Towards a Mathematical Operational Semantics Daniele Turi∗ Gordon Plotkiny <[email protected]> <[email protected]> Department of Computer Science Laboratory for Foundations of Computer Science University of Edinburgh, The King’s Buildings Edinburgh EH9 3JZ, Scotland Abstract mapped into a suitable semantic domain endowed with an operation for each construct of the language. Both We present a categorical theory of ‘well-behaved’ operational and denotational semantics are necessary operational semantics which aims at complementing for a complete description of a programming language: the established theory of domains and denotational se- the former for specifying the execution of the programs mantics to form a coherent whole. It is shown that, if and the latter for reasoning about them in terms of the operational rules of a programming language can be abstract, mathematical entities. It is therefore funda- modelled as a natural transformation of a suitable gen- mental that a denotational semantics be adequate, ie eral form, depending on functorial notions of syntax that it determines the operational behaviour of pro- and behaviour, then one gets the following for free: an grams [24]. operational model satisfying the rules and a canonical, For languages without variable binding, but possibly internally fully abstract denotational model which sat- multi-sorted, a denotational model can be seen as a isfies the operational rules. The theory is based on dis- Σ-algebra, where Σ is the signature of the language tributive laws and bialgebras; it specialises to the known corresponding to the basic constructs. The programs classes of well-behaved rules for structural operational themselves form the initial such Σ-algebra and the cor- semantics, such as GSOS. responding unique homomorphism from the programs to the denotational model is called initial algebra se- mantics [12]. Introduction The semantic domain, ie the carrier of the denota- tional model, can often be regarded as the final solu- tion of a domain equation X =∼ B(X), for a suitable Operational semantics, a fundamental tool in lan- ‘behaviour’ functor B. In other words, the semantic do- guage design and verification, provides a formal de- main is the final B-coalgebra. The transition relations scription of the behaviour of programs. It is often may also be seen as B-coalgebras and, therefore, so defined in terms of atomic, elementary transitions, de- can the intended operational model of a language. The scribing local behaviour. Mathematically, these trans- corresponding unique coalgebra homomorphism, given itions can be modelled as the elements of a relation, the by finality, from the intended operational model to intended operational model of the language. A con- the semantic domain is called final coalgebra semantics venient way of specifying such a transition relation is [2, 23]; under suitable assumptions on B, it is fully ab- by induction on the structure of the programs, starting stract with respect to behavioural equivalence. When from suitable operational rules for the basic constructs initial algebra and final coalgebra semantics coincide, of the language [21]. one has an adequate denotational semantics [23]. Traditionally, operational semantics is contrasted Adequacy proofs can be quite demanding, hence with the mathematical interpretation of programs general criteria ensuring adequacy are of interest. called denotational semantics, where programs are For process algebras, as used for specifying non- ∗Research supported by EuroFOCS. deterministic and concurrent programs [17, 5], there yResearch supported by an EPSRC Senior Fellowship. exist syntactic restrictions on the format of the oper- ational rules which ensure that bisimulation [17] is a here is that the functor B cofreely generates a comonad congruence. Among the rules in these formats, GSOS D which should correspond to the global behaviours rules [8] are the best known and (negative) tree rules of the language. The comonad Dρ is a lifting of this [11] are the most general. In [22], the ‘processes as comonad D to the Σ-algebras, ie to the denotational terms’ method, based on such a congruence result, is models. However, one can still speak of the opera- presented which allows for the systematic derivation of tional monad defined by some abstract tree rules be- adequate denotational models from ‘tyft rules’ [13], a cause a general theorem shows that liftings of D to the class of rules equivalent to tree rules. Σ-algebras and liftings of T to the B-coalgebras are in We present here a categorical reformulation and gen- 1-1 correspondence. eralisation of the above adequacy meta-results. First, In fact, these liftings are also in 1-1 correspondence we show that certain sets of GSOS rules can be with the distributive laws λ of the monad T over the R modelled as natural transformations [[ ]] depending on comonad D., which generalise both abstract GSOS and R the functorial notions of signature Σ and behaviour abstract tree rules. One is led now to consider the bial- B. Next, it is shown that the mapping [[ ]] is gebras of such distributive laws. When λ corresponds R 7! R an essentially 1-1 correspondence. The naturality of to some abstract operational rules ρ, the λ-bialgebras [[ ]] accounts for the syntactic restrictions on the oc- can be seen as combinations of operational and denota- R currences of meta-variables in GSOS rules and provides tional models which satisfy the rules. Henceforth they a categorical explanation of their good behaviour. are called ρ-models; they specialise to the GSOS mod- The first advantage of the above approach is that els of [25] and to models of tree rules (with an appro- the GSOS rules can be modelled not only in Set, but priate definition). also in every category with enough structure such as The primary fact about ρ-models is that, from res- the category of cpos and continuous functions used in ults in [15], it easily follows that the forgetful functors denotational semantics. This is a step towards bridging to each of the categories of denotational and opera- the gap between operational and domain theory. tional models have adjoints. One adjunction implies A second advantage is that the mathematical mod- that there exists an initial ρ-model – the intended oper- elling of the rules is a useful semantic tool in the in- ational model Tρ(0) for the initial algebra of programs. vestigation of syntactic formats. For instance, in Set By the definition of morphism of ρ-models, this also the ‘dual’ of the type of natural transformation cor- implies that every ρ-model is adequate with respect to responding to GSOS also corresponds to an interesting the intended operational model in the sense that the format, namely the safe tree rules: these form a natural behaviour of the programs can be determined from any subclass of (negative) tree rules which always possess a ρ-model up to a generalised, coalgebraic notion [4, 16] satisfying transition relation. Interestingly, the failure of bisimulation. to fit the class of (simple negative) tree rules in the The other adjunction implies that there exists a final present approach brought to light a slight inaccuracy ρ-model – the canonical denotational model Dρ(1) over in the literature and, eventually, led to the discovery the final coalgebra of abstract, global behaviours. It of the safe tree rules. is necessarily adequate; further, it is internally fully A third advantage is that by varying Σ and B a wide abstract with respect to coalgebraic bisimulation. The variety of notions of program constructs and behaviour derivation of this final model specialises to the above can be accommodated. (See also [30].) Further, one mentioned processes-as-terms method. can study abstract notions of operational rules ρ, such The unique homomorphism from the initial to the as ‘abstract GSOS’ and ‘abstract tree rules’, applicable final ρ-model is both the initial algebra and final coal- to languages other than process algebras and whose gebra semantics for the abstract rules ρ. It is called properties can be studied in general. here universal semantics; it is the most abstract com- In this theory we assume that Σ freely generates positional interpretation of programs preserving beha- a monad T which is thought of as corresponding to vioural distinctions. Moreover, if the behaviour functor the syntax of the language. The first result is that B satisfies a certain mild condition, every ρ-model has such abstract operational rules ρ induce an operational a greatest (generalised) bisimulation which, moreover, monad Tρ lifting the monad T to the B-coalgebras, ie is a (generalised) congruence. This specialises to the to the operational models, in the sense that its action fact that bisimulation is a congruence for GSOS and on the carriers is the same as the monad T . for tree rules. If ρ is of abstract tree rules form rather than ab- The generalised, coalgebraic notion of bisimulation stract GSOS, then, by duality, one first coinductively considered here is to be understood as the behavioural derives a denotational comonad Dρ. The assumption equivalence corresponding to the functor B under con- sideration. It might take forms quite different from empty set. In general, the type B of the behaviour of ordinary (strong) bisimulation. For instance, for the the above language is behaviour functor in [14] it specialises to the much BX = ( X)A (2) coarser (complete) trace equivalence. As a corollary, Pfi one has an abstract format of rules ensuring that trace the (covariant) functor mapping a set X to the set of equivalence is a congruence [30]. functions from A to finite subsets of X. To some extent, one can also deal with weak bisimu- A Let x and y range over X, β range over ( fiX) , and lation in this setting. As shown, eg in [13], weak bisim- P let us write a ; x1; : : : ; xn for the function from A to ulation for a given set of rules can be reduced to strong f g fiX mapping a to x1; : : : ; xn and all other elements bisimulation by adding three special rules for the τ- ofP A to the empty set.f Then, forg each operator σ of the action.