may n ot receiv e on s 2 . Then in compu ting the r esidual conte xt, w e ha ve to subtract the usage for t 2 whic h is exp orted to the en vironment while adding the u sage f or t 3 whic h is receiv ed from it. F ollo wing these considerations, we d efine: ∆( E , Γ) = ⊕ { ∆( v, λ ) | Γ( s ) = Sig u ( λ ) , v ∈ E ( s ) , u (0) 3 6 = 1 } (export) ∆( V , Γ) = ⊕ { ∆( v, σ ) | Γ( s ) = Sig u ( σ ) , v ∈ V ( s ) , u (0 ) 3 6 = 0 } (imp ort) Note that in the ‘exp orted con text’ ∆( E , Γ) we only care ab out usages of v alues of affine t yp e, as otherwise ∆( v , κ ) is neutral. On th e other hand , in the ‘imp orted con text’ w e lo ok at all the v alues regardless of their t yp e. Indeed, v might hav e a neutral t yp e bu t con tain a fresh signal n ame and then w e need to imp ort a n eu tral con text to t yp e it. Also note that in the follo w ing definition 25, we actually fo cus only on the v alues th at are not emitted (in E ). Definition 25 ( residual con t ext on auxiliary actions) Given a c ontext Γ and an auxil- iary action aux the r esidual c ontext Γ( aux ) is define d as f ol lows wher e u 5 is as in definition 10: Γ( aux ) =  (Γ ⊖ { s : S ig u 5 ( σ ′ ) } ) ⊕ ∆( v , σ ′ ) if Γ( s ) = S i g u ( σ ′ ) , aux = s ? v, and (1) ( ↑ Γ ⊖ ∆( E , Γ)) ⊕ ∆( V ′ , Γ) if au x = ( E , V ) and V \ E = V ′ 19 B.6 Pro of of theorem 13 W e pro ceed b y indu ctio n on the pro of of th e tr ansition and by case analysis on the action act whic h is p erf ormed. ( sv ) There is j u st 1 rule to consider: ( in ). S upp ose Γ( s ) = Sig u ( σ ′ ). T he defin itio n of the residual context pro vides an additional con text ∆ ( v, σ ′ ) ⊕ { s : Sig u out ( σ ′ ) } which is just what is needed to typ e sv . ( s ? v ) There are 3 rules to consider: ( in aux ), ( c omp ), and ( ν ). W e jus t look at the first one. Supp ose (Γ 1 ⊕ Γ 2 ) ⊢ s ( x ) .P , K , Γ 1 ⊢ s : Sig u ( σ ′ ), u (0) 2 6 = 0, Γ 2 , x : σ ′ ⊢ P , and Γ 1 ⊕ Γ 2 ⊢ [ K ]. Note that necessarily u ≥ u in . By construction, ∆ ( v , σ ′ ) ⊢ v : σ ′ . By the sub stitution lemma 6, Γ 2 ⊕ ∆( v , σ ′ ) ⊢ [ v /x ] P and then it is enough to apply w eak enin g to get the residual cont ext. ( ν t : σ sv ) There are 5 r ules to consider: ( out ), with a sp ecial treatmen t f or kin d 5, ( out ), ( ν ex ), ( c omp ), and ( ν ). ( τ ) Th ere are 8 rules to consid er: ( synch ), ( r e c ), (= sig i ), (= ind i ), ( c omp ), and ( ν ) for i = 1 , 2 W e just lo ok at the fi r st t wo . ( synch ) Supp ose: P 1 ν t : ρ sv − − − − → P ′ 1 , P 2 s ? v − − → P ′ 2 , Γ i ⊢ P i , for i = 1 , 2, and (Γ 1 ⊕ Γ 2 )( s ) = Sig u ( σ ′ ). By indu ctiv e hypothesis, we ha ve: (Γ 1 , t : ρ ) ⊖ ∆( v , σ ′ ) ⊕ { s : Sig u 5 ( σ ′ ) } ⊢ P ′ 1 and (Γ 2 ⊕ ∆( v , σ ′ ) ⊖ { s : Sig u 5 ( σ ′ ) } ⊢ P ′ 2 Recall that here u ma y b e of kind 2 or 5 and that in the first case u 5 is neu tr al. In b oth cases, w e get (Γ 1 ⊕ Γ 2 ) , t : ρ ⊢ ( P ′ 1 | P ′ 2 ), and we conclude applying the t yping r u le ( ν ). ( r e c ) Supp ose A : ( σ 1 , . . . , σ n ), Γ i ⊢ e i : σ i , e i ⇓ v i , for i = 1 , . . . , n . By lemma 11, Γ i ⊢ v i : σ i . By hypothesis, we know that if A ( x 1 , . . . , x n ) = P then x 1 : σ 1 , . . . , x n : σ n ⊢ P . Thus, by iterating the su bstitution lemma 6, w e get, as requ ired, Γ 1 ⊕ · · · ⊕ Γ n ⊢ [ v 1 /x 1 , . . . , v n /x n ] P . ( E , V ) Th ere are 5 rules to consider: (0), ( r eset ), ( r eset ), ( c ont ), and ( p ar ). W e fo cus on the last t wo. ( c ont ) Sup p ose s ( x ) .P, K ( ∅ ,V ) − − − → V ( K ) and Γ ⊢ s ( x ) .P , K . Then Γ ⊢ [ K ]. W e rely on lemma 12(1). W e bu ild the con text Γ ′ in the lemma by taking Γ ′ = ∆( V , Γ) whic h is un iform add ed to a con text Γ ′′ whic h just provides the u s ag es to emit in the first instan t the v alues in V on the signals in dom ( V ). ( p ar ) S upp ose: Γ = (Γ 1 ⊕ Γ 2 ), Γ ⊢ ( P 1 | P 2 ), ( P 1 | P 2 ) ( E 1 ∪ E 2 ) ,V − − − − − − − → ( P ′ 1 | P ′ 2 ), Γ i ⊢ P i , P i ( E i ,V ) − − − − → P ′ i , for i = 1 , 2. F ollo win g the defin ition of residual con text, d efine for i = 1 , 2: Exp i = ∆( E i , Γ i ) Exp 1 , 2 = ∆( E 1 ∪ E 2 , Γ 1 ⊕ Γ 2 ) Imp i = ∆( V \ E i , Γ i ) Imp 1 , 2 = ∆( V \ ( E 1 ∪ E 2 ) , Γ 1 ⊕ Γ 2 ) Γ ′ i = ↑ Γ i ⊖ Exp i ⊕ Imp i Γ ′ = ↑ (Γ 1 ⊕ Γ 2 ) ⊖ Exp 1 , 2 ⊕ Imp 1 , 2 W e w an t to sho w Γ ′ = Γ ′ 1 ⊕ Γ ′ 2 . W e pro ceed, by analysing the con tr ibution of eac h v alue v ∈ V ( s ) suc h that Γ( s ) = Sig u ( σ ) to the computation of Imp i , Imp 1 , 2 , Exp i , and Exp 1 , 2 . W e use the notation, e.g. , Imp 1 ( v ) to denote the con tribution of the v alue v to the computation of the con text Imp 1 . 20 • If σ is n on-affine then, for i = 1 , 2, Imp i , and Imp 1 , 2 are neutral con texts while Exp i and Exp 1 , 2 are emp ty context s. Up to symm etries, v can b e receiv ed either b y (i) Γ i , i = 1 , 2 or (ii) Γ 1 and Γ 2 and emitted either b y (i) E 1 ∩ E 2 , or (ii) E 1 \ E 2 , or (iii) E 2 \ E 1 , or b y (iv) th e en vironment . O ne pro ceeds by case analysis (8 situations). • If σ is affine then the us ag e u must b e of kin d 3 or 4 and at the end of the instant the signal s may b e read, exclusively , either by (i) Γ i , i = 1 , 2 or b y (ii) the environmen t. On the other hand, v ma y b e emitted either b y (i) ( E 1 ∩ E 2 ), or b y (ii) ( E 1 \ E 2 ), or b y (iii) ( E 2 \ E 1 ) or b y (iv) ( V \ ( E 1 ∪ E 2 )). If v ∈ ( E 1 ∩ E 2 )( s ) then ∆( v , σ ) m ust b e n eutral f or otherwise the addition is not defined. O ne th en p roceeds by case analysis (8 situations). Note that if the en vironment receiv es v th en the imp ort cont exts Imp i , Imp 1 , 2 are empt y wh ile if Γ i receiv es v then Exp i is empty . ( N ) Th ere is ju st 1 ru le to consider: ( next ). Sup p ose Γ ⊢ P and P  ν s : ρ P ′′ . C learly , a t yp ing of, s ay , ( ν s : ρ Q 1 ) | Q 2 can b e transformed int o a t yping of ν s : ρ ( Q 1 | Q 2 ). Thus Γ ⊢ ν s : ρ P ′′ and Γ , s : ρ ⊢ P ′′ . By definition of the rule ( next ), P ′′ ( E ,V ) − − − → P ′ with V k − E . By indu ctiv e hypothesis and wea k ening, ↑ (Γ , s : ρ ) ⊢ P ′ . Thus ↑ (Γ) ⊢ ν s : ↑ ρ ⊢ P ′ . ✷ B.7 Pro of of prop osition 15 W e show th at the follo wing indexed relation is a t yp ed bisimulat ion: P R Γ Q if P , Q ∈ Pr (Γ) and P ≈ Q . Supp ose P R Γ Q , P α − − → Γ Q , and bn ( α ) ∩ fn ( Q ) = ∅ . Then: P α − → P ′ (b y definition of typed transition) Γ( α ) ⊢ P ′ (b y sub ject r e duction) Q α ⇒ Q ′ , P ′ ≈ Q ′ (b y un typed bisim ulation) Γ( α ) ⊢ Q ′ (b y sub ject r e duction) Hence w e can conclud e that P ′ R Γ( α ) Q ′ . ✷ B.8 Pro of of lemma 16 (1) An ins p ectio n of the lab elled tran s itio n sys tem in table 2 r ev eals that t w o τ redu ctio ns ma y sup erp ose only if they are pr odu ced by tw o synchronisations on the s ame signal name, sa y s . In this case, s must ha ve a usage of kind 2 or 5. In a u sage of kind 2, the t yping guarante es that there is at most one v alue emitted on s so th at w e are roughly in the follo wing situation: P = C [ s ( x ) .P 1 , Q 1 | s ( x ) .P 2 , Q 2 | se ] Because a s ignal emission p ersists within an in s tan t, it is p ossible to close the diagram in one step. On the other hand, in a usage of kind 5 there can b e at most one receiv er and therefore no sup erp osition ma y arise. (2) W e s h o w that τ ❀ Γ is a t yp ed b isim ulation. If P = Q nothing needs to b e pro v ed. So supp ose P τ − − → Γ Q . Clearly , P can w eakly simulate all actions Q ma y p erf orm just by p erforming initially an extra τ step. So supp ose P α − − → Γ P ′ . Note that α 6 = N since P ma y p erform a τ action. 21 α = τ In this case, w e apply (1) n oti cing that τ ❀ Γ ⊆ τ ⇒ Γ . α = sv In this case, P ′ = ( P | sv ) and w e can close the diagram b y p erforming Q sv − → ( Q | s v ). α = ν t sv Again, b ecause a v alue emitted on a signal p ersists, it is equiv alen t to use it in an in ternal sync hr onisatio n and then again to extrude the v alue to the environmen t or the other w a y around. ✷ B.9 Pro of of lemma 17 By sub ject redu ction we know that ↑ (Γ) ⊢ P i . If we can show that P 1 ≈ P 2 then by prop osition 15 we can conclude. According to th e r ule ( next ) of the lab elled tr an s itio n system, w e must h a v e for i = 1 , 2: P  ν s i P ′ , s 1 p erm utation of s 2 , P ′ E ,V i − − − → P ′′ i , V i k − E , P i = ν s i P ′′ i . Then lemma 12(2) and fact 2 guaran tee that P ′′ 1 ≈ P ′′ 2 and P 1 ≈ P 2 . ✷ B.10 Pro of of theorem 18 The pro of is a direct diagram chasing relying on lemma 16(2), 17, an d the d efinition of t yp ed bisim ulation. ✷ 22