> 4SuF gd ) LR & = Q
Type system and algebraic theory of Robust Ambients
e . 1 YB
~I6t fe m6 l Z
e .L >}Y9 6*N d 2002 4 . 11 d 2
}M= bu9 wp iVE 4o 4m 3 r `
y
#
TvG h4 U hL Z\l "! > e ) E'C?^TvG he U
^U ? 5TvG h
ROAM A 5> R : z A e \@i
'* Ci ' f "@ " , > R ? eC? 8 4Qi ZTvG h
MA l" P TvG h
SA i 5e d %
! o ; A% X" P ' e\ |b^ 5 5 wZ c ! ROAM e
* ' e
"8 C?> R, ROAM e C
! U }o ^ 1^ TvG h?8e GEC e \ ETS-MT 8 TvG h\ e > R e GECU
oZa\ % |n1^ Tv 8 @ Gc/ 7 e UE a i \ iC? Ce
C)H 4 @ C)e s q * nq o44^ ,Gc z A
/ 7 e i ' . Ce t > 1^, TvG he GEC
ETS-MTo ^ n g .@e Z'*q S b h' ;\
68 C?v R Gordon * Cardelli > R MA i ' % e ' ROAM @ " ,
`e > R ? eo n ROAM @e xE;\ @o v 'e o4 e o44 c 8 xE;\ e d % $ R@e '
'c ! ROAM e Y% Z e U4Q V C ' Ce t;\b ek'} e ei '8 Y% Z e e d % > R,
|@ a? ie U+'a! ROAM @e a?
i ;\ CeR a? i ;\ 4 U;\ e.M bc ! ROAM @R
a? ! > e a o A 5 |@ie U+' .M k 7C? 1 . \* i ' |e.M c ! |@ie U M
S|H 7 H a? eR q |H a? eR q |H |t(<
|H *UC .M % V |Hek TvP n' **^ 3{*'8 c |
a ebT 'V ' i <, b ,i ' |HeZ % '
/ es i , ROAM %k MA * SA 8 " P '' fe* '
: 7C? Li ' |H c ! b ek,1 ROAM G h i G he U^'
&nYk ROAM 8 X" P ' e ZM TvG h } e C C? e Oql 8 ^aU' f (U) A v S 6 TvG h " P ' V U q @ " , > R !, TvG
he U ROAM A v S 6! > V ' e I 5y; ROAM 8 " Py;
' f F ' SA U |2 A v S@ " y; 7 ROAM bZx SA
rZe C j J
i
j
ii
() Z TvG h?8e GECc !,h Z'*q Se GE \ ETS-MT ETS-MT H 4 @eW/ *9 o ^ HTns C @e Z
'*q S b h' ;\hE\ \ rs C I 'eF ETS-MT8
u M ^ o n# i. e P s Ci e I 'o ^ i e# i
.
(u) /^ TvG h ei ' Ci ' fe > R @ " , + * g
.i i 8' ' f ? e ^ Levi * Sangiorgi % e > s 'C? Gordon
* Cardelli d xE;\ raeR a? i 'U+ | '
context lemma ek
,@ei ' |H "8 C? @ei ' |H * G h i eMS '
ek %k Zimmer eek ' a j5 k %Qk u hM @MS \TvG h
TYPE SYSTEM AND ALGEBRAIC THEORY
OF ROBUST AMBIENTS
ABSTRACT
The ambient calculus is a formal method modelling mobile systems and their interactions. This
thesis mainly focuses on the robust ambient calculus (ROAM) | a variation of the ambient calculus. Fundamental research on the operational semantics, type theory, behaviour equivalence and
expressiveness of ROAM are carried out in it.
Firstly, by analysing the inadequacies found in the existing mobile ambient calculus (MA) and
in the safe ambient calculus (SA), an approach that can improve those inadequacies by utilizing the
paramenters of co-actions is proposed. Based on this, the syntax and reduction semantics of ROAM
are given.
Secondly, the type system of ROAM is studied. The type evolution problem calls for a more
precise way to trace process behavior in type system for the ambient calculi. It has not been fully
addressed by many previous works. In this thesis, a type system named ETS-MT is proposed to fully
solve the problem. By storing both the current type and the future type in process type expressions,
and introducing special type syntax for capabilties, ETS-MT can track both the mobilty and threads
of a corresponding process, with full support for type evolution.
Thirdly, following Gordon and Cardelli's way in MA equivalence research, some process equivalence properties of ROAM are studied. By introducing a hardening relation that seperated the active
part of a process from the residue, a labelled transition semantics is given and proved sound with regard to the reduction semantics discussed before. Then, based on a simplied context called harness,
two results for proving the equivalence relations of processes are given, a context lemma that equates
the context equivalence relation with the harness equivalence relation, and an activity lemma that
enumerates the ways a process may interact with any given harness.
Fourthly, based on previous results on type system and process equivalences, some algebraic laws
for process equivalence are given, including a few single-threadness laws with and without contextual
constraints, a few uniform receptiveness laws, and a few corollaries. To demonstrate their usages,
the renaming example and the rewall-crossing example are proven through them, under certain
constraints. With simpler encoding and looser constraints, these examples illustrate the advanced
security features provided by ROAM.
Finally, the encoding of the -calculus into pure ROAM is given and the operational correspondence proved using the algebraic laws. It shows that by limiting the parameters of co-actions in
reduction, ROAM still holds the strong expressive power of its ancestors.
iii
iv
The main contributions of the thesis are summarized below.
The research on ROAM here shows that by further restricting the parameters of co-actions,
ROAM has better security control over SA, as is demonstrated by the renaming example and the
rewall-crossing example. Moreover, up-to-now, there is no evidence that ROAM is less expressive
than SA.
The type system ETS-MT provides a concise framework for the type evolution problem. It has
full subtyping support for both mobility and threads. Moreover, the basic structure supporting type
evolution can be extended with other type information, and the idea behind ETS-MT can be easily
adopted by other ambient calculi with co-actions.
This thesis also provides new proof method for equational laws, through Gordon and Cardelli's
context lemma. Moreover, the operational correspondence proof of the esc encoding is algebraic,
while the original proof by Zimmer is somewhat more complex.
KEY WORDS theory of computation, process algebra, type system, ambient calculus
||% .
x
x
x
1.1 RtE f . . . . . . . . . . . . . . . . .
1.2 L > c N ;h ( - s! . . . . . .
1.3 B L >r c < P l @ . . . . . . .
1.3.1 Y;t fc ( D r . . . . .
1.3.2 ] MA 4 c rl @ . . .
1.3.3 ] SA 4 c rl @ . . . .
1.3.4 !u c RtE fc rl @ .
x
x
x
x
|% |L<at8
2.1 . . . . . . . . . .
2.2 & d . . . . . . . .
2.3 V . . . . . . . . . .
2.3.1 ? l . . . .
2.3.2 ?O^ . . . .
2.3.3 O m . . . . . .
x
x
x
x
x
x
|$%
3.1
3.2
3.3
3.4
3.5
3.6
3.7
x
x
x
x
x
x
x
t7ohUD
1
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. 1
. 4
. 6
. 7
. 8
. 11
. 13
15
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
. . . . . . . . . . . . . . .
2f= . . . . . . . . . . . . .
&Z . . . . . . . . . . . . .
{B . . . . . . . . . . . .
{Bc &T }% dj .
9f . . . . . . . . . . . .
V . . . . . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
15
17
19
19
19
20
23
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
|6% W09
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
24
25
27
29
31
32
34
37
4.1 wDZ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
4.2 c wDZ c X$ Y d . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
4.3 & d(X$ Y d ch % . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
x
x
x
|S% yHl
45
5.1 ~ `> h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
x
v
=;9
vi
5.2 Q~ `> h k !{ . . .
5.2.1 Q~ `> h . . . . .
5.2.2 Q~ `> hc{ .
5.3 &h Z c" Z . . . . .
x
x
x
x
.
.
.
.
|z% yHl;
6.1 Y &Oc?h . . . .
6.2 G ~ `> cQ p {G . . .
6.3 ~ `> cQ p {G . . .
6.4 {s'{G . . . . . . . . . . .
6.5 h % {G s~ V . . . . . . .
6.5.1 O m . . . . . . . . . . . .
6.5.2 )] 2z) . . . . . . . .
x
x
x
x
x
x
x
.
.
.
.
.
.
.
.
.
.
.
.
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
47
47
48
54
59
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
|% t8v
7.1 E f . . . . . . . . . . . . . . . . . .
7.1.1 . . . . . . . . . . . . . . .
7.1.2 & d . . . . . . . . . . . . .
7.2 esc E f . . . . . . . . . . . . . . . . .
7.2.1 N O . . . . . . . . . . . . .
7.2.2 . . . . . . . . . . . . . . .
7.2.3 - s Z . . . . . . . . . .
7.2.4 & B . . . . . . . . . . . . .
7.2.5 - ? . . . . . . . . . . . . .
7.2.6 ^ K6 . . . . . . . . . . . . .
7.2.7 E f ( esc E fc Z . . .
7.3 esc E fc h . . . . . . . . . . . . .
7.3.1 h . . . . . . . . . . . . .
7.3.2 &% . . . . . . . . . . . . .
7.3.3 ?7 hJ K ` ch % . .
7.3.4 h&% caS % dj . . . . .
7.4 E fc h . . . . . . . . . . . . . .
x
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
59
62
63
67
70
70
72
77
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
77
77
78
79
79
79
80
80
81
82
83
83
83
85
86
87
92
|J% W
95
8.1 L >l @c/ % . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
x
=;9
vii
8.2 ? Tl c l @ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
x
beM
~ 1 r 3.8 3r 3.9 v*
~ 2 r 4.14 v*
~ 3 r 5.31 v*
99
103
111
117
viii
=;9
N 5tw1D/
4M.
?
Rt m
;@
-sZ
& Z
?
"
Y; H %
p QH %
JK
wD - 0
P Q
n m
M N
A
;!
T
W
U
Z
Y
;
C D
>
;!
()
n n
C
#
+
H
'
nA
A
A
P =n P =n
@
L
L L
n n
]
]
)
6
6v
#
b
+
6
]
)
wDZ
X$
X$ YZ
~`>
-L
~`>h
Q~`>
Q~`>h
;@
;@
h 7~ `> h
n;@kn ;@ h~`>&Oc -L
\ - s Z
M.
process
ambient name
capability
action
structural congruence relation
reduction relation
process type
capability type
pre-type
mobility
threads
type environment
concretion
hardening relation
label
labelled transition relation
context
observation, or barb
contextual equivalence
harness
harness equivalence
deep action
deep action observation
never occur in context
visible action
observation under restricted context
structural congruence relation
on prime
ix
{
15
15
15
17
17
18
24
24
24
24
24
29
37
38
38
38
45
45
46
47
48
61
62
63
63
63
111
x
=;9
}}& /
Y;t f T 2jV ah u T Nb !GS{ d R T {~ nRn {7 6 J < P # Y;t fc < P Q | Ry @ Z operating system w g k p(Gp9-
2tA programming language h<P4 <PcshY;tf
Y;%T 2c0 Q >7& ) O h c dT& e Gi Gp9- P (9gc
< P]"X Y;T 2 Z + J ad ~c Y;nh /5 t f > c Y;! s~ 4
6]]Q+ PDA - personal digital assitant (OE{Z GPS - global positioning
system R ( t f >k !g sJhh 6 T& e 7 2 t A(y @ Z !3 3
k ( (a!t f < P4 Y;T 2 a: $o ad ~c Y;!K Z4< PKQ7 t f
>~-YcY; K mobile agent sJ
Y;% >7 ] ~& h c; 7
r> .T 4 mobile computing 6 T 4 mobile computation 1, 2, 3, 4]
5]
l$Y;tfc h I! ( Dc $c< P Q7 lIb !q"i T]G
+Vc(DrF 4c~Q Aks~Zc s =( aS %I dYvY %ad E
f W2s!2 CCS ( Ef h?KQ process algebra as!2c
ZGh Xj+U T s @ 4 u c a r E fn ]0! cgK? c ^c 9
|?7^c Y; T@4gKY;t f& ec (D r!3gK Y;tfW
>7c? ( %#c ~ 3k?7h ~c Y;]k 4Jc ! O %BT*ad
~c Efah6- Y;tf+Nc(D rg]0]! At2s=
! O%& ec TZ / B
x. Y;t f ( D& ec < P ] E f 4c $ 7 E f c $j~E ~ c Z
+?(%#3ks=cT T
"7 E f c $~E ~ KQ Y; "c dist E f
"7 join E f c $~E ~ N ~ 3k( ~ ! failure O c 3k ( join E f "]
k $] ~ gK Y;t frk ! ! O % c Rt ambient E f
( seal Ef B>
c<Pl@N2 RtE fc T]T Ib
x1.1 > cv:
1
6]
7 ]
8]
9 ]
10]
8]
11 , 12, 13]
14]
6]
15]
5, 16]
2
17]
RtE f3 1998 Cardelli ( Gordon c T Y;t f ( D r c - P
%# ( ?cN1|- sRtE fc '"O ##Rt ambient h4T] 5c N1|c t fq k 7 RtE f n ~]`? Z B( Z +& ]t fq t f eZ
cs (! F " lib 7 t f eZ L >7 T] ;nt fq laptop cs laptopP ] Q] libR]
j
j
(1.1)
9_m%!$pm j5$fR% #vi$ *F(f?S %Wmb@#m f$*F; x 3$v&
B 5$f $ * F&
# ' ambient f j o %D@ ;'Uw(V 3 )w ,K*#` $#(%U ,K*##p / up5 p $p5j
p lc**!%$(fp5p %#+j p &s ;pjj o'KL (V3j! 1"f \D ambient B6o3N
\# fp y ( W" 'f&
1
2
1
h G
2
U\ , ] -Z + T]Rt\ ]Rt . T]m+ ~ X !U ]Rt=$, -7 a
rZ+?ca2 !7RtE f LZ+%#Rtca ~I) +w P Q R
hKZaa?ZB( RtE ft fcY;% Nh4RtcY;` ec &l(=
$,
-Z+?c & Zn0 4t fc? !+ a + t f > laptop 9 cs - Y $ lib
c
j
;!
cs laptop out cs : in lib : P ] Q] libR]
csQ] laptop in lib : P] libR]
csQ] lib laptopP] R]
j
;!
;!
j
j
j
j
j
(1.2)
(1.3)
(1.4)
Uo T] & y @$ ~ + RtE fcY; " out Y} Rt laptop 9 cs Y "o
"] & y @$ ~ + Y; " in !- 4Rt laptop ?m lib RtE f!U& ]Y; "
n n$ Rt c1|- s a aTRtE f L ot ] " open ~ * L T]Rt c
P 5 ` ec &+ a + T] open ; @cs ! open
n : P nQ]
j
;!
P Q
(1.5)
j
Rt cN1|r ( t ]; @" in out ( open h + RtE fc '" ;h G L
3Jtf>cY;L3oKQcY;#? %+4Rtc Y;L rn G a
:{F]cZB !Ut]cB; @Tn]hl Ef U$`RtEfc< P
'4Y;tf ( D&-T]0 \,c4
9( Cardelli ( Gordon cRtEf 4Y;Rt mobile ambient Ef]`
MA l$ < Pc h m MA Q/ @ T t ~c h 4 Levi ( Sangiorgi 7 >k 16]
>7v MA 7 ~>75 S Z grave interference B## Rt " ;@cQ &u
%&W2 ch XY} )O h c- k ]` c MA ?ZB(
18]
5]
h ] n in h m out n : P] ]
j
(1.6)
j
n & 4 > dRt n I in h ; @?m h j 6Rt m I out n ; @ Y n nd in 6
out
;!
Q n & 4d out 6 in
hnm out n : P] ] ]
;!
h ] n in h] mP]
j
j
;!
;!
hn ] mP ] ]
j
hn ] ] mP ]
j
(1.7)
(1.8)
jV a(3k r ?c & h 5YW 2 2 s !cS{ %T37 ] ~& &
-hS{%R*+n] 0]c #2? mP] Gi^)rcS9 ~9%v}
64 c &L V T @;$ mP] G W"? !64 c t f i: T n U5 S Z
c?0~$~Z type system !]~K5SZB$` MA cKQL algebraic
theory E $ 8 r ?ch %h` { Y} 2 caS %0 ~ I d 7v5 S Z B c Levi ( Sangiorgi L + T]9 8 MA cB ) {Tn ] x.
5SZBc!ORt safe ambient Ef]` SA SA *N+ MA cY MA
1.1
x
%TYJ
3
; @cQ &u %4 \ ]; @"E ~ + T]rs c; @ co-action " k " d (
(1.2) c- Y &7 SA n ) @@ )Z + u &c ; @ (; @ cs laptop out
| {zcs} : in lib : P] out
| {zcs} : Q] lib in lib : R]
csQ] laptop in
| {zlib} : P] lib in
| {zlib} : R]
csQ] lib laptopP ] R]
j
;!
;!
j
j
j
Fb;@7 SA T4
open
j
j
n : P n open n : Q]
j
;!
P Q
(1.9)
(1.10)
(1.11)
(1.12)
j
] ~ *N" d &cQ &u %T '+ a ; @ =rl cU &u %U L7~
K>75SZBc MA ZB( (1.6) Rt n Tn] m ,$b?!x. # n S
/ 7 m $b 6q ?m h B s c SA Z B(n )4
h in h] n out n : in h m out n : P] ]
j
(1.13)
j
in h ;@L.7 m $b n 6qn`$2 !LZ B(n]9d d out 6 in cs!
7 2! j k n S/d ?m h Bn(c out n ( in h NT 7 2)4 in h : out n n ] f MA c5 S Z B 7 SA n ] 9 " n'? ! x. VV k ~(W2
s ! c& ]; @ out n ( in h )4a s ! c Z +& ( out n in h B m c9+ ~cV G
S{ T3Un ] f@3 T 2Q) A M%h 3 SA | c B% :UA ML n ] 9
" ? ! Jy%+ >k 16] +YU n cQ p single-threaded Z
T] Q p ?z1 0 T] n ] &c % :UQ p ~ % 7 & 9
hT
>k 16] 0]5 S Z B c &7 n m+t ]; @" s c ; @ $ &cs !
Q&u%T4U&u%7(y@d cJ+~ SA ;@cuQT~46,
L; @c Rt cm+ U L ~c T] 0s7 SA n ] gKa , MA n] gKc Y;Z
z N 7 MA Z B(c\ ]Rt E~ ? ! in n ! out n ! open n # LRt cm+4 n T
nD'hc SA ZB(T3U~R$` SA >7]`T B
Gli1STO# ; @h `? ot & (~k ]` c&] SA ZB(
3
j
j
j
n in m : open n : P] m in m : open n : Q] h in m]
m out m : in n:P n out m : in n : Q] h out m] ]
j
j
j
(1.14)
(1.15)
( (1.14) n S/?m m 6? FbL m hO n c?ma!s! Fb y @T3
U ]g0 h `? n c Rt h q) Iz N h Q T] ?m m cBF m c
in m ; @Tn d h c in m ; @ & a X h ?m 9 %G a ) 'Fb n c
g( (1.15) Q >7_c B
"]Uxvl LgD( (1.14) 7RtEfFbT]?mRtc s=$~0
%: .. Y_ m in m : open n : Q] c- s47 t ?c n in m ; @v
D@ 9 j 7y 3 B + Bf, _ - %6(S#@%'# * - 6 B &b+&
3
j
h G
4
{3~x.m+4 n cRt?m m ;nc:B open n : Q TG|4.`&T3 SA
cy@d$` in m LYX!uRtk( (1.14) c h ?mc hn .
$ ~+ SA c ; @jVn ] $`?Y i 5c a%( &- c h S{ %T
7 0* @; `U n Y}? !4 Y hLN c "d%$` 2h`Q)aS %Q
h h ` { 0~/J SA ;@cuQkZ B( in : P out : P ( open : P n]`$
SA _c !
c ] ~ 3PB>< P SA E fc T T## = 3Rt robust ambient E f]` ROAM 7"~; @1 ) 5 S Zc ; @c u Q? Tl W!O %(( h
LN c "d%7 ROAM ;@ in ( out c u Q ~ n {N$ ~L; @c Rt m z7 L v{ Rt c; @q $~L; @ in ( out h open ; @ G+ (7v ]R
t l 4 ; @ open G+ {$ ~+c ~K" l ROAM c open 98+ SA y @
dTh5K J T]hu~ { &c uQ r~]~ N? ~J ( (1.14) (1.15) 7 ROAM
3]nZ+4
n in m : open : P ] m in n : open n : Q] h in m]
m out n : in n:P n out m : in m : Q] h out m] ]
j
j
j
j
(1.16)
(1.17)
( (1.16) Rt m ; @ in n c d4, 1 0 m 4 n c Rt $ ~; @ in m ?m m -"(
(1.17) Rt m ; @ out n c d4, 1 0 m 4 n c Rt $ ~; @ out m Y m -f
VI~K*N;@ in n ( out n ?v{zRt n $~Rt h G(~
VV ; @ u Qc n. ROAM h 5Y SA n'&I MA c0s l 4 ROAM c
Z B B 3 > L7 <P N 0]c T]'"BB> 9 6 -L Z j ROAM SA L Y
hl EfcUXj ROAM jV;@uQE~+n .T3Y L RtE f
| c Z B 7 RtE f #+ in out ( open t ]cB c" 'L >7 ~ &I RtEf n cBm9" T*z6,t]cB"c RtEf 40 RtEf E ~Bm 9 "
cRtEf4 &I RtEf c ]`gDB> N< P0 ROAM (1). ROAM !u RtE fc Nh 7t ]cB "c ; @ ku QJ+ E ~ + B
m9"zX BF 4D
(2). B m 9 "7 n m N4 + v r - E fc 9(On ) ' E f
c h T9Cc < P- Z j ~h Y 9n c0 SA Tn ) ' E fc
h l 4 0 RtEfc < P Q Y 0 N c ad
5 ]
5]
18]
x1.2
Ox8z! 5Y"H L > c < P l @3 2 ROAM ? ! c < Pcs Nh7 ROAM c y @ d Z
?h %(Z Bh& e ]`B> c ` L*;h> T N 70 1.2
x
MlZ>C#,?
5
B> co " L Nb + ROAM c ( & d reduction semantics 3O > ROAM
< Pc c 1 > de X O Kn3 LKc n m b + h J B m 9 "c0 ROAM E fc
6? process h-c{d( capability h-c{da? (c`
s = ~ ] 3 ROAM ; @ rs c ; @? ! = c &(u Q+,? ! +07 j 6Z 2
ROAM ctcB& B Ym Y Fb (^ - Y& B!9 6T- Y
& Bv ?7 &. 6 n? ! h TOU{ d ?h TO cZ 4 ?c- s
structural congruence Z7?KQc & d % $~o" Lc96~q S&
?TlXj+ ROAM &dc$ ~ U &Q n] (l +0 ROAM cZB
B> cotL N< P+ ROAM c typing B + T |n ] 0] RtE f
>7cEDBcZ ETS-MT 7!*RtEfZc <P cEDBT
nY`$${m0]Rt7 ? Fb.6 c TD` h$ h ETS-MT"~~BcZB
(G 3 +? Z B(c r o ( mo n33]Z +Fb y@. 6c h ~
%, - ~Bc s = ! m0]+ RtE fc EDBotL ETS-MTc70
9Zq+gKc?H%b'b +n ]gK mobility ( g threads &H % c a 07+?Z B(Y EDB c~{- s( @ ~74c
$~{d+&]3]Y?-sc.!s= prex (a~s= parallel composition c
2f=]&R? ct f ETS-MTLg? c& subtyping Z$`
n .$5c? Q n ] h 7n .$rc ~ E~ + Z c6 s 7~K{
d c c $~ otL b + ? ( 7 b { J K ` c { B typing rules a d
jL{ B`$c? c !% validity -sZ cT }% subject
congruence ( & Z c T } % subject reduction >7& Z#+ { BotLLb + ETS-MTc9 f typing algorithm n]7b{cJK `
t f? Rt c9 dj+9 f caS %()>%9 6b + ~ 9 f t f 0Y;?K * c Xj+ ETS-MT7r B ED& ec B> co^L Nb + ROAM E f & d hc T | X$ Y d labelled transition semantics k X & d 39 2 c" < P T]Z c TDzW X$ Y d
B39 0 c" < P Z `] 2n c~ % & d n] n m!z ?; `n3 c
=T3 h 6 - r B ? 'n n c ` =7?h %< P .. { d & d hc X$ Y d hU T s 7 \ RtEf < P N & 0 N{ dX$
YdT3c S commitment ( W, outcome c&
E $n T3
X$ ! *: X$ Y - #+? L n ] 3 #7W, concretion "6 T 3 c 7$
hardening relation c & n m+ T c ZT X$ Y - c 4 ? : 0 ; n YX$ c ] Q ( c ; @ ] Q rU& &` ~y E _ r~6T &o^L>
dnm+ ROAM ?c wDZ~ ?n u &c n3 5c n33 b !7 7wDZcc$~ # Q ROAM ?c&~%{d+YI Bc X$ Y da T
3P +U B & Bc sZ9 6y^ dj+&| d ch % correspondence B> co I L7 X$ Y d c c $~ u Q Gordon ( Cardelli < P MA ?h % c &
< P+{& ] ?hc T*&nW EU L c B u\R]Eco1
z`a71zEX]Y\*c7 o T]BfV) Orc? aT- s c
h I h
l
=
19, 16]
20]
20]
] 3
U
h G
6
?3hcT3E _S/ v#2 &I ksL6, n0] ( 0 3hcU-L l4 B L?h % c < Px X4c -L obervation a barb c~ `> h % contextual
equivalence nk & ] ?h B ( u_ / 7a , ~ `> context `$c- 9
'n 3 G G ] c o "]BB L < P+ T 4 Np &XM harness c~B~
`>a vz N & ] ? / 7a ,Q~ `> f h G ]B / 7a a c~ `> QhX f
G] context lemma ULT(<P?/ 7a ,~ `> n Xc@;D4z <
P?/7U~{c~`> X c@;o IL b+ ROAM ?UTQ~
`> = c ` n @ 4 {?hc T*% -L activity lemma B> co)L0 - . > ot ^ I Lc-L b ~ {?hc T KQ{G algebraic
laws k X~ T L b + & ] ?h % c T*&B L b cT3{hcY l
Y U {Gn ] f@3 T r -R4U r - c? # 3hc U ? / 7a , ~ `>
`$c-Q3hcB Lch %{G7 0I ~+*7 ETS-MTcY;%(pQc $
~~]3QpH %(0Y;H %U h%{G34G ~`>cQp{G~ `
> cQ p {G {s'{G ]kT K Jc B - L B L79 6Lb +$ ~ U {
GdjRtOm renaming &()]2z) rewall-crossing &7R4T{ `. 6
hc h !+ a +h % {GcY $ ~&% : Q U & c(r Xj
ROAM $j MA ( SA 7 ! O %& ec0s B> co/L b a dj+0 ROAM E f h E fc T]&%u x n ] f@3h % {
Gs~cT] 2n ]@4 ROAM EfZBc=dT]E fh6 T]E fcd
jl@T*n34t]n3oTn34U&]Ef`)c( D{d6 (y @do
"n34 Y h&% c.~ ot n34h&% caS %dj UcaS % dj2n 3 &
dT3h-"?!4c9 "?n] y ;@h-Qn] rs_
c ; @ :`$c- 4T] " &- c h YhZ c? " 3 h - )6ca
,!4h 0$"?"c !4h - ca , &- # n ] "?c T] &- c
h jh U& ad 0- & 4y @ T } % operational correspondence 7Y
chE_r~+>k 18] EfhcEf esc Efhadj esc E
fch`$ EfaS%cdj o'L3B>l @c2- ( ?Tll @c{
70 / 7 2 ~ B> otL Z c;h (o^ I L X$ Y d( h % {c;h
Yn'"Zn) ! d67 27o "Lcc $~n]W70/ ot ^ILQn 2
otL d 0 / o^ I L T3o)Lh % {Gc < P3 +*7 Z( h % {cc$~c 9! 7ot^IL`) '6 ? !
x1.3 R O` %x s aD
4
B * b B L >r c T < P l @ 34 ^ ]n3r c Y;t f ( D r ] MA
4 c rl @ ] SA 4 c rl @ ( !u c RtE fc rl @ MA 3o T
4
operational correspondence 9 j+ f @m % j+ f} f
2&D@2j1 ffl&;;MG &= |f} f&
9, 21, 22]
%%f G ;Mf k ; 6\%p _5611
1.3
x
cMSX.p
7
]Q 39 cB c RtE fr SA c n ] f@37 RtE f < P | >7 R
tE f ] c2 T] <l 4 B * 3] c MA ( SA c rl @Q/b ] 9G ]
x1.3.1
F8vk*7#h
#+ RtE f 'Y;t f ( Dr c< P l@Nc E fc&I c E
f c&I
c join E f c&I ( Seal E f h T t8 vl$
>k 14] - -Y;t f t f % Y;%a >c~s 7'Gc E fL c $~ n m ~c O ( & Z B(cY; : !W"){c E f Z Y;t f@ (D c+r (3
P7 >k 14] c dist Ef T] ~B Z B( "go p" cFt- n$ Z B( ~ " "
X 3c& Z B( (K) Y; $ ~ p a|4t f E f3 c Z B(Ftc O > L L
QXc Y;% >+ T]3 $`K7 Y;6? ! QX>J #QQXcY;%h% s!
h c y @ h E f B 6!!3 T | Z B(Ft l Y dist E f gK T $F
ts~aQcKQY;s~ ]a(94c$c Y;tfQ3 5cg
" t8 vl$
c ^ 9 c E f ] !'Gc a L c $' 4Y;t f ( D c T]0! c s k,&I Ef$!g~ k%#3k hn Q '4T]<Pc\s Ef73k(~c&
I l @ N D l Distributed- h >k 11] c D E f7 E fc c $~
E~+~cO ?7 ~2!?n]Y; " goto 9T]~-Y $6T
] ~ 9 z 7 B m $ 9 ?c Y;(B m 9 ' ) ' 7! 64l @ 23]
"@T L D c T } %( %# .B cN n x.>+? Tlc < P >k 12] +
kl E fc T] & h E f (T | Z c n . 7 E f \] ^:
!T]?I@( -L^c9 ;h jV@+ ]~n . Efcnhckl
Ef 7 E fc c $~ @T2E ~ + ~c O ?7 ~ location 2 !n ]
- ~c?,r 7R message 7R6 c ^ 7R OaT ~Bc" stop
- $v ] ~ !" spawn = 7v ~/+ T] ? " ping = ;:v ~3 : !U|E ~ +
~c E f 4 l E f 9 6 @T ! d( h %>+ < P ab + T | l E f h '
hc E fc &>k 13] c Distributed- 7 E f c $~E ~ + ~c O @u ( ?- Y c y @ migrate to oB m ( $%#cG ] $ ~ D h! ~w
31|- s c :g c ^c$ 96 ' !Z $ B m( $ ^ ~h
X {? ! G 3]Ri~ ! c hc ^c 9n t join t8 vl$
join E f 3 T E fc T&# D6 % +e chemical abstract machine Ti~5x+7R =c ~3k ( Join Ef 27 join Efcc$~E ~+ ~c
pm ( ?c Y;n ~j6 h N1| Z*s k !&Nn@_ Y;T RtE
f h3k ( join E fc Y; n ]7a a & ] ~j 7 ZB & ecB c join
E f E fc Z B3 r hc l4 n ] b 47E ~ + ~ (Y;%63k ( join
E fc Z B~K p 3k ( E f E $ r C 14]
8]
11, 12, 13]
24]
15 ]
17]
h i
11]
12]
13]
1
1
1
1
1
1
1
1
24]
25]
15]
26 ]
8
h G
t8
^ seal
>k 17] qKc seal E f Q 3 T 3k (c? E f E $ ! Ox. e . seal E f
u g+ RtE fc O Q Y T] N1| n ]Y; :Y ! O )<n c Rt - sj
4 seal T3 seal E fc 9(Y;e .R RtE f hRtE fc; n 3m 9e .
h seal E fcV r~ E fcm ^ 9e . : 9 c;hz3m+ 6 '#+
B m 9]' seal E f L 1 0 *) P 5c 9& ( 7 ^~c hXw x " a 9? v{ 7 ` ~ aB m 9 cU &u %U 9& ( hX n' n mz) P
5Jc!O%B7 Y;%& e seal Efh>7RtEfc in out y@J%Kj
4 m 9e . T] seal mn ]'n c 9 ^ ? b$~ T a`T 6 ' seal E f
ct){~ ]3 Rt ;' c 9 x.c2 A hE $'C "!9+ch
MA HkKv_$ C
B * N 707" MA c c $~ MA c Z?h % h & e T h c<Pl@
x1.3.2.1 ! MA o hUD v q _
Cardelli ( Gordon 7 MA Ln m+Em ( E& ]B m 9 " ~ ?c 7
R =a " ~ U& ] " ) '+ Efc h UY 9 &Ic MA E fcYk `
c-s
>
>
>
>
>
>
>
>
>
>
>
>
>
>
P ::= 0 >
> (n)P >
>P P >
> !P >
> M :P >
> nP ] >
> (x):P >
> M
x1.3.2
5]
M ::=
>
>
>
> in
>
>
n>
> out
j
>
>
n>
> open
>
>
n>
>
h
i
M :M
!Em (x):P (E M s=7a~n" ~k `c 9B?!& - 4 ? P
cq) T) x O4 M ~ P M=x Z+ h
i
f
g
(x):P M
j h
i
P M=x
;!
f
g
(1.18)
7&I MA *R,rcQ4T]- M ]`+a+T]"~Y; K?!9c&
@ )Z + &c ; @ a ? m p out
| {zm} : in n : M P ] ] n open p : (x):Q]
mP] p in
n : M ] n open p : (x):Q]
|{z}
mP] n open
p : (x):Q p M ] ]
| {z }
M]
mP ] n (x):Q
|{z}
| {z }
mP ] nQ M=x ]
h
;!
;!
;!
;!
j
h
i j
i j
j
j
j h
j
j
f
j
i
g
h
i
(1.19)
(1.20)
(1.21)
(1.22)
(1.23)
U Rt m " ~Rt p c Y; *R M ,b bRt n c? Q 7 h m ( n
n3]KZ&]-P*s p BnKZT]~ *R,rc Y; K &I MA cXhk ((x) : x : P ) n &`$ n : P U=-( & BTY
ad c Z B( l4Rt m h @ 4 ?s ! c ; @ % 9 ~n' * # ] ~ GadZ B(
jh
i
1.3
x
cMSX.p
9
K E $I l 4 &I MA c Z< P 9 cB c T]NF R 3* #~K Y}
cGad?ZB( T]%!c ZLN9dEmE 9c +, 7&
I MA Z ~c? Tl< P L6 ?cY;% * polyadic 9 c& Z " ~5' c6 s =E ~ MA c ! O % hh >k 27] 3 MA Z c9< < P 7 >k 27] ?34 (M : W) ( ?
(P : T) &I 3] { d*R M Rt (AmbT ]) (; @- (CapT ]) & cB Z B(
AmbT] ~ Z + T Rt m 7U Rt n ] ? ! 4 T c 7R O% CapT] B ~ f
-RtcFby@s!L ; @6nXFb4 AmbT] c&Rt!-3L& Rt
c??~Y$`FbT? L Y?! T 7ROc7R O T Z+Em
E?O7Rc n] 3h Oa ,7R cQ F= Shh Qn]3OT]6c
7R 4 Z 3 c * polyadic MA % c z 4U$ ~ 6c O k
6`cc 3]3 W Wk BL?c4 W
Wk 7>k 28] Cardelli h]2 MA cO? ! +&I +Rtn :? Fbc
p{ lock O Y ]k?cY;% mobility O Z Rtn?<j4p{ (0 p{&
p{cRt| $h ?FbE ~p{H % cRt Z B( T4 AmbY T] ?34nY
;(0Y; & J in ( out c?n' ?E 9n Y; % open Bn n mn Y;
c?%Y}"?cn Y;%UL?c ?^D4 Z T 6, Z T c?cRtY
AmbY Z T] nXnm Z T ?c4 CapZ T] 27 ]
28]
29]
30 ]
1
1
>k 28] Ln m+ ?;Y; objective move c gK 90 " ?;Y; >
7!O%B:n ~ ;Y;~ ~?Y;Rt cf (1 0h V%7Z ?;
Y; RY~Bc ~0k z$ ~ ;Y;B G T z' a FbQX 6%B 6 ah
Y; c Rt c Y; H % 4hY; " l 7u N Fb T]Y; cQX 6V % k r~?;
Y;Tn0]U ]B?;Y; c 4 go N : MP] N 3 T -z 6, in ( out c ;
@-s?;Y; c&& Bk`
5 ]
5
(Red Go In)
(Red Go Out)
go (in m : N) : nP] mQ]
m go (out m : N) : nP] Q]
j
j
;!
;!
m go N : nP ] Q]
go N : nP ] mQ]
j
j
$~?;Y;6cRtZB(&I 4 AmbY Z Z T ] Ec Z Z+Rtc?;Y;%
T]Rt n ] 3 ?; n Y;% ;h n Y; c U LHRt FbU Rt T G+ 5 n m Y;
%+
t`v ~K &n m c ?;Y; "0] ED cT ~ nRt ('c,Y;-yED4Fb.c,0Y;-y%B> cED Z$]Y Rt
E f W >7c EDB + T |fmED ) { c ZG+n mU ?;Y
; " n n 0! cg i %ad ~c ED
Zimmer MA B m 9 c& Z< P 37 >k 28] j~c? Tl I > d7 >
k 28] cp{ O 3Y Rt m %A c m Rt k h* 7 !p{H %L.) O T } Zimmer (>+ Ln . n'7 n m+p{ (0 p{& Rt=$U LRt cp{ :
MD5 c5 D@ pvMf HF - 9]* s P 2_f- 9HFD5&
0
29]
5
0
h G
10
G+ 5k % :( +p{cl. Zimmer MA co "]N; 3E ~ + T
]~ n { 0Y; ~ % c imm T] Y imm c? T{3 h n Y; c E ~ imm c ! (3 G+ 7R Tn?n'{ d40Y;%h 5+N 6 = 67? u
& imm h! h &a,@~7>k 28] q c Z j~ Zimmer
7>k 29] 2? ! +I)c l @ h !! ^D +?c Y; H %(Rt cp{H %Ln m+
& Za | {c 7R O &I 4T]7R O#2> LL ? Tl + T |S{
% deterministric c F0f typing algorithm Cardelli h]7 >k 30] 2 k , $ ~ Z~ 5 MA c ! O % ? ! + < P !9 7 c pk 37 RtE f c $~E ~ + A(Group) c/+ n \ ]Rt mc h 53 T c
Amb ] % 3 G ] ! G 4LRt qHc6 U L`$+ T]i~^D c Rt Z
6c O Z Tn ] r B ]`T i~y^ c ; @ 0 n k R P _-y_Tp>i G \'U;T
R P _-y_W>i G \'U;T
;T n _-y_EaTp>i G \'U;T
>k 30] h 5 9 8"cp{H %(Y; H %u_ \ I ?6, 7~K 6c*) ( Fb
O n m6c O MA c ! O % `$+? Tl c ~ 5 k T {= 6 n ]9 d T
] +c Rt m+ hXq a ^? ,b$ 'n6c O 7 6 c 31, 32, 33] h >k ``
$+r~U !O~% | L?~ 7~ 5 Efc!O%~ 9CCardelli h]!7 MA Z<Pc~KT l@
?!+2-@4T
] ) 6% c' u >k 35] 34 ]
27 , 28, 30]
x1.3.2.2
! MA v%&|eq _ C
#+~K MA Zc<P l@ ]' MA c<Pl@L 0*k ?h% c
<P
c Java c MA c hB
c Jocaml c MA c hB MA
r cryO g model logic ( ry%+ model checking < P
? !4
cJy3P
]k " ~ MA c1|- s < P +7- ~ 0- s QXc>& ( %o
h>k 51] L<P+ MA 7Y;K mobile agent Ztcs~a9 Y; K Z
t " b + T RtE fc&I &-n 5 <ZU N T B>r c?h
%& ec < P l @> T Q70 79<c MA >k 5, 19] Cardelli ( Gordon Tb'$= ?ch% ? !< P ! Nl @ h 7 ?h % c{ d(T Qh %B cdj kdjV n fn(P)
(n)nP] ( 0 9 'n 3hc 7 6c >k 20] Gordon ( Cardelli 2-+ >k
5] ( 19] c < P' a MA ch % >+ T] $4) _ Oec{ d! N -L3 > c context lemma ( activity lemma U& ] -L o + MA ?h % cdj= 6! context lemma v MA ? T*ad ~c~ `> h contextual equivalence Z h c
v4 harness c~B~`>q{d cE$QchZl 6 activity lemma b+Y
L Qch Z ? ! c T*&9 6> L"~ U& ] -L dj+ MA )] 2
19, 20]
36 , 37]
40, 41]
38]
39 ]
42, 43]
44 , 45, 46, 47, 48, 49]
50]
62
1.3
x
cMSX.p
11
z) rewall-crossing &caS% t`v7B> ROAM ?hZc< P E_r~+>k 20] _c=6d
j+ ROAM 7&I+ MA c j 6!?ch % cn34 MA \ c-L T3 B
> ?h % c < P h !!y >k 20] c& ] -L %3 ROAM _c-L B>
ROAM Z c < P-L r - -? Tl `$+ ROAM ?cq S h % {G U {Gn
]&R m s~ F4?h % cdj > co/L Lb +k ,s~ U {G D E f h -Lcdj 6
x1.3.3
SA HkKv_$ C
B>< P9b9 r c l @3 Levi ( Sangiorgi c SA E f SA v a "
~; @0]+ MA c5 S Z B 2nf@3 MA c T] * hl 49v ad ~X SA a7 5JK MA @ 4RtE f < Pc T] cK ZU SA k ! 64l @Q/ 4T]n
3] + SA c~B %
Levi ( Sangiorgi 7 >k 16] >7v+ MA >7c5 S Z Ban m ; @
+n]*#5SZc SA Ef>k 16] Lmm<P+ SA cZX$Yd(?
ch % { &ab q S ?h % c{{G >k 96L /V+I)&E Xjq
? 5 S Z B6 SA I+c0)~ %~ ] 3 E f h cKQ & (dj SA (B>Z
b9]`>k 16] c;h? !iy^ c70 7Z&e>k 16] 0mnm+thcO AQoh basic #
oh immobility ( p]goh single-threadness AQoh cZ+p9|:) MA c
< P
*R M c W ?34cBRt BAmbT] (cB; @- BCapT] ?YcB? BP rocT] U T L310O c*R n] 3v*R W Q
n]3hOa,;hcQF= X{ Shh 7cB>k 16] 2G3T~Bc #
oh ~5xz xh Y;Qh ?Fbc RtY0Y; ~% c Rt;@-( ?
3]~ IAmbT] ICapT ] ( IProcT] Z+ ot ? 4 p ] go h YQ p ~ % c
Rta ?7a , rz fT]; @ Q T3X h >7 n ]a 2 ! c& ]; @ +N
vU ;@z3v9zc;@ 7&Rt c; @h9gD l4 Q p?ca%c
V0WYQp ~ %c Rt*R(?3]~ STAmbI Tt] STCapI Tt] ( STProcI T t]
Z+ ! I ~ Xw Y p a Q p Tt Z +? ! + Gp c Xw6*R ,r T 6& n0Y; ( Q p c 4>k 16] 64 ch % {Gc < PF ` +
c$
7?h %< P & e >k 16] r~ _ >k 19] c c commitment ( - outcome c &> db + y @ d hc T | X$ Y dV 6 { d + SA ? h ~
c barb c = r7 bisimulation Z( &O `c c congruence Za - -0Y; ( Q p b + TZ /c?h % {{G >k 16] b ch
%{Gn34 k` t]n3
(1). G n .ch % {G r 7 "
D@ p<M' z_G & MA $ SA + ROAM /D+_ 4|+0(cU ( s ,: f, _&
16]
27, 28]
6
h G
12
(2). c Q p Rt ch % {G r 4 "
(3). c 0Y; ( Q p c{s'{G r 3 >k 16] 9 6b +I)c k Rt c O m y @ QX 76 cA )] 2z) ( SA
E fc h h a3] $ ~ ~Kh % {G b + rs -LcKQdj +N v >k 16]
h E f$ ~ +J B m 9 "c&I SA E f U (6 >k 18] b c$ ~GB m 9
"c0 SA Efch B7c; ]6Tc~ N I`*
B> ROAM c Z( h % {Gc < P7 0 I ~ CU + >k 16] c)A V
%B> c l @ (6 T Q 0I; ]> d7 Z c < P >k 16] >7 +Q p c O V %!Qp Z( 6 ' c cB (0Y; Y e m- - 7 T & %
B> c Z >7 Y;(0Y;Gp Q p (*p U O T 7 T] ,c
& Z GSmrB +U Ojc" Z!7>k 16] c Zh 0
! mr B c EDB%B> c Z g ED @ 4 Z t c '" ;h $`B>c Z ETS-MT?(Rt cgKi~- (^9 6 'B> h %{G
cdj>k 16] "~=r7 bisimulation c&hB>r~? (! JKn cq =& (? !TT3PUdj &n ] b4 3"~>k 20] c-L@ 4 &s ? T
l- . - ? ( Ic- 7 L&- c < PB$+ >k 16] k I l c !
7 SA c < P Zimmer 7 >k 18] $ ~ 0 SA h E fc l @n ] X3 SA 0
) % c2 T] g 7RtE f VV Cardelli ( Gordon R(RtE f ( E fc
Z @ 4T]0 N c < P;h 9( RtE f B m 9 "c n m7 T { ~T3 4 +$
RtE f7r Bt fc Y;%(3k% c Q Y$5c Z B %h E fT3U
Z Bc9dj T79(c >k 5] a Y b ! h c :9 dj 7 SA c
< P Levi ( Sangiorgi Q" ~ J B m 9 "c SA b + E fc h " ~ h
% {Gdj+ Lh c y @ T } % V%~K < P E fc h#GT ' m$ ~ +
IBm9"&IcRtE fr7 Efc^c 9>k 18] >7badj+ h
JBm9"c0! ORtE fl Efch&%$]_ RtE fc Z B+
i? Tl cb! u9 7 c~s3 ~ YOU Oy @c s = Z + E f ( ! T W >
7cOUOy@ 4 4>k 18] >dt+T YOU Oy@c c EfT##
esc E f ab + esc E f ( E fc r=h&74 c $~ >k 18] b + ~ 0 SA esc E fc h9 6b a dj+ E fn'? !h c y @ T } %
T3UTst`v>k 18] h&%cdjE$ F4!n'"l7 Efc hL V n m ED c Bn K Z ^c *p 0Y;RtL V N FbK Z 9 ?c Y;RtY nm EDe . ?c h GS{ dh - c
djT G $ ~>k 16] ?h % cKQ{G % 7 B> 9 6b c0 ROAM E f h E fcdj B$ ~ +_ >k 16] cKQ &n' h % {G ) ' h caS %
djUhTXj+ ROAM Y_ SA cZB%:Xj+ED Z7GSrB?
c7@~
7 >k 52] Sangiorgi ( Valente L ( l< P+ SA E fc 3k ( - 7 e hBb + T] gQ p (0Y; h? c - 7 e c ( da dj+ L- 7 e s ! SA ?
16]
1.3
x
cMSX.p
13
caS %>k 53] SA ?cJy 3P ? ! + < P 6'>k 32] (>k 31] L] SA 4c
$<P+c Z W SA !O%c&
x1.3.4
%&A<at8v_$
C
RtE fn ] X3C T]0 \ ,c < P4 #+~K ] MA ( SA 4c $? ! c < P
'L 0* !uc < P l@ Amtoft h]7 RtE fE ~ + E fc% +(5 Q@ ~s = `$+q < c AC
E
fa<P+ AC Efc` * y%9C Amtoft 27>k 33] +"~>k 30] c, 6 -c O 79 cB c MA E f~ hRt n ]Y;#2 c{ 7v ad ~2
9"`g + MA Q3;@Jc5 SZ B Bugliesi h]7>k 55] +T
4 boxed ambients c E f J * + RtE fc open " Kj_ seal E fc H & Rt
9s = LE f7 ! O % x. & e E $ 7 n m6Vc ZLE f *R c,b &
- n ] ? ! ! mx. ] ~U < P l @ E $3 ~%_ 9ah gD E fcKQ % 7 79C k c >k 56]
Merro ( Hennessy 7 SA c; @ (; @~E ~ + 4 bQ password c 5'u Q `
$+q < c G <
SAP | Safe Ambients with Passwords SAP $ ~ cbQ
u Qx. ; @ (; @c+, ? Tl 5 D + RtE f ! O % cx. bQc$ ~
Q $` SAP cKQ % 7+ 0 Ic ~ 5 >k 56] L SAP c = r7 Z ? ! + < P `+
SAP c c Z barbed congruence c~B % 7 n SAP G L { d, q;Yccc Z` r>k 56] Ldj+ SAP ccc Z
cX$c= r7h Z4TZ U T-L
SAP 7v ad ~nf@3 RtE fKQ % 7 < Pc2 T1 ) 9( RtE fKQ % 7 8 r
UTBa7 l?q ?U7 SAP c<P`$+9cdj MA ?n]f@3 SA ?
cT]~B& h% SA ?2n]f@3 SAP ?cT]~B& h6'<P]"U7<
P03| :%(8h %c>t`E _L4L(6X
+ 54]
+
' at8
R' d Y
B L3 B> c nAn3<K+L >< Pc ad( N ;h ! a 70+ B>r c T
< P l @ B L> d 70+ Y;t f ( D r c < P ad!7 ]RtE fc5 S Z B
4p o 3] 70+ MA SA ab + n m ROAM c j 670+L > c N ;h (
- s! B L9 6 70+ B> c T r< P l @6 !uc Y;t fr c MA c
< P l @ c SA c < P l @ ( !u c RtE fc < Pl @h 14
h G
}$& }M= bu9
B> c O K n3 $ 4y^ c70+ Y;t f ( D c < P ad(n m ROAM c 9 B L
b' L > ;h 2 ROAM ? ! Ib B L> db ROAM c ( & dab T
$~ ROAM gKc&
x2.1
%
=3RtEf ROAM 3!ORtEf SA cT]T ROAM SA c9NG]
3;@uQ7&c@ ~c.> cLK `e ~$4( Dc An m ROAM c
7 4TnQm+ h-!c ~ n m h)+wZ + ROAM c? process h
- !c ~ P Q hI ) +w Z + r { d k `
>
>
>
>
>
>
>
>
>
>
P ::= 0 >
> (n : T )P >
>P Q>
> !P >
> M :P >
> nP]
N
P
j
! T 4ZB(7nm ROAM cZj.nhLgD!d M 4 capability h- cc c\ ] c 4T]; @ action -~ M N hc Z + r{dk` M
M
1
>
>
>
>
>
>
>
>
>
>
>
>
>
>
M ::= >
> in n >
> out n >
> open n >
> in n >
> out n >
> open >
> M :N
?c.e^ s=, 0 -, (n : T)P -, P Q -(, ! P -3]Z+?KQ ad ~cJy? inactive m+&O restriction ? a~ parallel composition ( ?
F. replication M : P Z+?n]W2 s! M c;@ nP] Z+T]m4 n ;n2!? P cRt
ROAM c(9(c MA Ef 0Icr_j( 4 +$ /T RtE fc cB
O T]E $n c+0 ]i! c0 B> c;h ` e u Q >k 5] c;h b ~K Rt
E f cBs =cgK % Xj \-Zg 0 ?r{dc sv h6,a, ;hc? Q n0 4h 'n?
! a , = c? T ?KQ Q~ nil Z +c 1 (n : T)P /+ T] chX 7 P ]' $ ~ c Rt m n L m+n@4 P
cRtma; @c uQ ! ~ T Z+7hgD nn' )@ (n)P ?&O
cRtmU4 n 4&Om bound name js!u 0&Ocm+ 4)
m free name &Omn?!Om3"c"l4 OOm.6c?
7 d ~nb 4 3 ) O r c &O s= (n : T) n7 LN &I a n !@ ~#2T.
3 h !u Rtmc)a &O% 7 NTLNn$~ OO m 4 ' & y @
n7m+&Os =; n ?!Un ~]`B+a j
5]
2
P
Q = (n : T )P
(n : T)Q
(2.1)
K< M j/8f + M : N u?8'b]+M f P j/%G;W( _u ?;' $jb@HF- 9]* 8k
9V,(f!!-9&
D@ ; =) \ -' l 9AAA{X AAA(f 'f%; () \-' X<=X (f 'f&_b l j B ;_ Zl %a +&
;!
)
;!
1
2
15
h 8%TYJ
16
\0 P Q Z+&]a2! c??n ]` ) &Qn ="2f
=, -R4 O G ( - - G a ~?n ` ) &U T% 7n ~]` B+ a
j
j
P
;!
Q =
P R
)
j
;!
Q R
(2.2)
j
'1 ! P F.s=34+ ZB?cT Far ~ % ! P KZ+GD*] P c
DBn h< >! a ~c? P n ! P h P ! P t`3 a ! P B 6 h ?!& n]`- Yh '* j
P
Q =
6
)
!P
;!
!Q
(2.3)
C M : P Q 4 .! prex s = ? M : P 7s !) M cq ;
@6ET4? P s M 6,c\T];@ # !sc && ( U && (
`>c& BY b 7 M )'j.? P hQ<?!& P
;!
;!
Q =
6
)
M :P
;!
M :Q
(2.4)
nP ]
;!
nQ]
(2.5)
<a nP ] ? nP ] Z++T]m4 n ;n?4 P cRtt`5x7Rt nP ]
GL n 3:?!Y;? P '+(72! y n
P
;!
Q =
)
P n6,*]?ca ~! T ? Q3 Rtl 4T* X RtYk `
cN1|- s
nP
1
j j
Pp m ]
j
1
j j
mq ] ]
(Pi = ni ] )
6
! P Pp # 3Y c ; @s ! ? # Y A : c- s ! A 4 ) c
B; @j TU ? ..Q 4Rt n c i1Zg a ;eZg I @x. n c !4%
m ] mq ] h? # Y Rt - sT* 4 n c >< a RtE fc & y @ # 3 2 Rt c1|-s ? ! cl 4O F~KN1|s 0 RtE fc y @ d 0 Ic 1 RtEf Rt c Y;( Fb # 37 Rt ;
n cz?x. `) 'c MA SA ( ROAM c; kQh 7 U ; @c h { d
6 'RtE fc m Rt Ya ,n . GL3 cL 31|c Rt# n {
T]m+ |n] $ ~ ! nP] gKvhn ] oc T 7%?K
1
1
3
_!uEfZ7 ROAM $~ fn(P) Z+? P c)mh- M ! h cqm+` 4)m L $ ~ fn(M) Z + M c)m h-7? Z B(
a~s=, -c0do9kLN n $, () -c$~NTy@ =c--7 2
k7? M : (P Q) (n : T )(P Q) ( ! (P Q) k/J $?cad h4&
R F )T* ? n0] )4 n ] ? M : 0 )4 M j
j
j
j
W2s!c ;@6' 7 ROAM ?n]s! c; @(;@ r) 3t ,-$~)' & ;@ (; @c uQ #u Y c & #Yu Qc open ]'
(Pu?p=1b@f/u+ +#]j; VQ ]Uw n f(p%6)=jiF&
3
!ed]
2.2
x
" 17
n ( in n ; @ in n : ! $!q7c Rt ?m LRta ~ :m 4 n c Rt"
; @ in n 1 0T] m 4 n c Rt ?m L ?q7c RtY m ; @ (Y m ; @, - $ ~
r= , -) ' T 7 Y m & ; @ $`T RtT ' r= 1|c H & Rtk ` ec
& Rt m c in n ; @ (Rt n c in m ; @ r=, -) '+ m ?m n c i in
m in n : P P ] n in m : Q Q ]
1
j
j
2
j
;!
2
nmP P ] Q Q ]
1
j
j
2
1
j
2
(2.6)
n ( out n ; @ out n : ! $!q7c RtY !~ Rt n "; @ out n 1
0T] m4 n c& RtY Y ; @c ! Y m ; @ V!r!$` TH & RtT '
Rt` ec&+ a + ; @ out n ( out m c, - out
nm out n : P P ]
1
1
j
2
j
out
m:Q Q ]
1
j
2
;!
mP P ] nQ Q ]
1
j
2
j
1
j
2
(2.7)
md open n ( open ;@ open n :!m4 n cRtFb$` n * : n c?
open n q7 ~c!u? a 2 !" open 1 0 q7c Rt? Fb +N 3aF
b ; @ ahT {(7 T]Rt ;@ open 3 ROAM ) ]cB; @ 3T Yu Qc
k
open
n : P n open : Q R]
j
j
;!
P Q R
j
j
(2.8)
4 + 7 ?s ! cY ; @ ~ Action Z + M cQ ]; @& hn Action 2 M Action
h- cc ~ I ) +w A A h Z + 0
Action =
4
fin
n in n out n out n open n open n
j
2 Ng
_m $ ~ fn(A) Z + A c)m h- M : P ( A : P ` !$ ~ - M : P Z +
?YW2;@s= T3h7!s !co T];@cY ;h " A : P Br!5x?s
! co T]; @ 4 A x2.2
+ !
~>\I]&c &((lb + ROAM ?&cT O B *b ROAM ?
& Z, -c ( D { dU & d # Berry ( Boudol c D6 % +e chemical
abstract machine 7 E f RtE fh ( DZ ? % $ ~ & d c - Y B
70I~W7?hv} ?n chTO##-s structural congruence Z~, -Z + { d4 ? h- ~R4 ]` Bc9 " Z
;!
25]
(Struct Re)
(Struct Symm)
(Struct Trans)
P
P
Q Q R = P
R
(Struct Res)
(Struct Par)
P
Q = (n : T)P
(n : T)Q
P
Q= P R Q R
P
Q P= P
)
Q
)
)
)
j
j
h 8%TYJ
18
(Struct Repl)
(Struct Amb)
(Struct Act)
P
Q = !P
P
Q = nP] nQ]
P
Q = M :P
(Struct Par Zero)
(Struct Par Comm)
(Struct Par Assoc)
P 0 P
(Struct Res Zero)
(Struct Res Res)
(Struct Res Par)
(Struct Res Amb)
(n : T )0 0
(Struct Repl Par)
(Struct Repl Zero)
!P
(Struct Empty)
(Struct Path)
:P
)
)
)
j
!Q
M :Q
P Q Q P
j
j
(P Q) R P (Q R)
j
j
j
j
(n : Tn)(m : Tm )P
(m : Tm )(n : Tn)P
n fn(P ) = (n : T)(P Q) P (n : T)Q
62
)
j
j
n = m = (n : T )mP ] m(n : T )P]
6
)
P !P
j
!0 0
P
(M : M ) : P
1
2
M : (M : P )
1
2
]` 3 ROAM ?c & B .t B b + Y m Y ( Fbt cB n &- sk
!&-9'ctBv &;@n7a~ &O(Rts =c; nU)B #
7~>c70>+Y cXj96TB (Red Struct) 3~>Y=0cuZ +?n
- s B? ! h TD R4!u Bq + c?- s
(Red In)
m in n : P P ] n in m : Q Q ]
nmP P ] Q Q ]
(Red Out) nm out n : P P ] out m : Q Q ] mP P ] nQ Q ]
(Red Open) open n : P n open : Q Q ] P Q Q
1
j
2
1
j
j
1
2
2
P
P Q
P
P
(Red Res)
(n : T )P
(n : T)P
(Red Amb) nPP] PnP ]
(Red Struct) P P PP PP P
(Red Par)
P
P Q
j
j
0
;!
1
j
2
j
1
j
2
j
1
j
1
2
j
2
2
0
;!
0
0
0
;!
0
j
j
j
;!
;!
;!
1
0
;!
;!
;!
2
1
1
2
j
j
j
j
0
00
;!
;!
00
P
000
000
C~ , c w$`>~Z, ;! -Z +, ;! -c) !,r K6~Z, ;! -Z
+, ;! -c,rK6
+
/4
2.3
x
x2.3
19
bu
B * b T ROAM c& ? Tl <j ROAM c &~ %(Z B ZgC_
aZ L V +N $ ~T = 6 x. r~ %#c .B<7 >k 5] T b + ~ MA h ~p ( 0pc& x2.3.1
acquire n : P = open n : P
release n : P = n ] P
4
4
j
~K{ d` ec & n ] h & ] ?c l shaking hand acquire n : release m : P release n : acquire m : Q
j
5]
(2.9)
7 ROAM #+n ] { d _c acquire ( release s = 'L n ] n'$ ~Rt cFb
; @ (; @ i~&R m h ? l
ShhL n : P = open n : P
ShhR n : P = n open : P]
4
4
UL`(nn h ? P Q cl
ShhL n : P ShhR n : Q
(2.10)
j
Zg^(
L ?jcO^ - Q >k 56] c?; n5 A internal choice y @ n{
d k `c ROAM c?; n5 A s = x2.3.2
P Q = (r)(open r : P
4
j
open
r : Q r open] )
j
URtm r c5AR4 r fn(P) fn(Q) /J+&Os =c =$ P Q
c&>7&n
62
P Q
= (r)(open r : P open r : Q r open] )
(r)(P open r : Q)
P (r)(open r : Q)
P
(2.11)
(2.12)
(2.13)
(2.14)
(2.15)
P Q
= (r)(open r : P open r : Q r open] )
(r)(open r : P Q)
(r)(open r : P ) Q
Q
(2.16)
(2.17)
(2.18)
(2.19)
(2.20)
j
;!
j
j
j
j
;!
j
j
j
h 8%TYJ
20
~K & n ] f ? P Q N W & 4 P ( (2.12 2.15) N W & 4 Q
( (2.17 2.20) h + P ( Q c T h S{cO^ U Z +& ] ?7 'n f ) O
hGG376 ec?h%L* Xy^70
3a~Kc; n5A s= Lh h CCS a Efc5A&, + -cn7>k 5]
b+~ MA heXhRt c>75 Ah?c s= MA c;@hX? ;: R
t > v}l 4h ` h7 ROAM n7 rs c ? ;: Rt A~ ~{c F . ; @ s =
] `$_c !6 'T ~ Fb Rt @ 45 A W Xc 5 A s =n{ d k `
n
)
P +m
Q = (r)(open n : (nopen] open r : (open n P ))
open m : (mopen] open r : (open m Q))
ropen])
4
)
j
j
j
j
j
j
7 ] ~{ d ; @ open na T open m 6 2 h c nopen]a T mopen] 3 4 +
) y7 3Tc ropen] \ I ?~ w 6 open na T open m 2 *# w T]'n c nopen]a
mopen] h ` f L5 A s =R4 ]` &~ %
(n P + m Q) n open]
(n P + m Q) m open]
)
)
)
j
)
;!
j
;!
P (r)(open m : (mopen]
Q (r)(open n : (nopen]
j
j
j
r : (open m Q))) (2.21)
open r : (open n P))) (2.22)
open
j
j
j
] ( (2.21) 4 !- c 60n3 (r)(open m : (mopen] j open r : (open m j Q))) ropen] \ I ~ w h n57 / Q k 'n zn>7 mopen] c ( open m & BL60n3 0 hV%L5As=@h R4 &.6 ?ch%#0n . n ( m
7!um&z] nopen] ( mopen] c(h
+)
9( Cardelli ( Gordon 7 MA Tb+RtOmc&
x2.3.3
n be m : P = m out n : open n : P ]
4
j
in
5 ]
m
U LRt n c? n be m : P Tn$ Rt cm+ n t7 & T ' T] 6 ' cm+
m
nn be m : P Q]
= nm out n : open n : P] in m Q]
m open n : P] n in m Q]
m open n : P nQ] ]
mP Q]
j
j
;!
j
;!
;!
j
j
j
j
(2.23)
(2.24)
(2.25)
(2.26)
(2.27)
7 ROAM 0h`{d_c Om s =
n
be
m : P = m out n : in n : open n]
L 4
j
out
nn be m : P Q]
j
m : in m : open : P
;!
mP Q]
j
(2.28)
2.3
x
/4
21
+N v MA >75 S Z B( (2.23 2.27) n ] W"? !O m L. +*7I)
cn.j~k'nh>7 a 2! cm Rt n a m 'nh:!?m n cR
ta Fb n m c? ? Q h $ n 7 O m a'Y; h U n .$` MA c O
ms=s~th5nR 7 SA OmcaS%L+NE $F4cg9dV%~ ROAM
hRtO m h T n . II( % :z +r Qc s =Tn 9 d O mcaS %o
)L Xy^ 70 O m s =. 6 ?hc L {L6 'T]0 Iuc )] 2z)
&
R' d Y
B L c O Kc 0 a( 3P ( D m b + ROAM c (c - s Z c &
daT & ROAM cy @ d(Z B b 9+? Tl cXj 64 cL* ] 4
4c 1 < P ROAM c ED ZX$ Y da< P?cKQ % 7 (Z B 22
h 8%TYJ
}%&
u 8p iVE
Z type system T|jS{d c&n{? ZB(c s= 9d7 &
?'+9v /cH% x.RtEfc Z\$ *c <P l@k
MA c cB B k Y;%(*R ,r c
MA SA !O
%B c
< P p Q ( KQLc
]k *R9 c * y % h 7 RtE f Z c < P T* t ]cB c < P +? Rt m ( ?rB+?cT cB~ %kY;%p Q(*R,r"Rtmc
~ Xj LRtc~ %k w B LRt 1 0 2 ! ?c "6'c `; @3 ; @
c(;@cuQnRtm q6'c l4 cS{ N;@s c~%
(Rt mc h
Fb ; @c(3 RtE f Z < Pc T] NB Y m (Y ; @ hF
b ; @7 h c? nm c? l 4 s ! Fb ; @?c { d N6,? Fb
Rt 1 0 2 ! ?c % 7 V ] Qc& # Rt n 1 02 ! c?Y Y; ~ %z
W? open n : P cQL.| 6,Y; ~%l4;@ open n cs!nm n c?
l4nY n 2 ! ?cq~ %6 ! Y; ~ %
~K BQ n ? % 2 ~ h `RtE fc Z 0
~ U & 7r B ?~ %& e f ` E$< {Rt2 ! c?7Fb. 6..Y hc
~%k]`c ROAM ?
57 ]
27, 28, 29]
34 , 31, 32]
16 , 58]
54 ]
1
27, 28, 29, 34, 31, 58]
n in m : open : 0] m in n : open n]
j
(3.1)
4 Rt n c? in m : open : 0 Y Y; ~ %TV n 7 m ? Fb 6Rz T]
Jy??m m Rt n c Y; ~ %a8n m m U? 7Fb. 6 TDc@;
4RtE fc o ht 7 P> type evolution problem r B ?c ED GS Z B
?c;y~%?% m< P?cKQ% 7| N
B L + ROAM c T | ED Z ETS-MT " ~ ~Bc Z B(G 3 +? Z B(c r o h ( Imo h n33]Z +Fb y @. 6 ?c h ~ %, - ~Bc
s = ! m0]+RtEfcEDBB Lc N;h 2 ETS-MTIb!
k`>d9Zq+ gKc?H %b'b+n]gK l mobilty ( ]g
3 threads &H%ca07+?ZB(YEDBc~{-s(
@~74c$~{d+&]3]Y?-s cW 2;@(a~s =c 2f =]&R
?ctfj670+ ETS-MT?c& subtyping Z$`n.$
5c?Qn] h 7 n .$rc ~ ? Tl E5+ ETS-MTc6s 7~K{d cc
$~b+?(7 b{ JK `c { B typing rules adjL
{B`$c? c!% validity -sZc T}% subject congruence ( & Z c T } % subject reduction >7& Z#+ { B B L L
Wf!!;xB.%%_' @m 27, 16] 8y\-B.%>\ -Uw of capability V3&
59]
1
23
Dh Y$2VOL
24
b + ETS-MTc9 f typing algorithm n] 7 b {c J K `t f? R
t c9 dj+9 f caS % soundness ()>% completeness 9
6b + ~ 9 f t f 0Y;?K * c Xj+ ETS-MT7r B ED& ec
x3.1
q j %
NrB+?c l mobility ( ]g3 threads Y;%b?3:X
s!Y}RtY;c; @ in ( out ?cY;%4Y; y Z+6,!jB?c
Y;%40Y; "p Q Z ++?n a s !; @ ] Q k Jy?c p Q 4
0 ? in n : out m : out n c ; @ 4 W 2 s !! p Q 4 1 Q p % ? in n out n
B3*p! pQ~=$ ! Z+
~ Z Z + Y;%~ Y Z + p Q ETS-MT? T ( W c { d k `
ETS-MT
_
j
(Z
2 Z
,Y
Z
,U
::=
2 Y
2 U
,T
_
y
2 T
,W
)
Y;%
2 W
Y
::=
0
1
!
p Q U
::=
ZY
"
?
#
Q]g
p]g
-]g
#.Zg
U
Npoh
UT]
t7oh
W ::=
h,K0WG
U tW
5oW!
T tW
\0W!
UW]
t7W!
~K U 4 =oh pretype ~Z2?qYc` H% ETS-MTN
gK?cY;%(pQ&H%" c( 4 Z Y Z Z+?cY;% Y Z+p
Q ETS-MT ? (Rt m #r~ T Z + ? P aRt n Y T )4
P : T a n : T 4 +r B ? c ED ~] ? T Yk ` t s = 0 c?
~w$ Z + "h s ! open ; @nh Fb. 6 EDc? 4 Npo
h n'~ U Z+"k?ns! open ;@B!ZB(Y t7oh s= UT] Z +?7 open ; @s ! .YQ U 7 open ; @s !6 ?c5 n3 4 T U 4 ! r o h T 4 ! Imo h k gD? in m : open : ! in m ; @ open s ! . ?3 Y; c Q p c n
6(S#@%_b 9 jp ( NY fA8 b%* - T 6' A - 9(%=j 5' A bUw - 9(&
6)=-jiF!!f ;D; b@ &&
T
::=
?
;
j
2
?
3
2
3
2VfJ
3.2
x
25
m : y j 6?3 0Y; c *p c n ! in m : ! l 4 _ ] ?c 4
y ! ] $ ~ED s = 7Fb 6,ED ?c Rt Fb ; @q7 / c?
z Rt c 8 % !V. GV. (8 c B3 h +?
TD cr B
ETS-MTc ~ W Z + T] M c 4 W )4 M : W W c{ d
r~ +~Bc~ `>& ( a~ $+& ] 2f = t ( t `T *$]7 n mU& ] 2f
= c c $~ c s =? ! Y cXj 7 T c{dnm0?=$ 34+`e2f={dc&R6'U{ U ]
nT]- c Z B( L. Y U U Un ] ] c T* ( ! n 0 in
1
1
_
_
j
?
?
0
?
1
qj$:1
x3.2
4&R- YW 2; @ : (a ~ j q s '?c ~ %7~K $ ~
+&]1{dc 2f = t ( jt >d3P? M : P c-Y#\ i P : UT ] : M : U UdhgD W
qYc~`>-s%d( Qf@YY;%(pQ&H% c" M Q
h6, open ( open U& ] ~B ; @ U M z ? M : P cV. > v}l 4 M : P c n ]- Y 4 (U u U)T] 2f = u ~ `$ h ~ % W 2; @, : -#' 6 6
h c ~ %k 0Y;(Y; & y @W 2s ! Zh Y; c~ %Q p ( Q p 72
s!cYQp c~ %2f = u {d7&]i~cB c2f = z ( y j~%_] U
( UT] `$ (U u U)T] c2f ~ t Z + ]`3U^ ] 2f = cY { d
0
0
0
0
z
y
:
:
Z Z ! Z
y
y
y y y
z
_
_
_
Y Y ! Y
0
0 0
1 1
! !
u
:
1
1
1
!
y
U U ! U
ZY u ZY
1
1
t
:
!
!
!
!
2
2
= (Z z Z ) Y y Y
4
1
2
(
1
U T ! T
U t
=
U tU
= U uU
U t U T] = (U u U )T ]
4
?
0
0
4
4
?
0
0
2)
Dh Y$2VOL
26
!73P? P P c-Y#\i P : T P : T 3]`^@;{L
(1). T T ` 4 Q n T = U : T = U 4 P P c n ~ U u U Z+
_~ > u c{ d2f = u e X a ~ s =c~s { d 72f = z ( y j~ k
& ] Q p c? a ~- T3 *p c (2). T T T]4 Q T]4ED h, T = U T = U T] 4
P 7 ; @ open s ! . Zh4 U c~ %j 6Zh4 T %a ~c- $` P P c P c~ % 7 P ; @ open cs ! . 6# n hl 4 P c~ % U N @ ~
7 U ( T ~]`$ P P c
(3). T T #4ED B P P c 0 ~ - Y l4 & ]a ~c open ; @s ! c
d6h?c QhrN gDqc@; F 4 : {adh I l 47 ETS-MT U@; ` P P c { d40 c (4). T T T]04 P P c Q 3 0 c j
1
1
2
1
2
1
1
1
j
2
0
1
j
2
2
j
1
2
2
j
1
j
4
?
2
2
Z Z ! Z
y
y
y y y
j
z
_
_
_
Y Y ! Y
0
0 0
1 1
! !
1
1
!
!
y
!
!
!
!
U U ! U
ZY u ZY
1
= (Z z Z ) Y y Y
4
2
j
1
t:
2
1
1
j
j
j
j
2
2
1
u:
1
j
1
j
2
0
1
y:
j
1
0
j
1
2
2
1
z:
2
2
j
2
j
2
1
1
2
j
(
2
1j
2)
T T ! T
U tU
= U uU
U t U T]
= (U u U )U t T]
U T] t U
= (U u U)T t U]
U T ] t U T ] =
=
tT
T t
=
0
j
0
j
0
1
? j
j
j
0
j
1
0
j
j
2
2
0
j
j
j
?
?
?
?
E$~Bc3cs=T]c W Zh4?cT]~`
> context ## z N 7 W 3T cwQ ~ T ~ T] ? T !- T3 T]
:N; %W2A8 R 5p _d "- 9 f &>} P j P : T < T $ T + T f9 $u ?l b) T =
U U U i ] ] ] %W i = 1 2 3 &D U
= MAX(U j U )
% k = 0::(n + n ) &UW2 !;q:
;%T;;u&
ETS-MT
;
4
i0
1
i1
in
3k
2
1i
3
u
2j
1
i+j =k
2
i
3
1
2
n2VO
3.3
x
27
c? T U Ts97? s =c@ ~ f3 0 )Vc a , M +NT]
? P s'T]c? M : P `>~ W(T ) Z+ T Tm W cwQ~a I t ( jt
2fq`$c- f V W(T ) 2 T 6 '~ W(W ) Z+ W T m W cwQ ~`$c
- W(W ) 2 W 0
0
0
0
x3.3
?q j % W
2tA cI Z&Zs~0 %k T]_ int c
Z B(n ] ) ; O4T]@ s oat c Z B( ETS-MTQ { d +? h- ~c
cIZ, -{dUIZ c- $` `eccB0'* T
P :T T T
P :T
h- ~c& Z +*7 h- ( c& Zc $j~ 7 hn & =@c.
`U h- ~c& Z `$ ~=$, -Z + 6 '7Y~BXj U h- ~
c&Z#3)! c (,rc C6
v>o $ c&]cYk` cIZ
0
0
T
Z
Y
U
Z
&
h U
Z
_ y
Q T3X T]0Y; c?n ] f@3 Y; c k 0 : _ n ] f@ 0 : y T3 T
]Y; c? h ? f@3 0Y; c C6 Y v>o $ Y ct]cYk ` cI Z
0
&
0
h U
0 1 !
L ^ p Qcn ] f@3 p Q * c@;c~ T3 p Q * cT h f@3 p
QcT~ C6 U v>o $ U c&Z ]` B b &
h U
ZY
ZY
0
0
()
Z Z
0
^
Y
Y
0
U3n'"~ ( c&Z`$c-
C6 & v>o h $ U c& Z ]` & B b4 +G ] ( c h
&ZoTB$~ +h c=$, T -(, U -
Z
T
Y
T
T
U TU
UT ] U T ]
0
0
0
()
()
U
U UU
U
U
0
^
0
T
T
0
9~KBn]fk &] ? YrcQn1|c, ] -QxBU&
] cI J] r ~c" cI Z: B k & ] ? cQ h
Bu_cIZ Yn E%
Dh Y$2VOL
28
]` 3 T & Z c& 0
_
0
y ]
0
1
0
_
_
0
_
_
0
_
0
y!
y
y
y!
y! ]
y! y!]
]]
y! y! y!] ]
_
_
0
1
0
(3.2)
(3.3)
(3.4)
(3.5)
(3.6)
` e b + 2f = t ( jt c T % 7 U % 7nn' t ( jt c{ d `$ l2 3.1
_Qui z y u t \Y|Q
(Dot Zero Z )
zZ=Z
(Dot Zero Y ) 0 y Y = Y
(Dot Zero U )
uU =U
(Dot Zero T )
tT =T
(Dot Symm Z ) Z z Z = Z z Z
(Dot Symm Y ) Y y Y = Y y Y
(Dot Symm U ) U u U = U u U
(Dot Assoc Z ) (Z z Z ) z Z = Z z (Z z Z )
(Dot Assoc Y ) (Y y Y ) y Y = Y y (Y y Y )
(Dot Assoc U ) (U u U ) u U = U u (U u U )
(Dot Assoc T ) (U t U ) t T = U t (U t T)
(Dot Strict Z ) Z Z = Z z Z Z z Z
(Dot Strict Y ) Y Y = Y y Y Y y Y
(Dot Strict U ) U U = U u U U u U
(Dot Strict T ) U U = U t T U t T
_ 0
_
_
l2 3.2
0
1
1
1
2
2
1
1
1
2
1
2
2
1
3
3
1
)
1
1
2
)
1
1
2
)
1
2
1
)
2
1
3
2
2
3
3
2
2
3
3
2
2
3
2
1
1
2
1
2
1
3
2
1
2
2
1
2
3
3
3
_Qui z y u t \Y|Q
(Par Zero Z )
zZ=Z
(Par Zero Y ) 0 y Y = Y
(Par Zero U )
uU =U
(Par Zero T )
tT =T
(Par Symm Z ) Z z Z = Z z Z
(Par Symm Y ) Y y Y = Y y Y
(Par Symm U ) U u U = U u U
(Par Symm T ) T t T = T t T
(Par Assoc Z ) (Z z Z ) z Z = Z z (Z z Z )
(Par Assoc Y ) (Y y Y ) y Y = Y y (Y y Y )
j
j
j
j
_ j
j
0
_
j
0
_
j
1
j
1
j
1
j
1
j
2
2
2
2
j
1
j
2
2
2
j
j
j
1
1
j
2
2
1
j
2
j
1
1
3
3
1
1
j
j
2
2
j
j
3
3
2V@ g
3.4
x
(Par Assoc U )
(Par Assoc T )
(Par Strict Z )
(Par Strict Y )
(Par Strict U )
(Par Strict T )
29
(U u U ) u U = U u (U u U )
(T t T ) t T = T t (T t T )
Z Z = Z zZ Z zZ
Y Y = Y yY Y yY
U U = U uU U uU
T T = T tT T tT
1
j
1
j
2
1
2
1
1
1
j
2
3
j
3
)
)
2
)
2
j
j
1
1
3
j
3
j
2
j
3
j
2
2
3
3
2
3
j
2
2
3
j
1
j
j
1
1
)
2
1
3
j
3
j
3
U %7Xj+ 2f= t ( t cT cB~%7` e { Bcdj ~$
U %7
x3.4
j
q j. 3)"
B *70 ETS-MTc { B typing rules U B ~ 7 T]b {c J K `Y-? P (- W c
{>dNb{q WXc n J K typing environment T]JK
~ ; Z+ uYk ` c cB - s n : T nk : Tk ! n nk 4=hr c R
t m ~ dom(;) Z +U Rt m6'c h-T] wc J K ~ Z + ETS-MTc { judgement ]` ^ ( (1). ; ` } Z + ; 4T] aSc J K n ; c Rt m =h -
(2). ; ` n : T Z + b { J K ; Rt m n Y T (3). ; ` M : W Z + b { J K ; M Y W (4). ; ` P : T Z + b { J K ; ? P Y T ETS-MTc { Bk `U B 3 't ]n3
1
1
||a5 JK(Rtm { B
(Env Empty)
(Env Intro)
(ET Name)
1
;
` }
n dom(;)
; n : T
; n : T
; n : T n : T
` }
62
` }
` }
`
|a5 { B
(ET Empty)
(ET Cap Mbl)
(ET Cap Imm)
(ET Open)
;
` }
; :
; n : T M in n out n
; M :y t
; n : T M in n out n
; M:
t
; n : UT]
; open n :
t (T t )
`
;
`
2 f
`
`
g
1
;
2 f
`
_
g
1
;
`
`
_
1
j
;
Dh Y$2VOL
30
;
(ET Co-open)
; open : ]
; M :W ; M :W
; M : M : W (W )
`
(ET Path)
` }
_
`
1
1
;
`
1
`
1
2
2
1
2
2
|$a5 ? { B
(ET Inact)
(ET Act)
(ET Par)
(ET Repl)
(ET Res)
(ET Amb)
(ET Sub)
;
; 0:
; M : W ; P : T W(T ) =
; M : P : W (T)
; P :T ; Q:T T tT =
; P Q:T tT
; P : T T t T =
; !P : T t T
; n : T P : T
; (n : T )P : T
; n : T ; P : T
; nP ] :
; P :T T T
; P :T
` }
`
_
0
`
`
6
?
`
`
`
1
`
`
2
j
1
j
6
`
1
j
j
2
6
?
2
?
j
1
`
`
2
1
`
2
`
`
_
`
1
1
`
0
2
2
y @ = t jt ( ~ `> Km y @ W(T) W (W ) c$ ~ ETS-MTc { B f
`E$Q
7o Tn3 .ec& ] B =r , -~ 9 d J K Rt m hX Fot B{+9JKn ]n'J Rt mc
o "n3e Xc s = b c{ &\ ] c# Y~ `>
-s cn'T3T]wQ~ ; ^Y;;@c4 Z t ; UeX;@3:
Xn m Y;% Z nJ Y; y in ( out a T 0Y; _ in ( out ; @ open ( open
c[k EDB+N~B O>d#{ P : T gD? open : P c
7Fby@s!.?zs!T]0Y;y @ open 7Fby@s!6 ? P Y
T l 4n ] b4? open : P cV. 4 _ 8 4 T n open : P : _ T] z 4 ; @ open c { 4 _ ; ] !7 #{ P : T gD? open n : P c 4 +$
open n y@n ] W" ) ' Rt n c L. Y ED - s UT ] :7Fb y @ ) ' 6 n 7/c? P : T (? P a~2!n-?c4 T jt T % open n 23T]0
Y; c ; @ l 4 open n : P c sL4 _ t (T jt T ) z 4 7 Rt n c 4 UT ] c.
`; @ open n c { 4 _ t (T jt ; ) 9 6- M : M M : W M : W c47~ `> W Tm~`> W `$c~`> W (W ) Bcot n3b +? c - Y&Jy? 0 c 4 Q c9 t _ W 2; @ M : P c ~64 ? Tg cwQ`$2f = jt ~
a~ (F . s =c - Y &Oc - Y r~ + X "c&- c Rts = L. R4
Rt mc ( ; n ?c T } % 'n X Rt c>7 :'n s !; @c Y;
0
1
1
1
1
0
0
0
0
1
0
0
0
1
1
0
2
1
1
2
2
1
1
2
2
2V@ g!ejWi<
3.5
x
31
%(p Q`Y v}l 4 T]-Rt c 4 _ 9 6? n ] & B
?!/I
3P ~K { B h ~` ]` -L n { B`$c? # 3 c
0
r 3.3 (Validity) 1w ; P : T '# T = `
6
?
* 3P ; P : T c-Y~ ]3 B (ET Act) (ET Par) ( (ET Repl)
c. n'n` `
7 ETS-MT3PB (ET Par) ( (ET Repl) n]hk>7&]a] ~c open ;
@a2!B?30 ck ! open open : P open : Q `40?
]`T] &Xj ETS-MT Bc$ ~
7 ; = n : UnTn] m : Um B ; in m : in n : open n : y t t t (Tn t ) V%
m c4TQh ?Fbl4 open m 7 ; `30cL n YED
l4 n 0] Q30cl4G &Z 0 c /I4 n c Un Tn] Q T3X n Y ED Rt n c? L. v s !T] open ; @ % U T s? 0
G >$ j
1
`
_
_
q j. 3)"x+
x3.5
1
_
1
j
;
0
~ / n ,0
B * N dj~K ETS-MT { Bc & T } % subject reduction nk ; ` P : T
: P ;! Q, zW ; ` Q : T : T T { 3.9 > d 7~K % 7 3.1 3.2 (T n c c
$~dj-s?c rn 3.8 j65dj { Bc & T }% {
3.9 7 ; ` J Z+aa]`t{jT ; ` } ; ` M : W aT ; ` P : T ~ fn(J) Z+
J n 4 M Q n 4 P h c)m 0
r 3.4
0
1w ; n : T J '# n dom(;) `
62
* zB (Env Intro) X7JKE~c% L Bc. 9d+qn
mcm+3hFc l47qnB -Yc-LJ Kcm+ hX F h
r 3.5 (Implied judgement) 1w ; ; J '# ;
1
2
`
1
` }
* ; cc]Q?! }
k ; = zWn' (Env Empty) n` "
k ; = ; n : T n ; n : T ; J }#i ;
n dom(; ) " ~ (Env Intro) n` ; n : T
n ;
1
` }
1
1
62
0
0
1
1
2
0
0
1
1
`
` }
1
0
1
` }
n 3.4 i
` }
r 3.6 (Strengthening) 1w ; n : T J - n fn(J) '# ; J `
62
`
Dh Y$2VOL
32
* n fn(J) n J cq&Om O m $` J h h n U L 7
; n : T J c - Y n : T hX? $ ~l 4n r~L c & `$ ; J 62
`
`
r 3.7 (Weakening) 1w ; J - n dom(;) '# E n : T J `
62
`
* > d ; J " ~n 3.5 i ; 5" ~ (Env Intro) n` ; n : T
c $~ $ ~ ; J r c Bn ] `$ ; n : T J `
` }
`
` }
74
`
r 3.8 (Subject congruence) 1w ; P : T - P Q s ; Q : T `
`
n 3.8 cdj u K B 1 r 3.9 (Subject reduction) 1w ; P : T - P
`
;!
Q, '# ; Q : T - T
`
0
0
T
{ 3.9 cdj u K B 1 x3.6
B d q j: %
{ B b +q - c { T3&Z c>7 { B
h GS b T] ?Yc~ %B * b T] 7 b { - J K `` J Rt( ?
9cf a dj Lf caS%()>%
a ab {c - J K ; ;
t f M Rt m n ( ? P c f 3
]~ Type(; M) Type(; n) ( Type(; P ) Z + r { d k `
` }
(Type Name)
(Type Empty)
(Type In)
(Type Co-in)
(Type Out)
(Type Co-out)
(Type Open)
(Type Co-open)
(Type Path)
(Type Inact)
T ype((; n : T ; ) n) = T
0
00
T ype(; ) =
Type(; n) = T
T ype(; in n) = y t
Type(; n) = T
T ype(; in n) =
t
Type(; n) = T
T ype(; out n) = y t
Type(; n) = T
T ype(; out n) =
t
Type(; n) = UT ]
T ype(; open n) =
t (T t )
;
1
_
;
1
1
_
1
_
;
;
1
;
j
;
T ype(; open) = ]
T ype(; M) = W T ype(; M ) = W
Type(; M : M ) = W(W )
_
1
;
0
0
T ype(; 0) =
_
0
0
0
3.6
x
oU2VJ"
(Type Act)
(Type Par)
(Type Repl)
(Type Res)
(Type Amb)
33
Type(; M) = W Type(; P ) = T W(T) =
T ype(; M : P ) = W (T)
Type(; P ) = T Type(; P ) = T T t T =
T ype(; P P ) = T t T
Type(; P ) = T T t T =
T ype(; ! P) = T t T
Type((; n : Tn ) P ) = T
Type(; (n : Tn )P) = T
Type(; n) = Tn Type(; P ) = T T Tn
T ype(; nP] ) =
6
0
j
j
0
0
6
j
j
0
6
?
?
0
?
j
_
0
f n ]t f- c Rt m ( ? E _ f 7! M n a P ~0"kG ~Kf `- BZ +! 3 0 c
~Kfc{dcB~_ { Bc;hh j(7 (Type Amb) c T Tn K + (ET Sub) B f caS % soundness ()>% completeness ` ec& ] { 9 d r 3.10 )1l
(1). 1w Type(; n) = T '# ; n : T "
(2). 1w Type(; M) = W '# ; M : W "
(3). 1w Type(; P) = T '# ; P : T `
`
`
* fc B?!} `dIn3@;# h`" ~ }#n'`$-L
!3P (Type Amb) +N*$~T7 (ET Sub) r 3.11 GPl
(1). 1w ; n : T '#WBeq n 4h - Type(; n) = T "
(2). 1w ; M : W '#WBeq M 4h - T ype(; M) = W "
(3). 1w ; P : T '#WBeq P 4h - T ype(; P) T `
`
`
* { B? ! } ` d! }#c" ~N~ $ %7 3.1 (% 7 3.2 ~]3!c (Dot Strict T ) ( (Par Strict T ) ~K&]{n]- Lk `7 ETS-MTqY - cRt (?# Y
T] 9 : L 9 a !4 f c- 96E_s~~K{ b f` ?9 c & T} %
T
r 3.12 1w Type(; P) = T - P
;!
Q sWBeq Q 4h - T ype(; Q)
* T ype(; P) = T " ~ { 3.10 ni ; P : T 7 P Q " ~ { 3.9 n`
; Q : T : T T 5" ~ { 3.11 Type(; Q) T l 4 Type(; Q) T `
`
0
0
;!
0
Dh Y$2VOL
34
x3.7
bu
B * b T]0Y;?K *c& Xj ETS-MT7r B ED& ec 7L&T]- P?K* Server h<hK Agent JcQX?K *( K
`)c{d k`
Server = s ! in a : open a : Collect]
Agent = a in s : open : Data]
U#{? Collect ( Data #Y0Y;cQ
>7 *] K kl)2 !I @ 4 K o?K c ?K * s VOW5 o?K4
+>$U T s ?K * L> c T] ~ % T3 0Y;%V % 7h g ED c Z ?K*NFbYY;% cK ]J`QX ?K*c L.Q4Y; c
7 ETS-MT?K*c0Y;%TncED`$0]#{ ; 3T]6,c s : Ts
( a : Ta c -J K :R4 Type(; Data) = Y Type(; Collect) = Y E _ f t f Ts ( Ta ncJtk `
(1) Type(; s) = Ts
\i
(2) Type(; in s) = y t
(1)+(Type In)
(3) Type(; open) = ]
(Type Co-open)
(4) Type(; in s : open) = y t( ] )
(2)(3)+(Type Path)
\i
(5) Type(; Data) = Y
(6) Type(; in s : open : Data) = y Y ]
(4)(5)+(Type Act)
(7) y Y ] Ta
(6)+(Type Amb)
(8) Type(; in a) =
(7)+(Type Co-in)
t
(9) Type(; open a) =
(7)+(Type Open),
t( Y t )
J Ta 4 9 t y Y ]
\i
(10) Type(; Collect) = Y
y Y yY
(11) Type(; open a : Collect) =
(9)(10)+(Type Act)
y Y yY
(12) Type(; in a : open a : Collect) =
(8)(11)+(Type Act)
(13) Type(; ! in a : open a : Collect) = !
(12)+(Type Repl)
(14) ! Ts
(13)+(Type Amb)
4
4
_
1
_
1
_
1
;
1
1
1
2
;
_
_
_
;
1
1
1
1
_
_
1
_
;
1
_
1
j
;
1
_
_
1
2
_
1 (
1j
_
2)
1 (
1j
2)
_
_
( (14) ni?K*Rt s cn]40Y;
7 ` e < P?ch % {GE _ L n] f$0Y;%( Q p % 7?h%< P
cNad
3.7
x
/4
35
R' d Y
B L- -RtE f>7c EDB +0] LB c T | ED Z ETS-MT 0]+ ROAM ?7Fb y @. 6 TD cgK B ETS-MTY,j+c ( {Bn]rB?cY;%(p Q&] H%a g& #+ {B ]'B
LLb+T]t f? (Rt9 cfa~T] &Xj+ ETS-MT7gKF4 Y;Z
c0) %
B Lc-LjV3+*7 ROAM E fc c $~c T3n ]0 h ` m Y q$!u RtE f Z
k SA E f B Lc l @ 4`>< P ROAM ?cKQ % 7 o + N c l Y 5
U5@' MA 8;%h/-9HF fMP B open %#r] MA ;NP?AVm f? S&=D Amtoft 9@
m 33] 8 =1 / / - 9]* 87f Q < %? S- MA 8;% open A8 bUw f #+ Hdf h / %9% 1
" f w i;u &
5
30 ]
36
Dh Y$2VOL
} 7 & X1:;-
B Lb' < P ROAM ?ch Z_!u T ?KQ Z ROAM ?
hZc<P>d+N#$ c- s Zc &dL8 FT| X$ Y d labelled
transition semantics Z BQ ] ? 'n = cn % 4 X$ Y dL. Y
"&dch %
h RtE f X$ Y d c < P l @ N Cardelli ( Gordon c MA c l @ 19, 20] ]
k Levi ( Sangiorgi c SA c l @ 16] h ! >k 19, 16] $ ~c S commitment (
W, outcome c &dE $n T3X$ !*: X$ Y- #+? L n3 #
7W, concretion ">k 20] $~c 7$ hardening relation c&nm+T]
cZTX$Y-c4 ?:0; nYX$c] Q( c; @]Q rU&&
` ~y B L X$ Y d c s = r~6T &B L;h (`T L;h cB ~3 >k
20] MA ch % -L7 ROAM c s~G T>k 20] c / Tn ] Q0 /VV ;@c>7 ROAM c-LXqhN 7X$ Yd c{ d]k oI L?
(Q~`> harness c=~ ?h Z< PcI n3 ;h h [k $ Z4 +F) c RU?c
&Os=6N{dc wDZ c&O s=I) r~G c& (n /JZ +&Om
c=$, T -
=
U
.9% W
x4.1
RtE fc~B %?Y &c n3 n 6, 7v]Rt c; n &cQ n3' T]' Rt ?m!; nU$` RtE fc X$ Y d0 ~ ~ _ CCS ( E fc & (n'gK 4 + 7 ?; n n u &cz&? U63 MA h Z c
< P n mY ROAM c 7$ U, > -wDZ YT* ( P > (~p) P P (~p) P P 4 7W, ! P 4 P n ] ' 5 = cv ]n3 4 ? ? prime P 4 P #L \6 q5c n3 4 d/ residue &Om - ) ~p > / + P ( P r~
c&Om wDZ5 ? P *]zh?RtP 562c &?cvT] 'z
T]\ c wD - ` c \ ` )~Bc =~ %U L ?c = ~% TnL
?wDc ` h c \%h 3P ROAM c n m wD - C
cT*(k `
C : : = (~p) A:P Q
C??
(~p) nP] Q
<a??
20]
h
0
1
00
i
h
0
i
00
0
00
0
00
2 C
h
i
h
i
U&Om-) ~p r~Gc&(:!cW 23 Gc 4F )&R`> n'~ ~p
Z +&Om h- p , p , : : :, pk h- ~p 4 w wD - ) @ () P P { dwD cJ)m 5 Q fn((~p ) P P ) = (fn(P ) fn(P )) ~p A 8f(Pu?\K- 9p58%yF#] 8f p~ 8f-9>&Rsu \K%X,P -9>&-%uXJ
f
f
1
g
2
h
0
i
f g
00
4
h
0
1
6) p~ : T~ &
p
37
0
; f g
0
i
00
g
Ih #"m\d]
38
2 n m wDZ cxc > dwDZ @ T n 3Pq? P Y ; @ A:Q aR
t nQ] c ( Bnn' wD4 () hP i 0 "q? P Q cv T] n wD4 v wD - B!a~ P j Q QnwD4_c-3Th3 L- c x4 "- c x a~ P Q c8wDT" ! P n04 ! P P j ! P z ! P a~ P wD-cx n`$ ! P cw
D - "q P n wD4 C B (n)P cwD - n # Q n c&O #2h (n) 3]/ 7 C
c&Om-) \ax n3 `$ Ly @{ dc (n)C w$)'
wDZ cn 0 b ! ( D c{ d k `
4.1 7$U d}uP >
`a1Q
(Harden Action)
A : P > () A : P 0
(Harden Amb)
nP] > () nP] 0
P C
h
i
h
i
P > (~p) P P
~p fn(Q) =
P Q > (~p) P (P Q)
Q > (~q) Q Q ~q fn(P ) =
(Harden Par 2)
P Q > (~q) Q (P Q )
P > (~p) P P
(Harden Repl)
!P > (~p) P (P !P)
P >C
(Harden Res)
(n)P > (n)C
P >C
(Harden Empty)
:P > C
M : (N : P ) > C
(Harden Path)
(M : N) : P > C
+}N& (n)C `aL6 C = (~p) P P - n ~p (1). 1w n fn(P ) s (n)C = (~p) P (n)P "
(2). 1w n fn(P ) s (a) 1w P = mP ] m = n n fn(P ) s (n)C = (~p) m(n)P ] P "
(b) ls (n)C = (n~p) P P (Harden Par 1)
h
0
00
i
f g\
j
h
h
0
00
i
h
0
0
00
i
4
0
0
h
i
j
i
j
00
00
i
h
0
0
h
h
00
f g\
j
62
0
j
00
i
62 f g
00
i
0
2
0
0
6
1
4
00
62
h
0
i
4
h
0
1
i
00
00
3P ~K{ dh ~f k P > (~p) hP i P B P (~p)(P j P ) `> b U T -L
cdjn 4.4 0
x4.2
00
0
00
B1.9% W xY223!
B *7~ >wDZ c c $~ +* T | ROAM c X$ Y da 7 ` *dj!. >
qK ROAM &dch%
4.2 W09
ROAM \Hx;^la LTS
Label L]3nuP
+}\Hx{ Label nAf I: = Action I:]p(M;^a& LhG=V (P , Q, ) LTS VL P Q LTS \`a1Q
P P 4
2
f g
;!
!ed]##"m\d]('W
4.3
x
39
P > (~p) A:P P fn(A) ~p =
P A (~p)(P P )
P > (~p) nQ] R Q in m Q R > (~r) mS] R
S in n S
~r fn(nQ] ) =
~r ~p =
P (~p~r)(nmS ] Q ] R )
P > (~p) nQ] P Q > (~q) mR] S
R out n R
S out m S
n ~q
P (~p)((~q)(mR ] nS ] ) P )
P > (~p) nQ] R Q open Q R open n R
P (~p)(Q R )
P > (~p) nQ] P Q Q
P (~p)(nQ ] P )
(Trans Cap)
h
0
00
i
\f g
0
;!
(Trans In)
h
0
;!
i
j
0
;!
h
f g\
h
i
0
;!
0
h
0
;!
(Trans Open)
h
i
h
;!
i
0
j
0
;!
0
0
j
0
;!
0
j
0
;!
0
i
0
j
;!
(Trans Amb)
0
j
62 f g
0
;!
0
j
0
i
f g\f g
0
;!
(Trans Out)
00
0
A- Y P A Q Z +? P >7 T z&?ns !; @ A - Y P Q Z +? P
IT];n;@ 6n D4 Q `>~ fn() Z+ hc) m h-
B (Trans In) (Trans Out) ( (Trans Open) ~ ( t & B (Red In) (Red
Out) (Red Open) rs A- Y c n m D +U Bc n3 (Trans Amb) T
g +1 0 - Y 7 Rt ; n U Ts 3 aU G+ 5 o (Red Par) (Red Res) (
(Red Struct) sc X$ YB l47wDZ c{ d U B \ I h !u `
>n 4.7 4.9 ( 4.15 cdj ;!
x4.3
;!
+ !5Y223!x{J n
B * N) ' X$ Y d( 9( n mc & d jch % dj vu_9 h " gK+ r c? = ~ % Q$` `>]X$ Y d4c $? !c?h %< P-L
& dL '* B *c TZ /djn 34 & ]n3o Tn3 " ~n 4.4 4.5 dj & d6,X$ Y d p 4.6 o "n3 > d dj+ n 4.7 4.9 4.15 nX$ Y dL o _
(Red Par) (Red Res) ( (Red Struct) q1 0 c?; n &c X4dj+ X$ Y d6, & d p 4.16 9 6B *0 - p 4.6 4.16 `&| dr= hc-L
{ 4.17 r 4.3 1w P Q '# fn(P ) = fn(Q) * , -c{d?! }` d 4(J
r 4.4 1w P > (~p) P P s P (~p)(P P ) 0
h
i
00
0
j
* P > (~p) P P c-Y?!} (Harden Action)(Harden Amb) n'ni#'*
h
0
i
00
00
Ih #"m\d]
40
(Harden Par 1) 4 P = P Q P > (~p) P P P = P Q : ~p fn(Q) = }#i P (~p)(P P ) l 4 P = P Q (~p)(P P ) Q (~p)(P P ) !
o"7-s ~p fn(Q) = 9d #'*
(Harden Par 2) - (Harden Par 1) ni#'* (Harden Repl) 4 P =!P P > (~p) P P : P = P !P }#i P (~p)(P
P ) eX n 4.3 i fn(P ) = fn((~p)(P P )) l 4 ~p fn(P ) = 4" ~ (Struct
Res Par) ni P =!P P !P (~p)(P P ) !P (~p)(P (P !P )) = (~p)(P P ) #'*
(Harden Res) 4 P = (n)P P > (~p ) P P n ~p : (~p) P P =
(n)((~p ) P P ) }#i P (~p )(P P ) l 4 P = (n)P (n)(~p )(P
P ) (~p )(n)(P P ) ` e n ( P k P cZ3 @;{L (1). q n fn(P ) B (n)((~p ) P P ) = (~p ) P (n)P n p~ = ~p P = P :
P = (n)P % P (~p )(n)(P P ) (~p )(P (n)P ) = (~p)(P P ) #
'*
(2). q n fn(P ) B (a) q P = mP ] m = n n fn(P ) B (n)((~p ) P P ) = (~p ) m(n)P ] P
n ~p = p~ P = m(n)P ] : P = P % P (~p )(n)(P P )
j
1
0
1
00
j
j
1
h
1
1
0
1
1
1
1
1
j
1
j
1
0
h
1
h
1
00
1
0
1
j
f g \
j
1
0
0
1
1
1
00
j
62 f
00
j
j
1
0
1
1g
0
h
00
j
0
j
1
1
0
00
i
1
1
00
j
0
1
j
1
00
1
00
j
0
h
1
1
1
j
0
00
i
00
i
1
1
1
1
00
j
0
0
62
j
00
f g\
00
1
00
00
1
1
1
00
00
1
1
0
0
1
j
0
00
i
00
1
00
i
0
1
00
0
h
1
1
1
00
1
1
1
00
i
j
1
1
f g\
00
0
h
1
1
1
00
i
0
1
1
0
1
1
00
j
0
1
0
1
j
00
0
2
0
0
1
2
6
00
62
0
1
1
1
0
00
0
h
1
00
i
00
2
1
1
1
0
h
0
1
1
00
j
00
i
2
1
1
(~p )(((n)P ) P ) = (~p )(((n)mP ] ) P ) (~p)(m(n)P ] P ) = (~p)(P
P ) #'* (b) : B (n)((~p ) P P ) = (n ~p ) P P n p~ = n ~p P = P :
P = P #n''* (Harden Empty) :P P ` i (Harden Path) M:(N:P) (M:N):P `i ] ~ qn@;c 3P ni -L'* 0
1
00
j
1
0
1
1
00
j
2
1
0
00
j
2
0
1
j
00
1
00
h
0
1
i
00
1
1
h
0
1
i
00
f
1
g 0
1
0
1
00
1
r 4.5 1w P
A
- fn(A) ~p = \f g
;!
Q sVq P P y ~p "* P
0
00
(~p)(A:P P ) Q = (~p)(P P )
0
j
00
0
j
00
* P A Q z B (Trans Cap) `$ l 4 P > (~p) A:P P Q = (~p)(P P ) : fn(A) ~p = n 4.4 i P (~p)(A:P P ) ;!
0
j
00
0
h
\f g
0
j
i
00
00
7n 4.4 4.5 cc$~X$Yd c{d `n3Tn O' rs c-s
Z? Tl $? TO4 & d qN Fc-sU La ,X$ Y d q`c - Y
Z `n`$ rs c & Z
4> 4.6 1w P P s P P * P P c-Y?!} ;!
0
;!
0
0
;!
(Trans In) 4 P > (~p) nQ] R Q in m Q R > (~r) mS] R S in n S ~r fn(nQ] ) =
~r
~p = : P = (~p ~r)(nmS ] Q ] R ) n 4.4 ni P (~p)(nQ] R) R (~r)(mS] R ) "5" ~n 4.5 n` Q (~q)(in m:Q Q ) Q (~q)(Q Q ) h
f g \f g
j
0
0
i
0
;!
0
j
h
0
j
0
i
0
;!
0
f g\
1
j
2
0
j
1
j
2
4.3
x
!ed]##"m\d]('W
41
q~ S (~s)(in n:S S ) S (~s)(S S ) n ~s ~q ~s ` 4 &O
mh, ~q fn(mS] ) = ~s fn(nQ] ) = 0-]~! (Struct Res
Par) c$ ~ ~r fn(nQ] ) = ~q fn(mS] ) = ~s fn(nQ] ) = 9d P
(~p)(n(~q)(in m:Q Q )] (~r)(m(~s)(in n:S S )] R ))
(~p~r)((~q~s)(n in m:Q Q ] min n:S S ] ) R )
(~p~r)((~q~s)(nQ Q mS S ] ] ) R )
(~p~r)(n(~q)(Q Q ) m(~s)(S S )] ] R )
(~p~r)(nmS ] Q ] R )
= P
4ni#'* (Trans Out)(Trans Open) r~_ (Trans In) c &ni#'* 4(J (Trans Amb) 4 P > (~p) nQ] R Q Q : P (~p)(nQ ] R) }#i
Q
Q 2 n 4.4 i P (~p)(nQ] R) l 4 P (~p)(nQ] R)
(~p)(nQ ]
R) P #'* ] ~ qn@;c 3P ni -L'* m
62 f g
j
1
f g\
0
2
j
1
1
;!
1
j
1
0
j
2
0
j
f g\
j
1
j
2
j
2
62 f g
2
j
2
j
1
f g\
f g\
1
1
j
j
1
j
0
j
2
j
2
0
0
j
2
j
j
f g\
0
j
2
0
j
0
h
i
0
;!
0
;!
0
0
j
j
j
0
;!
j
0
] ~dj+h % c T0` e7dj?c X$ Y ?a ~n 4.7 &On 4.9 k - s n 4.15 9 c c $~ djh % c6T0 p 4.16 r 4.7 1w P
;!
Q s P R j
;!
0
00
Q R
j
* P Q c96Tl- Y$ ~c B@Q 3P k`
(Trans Cap) 4 P > (~p) A:P P Q = (~p)(P P ) fn(A) ~p = : = A p~ 4&Om - ) l 4 h, ~p fn(R) = " ~ (Harden Par 1) n` P R >
(~p) A:P (P R) 5 (Trans Cap) ` P R A (~p)(P (P R)) Q R -L'
*
(Trans In) 4 P > (~p) nP ] P P in m P P > (~r) mP ] P P in n P ~r fn(nP ] ) = ~r ~p = Q = (~p ~r)(nmP ] P ] P ) : = Lh, ( ~p ~r ) fn(R) = " ~ (Harden Par 1) n` P R > (~p) nP ] (P R) _n
` P R > (~r) mP ] (P R) 5 (Trans In) ` P R (~p~r)(nmP ] P ] (P
R)) Q R -L'* (Trans Out)(Trans Open) r~_ (Trans In) c &ni-L'* 4(J (Trans Amb) r~ _ (Trans Cap) c & ni-L'* 4(J ] ~ qn@;c 3P ni -L'* ;!
h
i
0
f g \
0
h
00
i
j
f g\
f g f g
2
1
1
i
f g\f g
\
2
1
h
3
i
0
;!
0
h
2
1
0
00
j
j
3
0
1
j
0
j
* P
;!
;!
;!
Q '# fn() fn(Q) fn(P) Q c - Y? ! } a " ~n 4.4 ` d 4(J r 4.9 1w P
* P
;!
;!
Q - n fn() s (n)P 62
Q c - Y ? ! } ;!
(n)Q j
0
i
0
;!
3
2
3
0
j
r 4.8 1w P
2
h
j
j
3
j
2
j
;!
j
\ f g
j
h
00
j
1
i
2
j
0
3
j
0
1
j
0
2
j
Ih #"m\d]
42
(Trans Cap) 4 P > (~p) A:P P Q = (~p)(P P ) fn(A) ~p = : = A ~p 4&Om-)l4 h, n ~p ]`3&@;{L
(1). q n fn(A:P ) B (n)P > (n)((~p) A:P P ) = (~p) A:P (n)P " ~ (Trans
Cap) ` (n)P A (~p)(P (n)P ) (n)Q #'* "
(2). q n fn(A:P ) B (n)P > (n)((~p) A:P P ) = (n~p) A:P P n fn()
"~ (Trans Cap) ` (n)P A (n ~p)(P P ) (n)Q #'*
(Trans In) 4 P > (~p) n P ] P P in m P P > (~r) mP ] P P in n P ~r fn(n P ] ) = ~r ~p = Q = (~p~r)(n mP ] P ] P ) : = Lh, n ~p ~r ]`3 @;{L (1). q n fn(n P ] ) B (n)P > (~p) n P ] (n)P 3 @;{L (a) q n fn(mP ] ) B (n)P > (~r) mP ] (n)P (Trans In) ` (n)P (~p~r)(n mP ] P ] (n)P ) (n)Q -s N~ $ n 4.8 #'* "
(b) q n fn(mP ] ) n = m : n fn(P ) B (n)P > (~r) m(n)P ] P }
#i (n)P in n P (n)P (Trans In) ` (n)P (~p~r)(n mP ]
P ] P ) (n)Q - s N~ $ n 4.8 #'* "
(c) : B (n)P > (n ~r) mP ] P n'" ~ (Trans In) n` (n)P (~p n~r)
(n mP ] P ] P ) (n)Q #'* "
(2). q n fn(n P ] n = n : n fn(P ) B (n)P > (~p) n (n)P ] P _@;
(1).(b) ni (n)P (n)Q #'* (3). : B (n)P > (n~p) n P ] P _@; (1).(c) ni (n)P (n)Q #'* (Trans Out)(Trans Open) r~_ (Trans In) c &` i#'* 4(J
(Trans Amb) r~_ (Trans Cap) c &` i#'* 4(J ] ~ qn@;c 3P ni -L'* 0
h
00
i
0
00
j
\f g
62 f g
0
62
0
;!
00
j
0
;!
h
f g\
0
1
0
h
0
i
1
2
f g\f g
00
i
0
h
00
i
0
2
0
h
00
j
00
i
62
h
2
1
0
0
h
0
;!
1
00
i
0
3
0
j
1
3
i
0
0
3
2
;!
0
3
0
j
2
62 f g f g
0
62
62
3
0
0
2
0
0
j
1
2
3
0
j
3
i
0
;!
2
0
2
h
2
0
h
2
0
0
j
3
0
2
3
3
i
0
;!
3
0
2
00
3
j
2
0
2
62
00
;!
i
h
6
3
0
0
1
2
j
3
1
0
h
1
1
0
j
i
0
;!
2
2
0
6
1
3
62
h
2
0
1
i
2
;!
0
h
i
1
;!
2
dj & d(X$ Y d h % c6 T0n &d 3 X$ Y d +N
?c&? !3PnB (Red Struct) 4+dj?Y_c wD (X$
Y n 4.14 (n 4.15 > dn m ` e h ~c wDZ c{ d(rs c
T n
M
4.10 )"
(1).
(2).
(3).
(4).
M
4\d}uP, > -`a1Q
> "
M > M: 1w M Action "
M:N > A:(M :N) 1w M > A:M "
M:N > N 1w M > - N > N 2
0
0
0
0
r 4.11 1w M:P > C sFhQ#w]Q
(1). M > A:N C = () A:P 0 - P N:P "
(2). M = - P > C h
0
i
0
* M:P > C c-Y?!} `d 4(J !ed]##"m\d]('W
4.3
x
43
r 4.12 1w M > A:M s M:P > () A:P 0 +} P
0
0
h
i
0
M :P 0
* M > A:M c-Y? ! }` d4(J
0
r 4.13 1w M > - P > C s M:P > C * M > eX{d 4.10 `i M = "~ (Harden Empty) n` M:P > C 2
` ec n 4.14 dj n 4.15 | Ndj $ 4 i\ y^ cdj u K B
P
r 4.14 1w P
1
Q P
1
2
Q Q - Q > (~q) Q Q sVq P P "* P > (~q) P P h
1i
2
1
h
2
1i
2
2
* dju KB 2 r 4.15 1w P Q - Q
;!
Q sVq P "* P P - P
0
0
0
;!
0
Q 0
* Q Q c-Y? ! }
(Trans Cap) 4 Q > (~r) A:Q Q = A Q = (~r)(Q Q ) : fn(A) ~p = n 4.14 i >7 P P R4 P > (~r) P P P Q : P Q 5"~ (Trans
Cap) n` P A (~r)(P P ) 7 P = (~r)(P P ) ` i P Q #'* (Trans In) 4 Q > (~r ) nQ ] Q Q in m Q Q > (~r ) mQ ] Q Q in n Q ~r fn(nQ ] ) = ~r
~r = = : Q = (~r ~r )(nmQ ] Q ] Q ) n 4.14 i >7 P P $` P > (~r ) nP ] P P Q : P Q e X }#i >
7 P $` P in m P : P Q ni>7 P P ( P $` P > (~r ) mP ] P P Q P Q P in n P : P Q n 4.3 i fn(nP ] ) = fn(nQ ] ) l 4
~r fn(nP ] ) = 7 P = (~r ~r )(nmP ] P ] P ) ` i P Q (Trans In)
i P P #'*
(Trans Out)(Trans Open)(Trans I/O) r~ _ (Trans In) c 3P` i#'* 4(J
(Trans Amb) 4 Q > (~r) nQ ] Q Q Q : Q = (~r)(nQ ] Q ) n 4.14
i>7 P P $` P > (~r) nP ] P P Q : P Q 5}#i>7 P
$` P P : P Q 7 P = (~r)(nP ] P ) ` i P Q % (Trans Amb)
n` P P l4#'*
] ~ qn@;c 3P ni -L'* ;!
0
h
1
1
1
2g
\
1
f
1
0
1
1
3
f
2g
3
4
\
j
2
h
i
1
2g
0
0
1
1
\f
1g
0
h
1
i
2
1
1
3
0
0
3
3
1
0
3
2
4
0
j
1
2
3
0
j
2
j
3
0
1
j
0
3
4
2
h
1
3
0
;!
3
2
0
4
i
3
2
1
2
0
h
2
0
4
3
i
4
1
0
0
1
1
i
h
2
;!
;!
2
1
2
2
0
;!
\f g
2
1
0
0
1
h
1
1
1
j
j
1
2
0
;!
3
1i
1
2
1
4
1
;!
h
0
2
;!
0
2
2
;!
f
1i
0
0
1
1
1
0
2
i
0
;!
1
2
1
0
0
1
1
0
0
1
1
j
2
j
1
2
2
0
2
0
1
0
0
4> 4.16 1w P P s P P * P P c-Y? ! }
;!
;!
0
;!
0
0
(Red In) 4 P = min n:P P ] n in m:Q Q ] : P = nmP P ] Q Q ] e X wD
Z(X$ Y d c{ d"~ (Trans In) ` i P nmP P ] Q Q ] 0 P #'*
(Red Out)(Red Open) r~_ (Trans In) c &` i#'* 4(J 1
j
2
j
1
j
2
0
;!
1
j
2
j
1
j
2
1
j
2
j
1
j
2
j
0
Ih #"m\d]
44
(Red Res) 4 P = (n)P P = (n)P : P
P }#i P P n >
7 Q $` P Q : Q P n fn() = " ~n 4.9 ` (n)P (n)Q %
(n)Q (n)P l 4 (n)P (n)P #'* (Red Amb) 4 P = nP ] P = nP ] : P
P }#i P P n >7
Q $` P Q : Q P e X (Harden Amb) ni nP ] > () nP ] 0 " ~ (Trans
Amb) n` nP ] nQ] 0 % nQ] 0 nP ] q ] nP ] nP ] #'* (Red Par) 4 P = P P P = P P : P
P }#i P P n >7
Q $` P Q : Q P " ~n 4.7 n` P P Q P % Q P P P q] P P P P #'*
(Red Struct) 4 P P P
P P P }#i P P n>7 Q $`
P Q : Q P n 4.15 i >7 Q $` P Q : Q Q % Q P P q] P P #'*
] ~ qn@;c 3P ni -L'* 0
1
1
;!
0
1
1
;!
1
1
1
j
;!
2
;!
;!
;!
j
2
1
1
1
1
0
;!
j
0
0
1
j
0
1
1
2
1
0
h
0
;!
0
0
1
1
1
j
2
0
1
1
;!
j
;!
0
i
1
0
;!
0
;!
j
2
1
0
1
0
1
0
;!
0
;!
1
1
1
1
;!
;!
1
1
1
2
0
1
0
;!
1
0
j
j
1
;!
1
1
1
0
1
0
;!
0
;!
0
1
1
1
62
1
0
0
1
2
1
0
1
j
2
0
1
0
1
0
0
p 4.6 (p 4.16 nn``e X$ Y d( &d hc-L
r 4.17 yHl P
;!
Q Y-$Y P ;!
Q
* eXp 4.62~T7- s Z( p 4.16 nn`-L
R' d Y
B L c ROAM ?c wDZb + & d hc X$ Y dB Lc Nl @
3 X$ Y d c{ d( & d h % cdj ]9 d&d { d c T } %]k`>c X$ Y d c l @ L n ~ & dB L X$ Y d c l @ 4`> ?ch %
< PF ` + c $ } T & zI m5 9
B L7 ROAM X$ Y d c c $~ < P+{& ] ROAM ?hc T*&B L
c<P+4c -Lc~ `> h contextual equivalence nk&]?hB
( u_ / 7a , ~ `> `$c- 9 'n 3 G G ] c 4 +`${?~ `
> hc &B L < P+ T D c~ `>a vz N & ] ? / 7a , D c~ `> f
h G ]B / 7a a c~ `> QhX fG ]U L T (< P? / 7a , ~ `> n
X c@; D4 z < P? / 7U~{c~ `> X c@; B L ROAM h % c < P & # >k 20] MA h % c < P _ >k 20] B
Lc N -L&] > dc T ~Bc~ `>3P `+?j = cqn
@;k&-{ 5.20 !7dj+cc~ `>c?hZh c L~
B~`>c?h Z{ 5.39 'YO{J
x5.1
~ `> h contextual equivalence 3{?hc ~&& ] ? 4 ~ `> h
V:!Vu_?/~7a ,~`>q`c-#'n c observation a barb !z
rc-Uh %c T] u c0?KQ&3 V=2 }d2
@4h{cWX&c5 Af` 4N7 Ef$~0&O^mc
>7 7 MA c&3$~ 9' 0 &O Rt c>7
V % E f ( MA
h7 ROAM a0 q9 ' 0 &O Rt c>7`n ?'n c q U i k gD?
n out m] jV n 40&OT3GL'n $~]W & n #Ya,;@n ]'
5?!&4 n c>73G4'nU ic l4 7 ROAM ?5A& L
N gD ' 0 &O Rt z?n ] s ! c ; @ 7) cB c ; @ ; @ out ( open G
Rt'n ? & !u ; @Bn 'n & VV ! u Q L.4 )c 7h- BarbedAction = in n in n out n open n
Z +z n ~ c ; @ {dw$ P n ( P n Z+ ROAM c'n
8]
5 , 19, 20]
4
#
n)
f
g
j
2 Ng
+
5.1 P
(fn(A)
f
P n
Vq p~ A P P y P "* A BarbedAction p~ = - P (~p)(nA : P P ] P ) n
#
\f g
5.2 P
(Conv Exb)
(Conv Red)
n
+
#
()
1
1
j
2
j
2
3
2
3
P n= P n
P
P - P n= P n
#
;!
)
+
0
0
+
)
+
~ C () Z + T] ?~ `> context u 6, 2 ]T]a*] wQ ~~, () -Z + 7U ~Tmaa ? P q`$c-Q3 T]?~ C(P) Z+t`3a7 P 45
Nh ('W@
46
)cm+n7 (P) ?2{T'&Oml 4 ?~`>c&OmN m6 c- h
"c~ `>
ROAM ?c~ `> h Z, - ]` { db C
5.3 &XM yH C
(P) n
+
() C
P
(Q) n Q
d0`;T% n yR4QN () ()
C
+
~`>hZ cT] N% 73uc % conguence n~`>hc?/ ma ,
~`>`$c- ? Q3~`> hc
5.4 C/$U uP PL]pHjuP1w "*
(1). (+g dP U^\ "
(2). d0` P Q () P Q = (P) (Q) R
R
R
C
R
) C
R C
f V - s Z, -4T] ZL~ `> h ZQ4T Z
4> 5.5 4QN]uPL]HjuP
* n'~`> h Zc{d( Z c{ d` d
r 5.6 1w P Q '# P n= Q
!\IZL,SH
#
)
n
#
s]L 1w P +n '# Q +n -u)p*
* oTn3, -c{d`do "n3 n3P P
#
4> 5.7 1w P Q s P Q * "~~`>hc{ d(n 5.6 `d
n
+
c-Y`$
` e E _V T &Xj~ `> hc{ > dE _ b T ?~ `>h hc& {c&z Nb nG] u_cT]~B~ `>
t 5.8 1w m = n s m open] n open] 6
6
* J~`> () = () (m open] ) = m open] ni (m open] ) m 5 (Conv Exb)
n` (m open] ) m % (n open] ) = n open] m : (n open] ) P l4 (n open] ) m C
+
C
C
C
C
6#
t 5.9 1w m = n s in m
6
6
in
C
#
6;!
C
6+
n
* J~`> () = n()] m in n : out p p out m : open] ] B (in m) p T (in n)
ni in m
C
6
in
j
j
n
C
+
C
p
6+
V%?~`>hc&l4NgDqc~`>dj&ThzWh`+ ]` 3 T] Qcw RtW {G r 5.10 (Coll Garb) n ] 0
)-EPM('&B@
5.2
x
47
* (&<Pc?h ('5 a, =h`$ a ,Rtmc -Qh
a , ~ `> & l 4<J&( / 7a, ~ `>q`$c 3 )O r c eX
~`>hc{ d-L'* t 5.11 (m)n in m : P] 0 " (n)n open : P] 0 h`dj~c&] ?`( Jy?h Uc in m Qn]3 in m out m T
3ak;@3 out m Th'*+
t 5.12 n out m : P m out n : Q] ] nP] mQ] j
j
5.12 GL?(7]WL c~`> m 9 n YU];@LV>dT3N
(DmdjL-LR h zWh`
B L k64 cL* 2 k , ? ! _ F 4?ch % djIb 7 B L o dj?
h%cT*%-L7`TLb T n'{ ?hc{G
x5.2
Oq 'YO {JE 7. 3
~ `> h Z jV3 ?hcT]cB "B T~`> c *L%Y y @&
R$Ic>~ ~ c0] &3h % {ca a~ `> 6V/ ~ z N R4 T
~B~ `> c h %Tb 4 ?h Xj?cU~Bh Z ~`> h
Z c kB * c L c) {T ~{c~ `>## Q~ `>k ! rs ch % {&0]T* ~ `>JK `ch % { B
B *> d { d +Q~ `>(c Q~ `> c?h Z!7 b +? ( a , Q
~ `> = cq@; k &- { 5.20 @ 4 & ] ?3 : YQ~ `> h
ZcNl YQ~`>h( ~ `> hjc r=" Z7`T*? !dj
x5.2.1 Np &XM yH
&XM
>k 20] b + MA ?h Z c T -L !$ ~ + c Np
harness c?hZa djQ~`>h~ `> h3T]Z7 ROAM E_r~+
MA _c&dj>k 20] Q~`>L ROAM XL6~
Q~ `>4T ~Bc~ `>uz10T m?!u? tcB c6-Z
&Oa~((Rt ;n!~=$, ; -Z+T]Q~ `> ?c Tm ~ Q~
`>T*~ H Z + { d k `
H ::=
;
>
>
>
>
>
>
>
>
>
>
(n)H >
>P H>
>H Q>
> nH]
j
j
~ H(P) Z + P T m H ~q`c- f V L - 4T]- c? Q
~`>Q{d_cJ)m 5Q fn(H) 6' P _n{d H H H ;! H H > C H ;! H hZh 7 +N "n h ?cm &~ H K k 0
0
P H H P
j
j
0
Nh ('W@
48
P
;!
Q= P H
)
j
Q H
;!
j
nH] > () nH] 0
h
in
i
n : P H in n P H
j
;!
j
?c~ `>( Q~ `>+N > ]` &sXj (1). () c ~ ] Q hn% H :z T] ~ "
(2). () h4 +( H c F 4 % { H c&Om h 7? T m m+ f
`n H c&Omn? ! a aO m c Q~ `>_{ d ?cQ~ `> h Z k `
C
C
5.13 Np &XM yH PR P Q X4QN] 1wd0` H y n h
H(P ) n
H(Q) n -L P Q +
()
+
'
Np&XMyHv x5.2.2
Q~`>h Z c{ &7 H(P) n c3PQT3 H(P ) nc&- c
3P% H(P) c &- 3PNE (P ) c &- 3P Q` *
6 ROAM c X$ Y d H(P ) R c 3P n ] D4 H(P ) R c 3P%
X$ Y d { d 7 wDZ j~ l 4 >dN3P cT3 H(P ) nc wD - +
C
;!
;!
r 5.14 1w H(P ) > (~p) P P '#_Qw]Q
(1). H > (~p) nH ] P - P = nH (P)] "
(2). H > (~p) P H - P = H (P) "
(3). P > (~p) P P H
R P P R - ~p fn(R) = h
0
h
h
1i
h
1i
i
2
1i
2
0
1
0
0
2
0
; j
2
0
j
f g\
* H(P) > (~p) P P c-Y? ! }
(Harden Action) 4 H(P ) = A : Q A Action : (~p) P P = () A : Q 0 Q
~ `> c{ d ni H(P ) = A : Q zn H = P = A : Q `$ 3 P = A : Q >
() A : Q 0 7 R = 0 ot@;'* (Harden Amb) 4 H(P ) = nQ] : (~p) P P = () nQ] 0 H(P) = nQ] zn) `
/@;
H = : P = nQ] 4 P > (~p) P P J R = 0 n ot@;'* H = nH ] : Q = H P ] 4 H > () nH ] 0 : P = nQ] = nH (P)] J P = 0
n o T @;'* (Harden Par 1) 4 H(P ) = Q Q Q > (~p) P P P = P Q : ~p fn(Q ) = Q~`>c{d ni H(P ) = Q Q zn)` /@;
H = : P = Q Q 4 P > (~p) P P J R = 0 n ot@;'* H = H Q : Q = H (P ) 4 H (P) > (~p) P P }#i L ` /
@;jT'* h
1i
2
2
h
1i
h
2
i
;
h
i
h
0
h
1i
0
j
2
1
1
j
2
j
1
j
0
i
1i
0
1
3
2
3
2
h
2
1
i
2
h
1
1
;
h
h
1
2
;
1i
1
1i
2
h
1i
3
j
2
f g\
2
2
5.2
x
)-EPM('&B@
49
{ H > (~p) nH ] P : P = nH (P)] 4 ~p fn(Q ) = ni H >
(~p) nH ] (P Q ) n H > (~p) nH ] P J H = H n -Lco T
@;'*
{ H > (~p) P H : P = H (P) 4 ~p fn(Q ) = ni H > (~p) P (H
Q ) : P = P Q = H (P) Q J H = H Q n -Lco " @;'* { P > (~p) P P H =
R P = P R : ~p fn(R ) = 4
H =H Q =
R Q P = P Q = P R Q : ~p fn(R Q ) = J R = R R n-Lcot@;'* H = Q H : Q = H (P) 4 ~p fn(Q ) = ni ~p fn(H ) = $
~ (Harden Par 1) n` H > (~p) P (P H ) : P = P Q = P H (P) 7
H = P H n -Lco " @;'* (Harden Par 2) r~_ (Harden Par 2) c3P nd 4(J
(Harden Res) 4 H(P ) = (m)Q Q > (~q) Q Q : (~p) P P = (m)(~q) Q Q > d H(P ) = (m)Q ni m fn(H(P )) % fn(P ) fn(H(P)) l 4 m fn(P) E _gD H(P) = (m)Q c> f Vk H = BJ R = 0 niot@;'* ":
B H = (m)H : Q = H (P) `eeX C = (m)(~q) Q Q 7h@;`cJt
0
h
2
h
j
1
1
j
0
;
j
0
2
3
0
j
2
0
1
2
j
3
j
h
0
1i
1
j
2
0
j
0
2
2
0
3
0
0
j
0
f g \
j
0
f g\
2
j
2
2
2
j
2
1
2
f g \
2
h
0
i
2
0
f g\
j
1
; j
j
0
1
0
1
1
2
0
2
0
0
h
3
j
1i
f g \
1
2
1
3
0
1
0
1i
2
3
j
3
h
i
1
i
1
1
0
h
1
1i
j
3
2
2
f g \
2
j
3
2
2
3
j
2
2
h
1i
h
2
62
1i
h
2
1i
2
62
;
1
h
1
1i
2
T3P
m 62 fn(Q ) 4 C = (~
q) hQ i (m)Q = (~p) hP i P l 4 p~ = ~q P = Q :
P = (m)Q 4 H (P ) = Q > (~p) hP i Q }#ni L ]` @;j T
'*
{ H > (~p) hnH ]i Q : nH (P)] = P 4 m 62 fn(Q ) = fn(P ) =
fn(nH (P )] ) l 4 H = (m)H > (m)(~p) hnH ]i Q = (~p) hnH ]i (m)Q =
(~p) hnH ]i P 5 e X P = nH (P )] 7 H = H ni-Lco T @;'* { H > (~p) hP i H : Q = H (P ) 4 H > (m)(~p) hP i H = (~p) hP i (m)H
: P = (m)Q = (m)H (P) 7 H = (m)H n-Lco"@;'* { P > (~p) hP i P H ; j R Q = P j R : f~pg \ fn(R ) = e X
m 62 fn(P ) f~pg ]k P > (~p) hP i P ni m 62 fn(P ) l 4 P = (m)Q (m)(P j R ) P j (m)R 2 H = (m)H (m)( ; j R ) ; j (m)R :
f~
pg \ fn((m)R ) = l 4J R = (m)R ni -Lcot@;'* Q = m Q ] m 2 fn(Q ) m 6= m : m 62 fn(Q ) 4 C = (~
q) hm (m)Q ]i Q =
(~p) hP i P l4 ~p = ~q P = m (m)Q ] : P = Q 4 H (P) = Q >
(~q) hQ i Q = (~p) hm Q ]i P }#ni L ]` @;j T '* { H > (~p) hnH ]i P : nH (P)] = m Q ] 4 n = m : Q = H (P ) m 2 fn(Q ) m 62 fn(P) ni m 2 fn(H ) 3 a $ m 62 fn(Q ) = fn(P )
( m 6= m = n l 4 H = (m)H > (m)(~p) hnH ]i P = (~p) hn(m)H ]i P :
P = m (m)Q ] = n(m)H (P)] 7 H = (m)H ni-Lco T @;'* { H > (~p) hm Q ]i H : P = H (P) m 62 fn(Q ) = fn(P ) = fn(H (P))
ni m 62 fn(H ) l 4 H > (m)(~p) hm Q ]i H = (~p) hm (m)Q ]i H =
(~p) hP i H 5 e X P = H (P ) 7 H = H n -Lco " @;'* 1
1
2
2
2
1
1
0
1
1
0
2
1
2
1
1
0
1
1
2
1
1
1
0
0
0
1
0
0
1
1
0
0
1
0
2
2
0
0
0
1
2
0
1
0
1
1
0
1
0
1
1
1
2
0
2
1
1
0
2
2
1
0
0
2
0
1
0
1
0
0
2
1
0
1
0
2
2
0
1
0
1
2
0
0
1
1
0
1
0
1
0
2
1
0
2
1
0
1
2
0
2
1
0
0
2
0
0
1
0
1
0
1
0
1
0
0
0
0
1
0
2
0
0
0
1
1
1
0
0
1
0
1
0
2
0
1
2
1
0
1
0
2
1
0
1
2
1
0
1
0
1
2
1
1
0
1
1
1
0
1
2
0
1
0
0
1
0
0
1
1
0
2
0
1
0
0
1
1
Nh ('W@
50
R P = P R : ~p fn(R ) = e X
m fn(Q ) m = m ( m ~p ni m fn((~p) m Q ] P ) = fn(P ) U \
i m fn(P ) TAz4L@; h n !u@;n m fn(Q ) : (a) m fn(Q ), (b) Q h3RtaT (c) Q 3Rt
: Q cm+4 m 4 C = (~q m) Q Q = (~p) P P l4 ~p = ~q m P = Q
: P = Q 4 H (P) = Q > (~q) P P }#ni L ]` @;jT '
*
{ H > (~q) nH ] P : nH (P )] = P 4 H = (m)H > (m)(~q) nH ] P 7@; (a) '* m fn(P ) 2 m fn(P ) ( m fn(P ) = fn(nH (P)] )
ni m fn(nH ] ) " Q = nH (P)] @; (b) h'*"k @; (c) '*
B m = n l 47qn@; `# (m)(~q) nH ] P = (~q m) nH ] P =
(~p) nH ] P 5 e X P = nH (P )] 7 H = H ni-Lco T @;'* { H > (~q) P H : P = H (P) 4 (a) m fn(P ) m fn(P ) ni
m fn(H ) " (b) P h 3 T]Rt" (c) P 4Rt :m+ 4 m 5 ~ ~ m fn(P )
ni G L , @; # H > (m)(~q) P H = (~p) P H : P = H (P) 7
H = H n-Lco " @;'* { P > (~q) P P H
R P = P R : ~p fn(R ) = e X m fn(P )
( m ~q ni m fn((~q) P P ) = fn(P) U \ i m fn(P ) T Az 4 L @; h n (Harden Repl)(Harden Empty)(Harden Path) _ (Harden Action) c3P niot@
;'*4(J ] ~ qn@;c 3P ni -L'* { P > (~p) m Q ] P H
0
h
0
0
2
0
i
1
0
6
1
;
1
0
j
0
2
62 f g
0
j
2
0
h
0
f g \
0
i
1
0
62
2
2
1
h
1
2
2
1i
h
1
0
h
1
i
1
0
2
1
h
2
1i
1
1i
2
2
1
i
2
h
1
1i
1
0
2
0
0
0
0
h
2
1
i
2
1
2
1
62
2
2
1
h
0
1
0
1
1
1
1
i
1
0
2
2
0
1
1
0
i
1
0
h
h
0
h
1
62
1
1
1
2
2
0
0
1
1
1
2
2
2
0
1i
h
1
0
1i
2
1
2
0
1
0
1
h
0
1i
62 f g
0
; j
1
2
0
2
h
0
j
0
f g\
0
1i
2
1
62
7n 5.14 cc$~`e3P H(P ) R c`n@; ?Q~`>c=&(!*>d$ ~ ) H P R Z+U =&(cv
T 7 MA r 9 h c =& (6 [ kB m 9 "c 2 7 ROAM =& (E ~ $ ]` c 11 ;!
5.15 H P R
(Inter In) H (~r)H (m
0
Vq H ~r "* ~r fn(P) = -_Qw]Q R ] nR ] ) P in n P R in m R - R (~r)H (nmP R ]
0
()
; j
R ])
j
1
f g\
0
;!
2
2
0
;!
0
2
0
j
1
j
0
2
(Inter Out) H (~r)H (nm
0
; j
R ] R ]) P
1
j
2
out
n P0
;!
R
out
m
;!
2
R -R
0
2
(~r)H (mP
0
0
R ] nR ] )
(Inter Open) H (~r)H ( nR ] ) P open n P R open R - R (~r)H (P R )
(Inter Co-in) H (~r)H (mR ] n R ] ) P in m P R in n R - R (~r)H (nmR ]
P R ])
(Inter Co-out) H (~r)H (nmR ]
R ] ) P out m P R out n R - R (~r)H (mR ]
P R)
(Inter Co-open) H (~r)H (n R ] R ) P open P R open n R - R (~r)H (P R
j
1
2
0
j
j
;!
1
1
j
; j
0
1
;!
2
0
;!
0
1
0
1
;!
0
0
j
1
0
2
0
0
1
j
2
0
; j
0
0
j
0
0
1
j ; j
2
0
;!
1
0
;!
1
0
0
1
j
2
0
; j
1
j
2
;!
0
2
;!
0
2
0
0
j
1
j
5.2
x
)-EPM('&B@
51
R)
2
(Inter Amb In) P > (~p) nQ] P Q in m Q H (~r)H ( mR ] ) R in n R ~p fn(mR ] ) = - R (~r)H ((~p)(mnQ ] R ] P ))
(Inter Amb Co-in) P > (~p) nQ] P Q in m Q H (~r)H ( mR ] ) R in n R ~p fn(mR ] ) = - R (~r)H ((~p)(nmR ] Q ] P ))
(Inter Amb Out 1) P > (~p) nQ] P Q out m Q H (~r)H (m R ] ) R out n R ~p fn(mR ] ) = - R (~r)H ((~p)(nQ ] mP R ] ))
(Inter Amb Out 2) P > (~p) nQ] P Q out m Q P out n P H (~r)H (m R ] ) ~p fn(mR ] ) = - R (~r)H ((~p)(nQ ] mP R ] ))
(Inter Amb Co-open) P > (~p) nQ] P Q open Q H (~r)H ( R ) R open n R ~p fn(R ) = - R (~r)H ((~p)(Q P R ))
h
f g\
1
0
i
1
i
1
1
i
h
f g\
1
i
1
0
0
0
i
0
0
0
00
j
0
j
j
j
1
1
0
;!
1
; j
1
0
;!
1
1
0
j
0
; j
1
0
;!
1
1
0
j
0
1
00
;!
j
0
;!
0
0
j
;!
0
h
f g\
0
j
0
;!
0
0
;
0
j
0
0
0
j
0
;!
0
h
f g\
0
0
0
0
h
f g\
0
;!
0
; j
1
1
0
; j
1
1
;!
0
1
0
1
B *c N a K 3dja a Q~ `> H ( a a ? P c =& (z~K H P R {
d b c 11 { 5.20 ` e> db dj +N~ $c T n r 5.16 1w H(P ) > (~p) nP ] P '#_Qw]Q (1). H > (~p) nH ] P - P = H (P ) "
(2). H > (~p) nP ] H - P = H (P ) "
(3). P > (~p) nP ] P H
R P P R - ~p fn(R) = h
0
h
h
i
1
i
0
2
0
2
0
1
0
i
1
h
2
i
1
; j
2
* n 5.14 cT]~` d
r 5.17 1w H(P )
0
j
f g\
A
R s_Qw]Q (1). H (~r)(A : R H ) R (~r)(R H (P)) - ~r
(2). H
R P A P -R P R 0
j
0
; j
;!
0
0
0
;!
0
j
0
j
f g\
(fn(A) fn(P)) = "
0
* (Trans Cap) "~n 5.14 h~dj4(J r 5.18 1w P Q A R s_Qw]Q
(1). P A P - R P Q "
(2). Q A Q - R P Q j
;!
;!
0
;!
0
0
j
0
j
* (Trans Cap) c{dh~dj 4(J
` e> de X X$ Y d c{ d( ~K p]n c-Ldj? ( Q~ `> = cn
%n 5.19 5 e X X$ Y d( & d ch %b 9+cQ~ `> h{ &
{ 5.20 r 5.19 1w H(P ) R '#_Qw]Q
(1). P
P - R H(P ) "
(2). H H - R H (P) "
;!
;!
;!
0
0
(3). H P R 0
0
Nh ('W@
52
* H(P) R c-Y?!} (Trans In) 4 H(P) > (~q) nQ ] Q Q in m Q Q > (~r) mQ ] Q Q in n Q ~r fn(nQ ] ) = ~r
~p = : R = (~q~r)(nmQ ] Q ] Q ) e X H(P) >
(~q) nQ ] Q n 5.16 i L ]` @;j T '* H (~q)(nH ] Q ) : Q = H (P) 4 H (P ) in m Q e X n 5.17 ni L
]`@;j T'* { H (~s)(in m : R H ) Q (~s)(R H (P)) : ~s ( m fn(P )) =
4 ~s 4&Om h-h, ~s ( n~r q~ fn(Q )) = 7 H =
(~q~r~s)(nmQ ] R H ] Q ) Q > (~r) mQ ] Q : Q in n Q i H = (~q)(n(~s)(in m : R H )] Q )
H : R H (P) -Lco " @;
'*
{H
R P in m P : Q P R \ i Q > (~r) mQ ] Q " ~n 4.4 ni Q (~r)(mQ ] Q ) 5 ~r fn(nQ ] ) = H = (~q)(n
R ] Q ) (~q~r)(n R ] mQ ] Q ) 6 'E _ P in m P Q in n Q :
R (~q~r)(nmQ ] P R ] Q ) (Inter Co-in) i H P R ot@;
'*
H (~q)(nQ ] H ) : Q = H (P) 4 H (P ) > (~r) nQ ] Q e X n 5.16
niL]`@;jT '* { H (~r)(mH ] Q ) : Q = H (P ) 4 H (P) in n Q e X n 5.17 n
iL]`@;jT'*
(1). H (~s)(in n : R H ) Q (~s)(R H (P )) : ~s ( n fn(P)) = 4 ~s 4&Omh-h, ~s ( m ~q~r fn(Q ) fn(Q )) = 7 H = (~q ~r~s)(nmR H ] Q ] Q ) Q in m Q i H = (~q)(nQ ]
(~r)(m(~s)(in n : R H )] Q ))
H : R H (P) -Lco " @;
'*
(2). H
R P in n P : Q P R 4 H = (~q)(nQ ] (~r)(m
R ] Q )) (~q ~r)(nQ ] m R ] Q ) 6 'E _ P in n P Q in m Q
: R (~q~r)(nmP R ] Q ] Q ) (Inter In) i H P R ot
@;'*
{ H (~r)(mQ ] H ) : Q = H (P ) 47 H = (~q~r)(nmQ ] Q ] H ) H : R H (P) Q in m Q in n Q i H = (~q)(nQ ] (~r)(mQ ] H ))
-Lco"@;'*
{ P > (~r) mQ ] P H
R Q P R : ~r fn(R ) = 4 }
q E _ P > (~r) mQ ] P Q in n Q H (~q)(nQ ]
R) in m
Q ~r fn(nQ ] ) = (h, # ~r 4 &Om) : R (~q ~r)(nmQ ]
Q
Q ] P R ) (Inter Amb In) i H P R ot@;'* P > (~q) nQ ] P H
R Q P R : ~q fn(R ) = 4> d " ~
n 4.4 i P (~q)(nQ ] P ) !7 P R Q : Q > (~r) mQ ] Q " ~n 4.14 ni >7 Q Q R4 Q Q Q Q : P R > (~r) mQ ] Q w
;!
h
f g \
h
1
1
i
i
1
2
f g \ f g
0
;!
1
0
j
1
2
1
0
1
j
1
4
0
;!
3
3
4
j
0
2
0
1
j
0
j
3
j
0
1
0
; j
j
1
j
3
j
1
1
j
j
j
j
h
2
0
0
j
0
2
0
0
; j
j
0
1
j
3
;!
3
;!
h
3
i
0
3
1
j
0
j
2
0
1
0
;!
j
h
1
j
1
1
i
4
1
1
0
j
1
; j
0
;!
4
0
j
3
1
1
3
1
0
j
;!
3
; j
3
2
j ; j
1
1
00
00
3
4
j
1
1
3
00
3
1
j
0
j
4
0
0
f g\
2
00
3
4
1
j
h
2
0
3
h
0
0
2
1
0
1
0
;!
j
1
0
f g\
0
;!
0
j
0
0
j
4
i
1
0
j
0
j
g
0
;!
j
0
; j
3
4
1
1
3
0
3
3
3
;!
3
0
4
0
0
f g\
1
0
j
0
j
0
i
g
1
2
h
1
0
f
4
;!
; j
4
1
j
1
4
0
4
j
3
j
3
;!
1
j
; j
f g\ f
3
f g\
0
3
;!
2
3
j
4
0
;!
1
0
i
3
3
0
3
1
4
3
0
0
;!
3
h
4
1
4
j
3
0
4
2
f g\
j
0
2
2
2
0
g 0
0
j
f
2
i
3
0
4
0
; j
0
j
0
1
g h
;!
2
f g \
f
2
j
2
0
3
2
j
4
0
;!
2
0
j
2
1
2
f g \
0
0
;!
1
0
j
3
i
3
2
1
h
2
1
i
00
3
4
i
00
4
j
5.2
x
)-EPM('&B@
53
DZ c{d` i P j R > (~r) hmQ ]i Q L. $ ~]` Bj T `$ (Harden Par 1) 4 P > (~r) hmQ ]i Q Q = Q j R : f~rg \ fn(R ) = 4
0 -\ i "~ (Trans In) n` P ;! (~q~r)(nmQ ] j Q ] j Q ) 7~(
Jn4 P ni H(P ) = (~q ~r)(nmQ ] j Q ] j Q ) j R R oT@;'*
(Harden Par 2) 4 R > (~r) hmQ ]i Q Q = P j Q : f~rg \ fn(P ) = 4
f~qg \ fn(R ) ni f~rg \ fn(mQ ] ) = 0-\i P > (~q) hnQ ]i P Q in;!m Q H (~r)(Q j ; j mQ ] ) Q ;in!n Q Q Q : R (~q~r)(nmQ ] j Q ] j P j Q ) (Inter Amb Co-in) i H P R ot@
;'*
open n
(Trans Open) 4 H(P) > (~q) hnQ ]i Q Q ;open
! Q Q
;! Q : R = (~
q)(Q j Q ) e X H(P ) > (~q) hnQ ]i Q n 5.16 i L ]` @;j T '* ! Q e X n 5.17 ni L
H (~
q)(nH ] j Q ) : Q = H (P) 4 H (P ) ;open
]`@;jT'* { H (~r)(open:R j H ) Q (~r)(R j H (P)) : f~rg \ fn(P) = 4 ~r 4 &Omh-h, f~rg \ fn(Q ) = 7 H = (~q)(~r)(R j H j Q ) n
Q open
;! Q i H = (~
q)(n(~r)(open : R j H )] j Q ) ;! H : R H (P) Lco"@;'*
{ H ; j R P ;open
! P : Q P j R 4 H = (~
q)(n ; j R ] j Q ) open
open n
P ;! P Q ;! Q : R (~q)(P j R j Q ) (Inter Co-open) i
H P R ot@;'* n
H (~
q)(nQ ] j H ) : Q = H (P) 4 H (P ) open
;! Q e X n 5.17 ni L
]`@;jT'* { H (~r)(open n : R j H ) Q (~r)(R j H (P)) : f~rg \ (fng fn(P)) = 4
~r 4&Omh-h, f~rg \ fn(Q ) = 7 H = (~q)(~r)(Q j R j H ) Q ;open
! Q i H = (~
q)(nQ ] j (~r)(open n : R j H )) ;! H : R H (P) -Lco"@;'* ! P : Q P j R 4 H = (~
q)(nQ ] j ; j R ) { H ; j R P ;open
open
open
P ;! P Q ;! Q : R (~q)(Q j P j R ) (Inter Open) i H P R ot@;'*
P > (~
q) hnQ ]i P H ; j R Q P j R : f~qg \ fn(R ) = 4> d "
n
~n 4.4 i P (~q)(nQ ] j P ) !7 Q open
;! Q " ~n 4.15 i>7 Q
R4
open n
P j R ;! Q : Q Q n 5.18 ni L ]` @;j T '* n
{ P open
;! P : Q P j R 4 P ;! (~
q)(Q j P ) 7 P = (~q)(Q j P ) n
i R (~q)(Q j Q ) (~q)(Q j P j R ) (~q)(Q j P ) j R H(P ) l4-L
coT@;'* n
{ R open
;! R
: Q P j R 4 }q E _ P > (~q) hnQ ]i P open
n
Q ;! Q H ; j R R open
;! R f~
qg \ fn(R ) = : R (~q)(Q j Q ) (~q)(Q j P j R ) (Inter Amb Co-open) i H P R ot@;'* (Trans Out)(Trans Amb) r~_c 3P nd 4(J 0
1
00
3
4
00
1
0
00
0
0
0
3
1
0
0
0
3
1
5
0
5
00
5
3
0
5
4
0
00
0
00
5
3
1
4
5
1
00
1
3
0
1
5
1
000
0
3
1
1
1
00
000
000
0
3
3
3
3
3
2
0
1
2
1
1
0
1
1
0
2
0
0
1
2
1
2
1
0
0
0
2
2
0
0
0
0
0
0
2
2
0
2
0
0
0
2
1
0
0
2
1
0
0
0
2
1
2
2
1
0
1
0
1
0
2
2
0
2
2
0
1
0
1
0
0
0
0
0
0
1
1
0
0
1
1
2
0
0
1
1
0
00
00
0
2
2
2
0
00
0
1
2
1
1
0
0
0
0
2
1
1
00
0
0
1
0
1
1
1
00
0
0
0
0
00
2
2
0
0
1
1
0
0
0
1
1
00
0
0
1
2
0
0
0
1
1
1
2
1
2
0
00
0
2
0
2
0
0
1
1
1
1
1
0
2
0
1
2
1
0
2
2
2
1
5
1
1
00
0
0
0
1
1
0
1
00
0
1
0
0
1
2
Nh ('W@
54
] ~ qn@;c 3P ni -L'* "~]~-E_n] `$B LcoT]-L activity lemma 1
r 5.20 (Activity) H(P ) R Y-$Y
(Act Proc) P P - R H(P ) .t
(Act Har) H H - R H (P) .t
(Act Inter) H P R ;!
0
;!
0
;!
0
0
* 9J$<cdj T % I) ' 9<$Jcdj n 5.19 ( { 4.17 cLn]n'`$ x7{J% W Mxw W
x5.3
9{ 5.20 n]fQ~`>hc{i~Qn!B*bBLco"] -L
n Q~ `> h Z( ~ `> h Z 3 T]Z { 5.39 U L ?c~ `> h Z
B Tn ] D4 ?cQ~ `>h Z? % Q~ `> hc{ &~] 0] >dE_TZ /cpp 5.21 5.22 5.23 5.25 5.30 ( 5.35 6'Q
~ `> h Z % p 5.36 cdj j 6h ` `&h Z {~ 4T Z
{ 5.39 4> 5.21
'# P Q uP P Q (]]uP/"C(+g dPyU^\0J 1w P Q '
'
* Q~`>hc{d`iu3ThZo"]-L#{ P Q BgDa
a H ( n c % 7ni H(P) H(Q) 5" ~n 5.6 n` H(P ) n
H(Q) n l4 P Q +
()
+
'
4> 5.22 1w P P '# P
* a a H ( n s = H
'
H (P ) n n H(P Q) n
0
0
+
j
+
0
()
j
Q P Q
'
j
= H(
Q) P P ni n H (P) n
H(P Q) n l 4 P Q P Q 0
0
;
j
j
+
0
j
'
0
+
+
()
*
+
0
+
m
+
'
()
0
'
0
+
()
0
P m
+
, =) - (n)P +m c - Y ? ! } ` d P +m 4(J kWW activity lemma 5B 6 }:" j f %U@'?#! m%-af}: A - 6 activity "lemma"
6%D@DV-WV ;&
1
()
j
P ni m H (P ) m
H(nP ] ) n l 4 nP ] nP ] ;
r 5.24 1w m = n '# (n)P
6
0
0
0
'
0
H (P ) m n H(nP ] ) m
0
'
4> 5.23 1w P P '# nP ] nP ] * a a H ( m s = H = H(n ] ) P
'
0
0
20]
&m
5.3
x
6k('O(5O
55
, (= - P +m c - Y ? ! } ` d (n)P +m 4(J 4> 5.25 1w P P '# (n)P (n)P * a a H ( m P P ni H(P)
0
'
0
'
H(P ) m 7 (n)P k
(n)P n 4 &Om l 4 h, n = m : n fn(H) n 5.24 n` (n)H(P) m
(n)H(P ) m n H((n)P ) n
H((n)P ) n l 4 (n)P (n)P 0
'
0
6
0
+
+
m
+
0
()
+
62
0
()
+
+
()
0
'
Q~ `> h W 2; @c %n P P = M : P M : P p 5.30 cdj +
N +*7 ` ec n 5.26 $ n 5.29 c c $j~ 0
'
)
0
'
r 5.26 P n Y-$YVq ~p A P P y P "* P > (~p) nP ] P P
A BarbedAction - (fn(A) n ) ~p = #
0
1
2
f
g \f g
h
2
1
i
1
2
1
A
;!
P 0
1
*
, =) - 4 P #n { d ni >7 ~r A R R ( R R4 A 2 BarbedAction (fn(A) fng) \ f~rg = : P (~r)(nA : R j R ] j R ) h- f~rg (fn(R ) fn(R ) fn(R )) 7 ~p = ~r : B n7 ~p = f~rg \ (fn(R ) fn(R ) fn(R )) " ~ (Harden Amb) (Harden Par 1) ( (Harden Res) ni (~r)(nA : R j R ] j R ) > (~p) hnA : R j R ]i R 5n 4.14 n`>7 Q P R4 P > (~p) hQ i P : Q nA : R j R ] P R f V Q = nP ] : P A : R j R 5 A : R j R ;A! R j R ( P A : R j R " ~
n 4.15 ni>7 P R4 P ;A! P : P R j R 0 - ~K-Lni-L'* , (= - P > (~p) hnP ]i P " ~n 4.4 ni P (~p)(nP ] j P ) P ;A! P " ~n 4.5 ni P (~q)(A : R j R ) : fn(A) \ f~qg = h, f~qg \ (fng fn(P )) = 3
P (~p ~q)(nA : R j R ] j P ) (fn(A)fng)\f~p g = ` i (fn(A)fng)\f~p ~qg = 5 A 2 BarbedAction i P #n 1
1
3
2
2
3
3
1
1
2
3
1
1
1
1
2
1
1
0
2
1
1
1
0
1
1
1
0
3
2
1
0
2
1
1
2
1
1
2
2
1
1
2
3
2
1
3
2
0
1
00
00
2
2
2
1
0
1
2
1
2
2
r 5.27 1w M : P A P '#_Qw]Q (1). M > A : N - P N : P "
(2). M = - P A P ;!
0
;!
0
0
* n 4.11 ( (Trans Cap) `d4(J
r 5.28 1w H(P ) n s_Qw]Q (1). d0` Q H(Q) n "
(2). P n -d0` Q n h H(Q) n "
(3). P A P A BarbedAction -d0` Q
#
#
#
#
;!
0
H(Q) n #
2
#
A
0
;!
Q -A
0
0
2
BarbedAction h
Nh ('W@
56
* n 5.26 H(P ) n a:$>7 ~p A P P ( P R4 H(P ) > (~p) nP ] P A
P
P A BarbedAction : (fn(A) n ) ~p = " ~n 5.16 ni L ]` j T
'*
(1). H > (~p) nH ] P : P = H (P) 4 H (P ) A P " ~n 5.17 ni L ]` j
T '* (a) H (~r)(A : R H ) P (~r)(R H (P)) : ~r fn(A) = ` io T @;'
*
(b) H
R P A P : P P R ` iot@;'* (2). H > (~p) nP ] H : P = H (P ) 4 ` io T @;'* (3). P > (~p) nP ] P H
R P P R : ~p fn(R) = 4 ` io " @;'
*
] ~ qn@;c 3P ni -L'* #
1
;!
0
2
1
f
0
h
0
0
i
2
j
; j
h
1
h
1
00
0
0
0
0
1
0
; j
2
0
;!
1
f g\
j
j
f g\
'# H(M : P ) +n n
0
0
2
r 5.29 1w P P - H(M : P )
'
i
00
j
1
0
2
0
i
1
;!
i
0
h
2
1
g \f g
0
1
0
1
0
+
* H(M : P ) n c-Y? ! } (Conv Exb) 4 H(M : P ) n n 5.28 ni]`j T '*
(1). a a Q # H(Q) n 4*r-L H(M : P ) n (2). M : P n : a a Q n H(Q) n M : P n " ~n 5.26 ni M : P >
(~r) nR ] R R A R A BarbedAction : (fn(A) n ) ~r = 5" ~
n 4.11 n` M = l 4 P P ( H( : P) n ` i H( : P ) n (3). M : P A P A BarbedAction : a a Q A Q : A BarbedAction H(Q) n " ~n 5.27 _n ] dj H(M : P ) n (Conv Red) 4 H(M : P ) R : R n { 5.20 ni]`jT '* (Act Proc) 4 M : P R : R H(R ) `i M = : P R l4 H(M : P)
H(P) q ] H(P) n " ~ P P ni H(P ) n V % H(M : P ) H(P ) l 4
+
#
0
#
#
#
0
h
00
i
0
#
000
;!
#
2
f
0
'
#
2
0
;!
0
#
;!
g
0
0
0
;!
+
0
\f g
+
2
+
+
0
;!
0
+
;!
0
'
0
0
0
+
0
H(M : P ) n (Act Har) 4 H H : R H (M : P ) R n " ~n 5.6 ni H (M : P) n :!
- Y R n c - Y r$ ~ }#ni H (M : P ) n % H(M : P )
H (M : P ) l 4 H(M : P ) n (Act Inter) 4>7 H ~r R4 ~r fn(M : P) = : * @;'* UE_ ]
(Inter In) T @; 4 bdj !u@;cdj & _ (Inter In) 4 H (~r)H (m R ] nR ] ) M : P in n P R in m R :
R (~r)H (nmP R ] R ] ) n 5.27 ni ]` j T '* (1). M > in n : N : P
N : P 4 M : P in n N : P l 4 H(M : P ) (~r)H (nmN : P R ] R ] ) R n (n 5.6 ni (~r)H (nmN : P
R ] R ] ) n :! - Y R n c - Y r$~ }#ni
(~r)H (nmN : P R ] R ] ) n n H(M : P ) n (2). M = : P in n P 4 H(M : P) H(P) H(M : P ) H(P ) 5
P P n` H(M : P ) n 0
+
0
;!
0
0
+
0
+
0
0
0
f g\
0
0
00
j
1
0
0
1
0
0
j
2
0
0
;
j
1
j
;!
2
00
2
0
2
2
0
0
j
j
0
;!
2
0
j
0
;!
0
0
0
+
1
1
j
00
0
2
0
+
0
+
+
0
;!
0
+
0
;!
+
;!
'
0
+
0
j
00
0
+
+
0
0
0
j
6k('O(5O
5.3
x
57
] ~ qn@;c 3P ni -L'* 4> 5.30 1w P P '# M : P M : P * aa H ( m P P "~n 5.29 ni H(M : P)
0
'
0
'
0
'
4 M :P M :P n ()
+
H(M : P ) n l
0
+
0
'
` e3 Q~ `> h F . s = % cdj p 5.35 > d+N dj T s J n
]`$~ P k KZ k ]j=c P a2!r{ d k` P = 0, P k = P j P k 0
r 5.31 1w H( ! P)
n
+
4
+1
4
'#Vqv@ k 97 H(P k ) +n * Bncdju K B 3 r 5.32 1w H(0)
n
+
'# H(P) +n * H(0) n c-Y?! } (Conv Exb) 4 H(0) n n 5.28 nit@;zo T '* n a a Q `
H(Q) n 4n' H(P) n (Conv Red) 4 H(0) Q : Q n { 5.20 ( 0 G &c0niL H H
: Q H (0) " ~n 5.6 ni H (0) n :! - Y Q n c - Y r$ ~
}#ni H (P) n 5 H H ni H(P ) H (P) q] H(P) n +
#
#
+
;!
+
;!
0
0
0
+
+
+
0
;!
0
0
'
0
;!
r 5.33 1w P P - Q Q '# P P
'
0
j
0
'
+
Q Q 0
j
* E_dja a H ( n k H(P Q) n zW H(P Q ) n )Oc
& ndj-Lc6 T0
J H = H( Q) H(P Q) n n H (P) n P P i H (P ) n n H(P Q) n 5J H = H(P ) n` H(P Q ) n j
0
00
; j
0
j
0
j ;
r 5.34 1w H(P )
* 7 H = H(P
0
n
+
j ;
Q) n +
0
+
0
j
+
0
'
0
0
j
0
+
0
+
j
+
+
'# H(P j Q) +n ) B H (0) = H(P) n n 5.32 ni H (Q) n n H(P
0
0
0
+
4> 5.35 1w P P '# ! P ! P * E_dja a H ( n k H( ! P )
'
0
+
'
+
j
0
n
+
zW H( ! P ) +n ) O c &
0
ndj-Lc6 T0
H( ! P) n " ~n 5.31 ni>7 k R4 H(P k) n % P P " ~n 5.33 n`
P k P k l 4 H(P k ) n 5 ! P P k ! P " ~n 5.34 n` H( ! P ) n +
'
0
+
0
0
+
0
j
0
0-~Kpc-L niQ~ `>h3 T Z
4> 5.36
1w P P '# (P )
'
0
C
' C
(P ) 0
'
0
0
+
58
Nh ('W@
* 0-p 5.22 5.23 5.25 5.30 ( 5.35 c-L
] 4 4c $ h ` dj ` ec& ] p 4> 5.37 1w P P '# P P * a a ~ `> ( n P P " ~ p 5.36 ni
0
'
C
C
(P) n
+
() C
4> 5.38
* 0
'
(P ) n -L'* 0
0
C
(P)
' C
(P ) l 4 a a n 0
+
1w P P '# P P 0
'
0
( ' c{ d n'n` ]` 3 B Lco "] -L n ~ `> h Z( Q~ `> h Z 3 TZ context
lemma r 5.39 (Context) P P Y-$Y P P 0
* 0-p 5.38 ( 5.37 c-L
'
0
R' d Y
B L ( ~ T Lc;h cB ~3 >k 20] MA ?h %< Pc-L7 ROAM c
I d > d { d ?c wDZ +*& T | c wDZ c X$ Y da dj LX$ Y d & d) Oh j 6 Q~ `> c{ d+*& T |?h % { &9
6 djQ~ `> h Z iT* c~ `> h Z 3 TZ
T3B> ROAM ?h%c <P >k 20] cl@2h> d ROAM c
; @ (u Q n . bX$ Y d c{ d J+ i* c F 4 %>k 16] $ ~ + c ( - c &< P+Y ; @c SA E fc X$ Y dB>c wDZ Y ;@c RtE
fX$Yd< PL 3>7!7;@c>7 ROAM ?(Q~`> c =
i~G*7 hnm Bm 9 "c0 ROAM EfT 11 j*96>k 20] ?h % c < P l @y activitiy lemma ( context lemma cdj %B>6 e" ~ U
-L a - -ED Z c < P b i~ ~ch % {{G $j>k 20] B> c l
@i~m
}{& zI m 9 8
~ T L b + ?hc T*%&V % 7{ $ ~ E _ S/ v o _
& Bz L h ` $ ~ c T Y &B Lc l @- - +otLc Z< P-L ( o^ I L?h % {c T* -L b + T ROAM Y T {~% ch % {G u_ T
]r c~s n hc? P ( Q # Y P
Q c ZT3U {Gc n . 9 d+
7a,R4cQ~`> H P ( Q #3n]=O cn H(P) c!un &;@
(P
Q cn & ; @j3 xc conuent ##G L d &y T]# `$ r c
-BL96b+"~ U h %{GcT &6 ~ >O ms =aS %cdj B Lch % {G N34 t ]n3G ~ `> cQ p {G ~ `> cQ p {G ( {s'{G LK J+ T D c aG ch % {G@ 4- L7Y b U
{Gj.>d ?!T cBO c{ d(ncdj x6.1 c8q j 2 x;h{J
;!
;!
B Lch % {G 0 I +*7 Z ETS-MTj~ !3!?cQ p %(0Y
;%4 hc?>dL. Y r c :a ,~ ;:cQ~ `>L. 7 T m L c? 6 3 - c 6.1 X4QN H PL]p (;=T ) WX4QN 1wq H \3/Mzi2WL
T \R| +*w\W({e\ / r`]pq ; }WL T \R P Vq ;H "*
;H ; H(P ) : T `
0
6.2 R P Q PL (;=T) WX4QN] 1w ; P : T ; Q : T -d0
` (;=T) WX4QNH h H(P ) n
H(Q) n -& ; . P Q : T YW T K~
78VL ; . P Q `
+
()
+
`
'
'
]`b T ED Z` ~B ?c T % 7n 6.3 n 6.6 4&R`>
cgK{d? c T ) k `
Current(T)
H ~J T cV. (") F uture(T )
H ~J T IT7ED6c
U:Z, U:Y
JT]"c Y;%apQ3 ) T hreads(; n) Current(Type(; n)):Y k T ype(; n) 0 : BY ad
T hreads(; P) Current(Type(; P)):Y k Type(; P ) 0 : BY ad
Mobility(; n) Current(Type(; n)):Z k Type(; n) 0 : BY ad
Mobility(; P ) Current(Type(; P)):Z k T ype(; P) 0 : BY ad
Stable(; n)
4 True, k T ype(; n) = U : U:Z = ": B 4 False ! Stable(; n) ~%+Rt n 7JK ; `3:4A{c n u40Y;:h ?
Fb4QA {c Rt 7 & '+>7: ~ |{r !q7cHRt%
A! dr V >k 16] c Z + h Y;Qh ? Fbc # o U
T
_
h
59
7h ('W:
60
r 6.3 T hreads(; P ) = 0 Y-$Y Type(; P ) = * 9J|<n'{ d n` "9<|J f cQ 3P`d _
0
3P f ni k v?c 4 _ B!zn3Jy? Rta 3 Rt c a
~hfa, z ;@ l 4` ec -L'*
0
F: 6.4
1w Threads(; P) = 0 sK)h P A P r 6.5 1w ; nP] : T s Threads(; P ) T hreads(; n) * fc )>% { `d r 6.6 1w ; A : P Q : T - Current(T ):Y = 1 s Threads(; Q) = 0 * ; A : P Q : T " ~ { 3.11 ni Type(; A : P Q) = T T 5 (Type
Par) ni T ype(; A : P ) t Type(; Q) = T l 4 Threads(; A : P) y Threads(; Q) 1 %3P f ni 1 Threads(; A : P ) l 4 L T :Y = 1 Threads(; A : P) = 1 :
0
;!
`
`
j
`
j
0
j
0
j
j
0
T hreads(; Q) = 0 7djY ch % {Gj. > d dj ]` t ]s J n 74 6 cL* 7
I n3 @; `# Y N c@ ~l 4 ^ I &L ? I)/Jc&O s = (wD - c
=$ g ~ k (~p)(P P ) VF4 (~p : T~p )(P P ) (~p) P P VF4
(~p : T~p ) P P ~ ; ~p : T~p Z +7 J K ; E ~ p : Tp pk : Tpk U cq`c cJKU ~p dom(;) = r 6.7 1w ; nA : P P ] : T T hreads(; n) = 1 - nA : P P ] R sFh_
Qw]Q
(1). P
P - R nA : P P ] "
(2). A = out m P > (~p : T~p ) mR ] R R out n R n m ~p - R (~p :
0
h
0
0
00
i
1
f g\
0
;!
1
2
j
1
1
2
1
j
i
00
j
2
;!
2
h
1
i
2
1
0
;!
62 f g
1
0
j
1
h
2
0
0
0
j
T~p )(nP R ] mR ] ) "
(3). A = open m P > (~p : T~p ) mR ] R R
R R ]
j
h
2
2
1
1
00
j
`
2
00
j
1
i
2
R m
open
1
0
;!
1
~p - R (~p : T~p )nP
62 f g
2
1
j
* 7 H = nA : P ] H(P ) R "~{ 5.20 niL]` @;jT '* (Act Proc) 4 P
P : R H(P ) n R nA : P P ] o T @;'* (Act Har) 4 H H : R H (P ) V % H = nA : P ] hn? Tl& l 4 L @; h n h
(Act Inter) 43P_T @; H cN Fn ]hzn ]` t@;R4U H
c-s
(Inter Amb Out 1) 4`i-Lco " @;'* (Inter Amb Out 2) 4N P > (~p : T~p ) mR ] R R out m R : m ~p f V
Threads((; ~p : T~p ) R ) 1 l 4 T hreads(; P ) 1 % Threads(; n) = 1 " ~
n 6.5 n 6.6 (-L 6.4 ni T hreads(; P ) = 0 l 4 L @; h n'* 1
2
j ;
0
;!
;!
2
0
2
0
2
2
2
0
;!
1
2
1
h
1
i
2
2
2
0
j
2
j ;
2
;!
0
2
62 f g
6.1
x
0b2VeH-6('
61
(Inter Amb Co-open) 4`i-Lcot@;'* ] ~ qn@;c 3P ni -L'* r 6.8 1w ; n in m : P P ] : T Mobility(; n) = J- n in m : P P ]
sFh_Qw]Q
(1). P
P - R n in m : P P ] "
(2). P > (~p : T~p ) rR ] R R out n R R out r R n r ~p - R
`
0
;!
2
1
j
2
1
h
2
1
i
_
2
j
1
2
;!
R
(~p :
2
2
0
;!
1
0
;!
2
1
62 f g
2
0
j
2
j
0
j
T~p )(n in m : P R ] rR ] ) 0
1
1
* _n 6.7 cdj`d r 6.9 1w ; P nA : Q Q ] : T Threads(; P) = 0 T hreads(; n) = 1 P nA : Q Q ]
R sFh_Qw]Q (1). P
P - R P nA : Q Q ] "
(2). nA : Q Q ] R - R = P R "
(3). A = in m P > (~p : T~p ) mR ] R R in n R m n ~p - R (~p : T~p )(mR
`
j
1
j
j
1
j
2
;!
2
0
;!
1
0
j
2
j
1
j
0
;!
2
0
j
h
1
i
1
i
2
1
nQ Q ] ] R ) "
(4). A = in m P > (~p : T~p ) mR ] R R
Q mR ] ] R ) 1
j
j
2
2
h
2
0
j
1
* 7 H =
;!
j
2
1
in
0
62 f g
1
n R0
;!
0
m n 62 f~pg - R (~p : T~p )(nQ
1
1
j
1
j
2
; j
nA : Q Q ] H(P)
1
j
2
;!
R " ~ { 5.20 ni L ]` @;j T '
*
(Act Proc) 4 P P : R H(P ) n R P nA : Q Q ] oT @;'* (Act Har) 4 H H : R H (P) H = nA : Q Q ] ni L H = R
: nA : Q Q ] R l4 R = P R o"@;'*
(Act Inter) 4 3P_ T@; H c NFn ]hzn ]` ^@;R4U H
c-s
(Inter Open) 4 N P open n P U \ i Threads(; P ) = 0 TAl4 L @;h n
'*
(Inter Amb In) 4 `i-Lcot@;'*
(Inter Amb Co-in) 4 ` i-Lco^@;'* (Inter Amb Co-open) 4 N nA : Q Q ] open n R %f V L - h '* l 4 L @
;hn'*
] ~qn@;c 3P ni -L'* 0
;!
0
;!
1
j
2
;!
0
0
0
0
j
1
; j
j
;!
1
j
j
2
0
2
; j
0
0
0
1
j
2
;!
0
1
7h % {G ? ( ~ `> n] h c +N ~Bc N FE _ ~T]~
Bc (eC h-Z +Rt;n ]s !c ;@ DeepAction = n A n
A Action !c~ Z+
74 c $ ~ ` e{ db + Z +?z Rt ns ! v ; @c ( eC&f =$
4
P = )
f
]
j
2 N ^
2
g
7h ('W:
62
A
6.10 P =n Y-$YVq P "* P
P P
nA
A
n
( n fn(A)) ~p = f P = I: P = KQ ]
0
)
f
g
\f g
6
;!
]
)
0
0
(~p : T~p )(nA : P P ] P ) -
1
j
j
2
3
]
)
7 ` ec& G ~ `> cQp {G $ ~ ; @ Z + & Rtn
h;@cn .
R'YOA Rxq ^h3 =
x6.2
B *70& ~ `> Ya ,N Fch % {G VV U {G3 ]Rt cQ p % @
4 . c r 6.11 (ST Out) ; . n out m : P P m out n : Q Q ] ] nP P ] mQ
Q ] 1w Threads(; n) = 1 Threads(; m) = 1 ; n out m : P P m out n : Q Q ] ] : T
m n
-P = j
1
2
j
1
`
2
out
2
6
j
'
2
j
1
2
1
j
j
j
2
1
j
1
j
2
]
)
* 7 P = n out m : P P m out n : Q Q ] ] Q = nP P ] mQ Q ] B"p
h a a (;=T ) Q~ `>H (Rtm h H(P) h
H(Q) h P
Q
H(Q) h= H(P ) h z+5d H(P) h= H(Q) h nn H(P ) h c - Y }k `
(Conv Exb) 4 H(P ) h e X n 5.28 b ct@;ni 7o T @; ` n'
H(Q) h !u&@; P ` h '* (Conv Red) 4 H(P) R : R h { 5.20 ni L ]` @;j T '* (Act Proc) 4 P P : R H(P ) h T hreads(; n) = 1 " ~n 6.7 ni L
]`@;jT '* (1). P m out n : Q Q ]
R : P n out m : P R ] 45" ~n 6.9 ni
L ]` @;j T'* "
(a) P
P : R P m out n : Q Q ] 4 P n out m : P P
m out n : Q Q ] ] l 4 R H(n out m : P P m out n : Q Q ] ] ) h "~}#n` H(nP P ] mQ Q ] ) h % P
P ni H(Q)
H(nP P ] mQ Q ] ) l 4 H(Q) h (b) m out n : Q Q ]
R : R P R 4 n 6.7 nizn
Q
Q : R P m out n : Q Q ] 5" ~ R h _o T @;ni
H(Q) h 6'&@;hn n'* m
(2). P = ni zn P
Q : R H(Q) h (3). 4@; N F A = open m h n'* (Act Har) 4 H H : R H (P) h }#i H (Q) h H(Q) H (Q)
n` H(Q) h (Act Inter) 43P` @; P cN Fni 9 * z 6 5 @;'*%\ i
Threads(; n) = 1 9 d+U 5 @; Lh n'* 1
j
2
j
1
j
2
+
+
)
+
+
)
j
1
2
j
()
1
j
2
+
;!
+
+
#
#
;!
+
0
;!
2
j
j
1
2
0
2
j
1
0
2
0
1
j
1
2
2
0
;!
0
2
j
j
j
0
2
1
j
2
j
0
2
1
j
+
1
2
;!
j
2
0
0
j
2
00
;!
0
j
1
j
2
j
;!
2
00
0
+
2
+
out
2
6
]
)
;!
+
;!
0
0
+
+
0
+
j
+
+
2
2
0
0
1
j
j
2
1
j
1
1
2
j
2
j
1
0
+
0
;!
2
0
;!
0
;!
0
bEPMK*-R6:
6.3
x
63
] ~ qnc 3P ni -L'* r 6.12 (ST Open 1) ; . n open m : P P m open : Q Q ] ] nP P Q
Q ] 1w Threads(; n) = 1 Threads(; m) = 1 ; n open m : P P m open : Q Q ] ] : T
m
-P = 1
j
2
j
1
`
2
j
j
1
'
2
2
1
j
j
1
2
j
j
1
j
2
open ]
2
6
)
* dj&_{ 6.11 4(J
{G (ST Out) ( (ST Open 1) v7T{c`2 ;@ (Fb ;@.6& ]?
n ] b 4 Ya , G ]?; n c!u & hX U ; @c &> S Z{G Rt cQ
p %9 d+ a ~c? P ( Q hXS Z & ; @ca? !k #L? Z B(c P
( Q B rs cQ p | #h 5 +N + |4 o I L 5.12 cdjT T ` 0
Qn'|~ ~Kh{Gn n
2
2
2
2
x6.3
8 'YOA Rxq ^ h3 =
0* @; `?ch %L. +*7 T {c~ `> j `B *{L& ~ `> cQp{G>d { dT ~`>c&O 6.13
(1). A @ H (. P )
H A H (. P A P ) / A KSRq H (. P ) \,8Mk (2). n A @ H (. P )
di H (. P ) }\0`%9L+g% n \;T nH ](. nP ]) b
h A @ H (. A @ P ) (3). A n A H (. P )
H
H (. P
P ) - A n A @ H (. P ) 6
()
]
6
0
0
6 !
;
0
()
0
6
6 !
;
]
0
6
6v
0
()
;!
0
0
;!
]
0
6
0
jV a aT] ? a Q~ `> 3:6,vn ;@3Yn$ ~cf c T3n
T B` v ~B?c-L ~ VisibleAction Z + open n n open n in m n in m n out m ( n out m !c n m 4 a aRt m 6'c gPC h-~ K Z !cc ~ L Z+!& h DeepAction
h VisibleAction ~ Z +~ `> n h c ; @ % DeepAction ~ Z +& Rt n
f cz ; @ ` ec T h % {G +Nn .~ `>1 0 h c; @ nh 1 0 v ]n
;@h- L ca,c h 7~ `> w L H(a P ) k a a L # H(a P ) n {~ `> h h L cn ; @ 6'n Qs @ rs c&O 6v
2
]
]
]
]
6v
6.14 P Ln
P (~p : T~p )(nA : Q Q ] Q ) A BarbedAction (fn(A)
n ) ~p = - n A L L
(Conv Ctx Exb) P L= P L
(Conv Ctx Red) P PP L P n
n
n
n
!aa VisibleAction c{dk`
#
f
]
g
\f g
()
]
1
j
2
j
3
2
62
;!
#
2
)
+
0
+
0
+
7h ('W:
64
n open = open n
m in n = n in m
m out n = n out m
n = n open
n in m = m in n
n out m = m out n
open
]
]
]
]
]
]
]
]
]
]
k7 P = m in n : Q] L = n in m B P m T P Lm 7&Oc'n c $~ ~`>n .c (;=T ) Q~`> h{ dk `
f
6.15 ; L . P
f
H(P ) +Ln ()
g
H(Q) +Ln
Q:T
'
()
]
g
#
6#
d0` (;=T ) WX4QNH y n 1w L H s
6v
&Oc 'n L ]` _ n 5.28 c-L'* r 6.16 1w H(P ) Ln s_Qw]Q
(1). d0` Q H(Q) Ln "
(2). P Ln -d0` Q Ln h H(Q) Ln "
(3). P A P A BarbedAction n A L -d0` Q
- n A L h H(Q) Ln #
#
#
#
0
;!
0
]
#
2
62
]
62
A
0
;!
Q A
0
0
2
BarbedAction
#
* -Qn 5.28 cdj4(J
` e b & n {~ `> 1 0 h; @cQ p h % {G {G (ST In) v & ] Q
p Rt c Y m & ; @7;:~`> h hS Z LY m ; @c s = &. 6 ?3h
cn?!un3ctf hXv}LYm; @cW" &{G (ST Open 2) b+
Fby@_c- r 6.17 (ST In) ; n in m m in n . n in m : P P ] m in n : Q Q ] nP P
mQ Q ] ] 1w Threads(; n) = 1 T hreads(; m) = 1 - ; n in m : P P ] m in n : Q
f
1
j
]
]
g
1
j
2
2
j
1
j
2
`
1
j
2
'
1
j
j
2
j
1
j
Q ]:T 2
* 7 L = n in m m in n P = n in m : P P ] m in n : Q Q ] Q = nP P
mQ Q ] ] B"p h a a (;=T ) Q~ `>H (Rt m h k L H zW
H(P ) Lh
H(Q) Lh P
Q H(Q) Lh = H(P ) Lh z + 5d H(P) Lh = H(Q) Lh
nn
H(P ) Lh c - Y }k `
(Conv Ctx Exb) 4 H(P) Lh eXn 6.16 ct@;ni zo T @;n'* n H(Q) Lh o " @; 3P P c s =ni h zn3 n a m T4 $ n
a m cQ~ `>#L. i S L h- cvc l 4 L @; h n hot@; N F
P A P ih n h
(Conv Ctx Red) 4 H(P ) R : R Lh { 5.20 ni L ]` @;j T'* (Act Proc) 4 P
P : R H(P ) h Threads(; n in m : P P ] ) = 0 (
Threads(; m) = 1 " ~n 6.9 ni L ]` @;j T '* (1). n in m : P P ] R 45" ~n 6.7 nizn ]`T @;'* "
f
1
j
]
]
g
1
j
2
j
1
j
2
1
()
+
;!
+
)
+
+
)
+
#
#
;!
2
6v
2
+
j
0
;!
;!
1
j
2
;!
0
+
0
0
+
1
j
2
+
j
6.3
x
bEPMK*-R6:
65
(a) P
P : R n in m : P P ] 4 P n in m : P P ] m in n : Q
Q ] q ] H(P ) R Lh " ~ }#n` H(nP P mQ Q ] ] ) Lh % P
P ni H(Q)
H(nP P mQ Q ] ] ) l 4 H(Q) Lh 6'&@; hn'*
(2). m in n : Q Q ] R 4_o T @;" ~n 6.7 ni H(Q) Lh (3). n P
Q : R H(Q) h (4). 4@; h=- A = in n c h n'* (Act Har) 4 H H : R H (P) Lh }#i H (Q) Lh H(Q) H (Q)
n` H(Q) Lh (Act Inter) 4 3P`@; P c NFni 9 * z6 5 @;'* %\ i
T hreads(; n) = 1 9 d+U 5 @;z (Inter Amb In) ( (Inter Amb Co-in)
n'*T?Tl3Pn ]hU&@; H cNF`hR4b{ L H c
Lhn'* ] ~ qnc 3P ni -L'* 2
0
;!
0
2
0
2
2
1
;!
;!
j
1
j
j
2
1
j
2
0
j
1
j
2
j
1
1
j
j
+
2
+
2
0
+
;!
1
2
;!
2
0
2
+
0
;!
j
0
j
1
+
0
0
0
+
+
0
;!
+
6v
{G (ST In) c~`>n. ~ N c~ `>>7Y r c mRtS Z?m
; @ca & ~K n .7 u Y m ; @c& ]Rt# Ya ,9< c@; `q 3 L. c k
U& ]Rt T] cm+ h4' 5 J Kqi a T& ]Rt# (76 'T]Rt ; % 7U
] 6 ' c Rt v9 d7 Y;y @ . Y!uc RtXS Z Y m y @cW"? !B~
K~`>n .Tn] J *` ec - L2-+Up @; F: 6.18 (ST Aux In)
r`G: Threads(; n) = T hreads(; m) = 1 Q$\]Yu
PQ
(1). ; . (n : Tn )(n in m : P P ] m in n : Q Q ] ) (n : Tn )(nP P mQ Q ] ] )
(2). ; . (m : Tm )(n in m : P P ] m in n : Q Q ] ) (m : Tm )(nP P mQ Q ] ] )
(3). ; . hn in m : P P ] m in n : Q Q ] A : R] hnP P mQ Q ] ] A : R] u
A _L&p out . open a&
1
j
j
1
1
j
2
2
2
j
1
j
j
1
1
r 6.19 (ST Open 2) ;
Q 1w Threads(; n) = 1 - ;
j
`
j
j
2
'
2
1
'
2
j
2
j
1
'
1
j
2
j
1
j
2
j
1
]
g
1
j
1
j
j
1
j
1
2
j
2
j
2
j
j
1
n n open . open n : P n open : Q Q ]
open n : P n open : Q Q ] : T fopen
2
j
'
2
P Q
1
j
1
j
2
* 7 L = open n n open P = open n : P n open : Q Q ] Q = P Q Q B"p
h a a (;=T ) Q~ `>H (Rt m h k L H zW H(P) Lh
H(Q) Lh P Q H(Q) Lh = H(P) Lh z+5d H(P ) Lh= H(Q) Lh nn
H(P ) Lh c - Y }k `
(Conv Ctx Exb) 4 H(P) Lh e Xn 6.16 ct@;ni zo T @;n'* n H(Q) Lh o " @; 3P P c s =ni h zn3 n T4 $ n c
Q~ `>L. i S L h- c open n l 4 L @; h n hot@; N F P A P
: h A L P 3Tcz ;@ 4 open n QhR4N F
(Conv Ctx Red) 4 H(P) R : R Lh { 5.20 ni L ]` @;jT '* f
]
g
1
j
1
j
2
1
6v
;!
+
)
+
+
)
+
j
1
()
j
2
+
+
+
#
#
;!
]
62
;!
+
0
7h ('W:
66
(Act Proc) 4 P P : R H(P ) h 3P P c s = Threads(; n) = 1 ni
L ]` &@;j T '* (1). Q
Q : P open n : P n open : Q Q ] 4 H(P ) R Lh " ~ }
#n` H(P Q Q ) Lh % Q
Q ni H(Q)
H(P Q Q ) l
4 H(Q) Lh (2). P Q 4 R H(Q) h (Act Har) 4 H H : R H (P) Lh }#i H (Q) Lh H(Q) H (Q)
n` H(Q) Lh (Act Inter) 4 Threads(; n) = 1 3P` @; P c N Fni 9 * z
(Inter Open) ( (Inter Amb Co-open) n'*T? Tl3Pn ]hU&
@; H cNF`hR4b { L H cLhn'* ] ~ qnc 3P ni -L'* 0
;!
2
;!
0
0
2
1
j
0
1
1
0
j
2
+
j
+
2
0
j
1
0
2
0
;!
;!
2
+
1
j
1
j
0
2
+
0
;!
+
0
0
0
+
+
0
;!
+
6v
L (ST Open 2) k J * ~ `> _ - L 6:18 c-L F: 6.20 (ST Aux Open)
r`G: Threads(; n) = 1 Q$\]YuPQ (1). ; . (n : Tn )(open n : P n open : Q Q ] ) (n : Tn )(P Q Q )
(2). ; . h open n : P n open : Q Q ] A : R] hP Q Q A : R] u A _(&
p out a&.(]p open n a& u n = n 1
1
j
1
j
j
1
2
j
'
2
j
'
0
1
0
j
1
j
1
j
2
1
j
2
j
6
] ~{L+ cQ p {G { ~ U {Gc G0 3 4 + n .!u
a ? kU {Gc P Q h S Z ; @c &a? !k h 1 0 U a ?c>
7BfV` ecG h% {G'* 3 aUc&O s= r~+ G c & (
2
2
r 6.21 _QR]Y`=Q (UT Res In 1)
(n)(n in m : P] m in n : Q] ) (n)nP mQ] ]
(UT Res In 2)
(m)(n in m : P ] m in n : Q] ) (m)nP mQ] ]
(UT Amb In 1) (hn in m : P ] m in n : Q] out k : R] ) hnP mQ] out k : R]
(UT Amb In 2) (hn in m : P ] m in n : Q] open k : R] ) hnP mQ] open k : R]
(UT Out)
(n out m : P m out n : Q] ] nP ] mQ]
(UT Res Open) (n)(open n : P n open : Q] ) (n)(P Q)
(UT Amb Open 1) (h open n : P n open : Q] ] ) hP Q]
(UT Amb Open 2) (h open n : P n open : Q] out k : R] ) hP Q out k : R]
(UT Amb Open 3) (h open n : P n open : Q] open k : R] ) hP Q open k : R] k = n
j
'
j
j
'
j
j
j
j
j
j
'
'
'
j
'
j
j
j
j
j
j
j
j
'
j
j
j
j
'
'
j
j
j
j
6
* 3]- Q (ST In) (ST Out) (ST Open 1) ( (ST Open 2) nd z + "
"~?Qp % q@c3P Dnn 7Y c?h %3P n .(G n.ch %{G ` s~ n .c{Gn ] (>7 s; @ a c?c F 4@; T ?c T {c&O G
n.ch% {GBV!r!n]#Q h c-3] $~hch %{G? ! dj 6.4
x
x6.4
:+F:
67
3CV , 3 =
6 T ~ c?- s 3Y{s'~ % c F .- sn ? 6, _ ! A : P a
! nA : P] c s = a :7?!u ~ h h a , ! A : P a ! nA : P] a ~c ; @
A : Q a nA : Q] U L a , L {s' s = c & ; @ .. !u & ; @s ! c d6
723n]=O cB *< PU Th% {G 6.22 ~U+<l r`W~> ; yR P "* ; P : T PQ# P }\m
{trh`_@<DY 1w"*QI}q+dc\WG:yK]YG: m{tr
WG:
K]YG: P \0zvo*w
Odc\Za&
}K[SR_Q.]
`
|||||||||||||||||||||||||||||||||||||||||
! n in m : P Q] n in m Threads(; n) = 1 m{trk n in m : P Q ] Jz J- n in m : P Q]
n in m : P Q ]
in
m
n ! in m : P Q] n
Stable(; n) = True n }Jz in m : P
out
m
! n out m : P Q] n
Threads(; n) = 1 m{trk n out m : P Q ] Jz J- n out m : P Q]
n out m : P Q ]
n ! out m : P Q] n out m Stable(; n) = True n }Jz out m : P
! open n : P open n
O
m{trk open n : P Jz
open
! n open : P Q] n
Threads(; n) = 1 m{trk n open : P Q ] Jz J- n open : P Q]
n open : P Q ]
j
0
]
j
j
6;!
0
]
j
j
0
0
j
0
]
j
0
j
0
j
6;!
0
j
0
0
]
0
j
0
]
j
0
j
0
6;!
j
0
1wm{trdc\Za&L s\P q P }h`_@<DY
f V e X{s'~ % c{ d ` ec n '* r 6.23 1w q P }h`_@<DY sd0` P P h q P }h`_@
<DY
* gD P sF . s =c (3T% 3T% n'{s'~%
c{dn]9d % Bn c & hT{n` ;!
0
0
0
7{s'~% c{ d 9~S{3T% &]c {s'~ %% hc? P (
Q !c{s' s = L. a a ~ `> H R4 H(P ) # P
Q c LF . s = L Y{s'~ %T3n ]`T ) ( B{? F . s =c{s'~ %
(1). F . s = Rt m h 7 H a P c!u ~ h"
(2). F . s =c 3T%; @ h 7 H a P c!u ~ h
k h $ ~ ~K& B L.!u &% I3T% 9% 3 :n ] $ ~{
s'{G
` e b ~K)@; rs c) {s'{G {s'{G$ ~ k ` c ( Z + ;!
; ! . P
f
g
'
Q
7h ('W:
68
!,d4 ; P : T :aaQ~`> H (Rtm h k 7 H(P ) ]k H(Q) 9
{s'~%zW H(P ) h
H(Q) h n { ~ `> h h Q 3 4 + 9 c{s'%
`
f g
+
f g
()
+
r 6.24 _Qhu`_@<\]Y`=Q (Rec In)
1w Thread(; m) = 1 J- T hread(; n) = 1 . Stable(; n) = True '#
; ! m in n . n in m : P P ] ! m in n : Q Q ]
f
]
g
(Rec Co-in)
; !n
in
f
mg
]
1
j
j
2
1
j
2
nP P mQ Q ] ] ! m in n : Q Q ]
'
2
j
1
j
j
2
j
1
2
1w Stable(; n) = True - Threads(; m) = 1 '#
. n ! in m : P P ] m in n : Q Q ]
j
1
j
2
1
j
2
n ! in m : P P P mQ Q ] ]
'
1
j
j
2
j
1
1
j
2
1w Thread(; m) = 1 J- T hreads(; n) = 1 . Stable(; n) = True '#
(Rec Out)
; ! m out n . n out m : P P ! m out n : Q Q ]
f
j
1
]
g
j
1
2
j
j
1
'
2
nP P ! m out : Q Q ] ] mQ Q ]
1
j
2
j
j
1
j
2
1
j
2
(Rec Co-out) 1w Stable(; n) = True - Threads(; m) = 1 '#
; ! n out m . n ! out m : P P m out n : Q Q ]
f
]
g
1
j
j
2
1
1w Threads(; n) = 1 '#
(Rec Open)
; ! open n . ! open n : Q n open : P P ]
f
g
j
1
j
(Rec Co-open) 1w Thread(; n) = 1 '#
; ! n open .
]
f
open
g
n : Q ! n open : P P ]
j
1
j
2
'
n ! out m : P P P ] mQ Q ]
'
2
1
! open n : Q Q P P
'
2
j
j
j
1
j
j
2
j
j
1
1
j
2
2
Q P P ! n open : P P ]
j
1
j
j
2
1
j
2
* E_zb (Rec In) c)_dj!u{Gcdj & _
7 L = m in n P = n in m : P P ] ! m in n : Q Q ] Q = nP P mQ Q ] ]
! m in n : Q Q ] a a Q~ `> H (Rt m h R4 H(P ) c F . s = ! m in n : Q Q ]
Y{s'~ %N dj H(P ) Lh
H(Q) Lh P
Q H(Q) Lh = H(P) Lh z+5d H(P) Lh= H(Q) Lh nn
4 +dj H(P) Lh = H(Q) Lh E _dj T]i~T* c-L n a a Pm H(P
Pm ) Lh = H(Q) Lh ! Pm m in n : Q Q ]
m in n : Q Q k ] Q
Qi
in n
(i = 1::k) V k = 0 Pm 0 f V H(P)
H(P Pm ) n 6.23 ni m
7
in
n
H(P Pm ) Q Y{s'~ %:7 ` edj ca a H(P Pm )
R m
L9 {s'~ %7 ` edj$ ~ }# Q tb$ ~ 4 H(P Pm ) Lh c - Y }k `
(Conv Ctx Exb) 4 H(P Pm) Lh e X n 6.16 ct@;ni (1). o T @
;fV H(Q) Lh " (2). o"@;3P P Pm cs=ni h zn3 n a m T4 n cQp%ni$ n cQ~`>#L.6, n ;@ m in n %U1!
+{s'A~%l 4 h zn4 m %Q Q Lm l4 H(Q) Lh " (3). ot@;
N F P Pm A P h n h
(Conv Ctx Red) 4 H(P Pm) R : R Lh H(P Pm) R " ~ { 5.20 ni L ]` @;j T '* f
1
j
]
g
1
j
1
j
2
1
)
2
)
j
1
()
+
;!
+
)
j
2
+
j
1
j
21
j j
;!
1
j
2
2
j
j
j
;!
+
j
#
#
j
#
;!
j
2
+
+
j
j
+
+
j
j
1
+
)
2
2
+
+
j
#
0
j
;!
+
j
;!
]
;!
2
]
]
6.4
x
:+F:
69
(Act Proc) 4 P Pm P : R H(P ) 7 H = ! m in n : Q Q ] Pm B
H (n in m : P P ] ) P 5"~{ 5.20 niL]` @;j T'*
(Act Proc) 4 n in m : P P ] P : R H(H (P )) Lh \ i Thread(; n)
= 1 a Stable(; n) = True "~n 6.7 kn 6.8 ni L ]` @;j T '* (1). P
P : P n in m : P P ] 4 R H(H (P ))
j
0
1
0
;!
j
j
1
0
;!
2
00
00
;!
2
2
0
; j
1
j
j
2
0
;!
2
0
1
0
0
j
00
+
0
2
00
H(H (n in m : P P ] )) H(n in m : P P ] ! m in n : Q Q ] Pm ) Lh " ~ }#n` H(nP P mQ Q ] ] ! m in n : Q Q ] ) Lh % P
P ni H(Q)
H(nP P mQ Q ] ] ! m in n : Q Q ] ) l 4
L
H(Q) h (2). P > (~p : T~p ) rR ] R R out n R R out r R n r ~p : P (~p :
T~p )(n in m : P R ] rR ] ) 4 R H(H (P ))
H(H ((~p : T~p )(n in m : P R ] rR ] ))) H((~p : T~p )(n in m : P R ]
rR ] ) ! m in n : Q Q ] Pm ) ~p 4 &Om h, fn( ! m in n : Q
Q ] ) ~p = 7 H = H((~p : T~p )( rR ] )) B R H (n in m : P
R ] ! m in n : Q Q ] Pm ) Lh " ~ }#n` H (nP R mQ
Q ] ] ! m in n : Q Q ] ) Lh % \ i n` Q
(~p : T~p )(nP R
mQ Q ] ] ! m in n : Q Q ] rR ] ) l 4 H(Q)
H (nP R mQ
L
Q ] ] ! m in n : Q Q ] ) l 4 H(Q) h (3). n 6.7 c!u&@; h n (Act Har) 4 H
H : R H(H (n in m : P P ] )) Lh 4 H =
! m in n : Q Q ] Pm T hreads(; m) = 1 Threads(; m in n : Q Q i] ) = 0
"~n 6.7 6.9 niGL3y@;zn (1). v] ! m in n : Q Q ]
c Q
Q a T (2). v ] Q i
Q i @; (1) 7 Pm = m in m : Q
m in m : Q Q i]
Q ] Pm @; (2) 7 Pm = m in m : Q Q ]
m in m : Q Q k ] ] ~&@; ` Pm ` L=- Pm cN F l 4
R H(H (n in m : P P ] )) H(n in m : P P ] ! m in n : Q Q ] Pm ) Lh "
~ }#ni H(Q) Lh (Act Inter) 43P H ( n in m : P P ] c s 'ni zn (Inter Amb Co-in)
'*:eX?m n c m hn]`&@;>
(1). ! m ] cv ] m ?m n n H(P ) H(nP P mQ Q ] ]
! m in n : Q Q ] Pm ) Lh 4 Q
Q i l 4 Q nP
P mQ Q ] ] ! m in n : Q Q ]
nP P mQ Q ] ] ! m in n : Q
L
Q ] Pm l 4 H(Q) h (2). Pm cv ] m in n : Q Q i] ?m n n H(P ) H(nP P mQ Q i ] ]
! m in n : Q Q ] Pm ) Lh ! Pm m in n : Q Q ]
m in n : Q
Q i ] m in n : Q Q i ]
m in n : Q Q k ] 4 Q
Qi
l 4 Q nP P mQ Q ] ] ! m in n : Q Q ]
nP P mQ
L
Q i ] ] ! m in n : Q Q ] Pm l 4 H(Q) h (Act Har) 4 H H : R H (P Pm ) Lh }#i H (Q) Lh H(Q)
0
0
j
1
2
j
1
0
;!
2
1
0
j
2
;!
2
1
j
2
j
j
1
0
0
j
2
j
2
j
1
j
1
j
2
j
2
1
j
2
j
+
j
1
+
2
+
h
2
1
i
1
0
j
2
j
0
1
j
0
j
j
0
00
0
j
1
;!
j
0
j
2
1
00
;!
1
1
0
j
00
1
j
0
+
2
2
1
2
0
;!
2
2
0
j
j
1
j
;!
1
j
2
j
1
j
j
2
1
2
j
1
21
j j
0
j
1
j
j
2
0
2
00
j
2
0
0
j
1
; j
1
0
j
0
j
j
2
1
+
2
j
2
j
2
j
2
00
1
+
00
;!
0
j
1
+
1
1
1
j
2
j
2
1
; j
2
j
1
j
2
j
1
00
j
2
j
2
j
2
00
62 f g
2
0
0
00
j
2
j
1
\f g
2
j
1
1
0
0
;!
1
0
0
2
1
0
j
2
0
;!
1
j
1
2
1
j
2
j
1
j
0
j
2
+
+
0
1
j
2
0
j
1
2
2
j
1
j
j
2
+
1
j
;!
j
2
;!
1
j
2
j
j
2
1
j
1
j
2
j
2
2
j
j
1
1
j
j
+
1
1
j
1
1
j
;!
2 +1
2
j
j
0
2
0
+
j
j
1
0
0
j
2
j
2 ;1
2
1
2
j
2
j
2
j j
1
j
0
j
2
j
j
j
1
1
1
0
j
2
j
2
j
2
;!
1
j
;!
2
j
j
2
j j
21
2
1
j
1
1
j
1
j
2
+
j
+
0
+
;!
7h ('W:
70
H (Q) n` H(Q) Lh (Act Inter) 43P`@; P c NFni 9 * z 6 5 @;'*
(Inter Amb In) 4 T hread(; n) = 1 a Stable(; n) = True l 4zn P cv ]Rt m ?m H Pm U 9 hTa ( T_Tc 9 #c G
L,@;~ Pm Z+!L-l 4 R H (n in m : P P ] ! m in n : Q
Q ] Pm ) Lh H(P Pm ) m in n c{s'~ % ni 7 R m in n Q Y
{s'~ %l 4" ~ }#ni H (Q) Lh 5 H(Q)
H (Q) n`
L
H(Q) h (Inter Amb Co-in) 4zn P in m P : R H (n in m : P P m P ] ]
! m in n : Q Q ] Pm ) Lh : Bn m (Act Proc) @; h V 1! {s'
~ %L R m in n c{s'~ % " ~ }#ni H (n in m : P P
m P ] mQ Q ] ] ! m in n : Q Q ] ) Lh %L H(Q)
H (n in m : P
L
P m P ] mQ Q ] ] ! m in n : Q Q ] ) l 4 H(Q) h (Inter Amb Out 1)(Inter Amb Out 2)(Inter Amb Co-open) Ut@;` h=Thread(; n) = 1 a Stable(; n) = True ]k T hreads(; m) = 1 c N F h n
'*
] ~ qnc 3P ni -L'* 0
+
0
0
j
2
0
+
j
1
j
2
j
1
]
0
+
;!
j
]
0
+
0
1
j
j
2
0
2
x6.5
j
3
j
0
1
3
j
1
1
0
j
2
j
j
0
]
j
2
j
0
2
0
j
3
+
0
0
;!
2
1
j
j
2
+
2
1
j
;!
1
0
j
0
2
j
1
j
+
2
{J n 3 = <=bu
B * b ~Kh % {Gc T s~ o Tn3 djo " L RtO m&caS %
o"n3djRtEfIuc )] 2z)&7 ROAM cph&%k!aS% dj7
`T L L ~ U h % {Gdj ROAM Ef h E fcaS %
+)
o"L96cOm& E_v ROAM q?+ MA c5SZOmy@q+N c
II( U E _" ~B Lch % {G b O m y @. 6 ?hc o"LcO ms = be {dk`
x6.5.1
n be m : P = m out n : in n : open n]
4
j
out
m : in m : open : P
gD? nn be m : P Q] #{JK ; R4
j
(1).
(2).
(3).
(4).
T ype(; P) = Tp Threads(; P ) = 1 "
T hreads(; Q) = 0 "
T ype(; n) = y Tp ] "
T ype(; m) = y tTp 1
1
7~KJK ; `h`Id ; nn be m : P Q] :
chZ'*
`
j
; n in m m in n . nn be m : P Q]
f
]
]
g
j
m out n
_
'
0
]
k ~ ~ Q =
6 ) B ` e
mP Q] :
j
_
0
(6.1)
6.5
x
('W:`a/4
71
( (6.1) cdjn) O KQ &(`$
m n
>d n m cQp%( Q = "~h%{G (ST Out) ni
out
6
]
)
; . nm out n : in n : open n]
'
j
m : in m : open : P Q]
out
j
m in n : open n] n in m : open : P Q] :
j
j
_
(6.2)
0
5 n m cQp%" ~{G (ST In) n`
; n in m m in n
f
]
]
g
. m in n : open n] n in m : open : P Q]
j
'
j
m open n n open : P Q] ] :
j
j
_
(6.3)
0
_"~ (ST Open 1) n`
; . m open n n open : P Q] ]
j
j
'
mP Q] :
j
_
(6.4)
0
0-~Kh% -Lni( (6.1) '*
( (6.1) Xjkh>7' 5c SZ nh >7 a~cn?m m cRt n (10 n ?m
cRt m [email protected] c?3hc nOm 7qR4~K c~`> hX
h !u hS/ c &- >k 16] L< P+!u i~! Oc O m s = k ` ec O m- s
n(m)(n be m : P) Q]
(6.5)
j
4z? P i^Omy@c-Rtm m 7U@;`~K ~`> hnhn
;@ m in n n in m cn.Tn]J *
m n
T3~K SA .BcOmy@aScLL. Q = l47 SA .Bm out n : ]
+NRt n c ; @ out n n n & %h 3 ROAM .B c out m 7 ROAM .B c
m n
O m s = G+ Q = n ` ech % B'* VV U#{ m fn(Q) a
: ; R4~K P Q ( n c
]
]
out
6
out
6
]
)
]
)
62
; . n(m : y tTp )(n be m : P ) Q]
1
j
'
(m : y tTp )mP Q] :
1
j
_
0
(6.6)
>k 16] b c SA .B c6 'T O m y @ 4 U h 4 a a v ]Rt m n be m : P = (h)(h out n : in h : out h m in m : open n] ]
out n : in h : in m : open n : out h : P)
+
4
j
j
>k 16] v k R4 n m 4 Q p : n 62 fn(Q) B ; . (n)nn be m : P Q]
+
j
'
(n)mP Q]
j
(6.7)
7h ('W:
72
_m~K-L) On ]7 ROAM `$Lc h% : SA T]05c n n
4 &Om:z7 P h7 ROAM n ]) OJ * ROAM ; @ u Qc n .Tn ] $` Q
cRthX JK h @4;@ out h c$~T ROAM c be y@n{dk`
+
n be m : P = (h : y )(h out n : in n : out m m in n : open n] ]
out h : in h : in m : open : out h : P)
4
+
1
j
j
? nn be m : P j Q] z N5 A - 6c P ( Q $`! p Q 3]4 1 ( 0 Bh ` `
$ J K ; R4 ; ` nn be m : P j Q] : _ : Threads(; n) = T hreads(; m) = 1 r~ h
%{Gn]r| `$ ]` -L +
+
(ST Out)
0
; . n(h : y )(h out n : in n : out m m in n : open n] ]
out h : in h : in m : open : out h : P ) Q]
(h : y )(h in n : out m m in n : open n] ] n in h : in m : open : out h : P Q] )
; . (h : y )(h in n : out m m in n : open n] ] n in h : in m : open : out h : P Q] )
(h : y )(h out m m in n : open n] n in m : open : out h : P Q] ] )
; . (h : y )(h out m m in n : open n] n in m : open : out h : P Q] ] )
(h : y )(h out m m open n n open : out h : P Q] ] ])
; . (h : y )(h out m m open n n open : out h : P Q] ] ])
(h : y )(h out m m out h : P Q] ])
; . (h : y )(h out m m out h : P Q] ])
(h : y )(h ] ) mP Q]
; . (h : y )(h ] ) mP Q]
mP Q]
1
j
j
(ST Aux In)
(ST Aux In)
(ST Open 1)
(ST Out)
(Coll Garb)
j
1
'
1
1
'
1
1
'
1
1
'
1
1
'
1
'
j
j
j
j
j
j
j
j
j
j
j
j
j
j
j
j
j
j
j
j
j
j
j
j
j
j
j
_mG n.c@; ` echZ'*
nn be m : P]
+
'
mP]
(6.8)
!djn]$~ { 6.21 rscGn .ch %{G`$ n] fU3 T]05c
O m y @ n m ( P ` G a ,n . ~Kh%Zn] Xj ROAM c be s=Y0EEc Om nh+ ROAM
?7I;@ uQn .6! O% c W
+
x6.5.2
=@Bj>
)] 2z)c& 0 I ~Xj+ RtE f7gK Y;t f ! O %& ec0)~ %
~Rt w K ZT])] 2 !m+ h4'n qi ~Rt m K ZT] 7 )] 2 'n c@NK
agent m c? Q S/ n] ?m w ; n 2 !7 >k 5] )] 2z) g 3U L c > d)] 2 Rt w ? T] b-Rt k ! 6, ?m w q L. c in w V 6K
m Fbb- Rt k `$ in w a ?m w 9 6 m 7 w ? Fb ) '? Q c7
5]
6.5
x
('W:`a/4
73
/7 Lg N FK Rt m m ( b- Rt k # 3 9 bc ]` 3 MA .B)] 2z) g
cuh
k ~ ) y Q c & S 1 g c? !
5 , 20]
AGMA
0
= m open k : k Q] ]
4
0
FWMA = (w)(wk out w : in m : in w]
4
j
open
m : open k : P] )
0
>k 20] b + ` eh %Z cdj (m k k )(FWMA AGMA ) (w)(wQ P] )
0
j
'
(6.9)
j
UNF w fn(Q) : (fn(Q) fn(P) m k k = 7>k 16] y^3P+~Kga v+! h4 k7~Kh %Z m ( k
cm+&O3L.c :B m a k n7g?!? ot &Fba T?]c Rt ?m
Y m fn(Q) = k Q] nX7 m ?m)]2j. 2 m >k 16] Y~K>7
cBLb+ SA .Bc)]2z) g ck ` h&%
62
f
g \
AGSA
0
\f
g
0
= m in m : open k : (x)x : open m : Q]
4
FWSA = (w)(w out w : in w : open m : P k out w : in m : open k :
4
j
hin
w ]])
i
L.B MA .B c N ; ] 7 (i) Q c !4h 5 +NT]5' c k Rt ? ! x. " (ii)
in w 3*R7)',rc7b { w 62 fn(Q) ( m 62 fn(P ) c`>k 16]
b +k ` &?h Z
0
(m)(AGSA FWSA ) (m w)(wP Q] )
(w)(wP Q] )
in m in m . AGSA F WSA
j
f
g
'
j
j
'
j
(6.10)
(6.11)
n k m h4' 5qi a T ' 57a , @; `h6, in m ( in m B~K SA .B)]
2z)gcaS% Tn ]9 d SA .B MA .BcNN ?7J* + b-Rtm k c
&On.Rt m m c&OQ+T { c(r
` e b ~G ROAM h)] 2 g c T & U &n ] 9 T { ~f
ROAM 7 ! O %& ecE5 >dr-_ MA ( SA r~cb-Rt?mK Rtc 0NoT] ROAM .Bc)]
2z)hk`
AG
FW
0
= (w)(w out k : in m : open m : open k : P k out w : in m : open : in w : open ] ] )
4
1
*
= m in k : open k : k open : Q] ]
4
1
0
j
4b{ w fn(Q) "~{ 6.21 Gch %{Gni`ech%Z'
62
(k)(AG F W ) (w k)wP Q]
1
dj+ak `
j
1
'
j
(6.12)
7h ('W:
74
(k)(AG FW )
= (k)(m in k : open k : k open : Q] ]
(w)(w out k : in m : open m : open k : P
k out w : in m : open : in w : open ] ] ))
(UT Out)
(w k)(m in k : open k : k open : Q] ] k in m : open : in w : open ]
w in m : open m : open k : P] )
(UT Res In 2)
(w k)(m open k : k open : Q] k open : in w : open ] ]
w in m : open m : open k : P] )
(UT Amb Open 1) (w k)(mk open : Q] in w : open ] w in m : open m : open k : P] )
(UT Res In 1)
(w k)(w open m : open k : P mk open : Q] open ] ] )
(UT Amb Open 1) (w k)(w open k : P k open : Q] ] )
(UT Amb Open 1) (w k)(wP Q] )
1
j
1
0
0
j
j
0
'
j
0
j
0
'
j
0
j
0
'
j
0
'
0
'
'
j
0
j
0
j
j
0
j
$j SA chU k ?!+&OJ *+ m c&O SA m q@c&Oa
T in m ;@cn.IIv}K7)]2'nc ad0*@;`Kn ]@4 9)] 2
? ~ rh7R co +k K? !+~K n. T h n$`K9 'n J W7
R9 * &$7 'n , c7R c@ ~zWKW $ )] 2; Q TYxIc ad + 7 ROAM
c h Y m c&O m 7?m )] 2j. L n ] !uRt ? !T t f (7
R =E & SA .B m c n . Ni4- ( ~ b- k c&O Q 3 - c 7 )] 2 g c h Rt k c 3T @ ~ T3KJm )] 2 !&O9 d+b-z 4 K
()]2qi SA 5xcq<*]Kr~T]b-T X!3+*7 m $~cn.j
~c
#+ - Q MA ( SA c h']`L o +& i4 ,c h& (U&h $j
] . h& (c f F h 3" ~ _ (k)w in k : ] c s =K (w)w in m : ] s = ROAM ; @c u Qx. & U L)] 2 Rt m w c9 b %n . R nJ *% ?m )]
2c)O+*7b- k c,c~
> d 70c T N c$ ~5' c Rt k c &%7. T h $ ~ k ?m m c &%
U&$~+5' cRt k 9d Q cl@hXSZ in w cas!`er~X m ?
m k c&%i~Q
0
0
AG
= m in k : open : Q]
4
2
FW
= w out k : in k : open k : open m : P k out w : in m : in w : open ] ]
4
2
j
4L
(k)(AG FW ) (k)wP Q]
2
j
6'Ti4 n c&%$ ~ +O ms =
AG
= m m be k : in w : Q]
4
3
FW
3
+
= w in k : P ]
4
2
'
be+
j
(6.13)
6.5
x
('W:`a/4
75
Oms=9 d+ m m be k : in w : Q] k in w : Q] l4`i
+
'
(k)(AG F W ) (k)wP Q]
3
j
3
'
j
(6.14)
VV J * + )] 2 Rt m w c&O { $ ~ P ( Q c;h #N q n . )
y!c in ;@!u8I@Nc Rt Jm )] 2;
R' d Y
B L0 - . >ED Z( ?h % {c < P b + ~ {?hcq S {
G 6 G ~ `>n .cQ p {G ~ `>n .cQ p{G {s'{G ]k @ 4-L
c G h % {G " ~ U {Gn ]0 Qm{?ch %ZB L9 6~ U h
% {Gn mdj+ O m& ()] 2z)&7 rs ` caS%( lf ++h %{
Gcs~tU &c ROAM h`E MA ( SA .Bch/~+ n .Q? TlX
jE~;@c uQ n. 6 ROAM 7!O%x.& ec0)%
76
7h ('W:
}L& u9 w??
9RtEf j($ ]6 SA c<PZBT n# @4T] N cG Cardelli
( Gordon 7>7 nm RtE fU T ( D r T b +Y B m 9 "c0 MA E f
! 3 e cr7 Qb +J B m 9 "c&I MA kl E fc T]hT3Y b y @ T } % cdj Levi ( Sangiorgi " ~ SA Y5 S Zc~ %b +J B m 9"
c&I SA * kl E fc h " ~>k 16] c?h % {Gdj+ Lh cy
@ T } %7 ROAM <Pc. Q H b +J B m 9 "c ROAM E f * kl E
fcT]h
~K<P Efch#G 'm$~ +B m9" Zimmer >7b+adj
+h JBm9"c0 SA l Efch&%$]_ RtEfcZ B+ i?
Tl cb! u9 7 c~s3 ~Rt c Y;( FbU Ql c"& y @r7 E f ( ! T
W >7cOU Oy @4 4 Zimmer > d t + T YOU Oy @c c E f T
## esc E f ab + esc E f ( E fc r=h&] 4 4c $ Zimmer b + ~ 0
SA esc E fc h9 6 Zimmer b + ~ 0 SA n' h E fc &%a dj+ L&% c
y @ T } %
t`v>k 18] h&%cdj E $F 4 !n'" l 7 Efch
L V n mEDBn K Z ^c *p 0Y;RtL V N FbK Z 9 ?c Y;
RtjV Levi ( Sangiorgi \ Ib +{ SA ?hc{G T3 >k 16] c Z @ 8n m_ B> c EDe . ?c h GS{ d!h % {G G $ ~ 7
Zimmer h&% cdj B L N< P0 ROAM E f E fc hB L r~ +_ Zimmer c & 0
ROAM E f esc E fc h ) '9 6 E fc hB L> d 70+ E f ( esc E f
c & d(T B c{ dab >k 18] & E f Z B r c-Lj
6B L b +0 ROAM E f h esc c T]&%a "~ h % {G b + h y @ T
}%cdj96B Lb +0 ROAM Efch
5]
16]
58]
18]
16]
18]
x7.1
x7.1.1
f
v:
.
B>r~ Y 5 A (choice) s =c l E f `> k G ~BXj E f T 2`~v LE
4 + h c +NE _ ^~ M Z + G 34 ^m Name ( ^ T ) Var &^m3v&Oy @sc ^ ~ m n h+wZ+"^ T)~v ?Ems =&O
c^~ x y h+wZ+]`3 Efc{ d
>
>
>
>
>
>
>
>
>
>
P ::= 0 >
> M M :P >
> !P >
> (n)P
>P Q>
> M(x) : P >
j
>
h
0
i
>
M : : = n Name >
> x Var
2
2
77
Ah YJ=^
78
7 (n)P ^m n 4&Om"7 M(x) : P T) x 4&OT)&Om (&OT )
n ~ O ? !O m O m- nf@"?h #&Om 'c!u ^m)m "#&
O T) ' c!u T )) T ) ? P c)m ( ) T ) h-3]~ fn(P) ( fv(P ) Z
+
*
E fc & d - s Z( & B6' - s Zb + ?ch T
!Bk `
( Struct Re)
P P
( Struct Symm)
Q P= P Q
( Struct Trans)
P Q Q R = P R
x7.1.2
)
( Struct Res)
( Struct Par)
( Struct Repl)
( Struct Output)
( Struct Input)
)
P
Q = (n)P
P
Q= P R Q R
P
Q = !P
P
Q = M M :P
P
Q = M(x) : P M(x) : Q
)
)
j
)
)
!Q
0
h
j
i
)
( Struct Par Zero)
( Struct Par Comm)
( Struct Par Assoc)
P 0 P
( Struct Res Zero)
( Struct Res Res)
( Struct Res Par)
(n)0 0
( Struct Repl Par)
( Struct Repl Zero)
!P
j
(n)Q
M M :Q
h
0
i
P Q Q P
j
j
(P Q) R P (Q R)
j
j
j
j
(n)(m)P
(m)(n)P
n fn(P ) = (n)(P Q) P (n)Q
62
)
j
j
P !P
j
!0 0
E f?c & ~=$, -Z + E fc & Bk `!9 N c B3 (
Red Comm) s= Q M=x Z + Q qc) T) x O4 M ( Red Comm)
n m : P n(x) : Q P Q m=x
P P
( Red Par)
P Q P Q
P P
( Red Res)
(n)P (n)P
;!
f
g
h
i
j
;!
j
;!
;!
;!
;!
0
0
j
0
0
j
f
g
esc YJ
7.2
x
79
P
( Red Struct)
x7.2
esc
P P
P
0
0
P 00
000
;! P
;!
P
00
P
000
v:
B * N 70 T] E fhc esc E f esc E fv$ ~f ( O( ^c E f
T -calculus with explicit substitution and channel esc E f E f Z B r
T h $ ~ OU T ) Ol 4 i~ 6 - $ ~ Y B m 9 "c0 RtE f? ! r7 E _
r~ c ~ J Q 3 dh esc E f V 6 5 b E fcn' h
18]
18]
x7.2.1
0<@+
770 esc Efj.>dn m esc EfX~$c T] NO ##NO
7.1 18] 0<@+ ??FO(]pe5 : Var Var Name -"*
(1). \xm im() Name dom() "
(2). d0` x dom() Vqv@ k 97 xk Name / K[O7Z~ !
2
2
0~NOn ]! + 4T]N6'cz0-se*sH Name h-!u*s
6' dom() H Var h- a a0e *s 2n C q7cNP$! s c e *s ~ Z + T] wcN Ok x dom() : M Name dom() ~ M=x Z + M=x E ~ $ 6 'c cN O{ d N O cJ)m 5 Q 4 fn() =
im() Name 6 ' P Z +N On'@ ~ 7?~ - 4 ?q) T ) x
62
f
2
f
g ]
4
g
\
O4 x x7.2.2
.
esc E f7 ~3 E fc T] &I N 7 E f c c $~E ~ + f ( ^ s =
, n : S] -f( T ) s =, (x : M) -(rs c B s = ! { d k ` 18 ]
>
>
>
>
>
>
>
>
>
>
>
>
>
>
P ::= 0 >
>P Q>
> !P >
> M M :P >
> M(x) : P >
> (n)P >
> n : S] >
> (x : M)P
j
>
h
0
i
>
M ::= n Name >
> x Var
2
>
>
S ::= >
>S S
j
0
2
>
>
>
>
>
> hM i : P >
>
(x) : P
f ( ^ s =, n : S] -Z + T] m+ 4 n c ^ ^c;h S 4T 67 L ^~s
! EmE y @c? ~ (x) : P Z +Em? hM i : P Z +E? S cc Q nf@
3as!Z
f ( T ) s =, (x : M)P - x 6= M Z + T] c f ( T ) !t 4 M @ ~#24
P ? P x 4 &O T ) 7 & ?O4 M 80
x7.2.3
Ah YJ=^
W!C/$U
esc ?c- s Z 7 9 8 E f- s Z c c $~ E ~]` ;h (esc Struct Re)
S S
(esc Struct Symm)
(esc Struct Trans)
S S = S
(esc Struct Channel)
(esc Struct Var)
(esc Struct Abs)
(esc Struct Out Abs)
(esc Struct In Abs)
S S = n : S] n : S ]
0
)
S SS
0
0
P
S
0
0
0
S
S = S S
00
)
)
0
Q = (x : M)P
)
S = S S
00
)
j
0
Q = M M :P
P
Q = (x) : P
0
i
)
(x : M)Q
j
h
S S
P
)
00
00
M M :Q
h
0
i
(x) : Q
(esc Struct Abs Zero)
(esc Struct Abs Comm)
(esc Struct Abs Assoc)
S S
(esc Struct Var Par)
(esc Struct Res Var)
(esc Struct Var Var)
x fv(P) = (x : M)(P Q) P (x : M)Q
x7.2.4
j
S S
j
0
S S
0
(S S ) S
j
0
j
j
00
62
S (S S )
0
j
j
00
)
j
(n)(x : M)P
j
(x : M)(n)P
x = y x = M y = M = (x : M)(y : M )P
6
0
6
6
0
)
(y : M )(x : M)P
0
*(!
esc E f & Bc T* ( 4, : P esc Q -U 3 T] N O@ 4 ? &
cJKu6,+?q)T ) s ct 4+`$ P q)T)ct `ec &
B #L. R4 fv(P ) dom() esc Efc & Bk `
x = M
(esc Red Subst Out)
: x M : P esc M M : P
x = M
(esc Red Subst In)
: x(y) : P esc M(y) : P
(esc Red Output)
: n : S] n M : P esc n : S M : P]
(esc Red Input)
: n : S] n(x) : P esc n : S (x) : P ]
x=M
(esc Red Comm)
: n : S M : P (x) : Q] esc n : S] P (x : M)Q
x dom() M=x : P esc P
(esc Red Var)
: (x : M)P esc (x : M)P
;!
h
0
i
;!
h
0
i
;!
j
h
i
;!
j
j h
;!
i
j
6
j h
62
i
f
j
;!
g]
;!
j
0
;!
0
j
7.2
x
esc YJ
81
P esc P
P Q esc P Q
P esc P
(n)P esc (n)P
P P P
esc P P
P esc P
(esc Red Par)
0
;!
j
(esc Red Res)
0
;!
j
0
;!
0
;!
(esc Red Struct)
0
0
;!
;!
00
00
P
000
000
7~ec&B (esc Red Subst Out) ( (esc Red Subst In) ~?cT)
O4J Kct (esc Red Output) ( (esc Red Input) $`" > ? !9 c??m r
s c ^ (esc Red Comm) ~ ) ' ^;Em ( E?c 99 $`Em?c
X 8 n3?T] cK Z + T ) O c f ( T ) s =q&O U L7 esc f ( ^ s =
" E fc T 7 9; @ B34& ]l (>d " >7 ^~EmaE c?P$a
?m rs c f ( ^ V 6 7 f ( ^ EmE?r X a) ' 95 f ( T )s
= "c 9 Y}cOU O? D4T]f (T ) s =X 8?cU ]T )\7 ? $~
O`$Y ct (esc Red Var) Z+?cf+Oy @n ?/ mJ K 96
3t Ef_c- Y B 6.Zg
) O # Q esc E f s 'c? X hT G! c s = k? n m : p : S] c f (
^ p L. h$E y @ ) ' q `m$ ~"? n : S] n : S ] n m : P n(x) : Q 7 & n$EmE??m h cf ( ^ %G9l 4 >k 18] { d + ]`T A
?c-%
w$ P n Z + P 6, | T] m 4 n c) f ( ^ w$ P n Z + P 6, |
&]m4 n c)f(^
x7.2.5
h
j
0
j
h
i
i
j
+1
+2
7.2 P i n, i = 1 2 +
in m=n
(esc Pres Res) P (m)P
in
Q
n
(esc Pres ParR) P Q i n
P in
P Q in
(esc Pres Par 2) P P nQ Q n n
i
(esc Pres Repl) !PP i nn
(esc Pres Repl 2) !PP nn
i
P in
(esc Pres Output) M MP :iPn n (esc Pres Input) M(x)
:P i n
i
(esc Pres Channel 1) n : S] n (esc Pres Channel 2) n S: S] n n
in
(esc Pres Var) (x :PM)P
(esc Pres Channel) n S: S]i m m
i
in
(esc Pres AbsL) S SS n n
(esc Pres AbsR) S S S n n
(esc Pres Abs 2) S S nS S n n (esc Pres Out Abs) MP : Pi n n
i
+
(esc Pres ParL)
6
+
j
+
+1
+
j
+
+
+1
j
+
+2
+1
+
+2
+
0
h
+
i
+
+
+1
+1
+2
+
+
+
+
0
+1
j
0
+1
+1
j
0
0
j
0
+2
+1
+1
+
+1
h
i
+
Ah YJ=^
82
(esc Pres In Abs)
P in
(x) : P i n
+
+
6'{d pr(P ) = n n Name P n fV pr(P ) fn(P) 74 c $~ ~ { P : OK Z + P c f ( ^ h h 7.! s= (F. s =; n :7
m+&Os=;|*z hT]L&Omsc f( ^s= { P : OK c-YBk`
4
f
j
2
^
+1
g
`
`
(esc OK Res)
`
P : OK P n
(n)P : OK
6+2
`
(esc OK Zero)
`
(esc OK Par)
`
0 : OK
P : OK
Q : OK
P Q : OK
P : OK n Name P
! P : OK
P : OK n Name P
M M : P : OK
P : OK n Name P
M(x) : P : OK
S : OK
n : S] : OK
P : OK
(x : M)P : OK
`
`
(esc OK Repl)
`
j
8
2
6+1
n
2
6+1
n
6+1
n
2
6+1
n
2
6+1
n
`
(esc OK Output)
`
8
`
(esc OK Input)
`
0
h
8
i
2
`
(esc OK Channel)
`
`
(esc OK Var)
`
`
(esc OK Eps)
`
(esc OK Abs)
`
: OK
S : OK
S : OK
S S : OK
P : OK n Name P
M : P : OK
P : OK n Name P
(x) : P : OK
`
(esc OK Out Abs)
`
0
j
8
` h
(esc OK In Abs)
`
0
`
i
8
`
96T]- ?~ P : V alid Z+c{dk `
P : OK n Name P n
(esc Valid)
P : V alid
`
`
8
2
6+2
`
{ ` P : V alid >k 18] b +k ` c-L r 7.3 (M 18]) 1w : P
x7.2.6
BuTN
esc Q
;!
- P : V alid '# Q : V alid `
`
- ? n {+? f ( ^ h c ~ (] Q T3 4 +$?n ] W" & L+
9 d76Vcm &L. oLN cf ( ^ s =$`?n ] " ~L ^? !9 ^ K6y
@l4%> dy @ cl(P) ~4? P qc&Oms =E ~LN cf ( ^
cl((n)P) = (n)(n : ] cl(P )) k P
4
j
6+1
n
esc YJ=^
7.3
x
83
k P
(n)cl(P)
+1
n
#4j'^K6y @ cl(P) !us=h >@~
74c$~y@ cl (P ) ~7 cl(P ) cc$~g]q P 8 oc)m]k q
^mqscf ( ^UL P &q+cf( ^TO ng%+
cl (P) = n : ]
4
j j
1
U n f
x7.2.7
1
nk : ] cl(P)
j
nk = (fn(P) fn() pr(P )) g
n
t83 esc t8v$U
B * b >k 18] djc E f ( esc E fc Z
? P h ' esc ?c y @T3 cl (P ) U ( P f@3 T] esc ? " esc
?h' ?cy@ fP ]g {d4f(^c;h "L' ^cEmE;@ af(
T ) h 'I T ) O6 c? ] ~ hy @ ` ec{'* r 7.4 (M 18])
(1). 1w : P esc Q '# P] Q] .t P] Q] "
(2). 1w P]
Q cl (P ) P P : V alid - fv(P ) = '#Vq esc R P
"* : P esc P - P ] Q ;!
f
g ;!
;!
f
0
f
g f
0
g
f
g ;!
f
g
`
0
g esc EffVE Efi~F4\]& ;@ i~cBT~K{Xj+ ~ Ef
n]h esc EfUT0 l4n] b 4 Ef( esc EfYr cZ B x7.3
esc
v:xX]
B * b + esc E f h4 ROAM c T &%a " ~\ c ROAM ?h % {G b h&%y @ T } % cdj -g
7`echJm+ enter c r r r w w Name Var >dE_{d k`c
T ) server a : P = ! enter in a : open : P]
request n
= in n : in enter : open enter
request x
= in x : in enter : out x : open enter
fwd M
= server r : request M server w : request M
allowIO
= ! in r ! out r ! in w ! out w
x7.3.1
1
2
1
62
1
4
4
4
4
4
j
j
j
j
'}f 8f request ;%[ w T5 = _o b= _ V * %/ 9Yjs+%W2 ( kW j1A$%U (S
- fwd f}f%<&bb@f2jk ;pH&Z D%M/9&;W ]MJ -%NP5 A8iF%gbj :_ &
1
Ah YJ=^
84
U )N~ )' client/server r(cBF;h("W - k xserver agent : P ] agentrequest x Q]
j
j
;!
+
xserver agent : P] agentP Q]
j
(7.1)
j
7( esc c/?()?3]!h4 rrequest M ] ( wrequest M ] ! M 4EmEy@q7cxX^f(T)s= (x : M ) !h-4 xfwd M
allowIO] Bk/? a) ?cx X^ 4T ) x B` ec &n$x X ^ T
4f + T ) x ct M j j 0
xfwd M allowIO] rrequest x
xfwd M allowIO] wrequest x
j
]
]
j
j
j
j j ;!
+
+
;!
0
xfwd M allowIO] rrequest M
xfwd M allowIO] wrequest M
j
j
j
j
j
] (7.2)
] (7.3)
j j f ( ^ s = n : S] E _! h4T] m 4 n c ?KRt!;h 34| {c ?K
n3 server r : Pr j server w : Pw j allowIO ( :>ct ?n3 S c h - U L V '
n c /) ?BF ^ n c ?K nserver r : Pr server w : Pw allowIO
j
+
;!
j
nserver r : Pr server w : Pw allowIO
j
j
nserver r : Pr server w : Pw allowIO
j
+
;!
j
nserver r : Pr server w : Pw allowIO
j
j
] rrequest n
j j
rPr
j j
]]
(7.4)
j ] wrequest n
j j
j j
]
j wPw
]
j ]]
(7.5)
j 3a7 request c{dVu Q4T)6,2 ?K* Rt c;@ %uQ 4 ^m
Bh6,2 ;@ 7 ` ec h KQ f ( ^c Pr ( Pw { 4 X Rt rPr ] ( wPw ] ? !
= r7 / ? () ?7 ^;c 9a 7 = c > &-rsc h K
QULT)'+~ ROAM r7 esc Efy@dcxc ` e E _" ~] ~ )b a , esc ? P 7 b {cvN O ` cY h&%
P c P S n ( j hh
ii
hh
ii
0
hh
!P
=
4
ii
h
4
i
M(x) : P
ii
ii
= (n : ! ) P
ii
0
hh
ii
_
ii
hh
ii
= wrequest M c out r : open : P ]
4
j
j
hh
ii
Q
ii j hh
! P
4
M M :P
hh
P
hh
=
ii
(n)P
hh
hh
4
P Q
j
ii
= 0
hh ii
hh
hh
j hh
ii
w in r : open : (fwd M allowIO)] ]
1
0
1
j
= rrequest M (x : ! )(c out r : open : P ] r in w : in x : open]
4
j
j
_
hh
ii j
1
x in r : out r : open r : open w r out x : open] ] )]
1
2
1
1
j
2
1
7.3
x
esc YJ=^
85
j
n : S]
hh
c
open
open
j
c
j
open
r
= nallowIO server w : in r : open
4
ii
j
j
j
server r : in w : out n : out c : open w : out c : open r : open S n ]
j hh
2
(open c
j
c
open
j
open
ii
r)k
(U k 4 S / ?c ] Q)
hh
(x : M)P
ii
n
S S n
M :P n
hh ii
hh
0
j
hhh
ii
i
ii
= (x : ! )(xfwd M allowIO] P )
4
(x) : P n
4
=
S n S n
= w in r : open c out r : open : P ]
4
hh
1
1
ii
hh
ii
w in r : open : (fwd M allowIO)] ]
1
0
1
j
4
2
=
]]
(x : ! )(c out r : open : P ] r in w : in x : open]
hh
_
ii j
1
1
x in r : out r : open r : open w r out x : open] ] )]
1
4
ii
M =x
0
j hh
j
j
hh
ii
4
j
P
ii
= r in w : out n : out c : open w : out c : open r : open
ii
hh
j hh
= 0
j
hh
j
_
hh
P
ii j hh
Mk =xk
2
1
j
1
ii
= x fwd M allowIO]
4
ii
2
1
1
j
j j
xk fwd Mk allowIO]
j
oh\I
~K h&% >k 18] c h&% c9I h3 Y;?cQ p %#+ ^Rt(
T ) Rt ! 0Y;%!c? 4*p '!u Rtk ? # YQ p ~ %UT$`
h - aS % cdjn ]) O" ~. > c?h{G ) ' 4 +" ~c Q p ch % {G E _ b h c T] Q p &%7 x7.3.2
;SY S = enter : y y ] ] r : y 4
1
w :y 1
_
1
0
_
0
1
_
0
] r : y 1
1
] w : y ! ] c : y ]
1
1
1
_
_
_
0
] r : y ]
2
1
_
0
0
7 Env()
Env(P )
Env( P )
=
=
=
4
4
4
x : ! x dom()
M : ! M fn(P) fv(P)
Env() Env(P)
f
_
f
j
_
2
j
g
2
g
4`ecp9d+ h - c 7 ;SY S qbcQp&%` 3-c 4> 7.5
d0` esc R P y??FO 1w P : V alid cl (P) P - fv(P)
dom() s Env( P ) ;SY S
`
P :
` hh
ii
!
_
86
Ah YJ=^
* P cs'?!} eX P c{d"~ B T% I` d
hh
x7.3.3
ii
Zg^:] XvyH l
h aS % cdj& ,d> dh - n ] r7"?cq & ; @n
: P ;!esc Q =) hh P ii ;! R : R ( hh Qii h "!7 h - ca , & ; @ L.
s v"?c & ; @n hh P ii ;! R =) : P ;! Q : R ( hh Qii h 7U , R ( hh Qii h -ch %+N +*7vh % {c c $~ c cQ~ `>
h%jV3T ~ c&%T3 esc ?chkr~ Uh %{@4c$ BNFhc-qc)m( )T )6 dom() cT)#L. &O&:B"
esc ?c-%( T)cO tcaS %TG`$9 dk#h- P
>7Rt n ~KZT] esc cf(^ esc ?c-%h -B6h n>
7&]m4 n cRtT3V (? P /$aac~`> ~ `> Tn>76T]m n
c RtU L " ^c 3T% T ? ) I &n> a{h $c- ?ch%G `
$h
~K BT 0] & 379+c h - 'n~ ~q) ^m ( ) T )c&
O s = 9 d ' 5 hX >7j mcRtTU LT h - L+!6 -%7djT
hR $ ~ } + c ~K" l7 `>h - aS % cdj { d + T] ?~Bch %
Z?7 hJ K ` ch %>dE _{ dT ? u_ L. 3v ]h - c6' n3
7.6 :]>Zg ROAM R P PL]pfb~>@R 1wVqX4
QN H ??FO y esc R R "* R
H(P) -L PTC P hh
ii ;!
`
hJ K&? P &I J K ;SY S $! 6, P K Z ^c) Rt m B74
&IcJ K` P Y-c4 4{d Y P q>c&I J Kk`
Env (P ) = fn : _ ! j n 2 fn(P )nfenter r r r w w cgg
4
1
2
1
r 7.7 1w PTC P '# Env (P) ;SY S P : T `
`
* PTC P c{dni>7 H ( R R4 R
H(P) J ; = Env( R) !
p 7.5 ni ; ;SY S R : 5 R
H(P) " ~ { 3.9 n` ; ;SY S
!
H(P ) : l 4 L ; ;SY S P : T f V Env (P) ; : fn(P) dom(Env (P) ;SY S ) l 4$ ~ ; ;SY S P : T ) O r c- Y l ( n n`$ Env (P) ;SY S P : T `
hh
` hh
_
ii
_
hh
ii ;!
`
ii ;!
`
`
`
c hJ K&?c{ dE _ n {h % $ ~ c~ `>{ d ?7 hJ
K`ch% k`
7.8 ROAM Rq fb~>Q\] PTC . P Q
H y;T% n 1w PTC H(P) '# H(P) n
H(Q) n '
`
+
()
+
~Kh%f V6,7.> { dcYn{ch Z ()
PTC P J-d0`
`
7.3
x
esc YJ=^
4> 7.9 1w PTC P - Env(P ) ;SY S . P Q : T '# PTC . P Q * a a H (Rt m n R4 PTC H(P ) n 7.7 ni Env (H(P)) ;SY S
`
'
87
'
`
`
H(P ) : T % Env (P ) Env (H(P)) ni H 4 (Env (P ) ;SY S =T) Q~ `>" ~
Env(P ) ;SY S . P Q : T ni H(P) n
H(Q) n l 4 PTC . P Q 0
'
+
()
+
'
~KpXjo)Lch% {GL6 ~ hJK`ch %
x7.3.4
\Iv)1l* &R F )( 0 /{ d k ` )
wHead
wTail(M P)
rHead
rTail(x P )
=
=
=
=
r : open
c out r : open : P ] w in r : open : (fwd M allowIO)]
in w : out n : out c : open w : out c : open r : open
(x : ! )(c out r : open : P ] r in w : in x : open]
x in r : out r : open r : open w r out x : open] ] )]
allowIO server w : wHead server r : rHead
4
in
4
hh
4
1
j
1
2
4
hh
_
j
Channel
ii j
=
4
1
2
ii j
1
1
1
j
1
j
2
j
` e n ch % - Z j+ h - 7 & hX > a' c- 7U h % - cdjq[k ? 4h- &? PTC ` P UTs0h`h&%`7
djn'@ 4\ i $~
r 7.10
(Enter Input)
(1). PTC . nChannel
nChannel
(2). PTC . nChannel
nChannel
(Enter Output)
(1). PTC . nChannel
nChannel
(2). PTC . nChannel
nChannel
'
'
'
'
j
j
j
j
j
j
j
j
r in enter : open enter rTail(x P )] ]
r open enter enter open : rHead] rTail(x P )] ]
r open enter enter open : rHead] rTail(x P )] ]
rrHead rTail(x P )] ]
j
j
j
j
j
j
w in enter : open enter wTail(M P)] ]
w open enter enter open : wHead] wTail(M P)] ]
w open enter enter open : wHead] wTail(M P)] ]
wwHead wTail(M P)] ]
j
j
j
j
j
j
* ] (Enter Input) 4 (Enter Output) nd
>dg- (2) 7 P = nChannel r open enter enter open : rHead] rTail(x P )] ] PTC P i (ST Open 1) q + cq 6 Env(P ) ;SY S P : T r enter
enter
4 Q p `nR4 : rTail(x P ) =
l 4n'$ ~ (ST Open 1) n` - (1) N 3%+h % {G (Rec In) c6 ~%7 P = nChannel
r in enter : open enter rTail(x P )] ] PTC P iqc 6 Env(P) ;SY S
j
j
`
j
`
open]
6
)
j
j
`
`
Ah YJ=^
88
P : T n 40Y;( r 4 Q p `nR4 h 7 &3 9 d a ab {R4 PTC H(P) c
H ` hX 7 n > S Z enter ?m r c 5' c enter in r ? 7 hJ K `g n n h cz& Rte Xh&% cY Bni a,f (
^ n s c Rt z&( F . s = ` c enter Rt(s EmE y @c Rt r ( w a : r ( w 7 n z3 X enter ?m ( X w ?m r c Y;y @ hX? Fb QhX 7 / c enter Rt] ~ 3P ni a ,f ( ^c F . s = enter in r : open : rHead] 7a
,hJ K&?Y{s'~ %l 4n s~ {G (Rec In) `$-L `
]
r 7.11
(Subst Input)
(1). PTC . xfwd M allowIO r in enter : out x : open enter rTail(y P)] ]
xfwd M allowIO
r out x : open enter enter open : request M] rTail(y P)] ]
(2). PTC . xfwd M allowIO
r out x : open enter enter open : request M] rTail(y P)] ]
xfwd M allowIO] r open enter enter open : request M] rTail(y P)]
(3). PTC . r open enter enter open : request M] rTail(y P)]
wrequest M rTail(y P )]
(Subst Output)
(1). PTC . xfwd M allowIO w in enter : out x : open enter wTail(M P)] ]
xfwd M allowIO
w out x : open enter enter open : request M] wTail(M P )] ]
(2). PTC . xfwd M allowIO
w out x : open enter enter open : request M] wTail(M P )] ]
xfwd M allowIO] w open enter enter open : request M] wTail(M P)]
(3). PTC . w open enter enter open : request M] wTail(M P)]
wrequest M wTail(M P)]
j
'
j
j
j
j
j
j
j
j
j
j
'
j
j
j
j
j
'
j
j
j
'
j
0
j
j
j
j
j
j
j
0
j
j
'
j
j
j
j
j
'
0
0
0
j
0
j
* ] (Subst Input) 4-L (1) (3) cdj_ n 7.10 -L (2) n]$
~ (Rec Co-out) L {Gc s~ N ~s3 ; @ x out r 7a ,hJ K&?{s'~ %
c9d3PRt x ;ns!c;@ni x )6nfcz; @z& in ( out Y open ; @c>7 q ] x 7 & Qh n n ma , cz; @ Qnh n
hc out r : P SZ" ! out r c&l4~Kc{s' n ]?9 d
]
r 7.12
(Communicate)
(1). PTC . nChannel S r out n : out c : open w : out c : open r : open
w open wTail(M P )] rTail(x P )] ]
nChannel S ] r out c : open w : out c : open r : open
w open wTail(M P )] rTail(x P )]
j hh
j
j
'
j
2
1
j hh
j
ii j
j
2
ii j
2
1
j
2
7.3
x
esc YJ=^
89
(2). PTC . r out c : open w : out c : open r : open w open wTail(M P )] rTail(x P )]
(x : ! )(r open w : out c : open r : open w open wTail(M P )]
r in w : in x : open]
x in r : out r : open r : open w r out x : open] ] ]
c open : P ] )
(3). PTC . r open w : out c : open r : open w open wTail(M P )]
r in w : in x : open] x in r : out r : open r : open w r out x : open] ] ]
r out c : open r : open wTail(M P ) r in w : in x : open]
x in r : out r : open r : open w r out x : open] ] ]
(4). PTC . r out c : open r : open wTail(M P ) r in w : in x : open]
x in r : out r : open r : open w r out x : open] ] ]
r open r : open w in r : open : (fwd M allowIO)]
r in w : in x : open] x in r : out r : open r : open w r out x : open] ] ]
c open : P ]
(5). PTC . r open r : open w in r : open : (fwd M allowIO)]
r in w : in x : open] x in r : out r : open r : open w r out x : open] ] ]
r open r : open r in x : open w open : (fwd M allowIO)] ]
x in r : out r : open r : open w r out x : open] ] ]
(6). PTC . r open r : open r in x : open w open : (fwd M allowIO)] ]
x in r : out r : open r : open w r out x : open] ] ]
r open r : open x out r : open r : open w
r open w open : (fwd M allowIO)] ] r out x : open] ] ]
(7). PTC . r open r : open x out r : open r : open w
r open w open : (fwd M allowIO)] ] r out x : open] ] ]
r open r : open r open]
x open r : open w r open w open : (fwd M allowIO)] ] ] ]
(8). PTC . r open r : open r open]
x open r : open w r open w open : (fwd M allowIO)] ] ] ]
r open x open r : open w r open w open : (fwd M allowIO)] ] ] ]
(9). PTC . open r r open x open r : open w r open w open : (fwd M allowIO)] ] ] ]
x open r : open w r open w open : (fwd M allowIO)] ] ]
(10). PTC . x open r : open w r open w open : (fwd M allowIO)] ] ]
x open w w open : (fwd M allowIO)] ]
(11). PTC . x open w w open : (fwd M allowIO)] ]
xfwd M allowIO]
(12). PTC . open c c open : P
P
j
2
'
_
j
1
2
hh
1
1
1
1
2
1
'
1
j
' hh
2
j
2
j
2
1
1
j
2
1
j
2
1
j
2
2
1
j
j
1
j
1
j
j
1
j
1
j
2
1
1
1
j
j
j
1
1
1
j
j
1
1
j
1
1
1
j
1
j
1
j
1
1
j
1
j
1
j
1
j
1
j
1
j
1
j
j
j
2
j
j
j
'
1
1
j
'
j
1
1
1
'
j
j
2
'
j
1
1
1
j
1
1
j
2
j
2
1
1
j
'
1
j
j
1
1
1
2
j
2
2
j
2
1
j
1
j
1
1
j
j
1
2
2
j
1
1
2
1
1
j
2
'
1
1
j
j
1
j
2
j
1
1
2
j
1
j
j
2
1
1
1
1
1 ii
2
'
j
1
j
hh
1
1
1
j
1
2
j
1
j
1
1
2
2
j
j
2
j
1
2
j
j
2
j
2
2 ii
'
j
j
1
2
j
j
j
1
j
j
1
j
2
1
j
j
hh
ii
ii
* dj_ n 7.10 7.11 Q3Pk`
j
Ah YJ=^
90
$~ (Rec Co-out) _n 7.11 c-L (2) "
$~ (ST Out) "
$~ (ST Open 1) "
$~ (ST Out) "
$~ (ST In) fV r hXho"] w a r Rt"
$~ (ST Aux In) ot@;"
$~ (ST Out) "
$~ (ST Open 1) "
$~ (Rec Open) 7hJK open r ;@zn] open r : 0 c&(h79 '
l 4n ] f@3 T ~Bcn] Qc{s'@;: ?Kc ] Q:9 ht ?
c]Q4'hX !u (c open r h"
(10). $ ~ (ST Open 1) "
(11). $ ~ (ST Open 1) "
(12). $ ~ (Rec Open) _@; 9 (1).
(2).
(3).
(4).
(5).
(6).
(7).
(8).
(9).
1
1
7~Kncc $~ `ecp 7.13 7.14 Xj+~K ROAM Ef esc Efh&%
cy@T}% operational correspondence 4> 7.13 1w : P esc Q '# P
* : P esc Q c-Y?! } ;!
hh
ii ;!
R-R
Q hh
ii
;!
(esc Red Subst Out) 4 P = x M : P Q = M M : P : x = M x = M ni
= M=x l 4 P = wrequest x wTail(M P )] xfwd M
allowIO] wrequest x wTail(M P )]
xfwd M allowIO] wrequest M
wTail(M P )] Q (esc Red Subst In) _ (esc Red Subst Out) nd (esc Red Output) 4 P = n : S] n M : P : Q = n : S M : P ] B P = nallowIO server w : wHead server r : rHead S ] (open c open c open r)k
wrequest n wTail(M P )](! k 4 S / ?c ] Q) q ] P
nallowIO server w : wHead server r : rHead S wwHead wTail(M P )] ]
(open c open c open r)k Q 96Tl+N 4 cg S M : P / ?
c]Qc4 k) (esc Red Input) _ (esc Red Output) nd (esc Red Comm) 4 P = n : S M : P (x) : P ] : Q = n : S] P (x : M)P B P = nallowIO server w : wHead server r : rHead S wwHead
wTail(M P )] rrHead rTail(x P )] ] (open c open c open r)k
nallowIO
!
server w : wHead server r : rHead S ] P (x : )(xfwd M allowIO] P )
0
h
f
0
g ]
hh
j
ii
hh
hh
1
j
hh
0
h
i
j h
j hh
hh
hh
ii
j
i
j hh
i
1
j
j
j hh
1
Q
hh
ii
j
ii
j
j hh
1 ii
j
_
ii j
j
ii ;!
j
1
j hh
j
hh
j
j
j
2
j
(open c j open c j open r)k;
ii j
2
ii
j
j h
j
(esc Red Var) `d j
j
hh
1
ii
ii j
j
ii j
j
hh
j h
1
j
1
j
j
0
hh
1
1
j
ii
0
ii j
j
j
hh
1
ii
j
j
i
j
;!
1
0
h
1
ii j
0
j
0
i
;!
j
hh
i
hh
ii j
1
j
1
j
2
ii j
j
ii j
j
j hh
2 ii
j
esc YJ=^
7.3
x
91
(esc Red Res) `d (esc Red Par) `d (esc Red Struct) c P
4> 7.14
1w P
hh
Q
esc Q =) hh
ii ;!
Q ` d ii hh
ii
Q sVq esc R R "* : P
;!
esc R - PTC . hh
R
ii '
* P cs'?! }
P = 0 4 0
h n5? ! & P = (n)P 4 (n)P = (n : ! ) P
(n : ! )( P )=
!
!
(n : )( P )
Q l 4 L P
Q : Q (n : )Q }#
ni >7 R R4 : P esc R : PTC . R
Q 7 R = (n)R B ` i
: P esc R PTC . R
Q ni PTC .(n : ! ) R
(n : ! )Q l 4 R (n : ! ) R ( Q (n : ! )Q n ` PTC . R Q P = (x : M)P 4 (x : M)P = (x : ! )(xfwd M allowIO] P )
(x : ! )( xfwd M allowIO] P ) = (x : ! )( M=x P )
Q " ~
}#_~T @; (P = (n)P ) nd
P = n : S] 4 n : S] = nallowIO server w : wHead server r : rHead
S ] (open c open c open r)k
Q 4 zn S
M : P (x) : P S
:Q
nallowIO server w : wHead server r : rHead S
rw open
wTail(M P )] out n : out c : open w : out c : open r : open rTail(x P )] ] (open c
open c open r)k 7 R = n : S ] P
(x : M)P B f V : P
esc R " ~n 7.12 c-Lni PTC . nallowIO server w : wHead server r : rHead
S ] (open c open c open r)k
P
(x : ! )(xfwd M allowIO] P )
nallowIO server w : wHead server r : rHead S rw open wTail(M P )]
out n : out c : open w : out c : open r : open rTail(x P )] ] (open c open c open r)k n
PTC . R Q P = M M : P 4 M M : P = wrequest M wTail(M P )]
Q zn
= M =M : Q Mfwd M allowIO w in enter : out M : open enter
wTail(M P )] ] 7 R = M M : P > d M = M ni : P esc R n 7.11 c-Lni PTC . Mfwd M allowIO] wrequest M wTail(M P )]
Mfwd M allowIO w in enter : out M : open enter wTail(M P )] ] n
PTC . R Q P = M(x) : P _~ T @;nd P = P P 4 P P = P
P
Q 3]` @;{L { P
Q : Q Q P 4 " ~ }# ` d { P
Q : Q P Q _nd { P
P
Q : Q Q 42n 3]` @;{L hh
ii hh
ii
hh
1
_
hh
1 ii
1 ii
;!
1
_
hh
1 ii
hh
ii j
1 ii
'
1 ii
1 ii
_
1 ii
hh
'
hh
_
hh
1 ii
_
'
_
]f
g
1
ii '
j
hh
1 ii
1
hh
_
ii j hh
1
1
1
ii j
1 ii
_
_
j hh
1
1
1 ii
j
hh
;!
hh
hh
1
_
_
1
hh
ii ii j
hh
;!
hh
hh
;!
1
P
j hh
1 ii
1 ii
;!
1
hh
hh
ii
j
ii
j
hh
ii
hh
j
ii j
j
j
ii j
j
j
j
j hh
0
i
1
0
hh
1
]f
g
1
hh
j
j
1
j
j
1
j
j
j
;!
_
j
j
j hh
1 ii
j hh
2 ii
j
j
j
2
0
1 ii
1 ii
hh
j
1
j
1
'
j
j
j
j
1
j
ii j hh
1 ii
;!
1
hh
ii j hh
2 ii
;!
2
hh
hh
1 ii j hh
2 ii ;!
3
1
hh
1
j
2 ii
hh
;!
j
j
hh
j
1
1
hh
j hh
1 ii
ii j hh
2 ii
j
2
ii j
3
1 ii
j hh
;!
1
j
ii '
2
0
j
i
j
j
ii j
1
1
j
j
j
i
1 ii
1h
1
hh
0
h
hh
1 ii
1 ii
2
2
j
1 ii
j
ii '
h
hh
hh
2
j
1
hh
j
ii j
;1
j
1
1
j
1
1
j
i
j
j
hh
hh
h
j
j
1 ii
j
;!
j
1
hh
j
2 ii
;!
0
j
0
1
1
'
Ah YJ=^
92
P n : S] n M : P P : Q nChannel w in enter : open enter
wTail(M P )] ] P "47 R = n : S M : P ] P n 7.10 ` i
PTC . R
Q n PTC . R Q (2). P P
n : S] n(x) : P P : Q
nChannel r in enter : open enter
rTail(x P )] ] P "_~ T@;nd (3). P P (n)P 4n m @; P = (n)P cdj (4). P P (x : M)P 4n m @; P = (x : M)P cdj P = ! P 4 ! P = ! P
Q Uzn P
Q :
Q Q ! P " ~ }# ` d ] ~ q@;c 3P ni -L'* (1). P
1
j
2
j hh
3
hh
1
j
2
ii ' hh
j
2
1
j
2
x7.4
1
j hh
j
hh
j
3
4
3
j
4 ii
j h
ii j
hh
3
j
3
4
i
j
j
3
4
ii '
3
j
j
4 ii
3
1
3
hh
1
i
j
3
1
h
j
1
ii
hh
ii j
hh
1 ii
;!
hh
ii j hh
1 ii
;!
1
1 ii
v:xX]
7~*bc esc Efhcc$~ ROAM Efch&% nn'{ d4
ff
P = cl (P )
gg
hh
ii
YX ? P chy@ P {dk``ec h zY Y) ^c ?:B+N79+c- 4 \] ) ^ m E~T]a~c mChannel] ?
ff
ff
0
P Q
!P
(n)P
M M :P
j
ff
ff
4
gg
h
i
ff
gg
M(x) : P
gg
gg
_
j ff
1
ff
0
1
4
j
j
j
4
1
gg
j
_
ff
gg
1
1
2
j
1
1
j
2
j
j
j
d
gg
j
j
Channel
gg
4
j
ff
gg j ff
4
gg
0
ff
4
gg
ff
= 0
=
P
Q
= ! P
= (n : ! )(nChannel] P )
= wrequest M c out r : open : P ]
w in r : open : (fwd M allowIO)] ]
= rrequest M (x : ! )(c out r : open : P ]
r in w : in x : open]
x in r : out r : open r : open w r out x : open] ] )]
open c open c open r
= allowIO server w : in r : open
server r : in w : out n : out c : open w : out c : open r : open
4
gg
ff
gg
esc Ef( Efjn]r=h
2
18 ]
c~BZ~K h caS %0 h` `$ I
R' d Y
B L7~ >ED Z< P ( ROAM h % {G < Pc c $~ b + ~ 0 ROAM
E f l E fc T] Q p h&%Lh&% cdj " ~ + ROAM ?ch
7.4
x
YJ=^
93
%{GUhTXj+ ROAM EfY_!ORtE fcZ B%:Xj+ ED Z
7GSr B ? c 7 @ ~ h +?h % {G7?h % djc@ ~
B Lc-LXj RtE fn ]~i~cB ct ] U n%; @ Z B E f9 cB c
B m 9 " l 4n ] b 4RtE fY Ec m+ 9 c Z / E fY i~ "&c s = 94
Ah YJ=^
}K& Xx8.1
ODxj gn
B L > Y RtE fc T]T## ROAM >+$ 4 mc < P ( zo 7 < P #
+RtEf\cL(lY2~$ ROAM ?!dj']`T &e L@+/
% c pk
=i\q_y<at8v|`V?## ROAM
B> " ~; @ u Q ~ 5 RtE fc ! O % U T p ? ! + < P + RtE fc T
ROAM B> c < P-L( lZ j " ~; @ u Q ~ 5 = U & c H 4x. ROAM
7!Ox.&e E& SA T{01 ;@u Q? !x.6 ROAM aYw
SA qYc Z B =iy<at8vt7ohUD
7! *RtZ B c < P l @ c EDBT nY`$ $ {m0] Rt7
? Fb. 6 c TD ` h $ h Cardelli h] n m+ ?;Y;s = k ! gK T
3?;Y;B6Y0*D @~ l4thI>k 32] QYLB +T
0]&T3X\ cL Zz1 0 ?6,T] open ;@B>cEDZ
n ] X3>7$]Y U ]B + T | ) _c0] &a :7 t gD$ Z
qr B H % cE( $]$ ~T] " h- ? !Z + r Bh cH %n ] h
c"h-
7B>cED Z ETS-MTpQcGSrBQ3~yj T7 RtEf?
cKQ % 7 < P ? (Rt c p Q n . f ` 4 N7 SA E fcKQ % 7 < P
T>7 n m+Q p c O B> c. l @ ]k ETS-MTc < P3 RtE f
Z< P p Q H % c? Tl) { >7 +Y& ~ % 0 1 ! c )
{cpQrBZ
U +N $ B> ETS-MT< P_c Amtoft h]c * y < P l @ 7 >k
54] Amtoft h] + * *R9 c * y %! 6 9 l Rt? Fb %
c TDBt_c0] & n ] f@3*R9 * y % c < P' %B> c <
P$RtEf|cY;%(p QcEDBjV Amtoft h]cl@i<
T3 B> c l @YA!a ,v}B>7 EDBc_ 0] &%~ ( 7 Y;%(
p QcrB ~@+/ % c l @ jV B>b c ETS-MT3$] 4 ROAM t c T
3! 6, c ED ) {(Y;%p Q& ]O 7` RtEf Z #n ] `$s
28]
5 ]
16]
58 ]
54]
~
79 c >k 33] Amtoft + T RtE f\ ] s ! ? !f -c
Zn ] f@3 RtE f Z c2 T] N ? l7 L Z G+;
@ b j f c p o n n f - Rt c Y;( Fb !Qs3U f - +N+* 0*B c7
R j~c Amtoft 7 >k 33] E _c l @ Qb 9+v{ 95
Qh ,d
96
! ROAM 4ohn3l23Zl] vyr :v@6`' B
B> ROAM c X$ Y dh % { h % {G E f h h & ec l @ #h 3
< / % c X$ Y d c < P ( ?h % c < P r~ + >k 20] c & h
%{Gc< PA$>k 16] c) Efch$~ +>k 18] c&T3B>
] .7U & ecU w * < P ] *& u_f - 7T] _ h Zh7 ]` &
s
T~c wDZ q`cQ~ `> h %T* { & dj?ch % {G >k 20] MA ?ch %< Py b + c Q~ `> hc?h %T
* { & activity lemma ! s~ !!3dj+_ )] 2z)c p] & >k 16]
?h % {Gcdj r~c = r7c&B> c >k 20] c & dj?c
h%{G@H>7
"~ ?ch % {G ) ' E f h cKQ & dj >k 16] ch % {G r~ cQ p (0Y; ah g c EDUT$` 16]
h % {Gc s~ ydjJ Bm 9 "c SA E f E fc ha :$` >k
18] ~ 0 SA h E fc &% z$ ~E $ F 4c 0 KQ & ? !B> - -ED Z ETS-MT Q p (0Y; ?c i GSr B$`?ch % {G6 ~#2i~
%!n' 64 E f h cKQ & dj 6 'B ]7 e .L > h _c RtE fc u g >k(< P]"c -S \ I
?0*< P]" k Luca Cardelli Gerard Boudol ( Fmc < P%. - K k Calculi for
Mobile Processes $' 60]
1
2
3
x8.2
; ~ `xD
B> ROAM E fc < Pz37 8 P6 - - P Y;t fr c ( D gK l @c
Tl? Tl c < P l @n ] 7 ]`T & eIb _
1
2
3
ROAM t8 vl$
B>< PY B m 9 "c0 ROAM E f 7! c $~n ] ? !` &I $!;h i~
7Jk E~B m 9 " - Q Amtoft h]E ~5 Q A c% +(s~ & ]cBs =
ha"~B> c< P' (I I) 'L &I Efc ZKQ %7h< P l@ ROAM ohUD ^Gl& vl$35^ * ohw*v q _` 8 . )Z
-Y;t fr c < P e $l N 0] ! O %BB> ROAM c ED Z N Y ROAM cKQ % 7 < P Y ! O%Bn ] 7 ROAM c ED Z E ~ 6
c O ( 6 ! O % c 6, 0 2Z( Fb0 2Z] 4x._ ]Y;tf Z ;c ! O
%h? ) IL Z c < Ps7 c 3k ( I d 7 3k ( Y;Z0 ~
>$ 3k 7 ` *sc& Z ? !h cI d UI dzQ ] *se X!q
+0cU n7R ? !!~sT7 - P. .B c Rt c %Ik , `$LRt
http://www.luca.demon.co.uk/
http://www-sop.inria.fr/mimosa/personnel/Gerard.Boudol.html
http://lampwww.ep.ch/mobility/
8.2
x
-[p
97
c 7R7 k ,9 d L7RcaS%7h *sc 7R k, ? !:7 U B#3
7T]~cY;t fr +NW Ec ! MA SA ROAM 3 SAP y-6t8^Gln{l n3l23Zl] v\`
vST
RtZ - s cG8 s = ( 5IcgK$`U & ec < P l @ k \ , 7 ! ; @
c < P & eT9(c MA SA $B> c ROAM k 9 c SAP RtE fc < P9+
3 -,&7Y;t fc'" r $l3 h3 RtE f 7U BQ0n ] 9U Ef7!
O%`~%KQ% 7(ZB `&ecE $`$ T WE 98
Qh ,d
cf N\
1] R. S. Gray. Agent Tcl: A exible and secure mobile agent system. In Proc. of the Fourth Annual Tcl/Tk
Workshop, Monterey, July 1996, pages 9-13, Berkeley, 1996. Also available as Dartmouth Computer
Science Technical Report TR98-327.
2] M. Straer, J. Baumann, and F. Hohl. Mole - A Java Based Mobile Agent System. In: M. Muhlhauser:
(ed.), Special Issues in Object Oriented Programming, pp. 301-308, Springer-Verlag 1997.
3] Aglets.org: http://www.aglets.org/
4] A. Tripathi, N. Karnik, R. Singh, T. Ahmed, J. Eberhard, and A. Prakash. Development of Mobile Agent
Applications in Ajanta. Technical report, Department of Computer Science, University of Minnesota,
May 1999.
5] L. Cardelli and A. D. Gordon. Mobile ambients. In M. Nivat(ed.), Proc. FOSSACS'98, International
Conference on Foundations of Software Science and Computation Structures, volume 1378 of Lecture
Notes in Computer Science, pp. 140-155. Springer-Verlag, 1998.
6] A. Church. The Calculi of Lambda Conversion. Princeton University Press, 1941.
7] R. Milner. A calculus of communicating systems. LNCS 92, pages 1{171, Springer-Verlag. 1980.
8] R. Milner, J. Parrow, and D. Walker. A calculus of mobile processes, Parts 1-2. Information and Computation, 100(1), pp. 1-77, 1992. (First appeared in 1989 as a LFCS report)
9] D. Sangiorgi. Expressing Mobility in Process Algebras: First-Order and Higher-Order Paradigms. PhD
thesis CST-99-93, Department of Computer Science, University of Edinburgh, 1992.
10] L. Cardelli. Abstractions for mobile computation. In J. Vitek and C. Jensen (eds), Secure Internet
Programming: Security Issues for Mobile and Distributed Objects, volume 1603 of Lecture Notes in
Computer Science, pp. 51-94. Springer-Verlag, 1999.
11] M. Hennessy and J. Riely. Resource access control in systems of mobile agents. In Proc. 3rd International
Workshop on High-Level Concurrent Languages (HLCL'98), vol. 16(3) of Electronic Notes in Theoretical
Computer Science, Elsevier, 1998.
12] R. M. Amadio. An asynchronous model of locality, failure, and process mobility. In Proc. COORDINATION 97, volume 1282 of Lecture Notes in Computer Science, pp. 374-391, Springer-Verlag, Berlin,
1997.
13] P. Sewell. Global/local subtyping and capability inference for a distributed pi-calculus. In Proc.
ICALP'98, volume 1443 of Lecture Notes in Computer Science, pp. 695-706, Springer-Verlag, 1998.
14] T. Sekiguchi and A. Yonezawa. A calculus with code mobility. In H. Bowman and J. Derrick (Eds),
Proc. Second IFIP Intl. Conf. on FMOODS, pp.21-36, Chapman Hall, 1997.
15] C. Fournet, G. Gonthier, J. Levy, L. Maranget, and D.Remy. A calculus of mobile agents. In Proc. 7th
Intl. Conf. on Concurrency Theory(CONCUR'96), pp.406-421, 1996.
16] F. Levi, D. Sangiorgi. Controlling interference in ambients. In Proc. POPL'00, pages 352{364, Boston,
Massachusetts, 2000.
17] J. Vitek and G. Castagna. Seal: A framework for secure mobile computations. In Internet Programming
Languages, 1999.
Avaliable at: http://www.cs.purdue.edu/homes/jv/pub/wipl-book99.ps.gz
18] P. Zimmer. On the expressiveness of pure mobile ambients. In L. Aceto and B. Victor, editors, Proc.
EXPRESS '00, pages 81{204. To apper in Electronic Notes in Theoretical Computer Science, Vol 39,
99
100
19]
20]
21]
22]
23]
24]
25]
26]
27]
28]
29]
30]
31]
32]
33]
34]
35]
36]
37]
\1MQ
Elsevier.
L. Cardelli and A. D. Gordon. Mobile ambients - annex, unpublished notes, 1998.
Avaliable at: http://research.microsoft.com/Users/luca/Papers/MobileAmbientsAnnex.A4.ps
A. D. Gordon and L. Cardelli. Equational properties of mobile ambients. In Proc. FoSSaCS'99, volume
1578 of Lecture Notes in Computer Science, pp. 212-226. Springer-Verlag, 1999.
U. Nestmann and B. C. Pierce. Decoding choice encodings. In U. Montanari and V. Sassone, editors,
Proc. of the 7th Int. Conf. on Concurrency Theory (CONCUR 96), number 1119 in LNCS, pages
179{194. Springer-Verlag, 1996.
V. T. Vasconcelos. The call-by-value lambda-calculus, the SECD machine, and the pi-calculus. Technical
Report DI/FCUL TR-00-3. Department of Computer Science, University of Lisbon. May 2000.
Avaliable at: http://www.di.fc.ul.pt/biblioteca/tech-reports/00-3.pdf
J. Riely and M. Hennessy. Trust and partial typing in open systems of mobile agents. In Conference
Record of the 26th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages,
ACM Press, 1999.
C. Fournet and G. Gonthier. The reexive CHAM and the join-calculus. In Proc. 23rd Annual ACM
Symposium on Princples of Programming Languges(POPL'96), pp. 372-385, 1996.
G. Berry and G. Boudol. The chemical abstract machine. Theoretical Computer Science, 96(1), pp.
217-248, 1992.
C. Fournet. The Join-calculus: a calculus for distributed mobile programming. PhD thesis, Ecole Polytechnique, November 1998, published by INRIA.
Avaliable at: http://www.research.microsoft.com/~fournet/papers/dissertation.ps.gz
L. Cardelli and A. D. Gordon. Types for mobile ambients. In Proc. POPL'99, pp. 79-92. ACM Press.
1999.
L. Cardelli, G. Ghelli, and A. D. Gordon. Mobility types for mobile ambients. In Proc. ICALP'99,
volume 1644 of Lecture Notes in Computer Science, pp. 230-239. Spinger-Verlag, 1999.
P. Zimmer. Subtyping and typing algorithms for mobile ambients. In Proc. FoSSaCS'2000, LNCS
1784:375-390, Springer-Verlag, 2000.
L. Cardelli, G. Ghelli, A. D. Gordon. Ambient groups and mobility types. In Proc. TCS2000, LNCS
1872:333{347, Springer-Verlag, 2000.
M. Bugliesi, G. Castagna. Secure safe ambients. In Conf. Rec. POPL'01: 28th ACM Symp. Pronc. of
Prog. Langs., pp.222-235, 2001.
M. Dezani-Ciancaglini and I. Salvo. Security types for mobile safe ambients. In Proc. ASIAN'00, volume
1961 of LNCS, pages 215{236, Springer-Verlag, 2000.
T. Amtoft. Casual type system for ambient movements. Draft.
Avaliable from: http://www.cs.bu.edu/associates/tamtoft/papers.html
L. Cardelli, G. Ghelli, and A. D. Gordon. Secrecy and group creation. In Proceedings of International
Conference on Concurrency Theory (CONCUR), volume 1877 of LNCS, pages 365{379. Springer, 2000.
L. Cardelli, G. Ghelli, and A. D. Gordon. Types for the Ambient Calculus. To Appear in Information
and Computation special issue on TCS'2000.
L. Cardelli. Ambit. http://www.luca.demon.co.uk/Ambit/Ambit.html, 1997.
L. Cardelli. Mobile ambient synchronization. SRC Technical Note 1997-013. DEC System Research
Center, July 1997.
101
38]
39]
40]
41]
42]
43]
44]
45]
46]
47]
48]
49]
50]
51]
52]
53]
54]
55]
Avaliable at: http://research.microsoft.com/Users/luca/Notes/SRCNote97-13.A4.ps
F. Le Fessant. The Jocaml system prototype. http://join.inria.fr/jocaml, 1998.
C. Fournet, J. L ` vy, and A. Schmitt. An asynchronous, distributed implementation of mobile ambients. In Proc. IFIP TCS'2000, pages 348{364, Japan, 2000.
L. Cardelli and A. D. Gordon. Anytime, anywhere, modal logics for mobile ambients. In Proc. 27th
Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL'00),
pp 365-377, Boston, Massachusetts, Jan. 19-21, 2000.
D. Sangiorgi. Extensionality and intensionality of the ambient logic. In Proc. POPL'01, pp.4-17, ACM
Press, 2001.
W. Charatonik, S. Dal-Zilio, A. D. Gordon, S. Mukhopadhyay and J. Talbot. The complexity of model
checking ambients. In Proc. FOSSACS'01, volumn 2032 of Lecture Notes in Computer Science, pp.
152-167, Springer-Verlag, 2001.
W. Charatonik and J. Talbot. The decidability of model checking mobile ambients. To appear in Proc.
CSL'01, the 15th Annual Conference of the European Association for Computer Science Logic.
R. R. Hansen, J. G. Jensen, F. Nielson, H. R. Nielson. Abstract interpretation of mobile ambients. In
Proc. SAS'99, volume 1694 of Lecture Notes in Computer Science, pp. 134-148, Springer-Verlag, 1999.
H. R. Nielson, F. Nielson. Shape analysis for mobile ambients. To appear in Proc. 27th Annual ACM
SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL'00), Boston, Massachusetts, Jan. 19-21, 2000.
F. Nielson, H. R. Nielson, R. R. Hansen, J. G. Jensen. Validating rewalls in mobile ambients. In J.
Baeten and S. Mauw(eds.), Proc. CONCUR'99, volumn 1664 of Lecture Notes in Computer Science,
pp. 463-477. Springer-Verlag, 1999.
F. Levi and C. Bodei. Security analysis for mobile ambients. In Proceedings of the Workshop on Issues in
the Theory of Security, (co-located with ICALP'2000), pages 18{23, University of Geneva, Switzerland,
2000.
J. Feret. Abstract Interpretation-Based Static Analysis of Mobile Ambients. In Proc. SAS'01, volumn
2126 of Lecture Notes in Computer Science, pp. 412-430, Springer-Verlag, 2001.
F. Levi, S. Maeis. An Abstract Interpretation Framework for Analysing Mobile Ambients. In Proc.
SAS'01, volumn 2126 of Lecture Notes in Computer Science, pp. 395-411, Springer-Verlag, 2001.
L. Cardelli and G. Ghelli. A query language for semistructed data based on the ambient logic. In Proc.
ESOP'01, volume 2028 of Lecture Notes in Computer Science, pages 1{22, Springer-Verlag, 2001.
P. Stanski and A. Zaslavsky. Expressing dynamics of mobile agent systems using ambient calculus. In
Proc. MDDS Workshop at DEXA'98, pages 434{439, Vienna, 1998.
D. Sangiorgi, A. Valente. A distributed abstract machine for safe ambients. In Proc. ICALP'01, LNCS
2076:408{420, Springer-Verlag, 2001.
P. Degano, F. Levi and C. Bodei. Safe ambients: control ow analysis and security. In Proc. ASIAN'00,
volume 1961 of LNCS, pages 199{214, Springer-Verlag, 2000.
T. Amtoft, A. J. Kfoury, and S. M. Pericas-Geertsen. What are polymorphically-typed ambients? In
D. Sands, ed., ESOP 2001, Genova, vol. 2028 of LNCS, pp.206-220. Springer-Verlag, Apr. 2001. An
extended version appears as Technical Report BUCS-TR-2000-021, Comp. Sci. Dept., Boston U., 2000.
M. Bugliesi, G. Castagna, and S. Crafa. Boxed Ambients. In TACS 2001, LNCS 2215:38{63, SpringerVerlag, 2001.
102
\1MQ
56] M. Merro and M. Hennessy. Bisimulation congruences in safe ambients. To appear in POPL'02, ACM
Press, 2002.
57] B. C. Pierce. Type-Theoretic Fundations for Programming Languages. The MIT Press, 2002, forth
coming.
58] X. Guan, Y. Yang, J. You. Making ambients more robust. In Proc. Intl. Conf. on Software: Theory and
Practice, pages 377{384, Beijing, China, 2000.
59] X. Guan, Y.Yang, J. You. Typing evolving ambients. Information Processing Letters, 80(5), pp 265-270,
Nov. 2001.
60] Ambient Calculi Online. http://www.wikipedia.com/wiki/AmbientCalculiOnline. 2002.
1
{
|s
3.8 49s 3.9 w+ p
BK BdjotL ETS-MT Z c T } % subject congruence ( & T } %
subject reduction & Z c) !( ,r %7 ` e n 3.8 ( { 3.9 cdj kh@~B<j E_#{ (ET Sub) B76T { B2 ~6z ?$ ~+ T 7
r 3.8 (Subject congruence) 1w ; ` P : T - P Q '# ; ` Q : T *
P Q ( Q P c - Y ? ! U - }dj ` /& ] #'* (1). k ; ` P : T : P Q zW ; ` Q : T "
(2). k ; ` Q : T : P Q zW ; ` P : T (Struct Re) 4 P ( Q )O r` i# (1) (2) '*
(Struct Symm) 4 # (1) Q P }# (2) ni# (1) '* # (2) n L }# (1) `$ (Struct Trans) 4# (1) P R : R Q #{ ; ` P : T "~ }# (1) &7
nr|`$ ; ` R : T ( ; ` Q : T # (1) '*# (2) cdj# (1) 4
(J
(Struct Res) 4 # (1) P = (n : Tn )P Q = (n : Tn)Q : P Q #{
; ` (n : Tn )P : T Uz (ET Sub) ( (ET Res) `$ : ; n : Tn ` P : T :
T T P Q " ~ }# (1) ni ; n : Tn ` Q : T 5" ~ (ET Res) ( (ET
Sub) n` ; ` (n : Tn )Q : T # (1) '* # (2) cdj # (1) 4(
J
(Struct Par) 4# (1) P = P j R Q = Q j R : P Q #{ ; ` P j R : T Uz (ET Sub) ]k (ET Par) `$: ; ` P : T ; ` R : T : T jt T T P Q "~ }# (1) ni ; ` Q : T 5" ~ (ET Par) ( (ET Sub) n`
; ` Q j R : T # (1) '* # (2) cdj # (1) 4(J (Struct Repl) 4 # (1) P = ! P Q = ! Q : P Q #{ ; ` ! P : T Uz
(ET Sub) ( (ET Repl) `$ : ; ` P : T : T jt T T P Q " ~ }
# (1) ni ; ` Q : T 5"~ (ET Repl) ( (ET Sub) n` ; ` ! Q : T l4# (1)
'*# (2) cdj# (1) 4(J
(Struct Amb) 4# (1) P = nP ] Q = nQ ] : P Q #{ ; ` nP ] : T Uz
(ET Sub) ( (ET Amb) `$ : ; ` n : T ; ` P : T : _ T P Q
" ~ }# (1) ni ; ` Q : T 5" ~ (ET Amb) ( (ET Sub) n` ; ` nQ ] : T l 4# (1) '* # (2) cdj # (1) 4(J (Struct Act) 4 # (1) P = M : P Q = M : Q : P Q #{ ; ` M : P : T Uz (ET Sub) ( (ET Act) `$ : ; ` M : W ; ` P : T : W (T ) T P Q " ~ }# (1) ni ; ` Q : T 5" ~ (ET Act) ( (ET Sub) n`
; ` M : Q : T # (1) '* # (2) cdj # (1) 4(J (Struct Par Zero) 4 P = Q j 0 # (1) #{ ; ` Q j 0 : T Uz (ET Sub)
( (ET Par) `$ : ; ` Q : T ; ` 0 : _ : T jt _ T 5 % 7 3.2 c (Par
1
1
1
1
1
0
1
0
1
1
0
1
1
1
1
1
1
1
1
1
1
1
1
2
1
2
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
0
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
0
1
103
1
0
1
1
1
_9 1 _3 3.8 #3 3.9 i<
104
Zero T ) n` T T "~ (ET Sub) n` ; Q : T # (1) '* # (2) #{
; Q : T n 3.5 n` ;
" ~ (ET Inact) ; 0 : 5" ~ (ET Par) n
` ; Q 0 : T t n ; Q 0 : T # (2) '*
(Struct Par Comm) 4 P = P Q : Q = Q P # (1) #{ ; P Q : T Uz (ET Sub) ( (ET Par) `$ : ; P : T ; Q : T : T t T T (ET Par) ni ; Q P : T t T % % 7 3.2 c (Par Symm T ) ni
T t T = T t T l 4" ~ (ET Sub) n` ; Q P : T # (1) '* # (2) cd
j# (1) 4(J
(Struct Par Assoc) 4 P = (P Q ) R : Q = P (Q R) # (1) #{
; (P Q ) R : T Uz (ET Sub) ( (ET Par) `$ : ; P Q : T ; R : T : T t T T % .T Q z (ET Sub) ( (ET Par) `$ : ; P : T ; Q : T : T t T T " ~ &7 (ET Par) n` ; P (Q R) : T t (T t T ) % 7 3.2 c (Par Assoc T ) i T t (T t T ) = (T t T ) t T l 4"~ (ET Sub) n`
; P (Q R) : T # (1) '* # (2) cdj # (1) 4(J (Struct Res Zero) 4 P = (n : Tn )0 : Q = 0 # (1) #{ ; (n : Tn)0 : T U
z (ET Sub) ( (ET Res) `$ : ; n : Tn 0 : T : T T n fn(0) e
Xn 3.6 ni ; 0 : T 5"~ (ET Sub) n` ; 0 : T # (1) '*# (2) #{ ; 0 : T &Om O mn 9 d n dom(;) " ~n 3.7 ni ; n : Tn 0 : T 5"~ (ET Res) n` ; (n : Tn)0 : T # (2) '*
(Struct Res Res) 4 P = (n : Tn )(m : Tm )R : Q = (m : Tm )(n : Tn )R #
(1) #{ ; (n : Tn )(m : Tm )R : T Uz (ET Sub) ( (ET Res) `$ :
; n : Tn (m : Tm )R : T : T T L Uz (ET Sub) ( (ET Res) `$ :
; n : Tn m : Tm R : T : T T J K 4Th- ni !c ~ Gl 4"
~ &7 (ET Res) ( (ET Sub) n` ; (m : Tm )(n : Tn )R : T # (1) '* # (2)
cdj# (1) 4(J
(Struct Res Par) 4 P = (n : Tn)(P Q ) Q = P (n : Tn)Q : n fn(P ) # (1) #{ ; (n : Tn)(P Q ) : T Uz (ET Sub) ( (ET Res) `$ :
; n : Tn P Q : T : T T L Uz (ET Sub) ( (ET Par) `$ :
; n : Tn P : T ; n : Tn Q : T : T t T T n fn(P) e X n 3.6 ni
; P : T 2 (ET Res) i ; (n : Tn )Q : T " ~ (ET Par) ( (ET Sub) n`
; P (n : Tn )Q : T # (1) '* # (2) cdj # (1) r!a $ ~ +
n 3.7 4(J (Struct Res Amb) 4 P = (n : Tn)mR] Q = m(n : Tn )R] : n = m # (1) #
{ ; (n : Tn)mR] : T Uz (ET Sub) ( (ET Res) `$: ; n : Tn mR] : T
: T T L Uz (ET Sub) ( (ET Amb) `$ : ; n : Tn m : Tm ; n : Tn R : Tm :
T n = m e X n 3.6 ni ; m : Tm 2 (ET Res) i
; (n : Tn )R : Tm " ~ (ET Amb) ( (ET Sub) n` ; m(n : Tn)R] : T l 4#
(1) '* # (2) cdj # (1) r!a $ ~ + n 3.7 4(J 1
`
`
` }
`
j
j
_
0
`
`
j
1
1
j
`
1
`
2
j
1
1
j
j
1
1
1
j
`
1
1
1
4
j
j
3
1
1
2
2
j
j
1
1
1
j
2
1
j
1
`
`
1
j
4
j
4
1
1
`
3
`
j
1
j
1
`
1
j
1
1
`
j
1
j
1
2
`
j
2
2
1
`
0
j
1
`
_
j
2
3
j
4
1
j
j
1
j
3
j
4
1
1
j
3
2
2
j
`
`
`
1
1
62
`
1
`
62
`
`
`
`
1
`
1
2
2
1
`
1
`
`
`
`
1
`
1
1
1
j
1
1
1
1
j
1
j
1
62
1
1
1
3
`
2
1
`
2
j
j
2
j
3
1
62
1
3
1
6
`
1
`
`
`
`
_
0
1
6
`
`
1
105
(Struct Repl Par) 4 P = ! R : Q = R ! R # (1) #{ ; ! R : T U
z (ET Sub) ( (ET Repl) `$ : ; R : T : T T T " ~ (ET
Par) ni ; R ! R : T t (T t T ) t c{ d ni T = Z Y 5 t c{ d n`
Z Y t Z Y = Z Y t (Z Y t Z Y ) " ~ (ET Sub) n` ; R ! R : T # (1) '* # (2) #{ ; R ! R : T Uz (ET Sub) ( (ET Par) : ; R : T ; ! R : T : T t T T 5 (ET Repl) ni T = Z Y . l 4n" ~% 7 3.2 c (Par
Zero T ) ( (Par Strict T ) `$ T T 9 6 "~ (ET Sub) n` ; ! R : T # (2)
'*
(Struct Repl Zero) 4 P = ! 0 : Q = 0 # (1) #{ ; ! 0 : T Uz (ET
Sub) ( (ET Repl) `$ : ; 0 : T : T t T T t c{d i T = Z Y l 4n
" ~% 7 3.2 c (Par Zero T ) ( (Par Strict T ) `$ T T t T " ~ (ET Sub) n
` ; 0 : T # (1) '*# (2) #{ ; 0 : T Uz (ET Sub) ( (ET
Inact) `$: ; 0 : :
T " ~ (ET Repl) ( (ET Sub) n` ; 0 : T # (2) '*
(Struct Empty) 4 P = : Q # (1) #{ ; : Q : T Uz (ET Sub)
( (ET Act) `$ : ; : W ; Q : T : W (T ) T % (ET Empty) i
W = l 4 W (T ) = T "~ (ET Sub) n` ; Q : T # (1) '* #
(2) #{ ; Q : T " ~n 3.5 i ;
5 (ET Empty) n` ; : l 4" ~
(ET Act) n` ; : Q : (T ) n ; : Q : T # (2) '* (Struct Path) 4 P = (M : M ) : R : Q = M : (M : R) # (1) #{ ; (M : M ) : R :
T Uz (ET Sub) ( (ET Act) `$ : ; M : M : W ; R : T :
W (T ) T % .Tz (ET Path) `$ : ; M : W ; M : W :
W = W (W ) " ~ &7 (ET Act) ni ; M : (M : R) : W (W (T )) % W (W (T )) =
(W (W ))(T ) = W (T ) l 4" ~ (ET Sub) ; M : (M : R) : T # (1) '* #
(2) cdj # (1) cB _ 4(J ] ~ qn@;c 3P ni -L'* _
j
`
`
`
j
j
j
2
1
j
1
j
1
1
j
1
j
1
j
`
`
j
1
1
`
j
j
j
`
2
1
1
2
`
`
`
1
1
j
1
j
1
`
1
j
1
1
`
`
_
0
_
0
`
`
`
0
;
0
`
0
0
`
`
` }
`
;
`
`
1
2
1
`
2
`
1
0
1
2
2
3
1
`
`
3
0
1
2
0
1
;
2
2
`
1
`
2
0
3
2
0
`
1
1
1
2
2
3
0
3
2
` e76 'T]n c c $~ E _dj { BcaS %
r A.1 ` ; A : Z Y t _Q)p*!Q (1). 1w ; A : P : T '# ; P : T - T T "
(2). 1w ; A : P Q : T '# ; P Q : T - T T `
`
;
0
`
`
j
`
0
0
j
0
* >ddj (1) 5"~ (1) c-Ldj (2) (1). \ i ; A : P : T L V (ET Sub) ( (ET Act) `$ : ; A : W ; P : T : W(T ) T % \ i ; A : Z Y t l 4 Z Y t T T " ~% 7
3.1 ni T Z Y t T n T T (2). ; A : P Q : T L V (ET Sub) ( (ET Par) `$ : ; A : P : T ; Q : T : T t T T -L (1) i ; P : T : T T 7 T = T T , " ~
(ET Par) n` ; P Q : T : T T `
0
`
0
0
`
`
`
`
0
0
;
0
j
2
1
`
j
2
`
j
`
0
0
0
0
1
1
1
0
1
1
j
2
_9 1 _3 3.8 #3 3.9 i<
106
r 3.9 (Subject reduction) 1w ; P : T - P Q '# ; Q : T - T T * P Q c-Y? ! &
(Red In) n\i ; m in n : P P ] n in m : Q Q ] : T N d ; nmP P ] Q Q ] : T
: T T djk`
\i
(1)
; m in n : P P ] n in m : Q Q ] : T
(2.1) ; m in n : P P ] : T
(1),!$ ~(ET Sub)
(2.2) ; n in m : Q Q ] : T
+(ET Par)
`
;!
0
`
0
;!
`
0
j
1
j
2
1
`
2
1
j
2
j
1
j
0
2
`
1
j
2
`
1
j
2
`
(2.3)
(3.1)
(3.2)
(3.3)
(4.1)
(4.2)
(4.3)
(5)
(6)
(7)
(8)
(9)
(10)
(11)
(12)
(13)
(14)
j
1
j
1
(1)
(2.1)
(2.2)
(2.3)
(3.1)
(3.2)
(3.3)
(4.1)
2
2
2
T tT T
; m : Tm
; in n : P P : Tm
T
; n : Tn
; in m : Q Q : Tn
T
; in n : y t
; P P : Tm
; mP P ] :
; in m :
t
; Q Q : Tn
; mP P ] Q Q :
t Tn
; mP P ] Q Q : Tn
; nmP P ] Q Q ] :
T
-L'* j
1
2
(2.1),!$ ~(ET Sub)
+(ET Amb)
`
`
_
0
j
1
2
1
(2.2),!$ ~(ET Sub)
+(ET Amb)
`
`
_
0
1
1
j
`
j
_
j
1
0
;
2
`
1
j
2
j
1
j
2
`
1
j
2
j
1
j
2
`
_
_
2
`
1
0
0
(4.1)+(ET Cap Mbl)
(3.2)(5)+n A.1.(2)~(ET Sub)
(3.1)(6)+(ET Amb)
(3.1)+(ET Cap Imm)
(4.2)(8)+n A.1.(2)~(ET Sub)
(7)(9)+(ET Par)
(10)+% 73.2
(4.1)(11)+(ET Amb)
(2.3)(3.3)(4.3)+% 73.2
(12)(13), J T =
;
2
1
`
2
2
`
`
j
1
1
j
j
2
1
j
_
0
j
_
2
0
`
0
j
1
(Red Out) n\ i ; nm out n : P P ]
Q ] : T : T T dj k `
2
j
1
j
2
j
out
0
1
j
2
; nm out n : P P ] out m : Q Q ] : T
; n : Tn
; m out n : P P ] out m : Q Q : Tn
T
; m out n : P P ] : T
; out m : Q Q : T
T t T Tn
; m : Tm
1
j
2
j
1
j
2
`
`
_
0
`
1
`
j
2
1
j
2
j
1
j
2
`
1
j
2
j
\i
(1),!$ ~(ET Sub)
+(ET Amb)
`
j
1
0
m : Q Q ] : T N d ; mP P ] nQ
`
_
1
2
j
2
1
2
(2.2),!$ ~(ET Sub)
+(ET Par)
(3.1),!$ ~(ET Sub)
1
j
107
(4.2)
(4.3)
(5)
(6)
(7)
(8)
(9)
(10)
(11)
(12)
(13)
(14)
;
`
0
_
2
1
T
; out m : Q Q : Tn
; out m :
t
; Q Q : Tn
; nQ Q ] :
; out n : y t
; P P : Tm
; mP P ] :
; mP P ] nQ Q ] :
-L'* 2
`
j
1
1
_
`
`
j
1
`
j
j
;
0
;
2
`
1
j
2
`
1
j
2
`
_
1
1
2
2
`
`
(4.3)(3.3)+% 73.2
(3.2)(5)+(ET Sub)
(4.1)+(ET Cap Imm)
(6)(7)+n A.1.(2)~(ET Sub)
(2.1)(8)+(ET Amb)
(2.1)+(ET Cap Mbl)
(4.2)(10)+n A.1.(2)~(ET Sub)
(4.1)(11)+(ET Amb)
(12)(9)+(ET Par)
(13)(2.3), J T =
2
1
(Red Open) n\ i ;
djk`
(1)
(2.1)
(2.2)
(2.3)
(3.1)
(3.2)
(3.3)
(4)
(5.1)
(5.2)
(5.3)
(6.1)
(6.2)
(6.3)
(7)
(8)
(9)
(10.1)
(10.2)
(11)
(12)
j
1
T
Tn
+(ET Amb)
n : P P : Tm
out
open
0
_
j
1
j
_
2
0
0
n : P n open : Q Q ] : T N d ; P Q Q : T : T
j
1
j
`
j
1
`
1
`
1
j
1
2
2
2
`
_
1
1
j
2
`
1
1
2
1
2
j
2
1
1
_
_
_
1
1
1
2
0
0
\i
(1),!$ ~(ET Sub)
+(ET Par)
(2.2),!$ ~(ET Sub)
+(ET Amb)
1
j
;
j
1
2
2
j
2
(3.3)(2.3)+% 73.2
(3.2),!$ ~(ET Sub)
+(ET Par)
(5.1),!$ ~(ET Sub)
+(ET Act)
1
1
j
2
0
1
j
`
`
1
2
`
2
j
0
`
0
j
`
2
; open n : P n open : Q Q ] : T
; open n : P : T
; n open : Q Q ] : T
T tT T
; n : Tn
; open : Q Q : Tn
T
T T
; open : Q : Tn
; Q : Tq
Tn t Tq Tn
; open : W
; Q : Tq
W(Tq ) Tn
W= ]
Tq ] t Tq Tn
t Tq Tq t Tq ] Tn
Tn = Z Y Tn ]
Tq t Tq Tn
; Q Q : Tq t Tq
; Q Q : Tn
j
_
`
1
j
2
`
1
j
2
(6.1),!$ ~(ET Co-open)
(7)(6.3)(5.3)+% 73.2
(8)+ t c{ d
(9)+ c{ d
j
0
1
0
j
2
(6.2)(5.2)+(ET Par)
(11)(10.2)+(ET Sub)
T
_9 1 _3 3.8 #3 3.9 i<
108
(13)
(14.1)
(14.2)
(15)
(16)
(17)
`
_
1
0
j
;
`
1
_
0
`
j
0
j
j
1
j
1
j
2
`
j
; P Q:T
; P : Tp
; Q : Tq
Tp t Tq T
P
P
; P : Tp
Tp Tp
; P Q : Tp t Tq
-L'* `
j
`
`
j
;!
P N d ; P Q : T : T
\i
(1),!$ ~(ET Sub)
+(ET Par)
0
0
`
0
0
`
j
0
;!
T dj k `
1
1
`
2
0
;!
2
`
P N d ; (n : Tn )P : T : T
0
(Red Amb) n\i ; nP ] : T : P
`
; nP] : T
; n : Tn
; P : Tn
T
P
P
; P : Tn
Tn Tn
`
`
`
0
0
T dj
;!
0
0
0
1
P N d ; nP ] : T : T
\i
(1),!$ ~(ET Sub)
+(ET Amb)
;!
0
`
0
(4.1)(4.2)+(ET Res)(ET Sub)
(5)(2.2), J T = T
1
`
0
`
1
`
0
j
\i
(1),!$ ~(ET Sub)
+(ET Res)
\i
(2.1)(3)+ }#
`
0
0
(4.1)(4.2)+(ET Sub)(ET Par)
(5)(2.3), J T = Tp t Tq
j
; (n : Tn )P : T
; n : Tn P : T
T T
P
P
; n : Tn P : T
T T
; (n : Tn )P : T
-L'* _
0
j
0
`
(1)
(2.1)
(2.2)
(2.3)
(3)
(4.1)
(4.2)
0
`
j
\i
(2.1)(3)+ }#
0
(Red Res) n\i ; (n : Tn)P : T : P
k `
(1)
(2.1)
(2.2)
(3)
(4.1)
(4.2)
(5)
(6)
0
;!
0
0
(Red Par) n\ i ; P Q : T : P
(1)
(2.1)
(2.2)
(2.3)
(3)
(4.1)
(4.2)
(5)
(6)
(10.1)+(ET Open)
(2.1),!$ ~(ET Sub)
+(ET Act)
(14.1)(12)+(ET Par)
(14.2)(4)+% 73.2, 3.1
(15)(16), J T = Tp Tn
; open n :
t (Tn t )
; P : Tp
t (Tn t Tp ) T
; P Q Q : T p Tn
Tp Tn T
-L'* \i
(2.2)(3)+ }#
0
0
0
T dj k `
109
(5)
(6)
0
`
_
0
(Red Struct) n\ i ; P : T P
T T dj k `
`
0
(1)
(2)
(3)
(4)
(5.1)
(5.2)
(6)
(7)
(8)
(4.1)(4.2)+(ET Sub)(ET Amb)
(5)(2.3), J T =
; nP ] :
-L'* ; P :T
P P
; P :T
P
P
; P :T
T T
P P
; P :T
-L'* `
0
0
`
0
;!
00
`
1
00
1
0
P P
0
0
;!
_
P :P
00
\i
\i
(1)(2)+n 3.8
\i
(3)(4)+ }#
00
`
000
000
1
\i
(5)(6)+n 3.8
(7)(5.2), J T = T
0
] ~ qn@;c 3P ni -L'* _
0
1
00
P N d ; P : T :
000
`
000
0
110
_9 1 _3 3.8 #3 3.9 i<
{
2
|s
4.14 w+ p
n 4.14 v ?>7 \(x n3 ` 4 c wD - BK B b !Y cdj
4&R!>> dn m ]`T K~ c{ d( -L B.1 €E\*tHjuP, b -`aL
(1). nP] b nQ] 1w P Q "
(2). A:P b A:Q 1w P Q u A Action "
2
r B.2 d0`€E P Q y R h
(1).
(2).
(3).
(4).
P
P
P
P
P"
Q= Q b P "
Q Q b R = P
Q= P Q b
b
)
b
b
)
* b
b
)
R"
c{d`d4(J
B.3 d}*w 4\*tHjuP, -`aL
C
C D = C = (~r) P P D = (~r) Q Q P
4
0
h
00
i
0
h
i
00
b
0
Q P
0
00
Q
00
~K C ~- s Z c{ dn 4.14 cdjn D4 dj ] ?>7 r= cwD-BK B9 6 djU Th-Ln B.6 r B.4 1w C D s (n)C (n)D * C D c{di C = (~r) P P D = (~r) Q Q P b Q : P Q 3
@;{Lk`
(1). q n fn(P ) n B.2.(4) (n 4.3 i n fn(Q ) l 4 (n)C = (~r) P (n)P
(~r) Q (n)Q = (n)D -L'* (2). q n fn(P ) B 3]` &@; (a) q P = mP ] m = n : n fn(P ) B (n)C = (~r) m(n)P ] P % P b Q
c{di Q = mQ ] : P Q 5"~ P Q eXn 4.3 n` n fn(Q ) l 4 (n)D = (~r) m(n)Q ] Q ` i (n)C (n)D -L'* (b) : B ` i (n)C = (n~r) P P : (n)D = (n ~r) Q Q -L'* ] ~ qn@;c 3P ni -L'* 00
i
0
62
h
0
h
0
0
h
00
i
0
0
00
0
62
h
0
00
00
i
00
i
0
2
0
0
6
1
0
00
62
0
0
1
1
0
h
1
h
0
0
i
00
1
00
i
0
h
1
00
i
00
0
62
00
00
h
0
i
00
r B.5 (n)(m)C (m)(n)C * _n B.4 c3P`d4(J
--~> ~-sZ c{ d` ecn B.6 b+n 4.14 )Orc-L
C
111
0
_9 2 _3 4.14 i<
112
r B.6 1w P Q - Q > D sVq C "* P > C - C D * P Q c-Y?!}dj]`& ]#'* k P Q zW
(1). q P > C B>7 D R4 Q > D : C D "
(2). q Q > D B>7 C R4 P > C : C D (Struct Re) 4 P = Q `i#'* (Struct Symm) 4 Q P # (1) n }# (2) `$ # (2) n }# (1) `
$
(Struct Trans) 4 P R : R Q # (1) #{ P > (~p) P P }# (1)
i R > (~r) R R P b R : P R 5}# (1) i Q > (~q) Q Q R b Q : R Q b ( c,r % n` P b Q : P Q # (1) '* #
(2) cdj # (1) 4(J (Struct Res) 4 P = (n)P Q = (n)Q : P Q # (1) #{ (n)P > C UzB (Harden Res) `$n P > C : C = (n)C }# (1) i>
7 D' R4 Q > D : C D " ~ (Harden Res) n` Q = (n)Q > (n)D n B.4 i (n)C (n)D # (1) '* # (2) cdj # (1) 4(J (Struct Par) 4 P = P R Q = Q R : P Q # (1) #{ P R >
(~r) P P L- L {) ]` & Bj T
(Harden Par 1) 4 P > (~r) P P P = P R : ~r fn(R) = }#
(1) i Q > (~r) Q Q P b Q : P Q " ~ (Harden Par 1) `
Q R > (~r) Q (Q R) P R Q R i # (1) '* (Harden Par 2) 4 R > (~r) P P P = P P : ~r fn(P ) = n
4.3 i fn(P ) = fn(Q ) l 4 ~r fn(Q ) = " ~ (Harden Par 1) `
Q R > (~r) P (Q P ) P P
Q P i # (1) '* # (2) cdj# (1) 4(J
(Struct Repl) 4 P =!P Q =!Q : P Q # (1) #{ !P > (~r) P P Uz (Harden Repl) `$ n P > (~r) P P : P = P !P }#
(1) i Q > (~r) Q Q P b Q : P
Q " ~ (Harden Repl) ` !Q > (~r) Q (Q !Q ) P !P Q !Q i # (1) '* # (2) cdj # (1) 4(J
(Struct Amb) 4 P = nP ] Q = nQ ] : P Q # (1) #{ nP ] >
(~r) P P Uz (Harden Amb) `$ n P = nP ] ~r = : P = 0 %
"~ (Harden Amb) nQ ] > () nQ ] 0 \i P Q i nP ] b nQ ] l4
# (1) '*# (2) cdj# (1) 4(J
(Struct Action) 4 P = M:P Q = M:Q : P Q # (1) #{ M:P > C n 4.11 z>7]`&@; (1). M > A:N C = () A:P 0 : P N:P 4 n 4.12 i M:Q > () A:Q 0
: Q N:Q P Q n` P N:P N:Q Q l4 A:P b A:Q # (1)
'*
0
h
0
0
00
00
i
0
00
0
00
0
0
0
0
0
0
j
0
0
j
0
h
0
h
000
i
0
h
1
j
0
h
i
000
i
000
i
j
0
1
1
j
1
1
000
j
1
h
1
h
1
0
i
000
j
000
i
000
1
0
1
j
1
1
000
j
0
0
h
000
i
h
1
1
1
i
1
1
0
000
j
i
00
1
1
i
1
1
1
1
0
00
0
h
000
0
1
0
1
1
1
1
1
00
i
f g \
1
0
000
000
j
h
000
j
1
1
0
1
1
f g \
000
j
00
f g \
000
j
j
000
000
000
i
000
0
j
1
1
00
0
000
1
h
0
00
i
h
0
0
j
1
1
1
00
0
1
1
00
00
i
0
1
h
0
0
0
h
0
0
00
i
00
0
0
0
h
1
f g
00
1
1
1
1
1
1
h
1
1
1
0
0
0
0
i
113
(2). M = : P > C 4 e X }# (1) >7 D R4 Q > D : C D n 4.13
i M:Q > D # (1) '*
# (2) cdj# (1) 4(J
(Struct Par Zero) 4 P = Q 0 # (1) #{ P > C Uz ]` j T `$ (Harden Par 1) 4 Q > (~q) Q Q : C = (~q) Q (Q 0) Q 0 Q i #
(1) '*
(Harden Par 2) 4 L. B$` 0 > C '* TU f V3 h n~ a ,wD B`$
cl4L@; hX h
# (2) #{ Q > (~q) Q Q B" ~ (Harden Par 1) ` Q 0 > (~q) Q (Q 0) Q 0 Q i# (2) '*
(Struct Par Comm) 4 P = R R : Q = R R # (1) #{ P = R R > C Uz]` jT `$
(Harden Par 1) 4 R > (~r) R R C = (~r) R (R R ) : ~r fn(R ) = " ~ (Harden Par 2) n` Q = R R > (~r) R (R R ) R R R R
i# (1) '*
(Harden Par 2) dj (Harden Par 1) 4(J # (2) cdj# (1) 4(J
(Struct Par Assoc) 4 P = (R R ) R : Q = R (R R ) # (1) #{
P = (R R ) R > C Uz ]` j T `$ (Harden Par 1) 4 (R R ) > (~r) R R C = (~r) R (R R ) : ~r fn(R ) =
% (R R ) > (~r) R R L z ]` j T `$ (Harden Par 1) 4 R > (~r) R R R = (R R ) : ~r fn(R ) = - - ~r fn(R ) = ni ~r fn(R R ) = " ~ (Harden Par 1) R > (~r) R R n` Q = R (R R ) > (~r) R (R (R R )) %
R R = (R R ) R R (R R ) l 4# (1) '* (Harden Par 2) 4 R > (~r) R R R = (R R ) : ~r fn(R ) = " ~ (Harden Par 1) ~r fn(R ) = ( R > (~r) R R n` R R >
(~r) R (R R ) 5 e X ~r fn(R ) = " ~ (Harden Par 1) n`
Q = R (R R ) > (~r) R (R (R R )) % R R = (R R ) R R
(R R ) l 4# (1) '* (Harden Par 2) dj (Harden Par 1) 4(J # (2) cdj# (1) 4(J
(Struct Res Zero) 4 P = (n)0 : Q = 0 h >7 P > C ( Q > D l 4# (1) (2) n''* (Struct Res Res) 4 P = (n)(m)R : Q = (m)(n)R U#{ n = m : B# f V
'*# (1) #{ P > C Uz$~&7 (Harden Res) `$: R > C
: C = (n)(m)C $ ~ &7 (Harden Res) n` Q > (m)(n)C e X n B.5 i
(n)(m)C (m)(n)C l 4# (1) '* # (2) cdj # (1) 4(
J
1
1
1
j
0
h
0
h
00
j
00
i
00
j
00
i
j
j
j
1
2
h
1
2
0
1
1
j
2
00
0
h
00
i
j
1
j
j
0
h
2
f g \
j
0
h
00
3
i
1
0
j
00
i
1
2
1
1
i
j
2
0
i
0
00
i
j
1
i
j
2
j
2
j
2
j
2
j
j
00
1
j
j
2
0
h
i
j
j
2
2
f g\
2
00
00
1
1
2
j
2
2
00
j
1
3
00
i
j
f g\
3
3
h
i
1
j
f g \
2
2
3
0
h
3
00
1
2
3
j
j
00
i
1
j
2
j
3
3
00
f g \
0
00
1
2
1
1
3
00
1
f g \
3
3
0
h
00
i
00
j
00
f g \
00
0
h
1
3
h
2
h
1
j
00
3
1
j
0
h
h
2
1
00
1
1
j
2
1
3
1
j
j
00
i
2
j
00
i
00
1
0
h
00
2
j
f g \
2
h
2
1
3
00
j
0
00
i
1
2
2
j
3
3
00
j
3
1
j
00
2
j
1
j
3
6
0
0
0
0
0
_9 2 _3 4.14 i<
114
(Struct Res Par) 4 P = (n)(R R ) Q = R (n)R : n fn(R ) # (1) #{ P > C Uz (Harden Res) `$ : C = (n)C : R R > C U
C = (~r) R R ~r 4 &Om - ) l 4n n ~r ` e 3 @;{L (n)C cY {d
q n fn(R ) B R R > (~r) R R L{]` jT `$ (Harden Par 1) 4 R > (~r) R R R = R R : ~r fn(R ) = n 4.4 ni R (~r)(R R ) l 4 fn(R ) = (fn(R ) fn(R )) ~r n fn(R )
( n ~r n` n fn(R ) U \ i T Al 4 L @; h n (Harden Par 2) 4 R > (~r) R R R = R R : ~r fn(R ) = 4
3 (a) (b) &@;{L (a) k R = mRm] m = n : n fn(R ) n n fn(R ) fn(R ) : C = (~r) m(n)Rm ] (R R ) B (Harden Res)
ni (n)R > (~r) m(n)Rm] R 5 (Harden Par 2) n` R (n)R >
(~r) m(n)Rm] (R R ) l 4# (1) '* (b) : B C = (n~r) R R (Harden Res) ni (n)R > (n~r) R R 5 n fn(R ) "~ (Harden
Par 2) n` R (n)R > (n~r) R (R R ) l 4# (1) '* q n fn(R ) B C = (~r) R (n)R : R R > (~r) R R L { ]` j T `
$
(Harden Par 1) 4 R > (~r) R R R = R R : ~r fn(R ) = ~r fn(R ) = i ~r fn((n)R ) = l 4" ~ (Harden Par 1) n
` R (n)R > (~r) R (R (n)R ) n 4.4 ni R (~r)(R R ) l 4 fn(R ) = (fn(R ) fn(R )) ~r e X \ i n fn(R ) ( n ~r n`
n fn(R ) l 4 (n)R = (n)(R R ) R (n)R # (1) '* (Harden Par 2) 4 R > (~r) R R R = R R : ~r fn(R ) = n ~r fn(R ) "~ (Harden Res) ni (n)R > (~r) R (n)R 5
~r fn(R ) = " ~ (Harden Par 2) n` R (n)R > (~r) R (R (n)R ) %\ i n fn(R ) 9 d+ (n)R = (n)(R R ) R (n)R l 4# (1) '
*
# (2) cdj# (1) _4(J
(Struct Res Amb) 4 P = (n)mR] Q = m(n)R] : n = m # (1) #{
P > C Uz (Harden Res) `$ : mR] > C : C = (n)C % .Tz (Harden Amb) `$ : C = () mR] 0 U L C = (n)() mR] 0 e X n 3 : H
fn(R) 3]`&@;{L q n fn(R) B C = () m(n)R] 0 (Harden Amb) ni Q > () m(n)R] 0 # (1) '*
q n fn(R) B C = () mR] (n)0 (Harden Amb) ni Q > () m(n)R] 0 V % n fn(R) ` i R (n)R l 4 mR] b m(n)R] 2 (Struct Res Zero)
i (n)0 0 l4# (1) '*
# (2) cdj# (1) _4(J
j
1
2
1
j
62
2
1
0
0
h
0
00
i
1
j
0
h
2
0
1
62 f g
0
00
i
00
j
1
0
j
f g\
2
0
1
1
2
00
1
00
00
;f g
1
0
h
00
i
00
00
j
1
2
00
1
h
i
i
j
2
0
1
j
i
h
h
2
0
1
0
i
00
1
1
i
1
00
j
0
h
2
00
00
1
j
i
h
i
00
1
00
f g \
2
2
00
2
1
00
j
1
2
1
00
1
1
j
00
j
f g \
2
1
0
h
1
0
h
2
2
1
2
j
00
00
j
62 f g
1
2
0
1
j
2
0
62 f g 62
0
i
2
; f g
1
00
00
j
1
1
1
62
2
2
00
2
i
00
j
00
00
2
1
f g\
i
f g \
00
2
0
00
1
0
h
h
0
2
0
h
h
2
j
1
2
2
0
f g \
2
00
2
1
00
j
1
00
62
00
j
1
i
1
6
h
2
h
2
0
2
f g \
2
0
62
2
1
2
62
0
2
00
i
h
1
j
62 f g
0
2
1
00
i
i
2
1
j
00
2
00
j
2
6
0
0
2
h
62
h
62
h
0
h
i
i
i
i
h
i
h
i
115
(Struct Empty) 4 P = :Q # (1) #{ P = :Q > C Uz (Harden Empty)
`$: Q > C l4# (1) '*# (2) #{ Q > C "~ (Harden Empty)
n` P = :Q > C # (2) '*
(Struct Path) 4 P = (M:M ):R : Q = M:(M :R) # (1) #{ P = (M:M ):R > C Uz (Harden Path) `$ :
M:(M :R) > C n Q > C l4# (1) '* # (2) #{ Q = M:(M :R) > D n'" ~ (Harden Path) n ` P = (M:M ):R >
D # (1) '* (Struct Repl Par) 4 P =!R : Q = R !R # (1) #{ P =!R > (~r) R R Uz (Harden Repl) `$ :
R > (~r) R R : R = R !R n 4.4 ni !R (~r)(R R ) 5" ~n 4.3 n
` fn(!R) = (fn(R ) fn(R )) ~r l 4 ~r fn(!R) = " ~ (Harden Par 1) n`
Q = R !R > (~r) R (R !R) = (~r) R R l 4# (1) '* # (2) #{ Q = R !R > (~r) R R Uz ]` j T `$ (Harden Par 1) 4 R > (~r) R R R = R !R : ~r fn(!R) = (Harden
Repl) n` !R > (~r) R R !R = (~r) R R # (2) '* (Harden Par 1) 4 !R > (~r) R R R = R R : ~r fn(R) = % !R >
(~r) R R z (Harden Repl) `$ : R > (~r) R R : R = R !R l 4
R = R !R R !R R R R R # (2) '* (Struct Repl Zero) 4 P =!0 : Q = 0 h >7 P > C ( Q > D l 4# (1) (2)
n''*
] ~ qn@;c 3P ni -L'* 0
0
0
0
0
0
j
0
h
h
0
000
i
00
0
j
h
000
00
0
000
i
j
; f g
f g \
0
h
i
h
0
h
000
i
j
h
000
000
i
j
00
i
0
000
j
f g\
j
000
f g \
h
1
j
j
j
000
00
00
i
00
000
i
1
0
00
h
h
0
0
000
i
00
j
00
j
0
0
j
h
00
i
0
i
1
000
1
j
116
_9 2 _3 4.14 i<
3
{
5.31 w+ p
|s
BK BdjQ~ `> h % F . s =c n r C.1 1w ! P > (~p) Q R sVq P "* P > (~p) Q P R = P
h
~p
f g\
0
i
h
0
i
0
!P -
j
fn(P ) = * -L ! P > (~p) Q R :! (Harden Repl) B`$ :. P >
(~p) Q P : R = P ! P n 4.3 (n 4.4 ni fn(P) = fn((~p)(Q P ) l 4 ~p fn(P) =
h
h
0
i
0
i
j
0
j
f g\
A
r C.2 1w ! P
Q sVq R "* P A R - Q R ! P ;!
;!
j
* -L ! P A Q :! (Trans Cap) B`$:. ! P > (~p) A : P P fn(A) ~p = : Q = (~p)(P P ) n C.1 ni >7 P $` P > (~p) A : P P P = P ! P : ~p fn(P) = 7 R = (~p)(P P ) B (Trans Cap) i P A R :
;!
\ f g
00
000
0
j
000
0
Q = (~p)(P P ) = (~p)(P P
00
j
00
j
f g \
0
0
h
0
j
r C.3 1w ! P
000
0
h
000
j
00
i
000
i
;!
! P) R ! P j
j
Q sVq R "* P P R - Q R ! P ;!
j
;!
j
* ! P Q c-Y? ! }
(Trans Amb) 4 ! P > (~p) nP ] P P P : Q = (~p)(nP ] P ) ! P >
(~p) nP ] P "~n C.1 ni>7 R R4 P > (~p) nP ] R P = R ! P : fn(P)
~p = 5"~ (Harden Par 1) n` P P > (~p) nP ] (R P ) 5 (Trans Amb) n
i P P R U R = (~p)(nP ] R P) 2 Q = (~p)(nP ] P ) = (~p)(nP ] R
! P) (~p)(nP ] R P ) ! P = R ! P l 4 -L'* (Trans In) 4 ! P > (~p) nP ] P P in m P P > (~r) mP ] P P in n P ~r fn(nP ] ) = ~r ~p = : Q = (~p~r)(nmP ] P ] P ) ! P > (~p) nP ] P
" ~n C.1 ni>7 R $` P > (~p) nP ] R P R ! P : ~p fn(P ) = P > (~r) mP ] P ( P R ! P " ~n 4.14 ni>7 R ! P > (~r) mP ] P :
P P P P V %z ]` &@;n ]- Y R ! P > (~r) mP ] P (Harden Par 1) 4 R > (~r) mP ] P P = P ! P : ~r fn( ! P ) = (1) P > (~p) nP ] R ( ~p fn(P ) = "~ (Harden Par 1) ni P P > (~p) nP ] (R
P) (2) 5 R > (~r) mP ] P ( ~r fn(P ) = ~r fn( ! P) = "~ (Harden
Par 1) n` R P > (~r) mP ] (P P ) (3) 5 P P ( P in n P " ~n 4.15 ni>7 P $` P in n P : P P 0 - (1),(2),(3) (\ i P in m P ~r fn(nP ] ) = ~r
~p = "~ (Trans In) n` P P (~p~r)(nmP ]
P ] P P) = R % fn(P) ~p ~r = ` i Q = (~p ~r)(nmP ] P ] P )
(~p~r)(nmP ] P ] P ) (~p~r)(nmP ] P ] P ! P ) R ! P l 4-L'* (Harden Par 2) 4 ! P > (~r) mP ] P P = R P : ~r fn(R ) = ! P > (~r) mP ] P "~n C.1 ni>7 R $` P > (~r) mP ] R P = R ! P
;!
h
h
1
f g
i
i
1
2
1
2
0
;!
1
0
1
0
j
j
j
1
0
j
3
5
4
3
1
f g\f g
i
i
2
4
0
2
0
i
1
j
i
1
2
5
j
1
5
0
j
1
j
i
5
5
;!
i
i
0
0
j
1
7
5
i
7
f g \
7
0
0
5
5
f g \ f g
6
6
i
4
j
j
h
5
3
3
5
5
i
j
1
7
6
00
7
117
j
0
j
0
;!
1
0
3
7
j
0
5
0
j
0
i
;!
0
1
3
1
j
6
;!
3
g
6
0
i
h
0
i
5
f g \
5
2
j
h
i
1
f g \
f g \
j
3
h
j
j
0
;!
3
j
7
h
5
\
4
0
j
\ f
h
0
0
j
0
j
0
j
2
3
h
0
7
j
h
2
1
0
f g\
5
j
0
;!
3
h
h
1
2
0
j
0
0
0
1
i
j
2
1
h
0
0
0
6
1
f g \
1
0
h
i
1
j
0
h
h
0
j
h
2
0
1
h
j
f g\
0
1
0
j
;!
0
j
1
j
4
j
0
f g \
7
h
5
i
00
7
00
j
j
_9 3 _3 5.31 i<
118
: ~p fn(P ) = (1) P > (~p) nP ] R ( ~p fn(P) = "~ (Harden Par
1) ni P P > (~p) nP ] (R P) (2) 5 P > (~r) mP ] R ( ~r fn(R ) =
" ~ (Harden Par 2) n` R P > (~r) mP ] (R R ) (3) 5 P P (
P in n P " ~n 4.15 ni>7 P $` P in n P : P
P 0 - (1),(2),(3)
in m
(\ i P
P ~r fn(nP ] ) = ~r
~p = "~ (Trans In) n
`P P
(~p~r)(nmP ] P ] R R ) = R % fn(P ) ~p ~r = ` i
f g\
h
j
h
0
i
1
3
j
j
h
5
0
3
;!
f g \
1
0
;!
j
5
0
j
1
i
1
0
0
;!
5
5
1
h
0
0
f g \
j
0
;!
0
i
1
5
00
i
00
j
0
5
5
3
0
f g \ f g
5
0
3
00
j
0
f g\
\ f
g
Q = (~p~r)(nmP ] P ] P ) (~p ~r)(nmP ] P ] P ) (~p~r)(nmP ] P ] R
P ) (~p~r)(nmP ] P ] R R ! P) R ! P l 4-L'* (Trans Out)(Trans Open) r~_ (Trans In) c &` i#'* 4(J
0
j
3
7
0
0
j
1
0
j
5
4
0
j
1
0
5
00
j
j
0
j
1
j
0
6
0
j
5
1
j
0
j
j
] ~ qn@;c 3P ni -L'* r C.4 1w H( ! P)
H(P k )
+2
;!
H (P k ) R sVq H "* R
0
H ( ! P ) -d0`jnv@ k bh
0
0
;!
* { 5.20 ni H( ! P ) R a:$L]`@;j T '* (Act Proc) 4 ! P P : R H(P ) ! P P "~n C.3 ( { 4.17 ni>7
Q $` P P
Q : P Q ! P 7 H = H(Q ) R H(Q ! P ) = H ( ! P ) 6 'a a0I _Q k P P P k Q P k l 4 H(P k ) H(Q P k) n
H(P k ) H (P k ) -L'* (Act Har) 4 H
H : R H ( ! P) 7 H = H (P P
) B R H (P P
k
k
! P) = H ( ! P) : a a0I _Q k H(P ) H (P ) = H (P k ) -L'* (Act Inter) 4 >7 H ( ~r R4 ~r fn(P) = : ]` jT'* (Inter In) 4 H (~r)H (m R ] nR ] ) ! P in n P R in m R : R
(~r)H (nmP R ] R ] ) n C.2 ni>7 Q R4 P in n Q : P Q ! P 7 H = (~r)H (nm P Q R ] R ] ) B R (~r)H (nmQ ! P R ] R ] )
(~r)H (nm ! P P Q R ] R ] ) = H ( ! P ) : a a0I _Q k H(P k )
(~r)H (mP k P P R ] nR ] )
(~r)H (nmP k P Q R ] R ] ) = H (P k ) L'*
(Inter Out) 4 H (~r)H (nm
R ] R ] ) ! P out n P R out m R :
R (~r)H (mP R ] nR ] ) n C.2 ni>7 Q R4 P out n Q : P Q ! P 7 H = (~r)H (m P Q R ] nR ] ) B R (~r)H (mQ ! P R ] nR ] )
(~r)H (m ! P P Q R ] nR ] ) = H ( ! P ) : a a0I _Q k H(P k )
(~r)H (nmP k P P R ] R ] )
(~r)H (mP k P Q R ] nR ] ) = H (P k ) L'*
(Inter Open) 4 H (~r)H ( nR ] ) ! P open n P R open R : R (~r)H (P
R ) n C.2 ni>7 Q R4 P open n Q : P Q ! P 7 H = (~r)H ( P Q
R ) B R (~r)H (Q ! P R ) (~r)H ( ! P P Q R ) = H ( ! P ) : a a0I _
Q k H(P k ) (~r)H (P k P P nR ] ) (~r)H (P k P Q R ) = H (P k) L'*
;!
0
;!
j
0
;!
0
0
j
j
+2
;!
;!
j
j ;
;!
00
00
0
+2
f g\
0
0
0
0
j
j
j
;!
j
0
0
j
j
j
j
j
0
j
2
j
;!
1
j
j
1
j
; j
0
j
0
1
0
j
0
2
j
1
2
0
0
j
0
;!
2
j
0
1
j
2
j
0
2
+2
j
0
;!
1
0
1
j
j
0
j
1
j
;!
j
j
0
1
1
j
0
j
0
1
0
j
0
0
0
; j
1
j
j
0
1
0
0
0
j
0
2
;!
j
0
0
;!
j
;!
2
;!
2
0
j
j
j
2
1
0
j
2
0
0
j
j
+2
0
j
1
0
+2
j
;!
1
0
0
;
j
j
2
2
2
j
0
;!
2
0
2
j
j
0
;!
0
j
j
0
+2
2
0
0
j
j
0
j
1
1
j
1
00
j
j
j
1
; j
0
0
1
00
j ;
;!
0
;!
j
2
; j
j
00
0
j
1
j
0
;
0
0
0
1
0
j
+2
j
0
0
0
;!
0
0
j
j
j
119
(~r)H (mR ] n
R ] ) ! P in m P R in n R :
R (~r)H (nmR ] P R ] ) n C.2 ni>7 Q R4 P in m Q : P Q ! P 7 H = (~r)H (nmR ]
P Q R ] ) B R (~r)H (nmR ] Q ! P R ] )
(~r)H (nmR ] ! P P Q R ] ) = H ( ! P) : a a0I _Q k H(P k )
(~r)H (mR ] nP k P P R ] )
(~r)H (nmR ] P k P Q R ] ) = H (P k ) L'*
(Inter Co-out) 4 H (~r)H (nmR ]
R ] ) ! P out m P R out n R :
R (~r)H (mR ] nP R ] ) n C.2 ni>7 Q R4 P out m Q : P Q ! P 7 H = (~r)H (mR ] n P Q R ] ) B R (~r)H (mR ] nQ ! P R ] )
(~r)H (mR ] n ! P P Q R ] ) = H ( ! P) : a a0I _Q k H(P k )
(~r)H (nmR ] P k P P R ] )
(~r)H (mR ] nP k P Q R ] ) = H (P k ) L'*
(Inter Co-open) 4 H (~r)H (n R ] R ) ! P open P R open n R :
R (~r)H (P R R ) n C.2 ni>7 Q R4 P open Q : P Q ! P 7
H = (~r)H ( P Q R R ) B R (~r)H (Q ! P R R ) (~r)H ( ! P P
Q R R ) = H ( ! P) : a a0I _Q k H(P k ) (~r)H (nP k P P R ]
R ) (~r)H (P k P Q R R ) = H (P k ) -L'* (Inter Amb In) 4 !P > (~p) nQ] P Q in m Q H (~r)H ( mR ] ) R in n
R ~p fn(mR ] ) = : R (~r)H ((~p)(mnQ ] R ] P )) !P > (~p) nQ] P
"~n C.1 ni>7 P R4 P > (~p) nQ] P P = P ! P : ~p fn(P) = 7 H = (~r)H ( P (~p)(mnQ ] R ] P )) B R (~r)H ((~p)(mnQ ] R ]
P ! P)) (~r)H ( ! P P (~p)(mnQ ] R ] P )) = H ( ! P ) : a a0I _Q k H(P K ) (~r)H (P k P P mR ] )
(~r)H (P k P (~p)(mnQ ] R ] P )) =
H (P k ) -L'* (Inter Amb Co-in) 4 !P > (~p) nQ] P Q in m Q H (~r)H ( mR ] ) R in n R ~p fn(mR ] ) = : R (~r)H ((~p)(nmR ] Q ] P )) !P >
(~p) nQ] P " ~n C.1 ni>7 P R4 P > (~p) nQ] P P = P ! P
: ~p fn(P) = 7 H = (~r)H ( P (~p)(nmR ] Q ] P )) B R
(~r)H ((~p)(nmR ] Q ] P ! P)) (~r)H ( ! P P (~p)(nmR ] Q ] P )) =
H ( ! P ) : a a0I _Q k H(P K ) (~r)H (P k P P mR ] )
(~r)H (P k
P (~p)(nmR ] Q ] P )) = H (P k ) -L'* (Inter Amb Out 1) 4 !P > (~p) nQ] P Q out m Q H (~r)H (m R ] ) R out n R ~p fn(mR ] ) = : R (~r)H ((~p)(nQ ] mP R ] )) !P >
(~p) nQ] P " ~n C.1 ni>7 P R4 P > (~p) nQ] P P = P ! P : ~p
fn(P) = 7 H = (~r)H ((~p)(nQ ] m P P R ] )) B R (~r)H ((~p)(nQ ]
mP ! P R ] )) (~r)H ((~p)(nQ ] m ! P P P R ] )) = H ( ! P) : a a0I _
Q k H(P K ) (~r)H (mP k P P R ] ) (~r)H ((~p)(nQ ] mP k P P
R ] )) = H (P k ) -L'* (Inter Co-in) 4 H
0
0
0
j
j
j
0
j
1
0
0
0
0
0
0
j
1
0
1
j
j
j
;!
2
0
0
2
1
0
j
j
j
j ;
j
;!
2
j
0
j
0
0
j
j
1
; j
0
j
j
1
j
1
j
j
0
i
j
j
0
j
j
j
j
2
2
0
j
1
2
j
2
0
;!
2
0
0
0
0
;!
j
0
j
0
0
0
j
j
1
j
j
j
j
1
0
0
j
j
j
;!
2
0
h
0
0
;!
1
0
0
2
+2
2
0
0
j
1
2
2
+2
0
;
0
1
j
0
;!
j
j
j
;!
2
1
0
j
2
2
f g\
j
j
+2
0
j
0
00
00
j
2
2
h
1
j
1
0
;!
0
0
0
j
j
1
j
+2
0
1
j
j
j
j
1
; j
0
j
j
0
;!
0
1
0
2
; j
j
0
0
;!
1
0
2
j
0
;!
2
2
0
j
1
j
j
0
j
;!
j
j
;
2
j
j
1
j
1
j ; j
1
1
0
j
0
0
0
0
0
j
1
0
0
j
0
j
0
j
1
;!
1
0
00
00
1
;!
1
h
j
0
i
f g\
j
; j
0
j
1
00
j
1
j
00
i
0
0
0
0
0
j
j
1
0
j
0
0
j
0
j
00
j
1
0
h
1
;!
h
0
f g \
1
1
0
0
0
j
1
0
0
00
j
j
+2
0
j
1
0
j
j
00
h
f g \
1
j
0
j
0
1
+2
0
1
0
1
0
j
j
0
j
1
j
00
00
j
0
0
;!
0
0
0
j
j
0
j
;!
1
0
0
0
j
j
0
h
; j
j
j
0
00
00
j
j
0
j
1
0
i
0
i
0
1
0
00
i
j
; j
00
j
0
0
h
0
j
0
j
1
h
;
0
0
0
0
1
00
f g \
;!
0
;!
0
i
0
i
j
j
j
00
1
j
;!
00
j
j
i
0
j
00
1
00
1
1
0
j
0
0
0
; j
0
j
f g\
0
0
j
0
1
0
0
j
j
j
00
j
_9 3 _3 5.31 i<
120
(Inter Amb Out 2) 4 !P > (~p) nQ] P Q out m Q P out n P H (~r)H (m
R ] ) ~p fn(mR ] ) = : R (~r)H ((~p)(nQ ] mP R ] )) !P >
(~p) nQ] P " ~n C.1 ni>7 P R4 P > (~p) nQ] P P = P ! P :
~p fn(P) = P = P ! P out n P " ~n 5.18 ni L ]` @;j T '* P out n P : P P ! P 47 H = (~r)H ((~p)(nQ ] m P P R ] )) B R (~r)H ((~p)(nQ ] mP ! P R ] )) (~r)H ((~p)(nQ ] m ! P P P
R ] )) = H ( ! P ) : a a0I _Q k H(P K ) (~r)H (mP k P P R ] )
(~r)H ((~p)(nQ ] mP k P P R ] )) = H (P k ) -L'* ! P out n P : P
P P 4 e X n C.2 ni>7 P R4 P out n
P :P
P ! P 7 H = (~r)H ((~p)(nQ ] m
P P R ] )) B
R (~r)H ((~p)(nQ ] mP P ! P R ] )) H ( ! P ) : a a0I_Q k h
f g \
1
h
i
0
0
;!
00
1
0
1
1
j
j
1
j
j
1
;!
0
2
2
j
00
2
0
j
j
1
j
1
0
j
j
j
; j
0
1
0
j
j
1
j
j
j
0
1
j
2
0
j
j
1
j
;!
1
0
0
j
j
;!
2
0
0
1
1
0
0
0
0
2
j
2
0
1
1
0
+2
0
0
0
0
0
i
j
; j
0
00
;!
0
00
j
h
0
0
00
;!
0
0
j
0
1
0
1
1
0
;!
0
f g\
1
0
i
j
j
j
j
j
1
j
2
1
0
1
;
0
H(P K ) (~r)H (mP k P P R ] )
(~r)H ((~p)(nQ ] mP k P P
R ] )) = H (P k ) -L'* (Inter Amb Co-open) 4 !P > (~p) nQ] P Q open Q H (~r)H ( R ) R open n R ~p fn(mR ] ) = : R (~r)H ((~p)(Q P R )) !P >
(~p) nQ] P " ~n C.1 ni>7 P R4 P > (~p) nQ] P P = P ! P :
~p fn(P ) = 7 H = (~r)H ( P (~p)(Q P R )) B R (~r)H ((~p)(Q
P ! P R )) (~r)H ( ! P P (~p)(Q P R )) = H ( ! P ) : a a0I _Q k H(P K ) (~r)H (P k P P R )
(~r)H (P k P (~p)(Q P R )) = H (P k ) -L'*
] ~ qn@;c 3P ni -L'* +2
j
0
j
j
h
0
;!
f g \
1
h
i
0
0
j
+2
1
j
0
j
0
; j
0
j
j
j
j
1
0
0
h
0
j
0
j
0
;!
00
j
0
i
1
0
f g\
00
0
0
1
0
j
2
j
0
1
1
;!
1
j
00
;!
j
00
j
j
; j
1
0
0
00
1
1
0
j
00
i
j
0
0
0
j
0
0
j
0
1
j
0
0
j
j
00
j
0
0
1
r 5.31 1w H( ! P) n '#Vqv@ k 97 H(P k) n * H( ! P) n c-Y? ! }
(Conv Exb) 4 H( ! P) n n 5.28 ni ]` j T'*"
(1). a a Q H(Q) n 4J k = 1 n H(P ) n (2). ! P n : a a Q n H(Q) n 4 n 5.26 ni>7 ~p P ( P $`
! P > (nP ]) P : n ~p n C.1 n`>7 P R4 P > (~p) nP ] P P = P ! P : ~p fn(P) = 5 n 5.26 n` P n J k = 1 n H(P ) n (3). ! P A P A BarbedAction : a a Q A Q A BarbedAction H(Q) n n C.2 ni>7 R R4 P A R l 4J k = 1 n H(P ) n (Conv Red) 4 H( ! P) Q : Q n n C.4 ni>7 H R4 Q H ( ! P) : a a
0I _Q j H(P j )
H (P j ) Q n : Q H ( ! P ) " ~n 5.6 ni H ( ! ) n :L-n Q n Lc-Y`$ }#i>7_Q k $` H (P k) n 5\i H(P k ) H (P k) "~ (Conv Red) ni H(P k ) n ] ~ qn@;c 3P ni -L'* +
+
+
#
#
#
#
#
0
00
000
;!
j
h
i
00
0
#
000
62 f g
f g\
2
;!
#
+2
;!
0
+
2
;!
0
0
0
0
+
+2
0
000
#
0
+
0
i
#
0
;!
;!
0
h
#
0
0
00
+2
+
+
+
f
.
7L >) 'j {E > dN ~ ]U_E cYB#@ t. E $ ' 4 #@4
Yc~ 3kt f s J " c T6 & 74 #@ Tn7 6Xm <( \ ~ b 9 E _9
Inc176J~#@'+\WX":NFcvY &Yx\E _ISzo}
/ g E _ -6 ; ' 9 Wo] c 6 Je J(Xg ~ `Yah bE _ o I)c7R7
l @ ~ #@Enc ) { I 8cm < >(l @ J K 4E _\], > +9 ! cv]
( ~gc l@G $ E _ v^G{z m90 6 J~c8 <( zo 7 \ ~ #@ B
_B Y \ 9 *d I 8 #N 6m T &W t(\; v X~#@@ 4E cY 3 EJ c
$Ak Y#@cvY (1 ~ ]{+ k , n ] 7 nc;+09 c 6 J ; y (F Ic &-a( ) r c {+T ' h !7 ENU_ m | 5#@ 3m#@c 5Q( 2 t A u (E J?+|$ct f e
2 L/5 m#@7E 90 < P ( L >) @c Qb + EG ]c 1 m#@ E
cd\(O~4E? Tl c <PzoJ+5Ic; ELNU_G ^ O #@ G #@ ] t 4 c 6 J n l ( I) W 7)c 6 JL > /@ + vAc
gw T* $ E 7 t f e m 6 L K{! f$.?c S/Z e E 6 ] Q n ]7 6{tf
e6 J < PJX TW jm G #@c - @ i ? Tl $ EG #@c e6W > (: >cm 6
@8+3M\
ELNU_3kt f s J " ce\ A #@ {^ 3 #@ YqD#@ ( { r _ E6 J
~(l@~c1 6 'ELNU_ Pascal Zimmer e . E 70 E f h ( L > F ) ~c 1 ]
k !t!! Email '' c 6 ; '6 T ~ ] 3 Roland Backhouse #@ ( Assaf J. Kfoury #
@6~qhcz :>` 6( }@m6 XcG| E cx \ U_ {^ )J _3 ,` )S = % )E 7 6X( m < ~c 1 ( I 8c9
A@9C d|U c W 2 E NFNh ) q E`& ec 1 9 6ENU_E c=] U_E c{& E c h€x \ (GE c ~7\ T 7@SXE
f$.Ac ~ j 7\ T 7' nX E b?) r ci * Tn Er3~ c\ T 7'n
cY/a}3P\7 ) c/}U_E cw= Tn]Ec0(H3vT%`AU_
* c y j 3 $ (E b?I 63v | $7 }x4E tt~ Aa +EOXE Y, ~Yv
_c~Ehn8 W
121
122
_9 3 _3 5.31 i<
}~ pL~ L€w p-€N (1). 1 J C1 B _RtE f5 S Z B c? Tl x. _o 6:_B ~_
(2). Xudong Guan, Yiling Yang, Jinyuan You. Typing evolving ambients. Info. Proc. Letters.
80(5):265-270, 2001, Elsevier.
(3). Xudong Guan, Yiling Yang, Jinyuan You. Making ambients more robust. In Proc. Int'l. Conf.
on Software: Theory and Practice, pp.377-384, Beijing, China, Aug. 2000.
(4). Xudong Guan, Yiling Yang, Jinyuan You. POM - A mobile agent security model against malicious
hosts. In Proc. HPC-Asia'2000, pp.1165-1166, Beijing, China, May 2000.
(5). Yiling Yang, Xudong Guan, Jinyuan You. Improving the interestingness of web usage mining.
J. Shanghai Jiao Tong Univ.(English), 2001. To appear.
(6). J C1 1 B _c S e;h ( Ks- s c S eW & \f _o 6:_B ~_
(7). J C1 1 C^| B _ Web d{ & \1(c Frame S e If t fe
l 27(2): 76-77, 2001.
(8). J C1 1 B _T] Qc Web d{ & \ Z_~ I 66: 34(7):932-935,
2000.
(9). Yiling Yang, Xudong Guan, Jinyuan You. Frame ltering in the data preprocessing for web usage
mining. In Proc. Int'l. Conf. on Intelligent Info. Processing, pp. 507-511, Beijing, China, Aug.
2000.
(10). Yiling Yang, Xudong Guan, Jinyuan You. Enhanced algorithm for mining frequently visited page
groups. In Proc. ICDCS'2000 Workshops, pp. F54-F57, Taipei, Taiwan, April, 2000.
123