An Operational Semantics for True Concurrency in BDI Agent Systems

The Thirty-Fourth AAAI Conference on Artiﬁcial Intelligence (AAAI-20)

Lavindra de Silva Department of Engineering University of Cambridge, UK [email protected]

Abstract (Nunes, Lucena, and Luck 2011), PRS, and JACK.1 JACK gives four (programmer selectable) definitions for the suc- Agent programming languages have proved useful for for- cess of a concurrent program: (1) it immediately succeeds mally modelling implemented systems such as PRS and JACK, and for reasoning about their behaviour. Over the past on the successful termination of a branch; (2) it allows all decades, many agent programming languages and extensions branches to terminate but only succeeds if at least one of have been developed. A key feature in some of them is their them succeeds; (3) it succeeds iff all branches terminate suc- support for the specification of ‘concurrent’ actions and pro- cessfully, and immediately fails on the failure of a branch; or grams. However, their notion of concurrency is still limited, (4) it allows all branches to terminate but only succeeds if all as it amounts to a nondeterministic choice between (sequen- branches succeed. We follow this last definition. tial) action interleavings. Thus, the notion does not represent There is also related work in concurrent distributed sys- ‘true concurrency’, which can more naturally exploit multi- tems, particularly three strands of work that define behaviour core computers and multi-robot manufacturing cells. This paper provides a true concurrency operational semantics for a in terms of transitions between configurations, using a struc- BDI agent programming language, allowing actions to over- tural operational semantics (Plotkin 1981). In the first strand lap in execution. We prove key properties of the semantics, (Boudol and Castellani 1988b; 1989), every transition is relating to true concurrency and to its link with interleaving. labelled with a representation of its ‘proof’, i.e., information comprising the inference rules that were used when de- riving the transition. This information enables the extrac- 1 Introduction tion of a transition labelled with a partially ordered multi- Agent programming languages have proved useful for for- set (pomset) of actions, representing the sequential and con- mally modelling implemented systems such as Jason (Bor- current actions performed. A similar transition is extracted dini and Hubner¨ 2010), PRS (Georgeff and Ingrand 1989), in (Degano, De Nicola, and Montanari 1985; 1990), but and JACK (Busetta et al. 1999), and for reasoning about their from information stored in configurations rather than transi- behaviour. Over the past decades, many agent programming tion labels. In the third strand (Boudol and Castellani 1987; languages and extensions have emerged, e.g. (Rao 1996; 1988a), transitions are labelled with ‘composite actions’, Hindriks et al. 2001; Dastani 2008; Winikoff et al. 2002; which represent pomsets. This avoids the need to extract a Morley and Myers 2004; Sardina, de Silva, and Padgham pomset-labelled transition ‘a posteriori’ from a sequence of 2006; Chaouche et al. 2014; de Silva, Meneguzzi, and Lo- transitions, as done above. gan 2018; de Giacomo, Lesperance,´ and Levesque 2000). A Our work was inspired by the last two strands: our transi- key feature in some of them is their support for the specifica- tions represent composite actions, which are stored in con- tion of ‘concurrent’ actions and programs. However, while figurations. However, unlike the above strands, we account their notion of concurrency is useful in some applications, for concerns specific to agent programming languages, e.g. it is still limited as it amounts to a nondeterministic choice goal refinement, plan failure, and constructs beyond actions. between (sequential) action interleavings. Thus, the notion Our proposal, called Concurrent CAN (CCAN), is based on does not represent ‘true concurrency’, which can more natu- the work in (Sardina and Padgham 2011), which refines and rally exploit multi-core computers and multi-robot manufac- extends the CAN agent programming language (Winikoff et turing cells, e.g. a cell comprising two robot arms that work al. 2002). We discuss the syntax of CCAN (sec. 2) and its on a part simultaneously. This paper provides a true concur- semantics (secs. 3 and 4), and we prove key properties of rency operational semantics for a BDI agent programming CCAN, in relation to true concurrency and to its link with language, allowing actions to overlap in execution. interleaving (sec. 5); e.g., we show that if a concurrent pro- From the implemented BDI agent systems, there are some gram’s branches are interleaved as in CAN, Jason, etc., any that support some form of true concurrency, e.g. SPARK resulting behaviour can also be produced by the concurrent (Morley and Myers 2004), JAM (Huber 1999), BDI4JADE Copyright c 2020, Association for the Advancement of Artificial 1There are also implemented BDI systems that do not support Intelligence (www.aaai.org). All rights reserved. true concurrency but support action interleaving, e.g. Jason.

7119 program. We then conclude and discuss future work (sec. 6). To formalise the assumption that the branches of a concurrent program are unrelated, we define some auxiliary no- 2 CCAN Syntax tions. Let Π and Λ be a plan- and an action-library, respectively. First, given any expression E, we use ATS(E) to de- In this paper, we use a first-order language with a vocabu- note the set of atoms occurring in E. Second, given an event- lary comprising mutually disjoint and infinite sets of vari- goal e,weuseREL(e, Π) = {ψθ : Pbθ | e : ψ ← Pb ∈ able, function, predicate, event-goal, and action symbols. Π,θ= mgu(e, e)} to denote the relevant plan-rules for Like (Sardina and Padgham 2011), we define a CCAN e, i.e., rules with ‘heads’ e that match e via a most general agent by a plan-library Π, an action-library Λ, and a belief unifier (mgu). Third, given a plan-body Pb, we recursively base B.Abelief base is a set of ground atoms, and an ac- define the set of atoms that are possibly checked by Pb as tion-library is a set of action-rules representing actions the follows: CHK(Pb, Π, Λ) = agent can perform. An action, denoted by a, is of the form ⎧ act(t), where act is an n-ary action symbol representing a ∅ P ∈{+b, −b}, ⎪ if b t = ⎪ (φ) P =?φ, function that may affect the external environment, and ⎨⎪ ATS if b t ,...,t ATS(pre(a, Λ)) if Pb = a, 1 n is a list of (possibly ground) terms. An action- + − ⎪ ψ:P ∈ (e,Π) ATS(ψ) ∪ CHK(Pb, Π, Λ) if Pb =!e, rule, as in STRIPS, is of the form act(v):ψ ← Φ ;Φ , ⎪ b REL ⎪ (P 1, Π, Λ) ∪ (P 2, Π, Λ) P ∈{P 1 | P 2 v = v ,...,v ψ ⎩⎪ CHK b CHK b if b b b , where 1 n is a list of distinct variables; , the P 1 P 2,P1; P 2}. precondition, is a formula; and Φ+ and Φ−, respectively the b b b b add-list and delete-list, are each a set of atoms representing Similarly, we define the set of atoms that are possibly as- + − the action’s effects. Any variable occurring in ψ, Φ , or Φ serted by Pb as follows: ASS(Pb, Π, Λ) = also occurs in v. For any action a that occurs in Π, there ⎧ ⎪ {b} if Pb ∈{+b, −b}, is exactly one action-rule a : ψ ← Φ+;Φ− ∈ Λ such that ⎪ ⎪ ∅ if Pb =?φ, a = a θ for some substitution θ; we define pre(a, Λ) = ψθ ⎨ + − ATS(eff (a, Λ)) if Pb = a, and eff (a, Λ) = Φ θ, Φ θ. ⎪ ψ:P ∈ (e,Π) ASS(Pb, Π, Λ) if Pb =!e, Π ⎪ b REL A plan-library is a set of plan-rules of the form ⎪ (P 1, Π, Λ) ∪ (P 2, Π, Λ) P ∈{P 1 | P 2 ev(t) ψ ← P ev(t) e ⎩⎪ ASS b ASS b if b b b , : b, where , denoted by ,isanevent- P 1 P 2,P1; P 2}. goal and ev is an n-ary event-goal symbol; ψ, the context b b b b P 1 n condition, is a formula; and b, the plan-body is a ‘standard Finally, for any concurrent program Pb ... Pb occur- operating procedure’ for achieving e when ψ holds in B. For- ring in Π, we assume that for any i, j ∈ [1,n], with i = j, i mally, a plan-body is a formula in the language defined by there does not exist a (i) variable that occurs in both Pb and the grammar Pb ::= j Pb , and (ii) unifier for any pair of atoms {l, l }, where l ∈ 1 2 1 2 1 2 (P i, Π, Λ) ∪ (P i, Π, Λ) l ∈ (P j, Π, Λ) 3 a | +b |−b | ?φ | !e | Pb ; Pb | Pb “|”Pb | Pb Pb CHK b ASS b and ASS b . where +b is a belief addition, which adds the atom b to 3 Single-Intention CCAN Semantics B; −b is a belief removal, which removes b from B; ?φ is [Π , Λ, B, A, Γ ] φ B We define an agent configuration as a tuple , a test condition, which tests whether formula holds in ; where Π is a plan-library; Λ is an action-library; B is a belief !e is an event-goal program, which states that e needs to be 1 2 base; and A is an action history representing the sequential achieved; and Pb ; Pb is a sequential program, which states P 1 P 2 P 1|P 2 and concurrent actions executed so far. Formally, an action that b must be executed before b . Finally, b b is an in- history is a formula in the language defined by the grammar terleaved program, which allows the resulting actions to be 2 1 2 A ::= a |A ; A |A A interleaved (but not overlapped); and Pb Pb is a (truly) 1 2 1 2 concurrent program, which allows the resulting actions to be where A1 A2 is an abstract representation for all the asso- interleaved and/or overlapped, as described in (Allen 1983). ciated ‘schedules’, each comprising interleaved and/or over- In the sequel, we use the terms ‘concurrency’ and ‘concur- lapping actions. Finally, Γ is a set of programs, or ‘inten- rent’ only when referring to the latter type of program or its tions’, each of which is the current evolution in the execu- execution. tion of a plan-body that is being pursued in order to achieve We impose two constraints relating to concurrency. First, a top-level event-goal. As it is usual with small-step oper- P 1 P 2 we limit how a concurrent program b b is interleaved ational semantics of programming languages, the syntax of with another program: no other (non-concurrent) step is ex- plan-bodies has to be extended with new constructs to rep- P 1 P 2 ecuted during b b ; for example, executing interleaved resent these current evolutions. Formally, a program is a for- (a a ) | a a program 1 2 3 will result in action 3 happening ei- mula in the language defined by the grammar P ::= ther before or after both a1 and a2. Second, no two branches a | +b |−b | ?φ | !e | P ; P | P “|”P | P P | of a concurrent program are ‘related’. Two branches are re- 1 2 1 2 1 2 η | e : {ψ : P ,...,ψ : P } | P P | P ∦ P lated if (i) a variable appearing in one branch can be bound 1 1 n n 1 2 1 2 by the other, or (ii) the same atom can be both asserted by where η (or ‘nil’) indicates that a program has finished, one branch and checked or asserted by the other. i.e., successfully terminated; P1 ∦ P2 indicates that a

2The exact schedule that emerges from the resulting actions will 3We refer the reader to (de Silva, Sardina, and Padgham 2016) be based on runtime choices. for insights into algorithms for checking these conditions.

7120 Δ=REL(e) = ∅ ψ : P ∈ Δ B|= ψθ Ev Sel [B, A, !e] −→ONE [B, A, e : Δ] [B, A, e : Δ] −→ONE [B, A, Pθ e : Δ \{ψ : P }]

ONE [B, A, P1 ] −→ [B , A , P1 ] FIN(P1) Seq1 Seq2 ONE ONE [B, A, P1 ; P2 ] −→ [B , A , P1 ; P2 ] [B, A, P1 ; P2 ] −→ [B, A, P2 ] ONE ONE [B, A, P1 ] −→ [B , A , P1 ] [B, A, P2 ] −→ [B , A , P2 ] |1 |2 ONE ONE [B, A, P1 | P2 ] −→ [B , A , P1 | P2 ] [B, A, P1 | P2 ] −→ [B , A , P1 | P2 ] ONE ONE ONE [B, A, P1 ] −→ [B , A , P1 ] [B, A, P1 ] −→ ¬ FIN(P1)[B, A, P2 ] −→ [B, A, P2 ] step fail ONE ONE [B, A, P1 P2 ] −→ [B , A , P1 P2 ] [B, A, P1 P2 ] −→ [B, A, P2 ] B|= φ a : ψ ← Φ+;Φ− ∈ Λ aθ = a B|= ψθ Test Act [B, A, ?φ] −→X [B, A,η] [B, A, a] −→X [(B\Φ−θ) ∪ Φ+θ, A ; a,η]

[B, A, P ] −→ALL [B , A , P ][B, A, P ] −→ALL [B , A , P ] 1 1 1 1 2 2 2 2 X [B, A, P1 P2 ] −→ [MERGE(B1 , B2 , B), APPEND(A1 , A2 , A), P1 ∦ P2 ]

ONE ALL ALL [B, A, P1 ] −→ [B1 , A1 , P ][B1 , A1 , P ; P2 ] −→ [B2 , A2 , P3 ][B2 , A2 , P3 ] −→ 1 1 Seq ALL 1 [B, A, P1 ; P2 ] −→ [B2 , A2 , P3 ] ALL ONE ALL FIN(P1)[B, A, P2 ] −→ [B1 , A1 , P3 ] [B, A, P1 ] −→ [B1 , A1 , P ][B1 , A1 , P ; P2 ] −→ Seq 1 1 Seq ALL 2 ALL 3 [B, A, P1 ; P2 ] −→ [B1 , A1 , P3 ] [B, A, P1 ; P2 ] −→ [B1 , A1 , P1 ; P2 ] ALL P ∈{!e, P1 | P2} [B, A, P ;? ] −→ [B , A , P ] Rewrite [B, A, P] −→ALL [B, A, P ] Figure 1: CCAN derivation rules for configurations with single intentions. concurrent program has terminated (not necessarily suc- tions of the form [Π , Λ, B, A, P], where P is a program. In cessfully); e : {ψ1 : P1,...,ψn : Pn} represents the set sec. 3.1 we give derivation rules for standard programs, and of plan-rules that are relevant for achieving event-goal e; in sec. 3.2 we give rules that relate to concurrent programs. and ‘failure handling’ program PP, with P = e : {ψ1 : P1,...,ψn : Pn}, executes program P in order to 3.1 Derivation Rules for Standard Programs achieve event-goal e, and if P fails, an alternative program P Fig. 1 (top half) shows the derivation rules for standard (plan-body) i is tried if it is applicable. Note that a program CCAN programs, including interleaved programs. is more general than those generated by our semantics. Rule Ev creates the set Δ of relevant plan-rules for a Like (Sardina and Padgham 2011), we define a transition given event-goal program !e.RuleSel selects an applicable relation on configurations in terms of a set of derivation rules e Δ Π Λ plan-rule for an event-goal from its relevant plan-rules , (Plotkin 1981); we omit the elements and from configu- and schedules the corresponding plan-body for execution. rations in our transitions as those elements do not change be- Rules Seq1 and Seq2 give semantics for sequential execu- tween transitions. A derivation rule has an antecedent and a tion: Seq1 executes one step on a sequential program P1; P2 conclusion: the latter is a single transition, and the former is by executing a step on its first program P1, and Seq2 re- either empty or a conjunction of auxiliary conditions and/or moves P1 if it has finished (as we define in sec. 3.2), e.g., if transitions representing ‘internal’ execution steps. In this pa- P1 = η. Rules |1 and |2 give semantics for interleaved ex- C −→ONE C per we only use labelled transitions. A transition ecution: given an interleaved program P1 | P2, one step is C indicates that doing one execution step on configuration , executed either on P1 (using rule |1)oronP2 (using |2). which may involve multiple internal execution steps, yields Rules step and fail give semantics for executing a pre- configuration C. A transition C −→ALL C indicates that C viously selected plan-body and for failure handling, respec- is a result of doing all possible internal execution steps from tively: rule step executes one step on a program P1 P2 C. Intuitively, ONE-type transitions model behaviour in the by executing a step on P1, provided it has neither failed nor context of standard execution, and ALL-type ones model be- finished, and rule fail removes P1 if it has failed, and exe- haviour in the context of concurrent execution. cutes a step on program P2 = e : Δ. A program has failed We first give our semantics for single-intention configura- if it has not finished (as in the second condition in the an-

7121 tecedent of fail) but it is ‘stuck’ (as in the first condition we show that neither rule step nor fail applies to P . in the antecedent of fail), i.e., it is not possible to execute Since FIN(P ) holds, so does FIN(P1). Thus fail cannot a step on the program (e.g., an event-goal program !e when be applied to P . Similarly, step cannot be applied if P1 ∈ 1 2 1 2 there are no relevant plan-rules for e). Given a configuration {η, P1 ∦ P1 }.IfP1 = P1 P1 , i.e., construct is ‘nested’ ONE ONE 1 C, we use C −→ as an abbreviation for ∃C ,C −→ C (and in P , the proposition follows because FIN(P1 ) holds, and C −→ALL ,C −→ONE , C −→ALL can only be nested to a finite depth in P . The cases where use and similarly). P P Finally, rule Testexecutes one step on a test program ?φ 1 and are interleaved programs are proved similarly. if condition φ holds in the belief base, and rule Act gives se- Finally, given an event-goal or interleaved program, rule mantics for actions. This rule’s antecedent checks whether Rewrite the relevant action-rule of a given action a is applicable, and ‘rewrites’ it to make it the first program of a sim- the conclusion applies the action’s effects to the belief base, ple sequence, which is executed as above. This avoids the a A need for rules to handle programs P1 | P2 and !e (and evo- and appends to action history . When the transition la- P P bel X occurs in a derivation rule, the associated transition lutions such as ’) in the context of concurrency. represents both transition types (ONE and ALL). 3.3 An Example 3.2 Derivation Rules for Concurrent Programs We will now illustrate some of the derivation rules in fig. Fig. 1 (bottom half) shows the derivation rules that relate to 1 with an example. Consider a manufacturing facility with a concurrent programs. The main rule executes one step on a robotic station that engraves the surfaces of wooden spheres. program P1 P2, which amounts to independently doing all The station comprises a camera, a fixture that holds and ro- possible internal execution steps on each branch P1 and P2. tates a sphere while other operations are being performed on The rule applies when at least one step is possible on each it, and a robotic arm with a built-in circular tool changing branch, and in the context of both standard and concurrent rack comprising 6 tools (e.g. for milling and drilling). execution (which enables ‘nested’ concurrency). The fixture can perform action rX(N) (resp. rZ(M)), The conclusion of the rule does two things. First, it merges which rotates a wooden sphere, if it is currently in the fix- the independent and ‘local’ updates to (copies of) belief base ture, N (resp. M) times on the x-axis (resp. z-axis); each B by branches P1 and P2. We define MERGE(B1, B2, B)= complete rotation takes 5 seconds and starts instantly. Both + + − − + in (B∪B1 ∪B2 )\(B1 ∪B2 ), where for both i ∈ [1, 2], Bi = actions have precondition , which is a proposition that − Bi \Band B = B\Bi. Second, the conclusion combines holds only if a sphere is sensed in the fixture. In our scenario, i M = N =2 the action histories (if any) yielded by the two branches to ; the extra rotation on each axis leaves sufficient form a new history, which is appended to A. This notion of time for a concurrent preparatory (tool changing) action to r(N) combining and appending is defined as follows. Let A, A1, complete. The camera performs action , which records, for N seconds, a video of all the actions that are being per- and A2 be as in rule . For both i ∈ [1, 2], let Ai = A ; Ai N =25 for some A , or let Ai = A, i.e., no actions were yielded formed on the sphere in the fixture; we use . i e by the corresponding branch. Then, APPEND(A1, A2, A) is The capabilities of the robot are as follows. Event-goal , e : in ∧¬at ← c ; m(20) defined as (i) A ;(A1 A2) if A1, A2 = A, (ii) A2 if if it uses plan-rule , first prepares A1 = A, and (iii) A1 if A2 = A. to engrave the sphere by changing the current tool to the milling tool, and then mills the sphere. Event-goal e uses Rules Seq ,Seq and Seq give semantics for sequential 1 2 3 rule e : in ∧ at ← m(20) if in holds and the milling tool Seq execution in the context of concurrency. Rule 1 applies was used last, i.e., proposition at holds. Action c above ro- when at least two execution steps are possible on a given se- tates the tool rack until the milling tool is reached; it takes a quential program P1; P2. The antecedent executes one step second to rotate to the next tool on the rack (and thus at most on P1, and then recursively performs all possible execution m(N) in N P ; P Seq 5 seconds). Action , with precondition , mills for steps on the remainder 1 2. Rule 3 applies when a seconds, which includes starting high speed rotation for the given sequential program P1; P2 (possibly a remainder) can milling tool, moving it into the sphere, moving it out, and Seq Seq terminate in one step. Rule 2 is analogous to 2, and ending tool rotation, each of which takes negligible time.4 P applies when 1 has finished and at least one step is possible The derivation rule in the top row (eq. 1) of fig. 2 depicts on P2. Formally, given the set of all programs Pall, function one execution step on the concurrent program r(25) !e FIN : Pall →{ , ⊥} indicates whether a given program (rX(2) | rZ(2)), which specifies that while the sphere is P ∈ Pall has finished. The function is defined as follows: ⎧ being engraved, it should be (simultaneously) rotated on the ⎨⎪ FIN(P1) ∧ FIN(P2) if P ∈{P1 ∦ P2,P1 | P2}, x-axis and the z-axis (which can be performed in either or- FIN(P1) if P = P1 P2, FIN(P )= der), and that all these activities should be recorded. The pro- ⎩⎪ if P = η, ⊥ otherwise. gram is executed using rule , whose antecedent prescribes the concurrent execution of two programs, each using a step (P ) P Proposition 1. If FIN holds for some program , then of type ALL. One such step is performed on action r(25), and for any belief base B and action history A, there is no B, A and P such that [B, A, P] −→ONE [B, A, P ]. 4For a given axis of rotation, we assume there will be no differ- ence in the engraving on the sphere whether milling is performed Proof. The case P ∈{η, P1 ∦ P2} (for some P1 and P2)is for exactly one rotation of the sphere or for longer (e.g. milling trivial as no rules can be applied to P .IfP = P1 P2, starts before the rotation, or ends after).

7122 Figure 2: Equation 1 (first row) shows one execution step on concurrent program r !e (rX | rZ), which involves one step on r, and all the possible steps on both !e (eqs. 2-4 in rows 2-4) and (rX | rZ) (eq. 5 in row 4). Action parameters are omitted, as are obvious antecedents, and obvious belief bases and action histories in configurations. The action histories above are: (i) A4 = A1; r, (ii) A2= A1; c, (iii) A3 = A2; m, (iv) A5 = A1; rZ, (v) A6 = A5; rX, (vi) A7 = A1; (c ; m) (rZ ; rX) , and (vii) A8 = A1; r (c ; m) (rZ ; rX) . the other on concurrent ‘subprogram’ !e (rX(2) | rZ(2)) the rule involves two internal steps. In the first internal step, by recursively applying rule , whose antecedent, in turn, an intention is either (i) removed (using rule Arem)ifithas prescribes the concurrent execution of event-goal program failed or finished, (ii) progressed (using rule Aint)byone !e (eq. 2) and interleaved program rX(2) | rZ(2) (eq. 5). step, or (iii) progressed by multiple steps, in which case a Executing the top-level concurrent program yields action concurrent program will have been executed. In the second history r(25) (c ; m(20)) (rZ(2) ; rX(2)), which (i) internal step, newly observed event-goals from the (external) abstractly represents all the associated action schedules (e.g. environment are processed (using rule Aev), by creating an where the branches are interleaved, and where r(25),c,and intention for each such event-goal. rZ(2) start together and overlap),5 and (ii) corresponds to the ‘terminated branches’ of the concurrent program. 5 Properties of CCAN 4 Multiple-Intention CCAN Semantics We now show that our concurrency semantics has three key We now give our semantics for configurations with multiple properties: a concurrent program does not terminate ‘pre- intentions, i.e., agent configurations, which are of the form maturely’ (before all the branches terminate), as ensured by [Π , Λ, B, A, Γ ], where Γ is a set of programs. JACK’s fourth definition (sec. 1); the semantics is sound and A transition between agent configurations is either of type complete in terms of the action histories that are produced; CCAN, EVENT, or INT, and the transition relation on agent and if the concurrent program’s branches are interleaved, configurations is defined by the derivation rules in fig. 3. any resulting action history corresponds to a valid action schedule for the concurrent program, i.e., the history is an Rule Accan is the main rule, which represents the CCAN deliberation cycle. The CCAN-type step in the conclusion of ordering of a pomset yielded by the concurrent program. We use action histories because we are interested in exploring 5Since, in systems such as PRS and JACK, branches (‘threads’) behavioural equivalence—we thus abstract from things such typically start execution at roughly the same point in time, we as- as belief bases, and ‘unobservable steps’ such as the creation sume the same when writing concurrent branches in CCAN. of a relevant plan set (rule Ev in fig. 1).

7123 [B, A, Γ ] =INT⇒ [B, A, Γ ][B, A, Γ ] EVENT=⇒ [B, A, Γ ] P ∈ Γ[B, A, P] −→ONE [B, A, P ] Accan Aint [B, A, Γ ] CCAN=⇒ [B, A, Γ ] [B, A, Γ ] =INT⇒ [B, A, (Γ \{P}) ∪{P }] ONE P ∈ Γ[B, A, P] −→ e1,...,en Arem Aev INT EVENT [B, A, Γ ] =⇒ [B, A, Γ \{P}] [B, A, Γ ] =⇒ [B, A, Γ ∪{!e1 ,...,!en }] Figure 3: CCAN derivation rules for conﬁgurations with multiple intentions.

We first define the notion of an execution trace, which is program P succeeds, i.e., yields a terminated (concurrent) a sequence of configurations obtained by performing ONE program that has finished, iff each branch Pi has succeeded. type execution steps. In the sequel, we assume that all +b Theorem 2 concerns soundness and completeness for the and −b programs occurring in the plan-library Π have been derivation rules that relate to concurrent programs. Sound- replaced by equivalent actions, and given a configuration ness is due to the fact that any action history yielded by a C =[B, A, P], we define CB = B, CA = A, and CP = P . branch of a concurrent program can also be yielded when Definition 1. An execution trace of a configuration C = the branch is executed separately from the program (perhaps using only rules in the top half of fig. 1). Conversely, com- [B, A, P] is a finite sequence of configurations C1 · ...· Cn pleteness is due to the fact that any action history yielded by C = C n>1 C −→ONE C i ∈ such that 1, , and i i+1 for all a non-concurrent program upon its termination can also be ONE [1,n− 1]; the trace is said to have terminated if Cn −→ . yielded when the latter is a branch of a concurrent program.

The first theorem states that after one execution step on Theorem 2. Let B, A and P = P1 ... Pn be as above. a concurrent program (which yields a terminated concurrent [B, A, P ] −→ONE [B, A ; A, P ] P ∦ ... ∦ P There exists a transition , program 1 n), each branch will have performed all the possible (internal) execution steps and terminated. with A = A1 ... An, iff there exists a terminated execution trace C1 =[B, A, Pi ] · ...· Cm =[B , A ; Ai , Pi ] Theorem 1. Let B be a belief base, A an action history, 7 for each i ∈ [1,n], such that Ai = Ai. and P = P1 ... Pn a concurrent program s.t. Pi = 1 2 1 2 6 ONE Proof Sketch. We discuss one direction of the proof: con- Pi Pi (for any Pi ,Pi and i ∈ [1,n]). If [B, A, P] −→ C1 · ...· Cm ONE sider an execution trace as above. The proof [B , A , P1 ∦ ...∦ Pn ], then [B , A , Pi ] −→ for i ∈ [1,n]. is involved, requiring induction on the length of the trace C Proof Sketch. Consider any Pi above. From the assump- and the structure of each i. The main part is the inductive C C tion of the theorem and derivation rule , it follows that case, which takes any pair of configurations j and j+1 ALL (for j ∈ [1,m− 1]), and the corresponding action history [B, A, Pi ] −→ [B , A , Pi ], where B and A correspond A (if Cj+1|A = Cj|A; A ), and shows that A can also to Pi and form part of respectively B and A . be yielded by an ALL-type transition from Cj. If Pi ∈{?φ, a}, only rule Test or Act can apply, which Cj|P = ONE Let us consider the two main cases. In the first, guarantee that [B , A , Pi ] −→ .IfPi ∈{!e, P | P } (for 1 2 1 2 1 Pj ; Pj (for some Pj and Pj ), and Pj is not a sequential some P and P ), it is rewritten as a sequential program. ¬ (P 1) C −→ONE Thus, the final case is where Pi is a sequence, or evolves program and FIN j holds. Since the transition j C Seq into one. Consider the former (the latter is analogous). Since j+1 must have used rule 1, it follows that transition 1 ONE 1 [Cj | , Cj | , P ] −→ [Cj +1 | , Cj +1 | , P ] rule Seq2 cannot apply to configuration [B, A, Pi ] (because B A j B A j is possible, C | = P 1 ; P 2 Pi is a plan-body and thus unfinished), either rule Seq1 or with j+1 P j j . Thus, the first condition in the an- Seq Seq Seq3 must have been applied to [B, A, Pi ], both of whose tecedents of both 1 and 3 holds. The interesting sub- ALL ¬ (P 1 ) C −→ONE j+1 = m antecedents ensure that [B , A , Pi ] −→ holds. Finally, we case is where FIN j .Nowif j+1 (i.e., ), [B, A, P ] −→ ONE it follows that the second condition also holds in the an- prove by contradiction that i also holds. Seq A ONE tecedent of 3 . Thus, can be yielded by applying the Let us assume instead that [B , A , Pi ] −→ . Consider the ONE P = P 1; P 2 P 1 rule to Cj.IfCj+1 −→ , the second condition holds in the case where i i i is a sequence such that i is not ¬ (P 1) [B, A, P 1 ] −→ONE antecedent of Seq1 , and consequently also the third. Thus, a sequence and FIN i holds. Since i A C is entailed by our assumption, either the antecedent of rule can be yielded by applying the rule to j. The second main case is where Cj|P =!e (the case where Seq or Seq must hold w.r.t. P . This contradicts the fact 1 3 i C | = P 1 | P 2 C −→ONE [B, A, P ] −→ ALL (P 1) P j P j j is analogous). Then, transition j that i . The cases where FIN i holds or i C Ev C | = e : Δ is not a sequence also lead to contradictions. j+1 must have used rule , and j+1 P . This Rewrite The theorem can be straightforwardly extended to show transition can be simulated by applying rule to C that, due to the definition of ‘FIN’ (sec. 3.2), the concurrent j: the rule’s antecedent holds because we showed above

6 7 Any concurrent program can be represented in this ‘full’ form. We omit the trivial corollary where some Ai are ‘empty’.

7124 that either Seq1 or Seq3 must be applicable to configura- Theorem 3. Let B, A and P = P1 ... Pn be as above, [Cj | , Cj | , !e ;? ] ONE tions such as B A . and suppose [B, A, P] −→ . Let [B, A, P1 | ...| Pn ] · ...· The third theorem links concurrency and interleaving, and [B , A ; A|, P ] be a terminated execution trace. Then, there is based on the standard notions of a pomset and a linear [B, A, P ] −→ONE [B, A ; A , P ] extension of one. We first give some auxiliary definitions to exists a transition such that represent action histories produced by a concurrent program LIN(P(A|)) ⊆ LIN(P(A)). in terms of pomsets, which enables comparing their linear Proof Sketch. Consider the case n =2, i.e., P = P1 P2, extensions with the action histories that are produced when T A ∈ ( (A )) the program’s branches are interleaved. and let be the above trace. Let LIN P | be a linear extension corresponding to T . Consider the subcase Definition 2. An action pomset (or simply a pomset) is a where the first x actions in A are yielded by P1, and the ρ = V , A, ≺, f V 4-tuple , where the ‘vertices’ isafi- next y (but not y+1)byP2, with x, y > 0. Now consider the nite set of natural numbers, A is a finite set of actions, the prefix of T that yields the first x actions. The prefix is also ≺ ‘ordering relation’ is an irreflexive, a transitive, and an an execution trace from [B, A, P1 ] if we remove program P2 V asymmetric binary relation on , and the ‘labelling func- from the prefix, i.e., we replace program C|P = P1 | P2 in f V A tion’ is a surjection from to . A sequence of ac- each configuration C in the prefix by P1. a1; ...; an ρ 1 1 1 tions is a linear extension of a pomset , denoted Suppose the prefix ends with C =[B , A , P | P2 ]. a ; ...; a ∈ (ρ) v ·...·v 1 1 n LIN , iff there exists a permutation 1 n Consider the trace T that starts from C1 in T , executes only ρ (vi,vj) ∈≺ i

7125 immediately aborting execution of the remaining branches Degano, P.; De Nicola, R.; and Montanari, U. 1985. Partial order- upon the failure of one branch in a concurrent program (Har- ing derivations for CCS. In Fundamentals of Computation Theory, land et al. 2015). The semantics that we have presented is a 520–533. Springer Berlin Heidelberg. crucial step toward formalising such alternative approaches, Degano, P.; De Nicola, R.; and Montanari, U. 1990. A partial order- which would then enable formal comparison. We could also ing semantics for CCS. Theoretical Computer Science 75(3):223 – explore how to relax our constraint on how a concurrent pro- 262. gram can be interleaved; enable interaction between concur- Fox, M. 1997. Natural hierarchical planning using operator de- rent branches, e.g. to communicate the binding assigned to a composition. In Proc. of the European Conf. on Planning (ECP), variable that is shared between multiple branches; add con- 195–207. currency to other systems, e.g. AgentSpeak; model check Georgeff, M. P., and Ingrand, F. F. 1989. Decision-making in an concurrent (user supplied) JACK plans (cf. (Bordini et al. embedded reasoning system. In Proc. of the International Joint 2003)); and explore what concurrency means in the presence Conf. on Artificial Intelligence (IJCAI), 972–978. of advanced agent constructs, e.g. the declarative goal (e.g. Harland, J.; Morley, D. N.; Thangarajah, J.; and Yorke-Smith, N. (Hindriks et al. 2001; Winikoff et al. 2002)) and planning 2015. Aborting, suspending, and resuming goals and plans in BDI (e.g. (Sardina and Padgham 2011)) constructs. agents. Autonomous Agents and Multi-Agent Systems (JAAMAS) 31(2):288–331. Hindriks, K. V.; de Boer, F. S.; van der Hoek, W.; and Meyer, J.- References J. C. 2001. Agent programming with declarative goals. In Proc. Allen, J. F. 1983. Maintaining knowledge about temporal intervals. of Intelligent Agents VII. Agent Theories Architectures and Lan- Communications of the ACM 26(11):832–843. guages, Seventh International Workshop. Springer-Verlag. 228– 243. Bordini, R. H., and Hubner,¨ J. F. 2010. Semantics for the Jason variant of AgentSpeak:(plan failure and some internal actions). In Huber, M. J. 1999. JAM: a BDI-theoretic mobile agent architec- Proc. of the European Conf. on Artificial Intelligence (ECAI), 635– ture. In Proc. of the Annual Conf. on Autonomous Agents, 236–243. 640. Kambhampati, S.; Mali, A.; and Srivastava, B. 1998. Hybrid plan- Bordini, R. H.; Fisher, M.; Pardavila, C.; and Wooldridge, M. 2003. ning for partially hierarchical domains. In Proc. of the National Model Checking AgentSpeak. In Proc. of the International Conf. Conf. on Artificial Intelligence (AAAI), 882–888. on Autonomous Agents and Multiagent Systems (AAMAS), 409– Morley, D., and Myers, K. 2004. The SPARK agent framework. In 416. Proc. of the International Joint Conf. on Autonomous Agents and Boudol, G., and Castellani, I. 1987. On the semantics of concur- Multiagent Systems (AAMAS), 714–721. rency: Partial orders and transition systems. In Proc. of the Interna- Nunes, I.; Lucena, C.; and Luck, M. 2011. BDI4JADE: a BDI tional Joint Conf. on Theory and Practice of Software Development layer on top of JADE. In Proc. of the Workshop on Programming (TAPSOFT), 123–137. Multiagent Systems, 88–103. Boudol, G., and Castellani, I. 1988a. Concurrency and atomicity. Plotkin, G. D. 1981. A structural approach to operational seman- Theoretical Computer Science 59(1):25–84. tics. Technical Report DAIMI FN-19, University of Aarhus, Den- mark. Boudol, G., and Castellani, I. 1988b. A non-interleaving semantics for CCS based on proved transitions. Fundamenta Informaticae Rao, A. S. 1996. AgentSpeak(L): BDI agents speak out in a log- XI:433–453. ical computable language. In Proc. of the European Workshop on Modelling Autonomous Agents in a Multi-Agent World, 42–55. Boudol, G., and Castellani, I. 1989. Permutation of transitions: Springer-Verlag. An event structure semantics for CCS and SCCS. In Linear Time, Branching Time and Partial Order in Logics and Models for Con- Sardina, S., and Padgham, L. 2011. A BDI agent programming lan- currency, 411–427. Springer Berlin Heidelberg. guage with failure handling, declarative goals, and planning. Au- tonomous Agents and Multi-Agent Systems (JAAMAS) 23(1):18– Busetta, P.; Ronnquist,¨ R.; Hodgson, A.; and Lucas, A. 1999. Jack 70. intelligent agents - components for intelligent agents in Java. Tech- Sardina, S.; de Silva, L.; and Padgham, L. 2006. Hierarchical plan- nical report, Agent Oriented Software. ning in BDI agent programming languages: A formal approach. In Chaouche, A. C.; Seghrouchni, A. E. F.; Ilie,´ J.-M.; and Sa¨ıdouni, Proc. of the International Conf. on Autonomous Agents and Multi- D.-E. 2014. A dynamical plan revising for ambient systems. Pro- agent Systems (AAMAS), 1001–1008. cedia Computer Science 32:37–44. Winikoff, M.; Padgham, L.; Harland, J.; and Thangarajah, J. 2002. Dastani, M. 2008. 2APL: A practical agent programming lan- Declarative & procedural goals in intelligent agent systems. In guage. Autonomous Agents and Multi-Agent Systems (JAAMAS) Proc. of the International Conf. on Principles of Knowledge Rep- 16(3):214–248. resentation and Reasoning (KR), 470–481. de Giacomo, G.; Lesperance,´ Y.; and Levesque, H. J. 2000. Con- Golog, a concurrent programming language based on the situation calculus. Artificial Intelligence 121(1-2):109–169. de Silva, L.; Meneguzzi, F.; and Logan, B. 2018. An operational semantics for a fragment of PRS. In Proc. of the International Joint Conf. on Artificial Intelligence, (IJCAI), 195–202. de Silva, L.; Sardina, S.; and Padgham, L. 2016. Summary information for reasoning about hierarchical plans. In Proc. of the European Conf. on Artificial Intelligence (ECAI), 1300–1308.

7126