Automata for relation algebra and formal proofs Damien Pous To cite this version: Damien Pous. Automata for relation algebra and formal proofs. Computer Science [cs]. ENS Lyon, 2016. tel-01445821 HAL Id: tel-01445821 https://hal.archives-ouvertes.fr/tel-01445821 Submitted on 25 Jan 2017 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. - ÉCOLE NORMALE SUPÉRIEURE DE LYON - Laboratoiredel’InformatiqueduParallélisme-UMR5668-LIP HABILITATIONÀDIRIGERDESRECHERCHES présentéeetsoutenuepubliquementle27septembre2016par Damien POUS Automata for relation algebra and formal proofs devantlacommissiond’examenforméede Luca ACETO rapporteur Arnaud DURAND examinateur Georges GONTHIER examinateur Peter JIPSEN rapporteuretexaminateur Olivier LAURENT examinateur François POTTIER rapporteuretexaminateur Igor WALUKIEWICZ examinateur Acknowledgements Jetienstoutd’abordàremercierLucasAceto,PeterJipsenetFrançoisPot- tier, qui ont accepté de relire ce manuscrit puis fait de nombreuses remar- ques afin de l’améliorer. Je remercie également Arnaud Durand, Georges Gonthier, Olivier Laurent et Igor Walukiewicz qui ont accepté de prendre partaujury. Viennentensuitelescollègues,étudiants,anciensprofesseursouamis, hurluberlussansquicetravailn’auraitjamaisvulejour:deJacquesSauloy àFilippoBonchi,enpassantparDanielHirschkoff,Tom(deSavoie),Mon- strencageetIouri. Je suis également redevable aux institutions: le CNRS pour la liberté qu’il m’accorde, Plume pour sa convivialité inégalée, et le LIP pour l’air frais et le nouveau point de vue qu’apportent chaque déménagement sur lesproblèmesquinousrésistenttrop. MercienfinàPamitosetnosjoyeuxtrublions,LucasetHugo. Contents Introduction 1 1 Relationalgebra 3 1.1 The(positive)calculusofrelations . . . . . . . . . . . . . . . 3 1.2 Theidealfragment:Kleenealgebra . . . . . . . . . . . . . . . 5 1.3 Thestrangefragment:allegories . . . . . . . . . . . . . . . . 8 1.4 Puttingitalltogether:Kleeneallegories . . . . . . . . . . . . 12 1.5 Kleenealgebrawithtests . . . . . . . . . . . . . . . . . . . . . 16 2 Automataalgorithms 23 2.1 Deterministicautomata . . . . . . . . . . . . . . . . . . . . . . 24 2.2 Non-deterministicautomata . . . . . . . . . . . . . . . . . . . 28 2.3 Automatawithalargealphabet . . . . . . . . . . . . . . . . . 40 3 AutomationintheCoqproofassistant 55 3.1 RelationalgebraandKATinCoq . . . . . . . . . . . . . . . . 56 3.2 Casestudies . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 3.3 Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 3.4 Appendix:overallstructureofthelibrary . . . . . . . . . . . 64 4 Abstractcoinduction 67 4.1 Notationandpreliminarymaterial . . . . . . . . . . . . . . . 68 4.2 Knaster-TarskiandCompatibility . . . . . . . . . . . . . . . . 70 4.3 Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72 4.4 Compatibilityup-to . . . . . . . . . . . . . . . . . . . . . . . . 77 4.5 Symmetryarguments . . . . . . . . . . . . . . . . . . . . . . . 79 4.6 Example:up-tocongruenceforCCS . . . . . . . . . . . . . . 80 4.7 Respectfulvs.compatible . . . . . . . . . . . . . . . . . . . . 82 4.8 Parameterizedcoinduction . . . . . . . . . . . . . . . . . . . 84 4.9 Extensionalcharacterisationofthecompanion . . . . . . . . 86 4.10 Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 Notes 89 Introduction We review in this manuscript several results we obtained since our PhD. Weorganisedthoseresultsintofourchapterscorrespondingtofourdistinct butrelatedfieldsincomputerscience. Thefirstchapterisabiasedintroductiontothecalculusofrelations.This fieldwasinitiatedbyDeMorgan,PeirceandthenSchröderinthelateXIXth century,andstudiedquiteextensivelybyTarskiinthe1940’s.Itconsistsin understanding the algebraic and algorithmic properties of operations on binary relations. Our introduction is biased in the sense that we remove the most problematic operation from the beginning, set-theoretic comple- ment, and that we consider reflexive transitive closure. This brings us to theconceptsofallegories(FreydandScedrov,AndrékaandBredikhin)and Kleene algebra (Kleene, Conway, Kozen); and this allows us to state our recentresultswithPaulBrunetontheirleastcommongeneralisation. The second chapter is about algorithms for checking equivalence of finite automata. Such algorithms provide decision procedures for Kleene algebra;theyarealsoabasicblockforverificationsoftware:programsthat makeitpossibletotestthevalidityofotherprograms.Therewepresentin detail a new algorithm we have discovered with Filippo Bonchi, based on a proof technique from concurrency theory: bisimulations up to congruence. WealsopresentanextensionofastandardalgorithmbyHopcroftandKarp todealwithsymbolicautomata.Suchautomataareusefulwhenworkingon largealphabets. Thethirdchapterpertainstothedomainofformalmechanisedproofs, whereoneusesthecomputertowriteandproofcheckmathematicalproofs (be they proofs of mathematical theorems, or correctness proofs for pro- gramsorsystems).There,wediscusssomeapplicationsofalibrarywede- velopedfortheCoqproofassistant,whereweprovidetoolsforautomated reasoning in the calculus of relations, notably for Kleene algebra. These automationtoolswereobtainedbyimplementingandcertifyingautomata algorithmsaswellasimportantresultsaboutKleenealgebra. Inthelastchapterwepresentanabstracttheoryofcoinduction,amath- ematicaldevicecoinedbyMilnerinconcurrencytheory.Thistoolprovides 2 Contents powerful proof methods, especially for the study of state-based systems; it was a surprise to discover that it could also be used to obtain efficient algorithms, as in the second chapter. Our abstract theory of coinduction is a refinement of the work of Sangiorgi in the 1990’s; it makes it simpler to provideenhancementsofthecoinductiveproofmethod,andtomechanise theminproofassistants.Webelievethatitcouldhelpustofindnewdeci- sionproceduresforthecalculusofrelations,andthentocertifythem. We point to the publications we assembled to obtain this manuscript inthenotesonpage89. Notation We denote sets by capital letters X,Y,S,T ... and functions by lower case lettersf,g,... GivensetsXandY,X×Y istheirCartesianproduct,X(cid:93)Y is theirdisjointunionandXY isthesetoffunctionsf: Y → X.Thecollection of subsets of X is denoted by P(X). For a set of letters Σ, Σ(cid:63) denotes the set of all finite words over Σ; (cid:15) the empty word; and uv the concatenation ofwordsu,v ∈ Σ(cid:63).Weuse2fortheset{0,1}. Chapter 1 Relation algebra We consider algebraic and algorithmic questions related to binary rela- tions. On the algebraic side, we want to understand and characterise the lawsgoverningthebehaviourofstandardoperationsonrelations:union,in- tersection, composition, converse, etc.... On the algorithmic side, we look fordecisionproceduresforequalityorinclusionofrelations. Westartbydefiningformallythecalculusofrelations;thenwefocuson twowell-studiedfragmentsofparticularimportance:Kleenealgebrasandal- legories.TryingtounifythosefragmentsleadustoanewresultwithBrunet, andseveralopenquestions. We also define Kleene algebra with tests, a framework introduced by Kozenmakingitpossibletodealwithbothrelationsandpredicates. 1.1 The (positive) calculus of relations Given a set P, a relation on P is a set of pairs of elements from P. For in- stance, the usual order on natural numbers is a relation. In the sequel, re- lationsarerangedoverusinglettersR,S,theirsetiswrittenP(P×P),and wewritepRq for(cid:104)p,q(cid:105) ∈ R. The set of relations is equipped with a partial order, set-theoretic in- clusion(⊆),andthreebinaryoperations:set-theoreticunion,writtenR+S, set-theoreticintersection,writtenR∩S,andrelationalcomposition: R·S (cid:44) {(cid:104)p,q(cid:105) | ∃r ∈ P, pRr ∧ rS q} . It also contains three specific relations: the empty relation, written 0, the universalrelation,written(cid:62),andtheidentityrelation: 1 (cid:44) {(cid:104)p,p(cid:105) | p ∈ P} . Lastly,onecanconsiderthreeunaryoperations:set-theoreticcomplement, writtenRc,converse(ortranspose),R◦,andreflexive-transitiveclosure,R(cid:63),
Description: