Decidability of Branching Bisimulation on Normed Commutative Context-Free Processes

Abstract

We investigate normed commutative context-free processes (Basic Parallel Processes). We show that branching bisimilarity admits the bounded response property: in the Bisimulation Game, Duplicator always has a response leading to a process of size linearly bounded with respect to the Spoiler’s process. The linear bound is effective, which leads to decidability of branching bisimilarity. For weak bisimilarity, we are able merely to show existence of some linear bound, which is not sufficient for decidability. We conjecture however that the same effective bound holds for weak bisimilarity as well. We suppose that further elaboration of novel techniques developed in this paper may be sufficient to demonstrate decidability.

1 Introduction

Bisimulation equivalence (bisimilarity) is a fundamental notion of equivalence of processes, with many natural connections to logic, games and verification [12, 15]. This paper is a continuation of the active line of research focusing on decidability and complexity of decision problems for bisimulation equivalence on various classes of infinite systems [14].

We investigate the class of commutative context-free processes, known also under name Basic Parallel Processes (BPP) [1]. By this we mean the labeled graphs induced by context-free grammars in Greibach normal form, with a proviso that non-terminals appearing on the right-hand side of a productions are assumed to be commutative. For instance, the production \(X \stackrel {}{\longrightarrow } a Y Z\), written

$$X \stackrel {a}{\longrightarrow } Y Z, $$

says that X performs an action a and then executes Y and Z in parallel. Formally, the right-hand side is a multiset rather than a sequence.

Over this class of graphs, we focus on bisimulation equivalence as the primary type of semantic equality of processes. It is known that strong bisimulation equivalence is decidable [2] and PSPACE-complete [10, 13]; and is polynomial for normed processes [7]. Dramatically less is known about weak bisimulation equivalence, that abstracts from the silent ε-transitions: we only know that it is semi-decidable [4] and that it is decidable in polynomial space over a very restricted class of totally normed processes [5]. The same applies to branching bisimulation equivalence, a variant of weak bisimulation that respects faithfully branching of equivalent processes. The only non-trivial decidability result known by now for weak bisimulation equivalence is proved in [16], it applies however to a very restricted subclass.¹

During last two decades decidability of weak bisimulation over context-free processes became an established long-standing open problem. This paper is a significant step towards solving this problem in affirmative.

It is well known that bisimulation equivalences have an alternative formulation, in terms of Bisimulation Game played between Spoiler (aiming at showing non-equivalence) and Duplicator (aiming at showing equivalence) [15]. One of the main obstacles in proving decidability of weak (or branching) bisimulation equivalence is that Duplicator may do arbitrarily many silent transitions in a single move, and thus the size of the resulting process is hard to bound.

In this paper we investigate branching bisimilarity over normed commutative context-free processes. Our main technical result is the proof of the following bounded response property, formulated as Theorem 6 in Sect. 3: if Duplicator has a response, then he also has a response that leads to a process of size linearly bounded with respect to the other (Spoiler’s) process. Importantly, we obtain an effective bound on the linear coefficient, which enables us to prove (Theorem 7) decidability of branching bisimulation equivalence. The proof of Theorem 6 is quite complex and involves a lot of subtle investigations of combinatorics of BPP transitions, the main purpose being elimination of unnecessary silent transitions.

A major part of the proof works for weak bisimulation equally well (and, as we believe, also for any reasonable equivalence that lies between the two equivalences). However, for weak bisimulation we can merely show existence of the linear coefficient witnessing the bounded response property, while we are not able to obtain any effective bound. Nevertheless we strongly believe (and conjecture) that a further elaboration of our approach will enable proving decidability of weak bisimulation equivalence. In particular, we actually reprove decidability of weak bisimilarity in the subclass investigated in [16].

This paper is the full and improved version of the extended abstract [3].

2 Preliminaries

The commutative context-free processes (known also as Basic Parallel Processes [1]) are determined by the following ingredients (called a process definition): a finite set V of variables, a finite set A of letters, and a finite set of transition rules, each of the form \(X\stackrel {\zeta }{\longrightarrow } \alpha\) where X is a variable, ζ∈A∪{ε} and α is a finite multiset of variables.

A process, is any finite multiset of variables, thus a mapping that assigns a finite nonnegative multiplicity to each variable, and may be understood as the parallel composition of a given number of copies of respective variables. In particular the empty process, denoted ε, is the empty multiset. For any W⊆V we denote by W ^⊗ the set of all processes where only variables from W occur, that is, W ^⊗ is the set of all finite multisets over W.

A process definition defines a labeled transition systems, called transition graph, whose nodes are processes, and whose transitions are defined as follows. By α||β we mean the composition of processes α and β, understood as the multiset union. Note that composition is commutative: α||β=β||α. The behavior of processes, i.e. the transition relation, is defined by the following extension rule:

$$\text{if}\ X\stackrel {\zeta }{\longrightarrow }\ \alpha\ \text{is a transition rule then}\ X||\beta \stackrel {\zeta }{\longrightarrow } \alpha ||\beta , \quad \text{for any}\ \beta\in V^\otimes. $$

We also say that the transition is induced by a transition rule \(X \stackrel {\zeta }{\longrightarrow }\alpha\).

The transitions labeled by letters from A are observable transitions, while the transition relation \(\stackrel {\varepsilon }{\longrightarrow }\) models silent steps. This distinction will play a role when defining bisimulation equivalence below. The transition relation \(\stackrel {\varepsilon }{\longrightarrow }\) will be written \(\stackrel {}{\longrightarrow }\), and the reflexive and transitive closure of \(\stackrel {\varepsilon }{\longrightarrow }\) will be denoted \(\stackrel {}{\Longrightarrow }\). Thus \(\alpha \stackrel {}{\Longrightarrow }\beta\) if a process β can be reached from α by a sequence of \(\stackrel {\varepsilon }{\longrightarrow }\) transitions.

Example 1

For illustration consider the following process definition:

$$\begin{array}{ccc@{\qquad}lccc@{\qquad}lccc@{\qquad}lcccl} P & \stackrel {}{\longrightarrow }& \varepsilon & & P & \stackrel {}{\longrightarrow }& P||A & & P & \stackrel {b}{\longrightarrow } & \varepsilon & & P & \stackrel {}{\longrightarrow }& Q & \\ Q & \stackrel {}{\longrightarrow }& \varepsilon & & Q & \stackrel {}{\longrightarrow }& Q||A & & A & \stackrel {a}{\longrightarrow } & \varepsilon & & A & \stackrel {}{\longrightarrow }&\varepsilon & \end{array} $$

For instance the process definition induces the following sequence of transitions:

$$Q||P \stackrel {}{\longrightarrow }Q||P||A \stackrel {}{\longrightarrow }Q||P||A||A \stackrel {}{\longrightarrow }P||A||A \stackrel {b}{\longrightarrow } A||A. $$

Writing A ^k for the k-ary composition of the process A,

$$\begin{aligned} A^k = & \underbrace{A||\ldots ||A}, \\ & \ \ k \text{ times} \end{aligned}$$

one obtains, for any k, the following sequence of transitions:

$$Q||P \stackrel {}{\Longrightarrow }P||A^k \stackrel {b}{\longrightarrow } A^k. $$

Remark 2

Commutative context-free processes are precisely labeled communication free Petri nets, where the places are variables and transitions \(X\stackrel {\zeta }{\longrightarrow }\alpha\) are firing rules. A process represents a marking, i.e., a finite multiset of places.

The standard references for introduction of branching and weak bisimilarity are [19] and [12], respectively. For an exhaustive taxonomy of various notion of bisimulation respecting silent moves, the classical reference is [18].

To simplify definitions, we conveniently postulate from now on that every process α, including the empty process ε, has the silent transition \(\alpha \stackrel {}{\longrightarrow }\alpha\).

Definition 3

(Branching Bisimilarity)

Let B be a symmetric binary relation over processes. A pair (α,β) of processes satisfies the branching bisimulation expansion wrt. B if for every ζ∈A∪{ε} satisfies:

• if \(\alpha \stackrel {\zeta }{\longrightarrow }\alpha'\) then \(\beta \stackrel {}{\Longrightarrow }\beta''\stackrel {\zeta }{\longrightarrow }\beta'\) such that α B β″ and α′ B β′.

B is a branching bisimulation when every pair (α,β)∈B satisfies the branching bisimulation expansion wrt. B. We say that two processes α and β are branching bisimilar, denoted α≃β, if there exists a branching bisimulation B containing (α,β).

In the proofs we will use the characterization of bisimilarity in terms of Bisimulation Game [12, 15]. The game is played by two players, Spoiler and Duplicator, over an arena consisting of all pairs of processes, and proceeds in rounds. Each round starts with a Spoiler’s move followed by a Duplicator’s response. In position (α,β), Spoiler chooses one of processes, say α, and one transition \(\alpha \stackrel {\zeta }{\longrightarrow } \alpha'\). As a response, Duplicator has to do a sequence of transitions of the form \(\beta \stackrel {}{\Longrightarrow }\beta''\stackrel {\zeta }{\longrightarrow }\beta'\), and then Spoiler chooses whether the next starts from (α,β″) or (α′,β′).

If one of players gets stuck, the other wins. Otherwise the play is infinite and in this case it is Duplicator who wins. A well-known fact is that two processes are branching bisimilar iff Duplicator has a winning strategy in the game that starts in these two processes.

According to the winning condition of Bisimulation Game, if the two processes are branching bisimilar in some position of the game then, whatever move is played by Spoiler, there is always a Duplicator’s response so that the two resulting pairs of processes are branching bisimilar again. Any such Duplicator’s response move will be called matching in the sequel. We will also say that the Spoiler’s move is matched by some Duplicator’s response.

Weak Bisimilarity

Branching bisimilarity is a competitor against more widely known weak bisimilarity. The principal difference, roughly speaking, is that the latter notion of equivalence does not test for equivalence immediately prior to performing a visible action, and is thus coarser. Formally, one defines weak bisimulation expansion as follows. A pair (α,β) of processes satisfies the weak bisimulation expansion wrt. a symmetric relation B if for every ζ∈A∪{ε} satisfies:

• if \(\alpha \stackrel {\zeta }{\longrightarrow }\alpha'\) then \(\beta \stackrel {}{\Longrightarrow }\stackrel {\zeta }{\longrightarrow }\stackrel {}{\Longrightarrow }\beta'\) such that α′ B β′.

Then one derives weak bisimulation, weak bisimilarity, an appropriate variant of Bisimulation Game, etc. similarly as before in the branching case. Weak bisimilarity we denote by ≈.

Example 4

As an illustration of ≈ ≠ ≃ consider the following grammar.

$$\begin{array}{ccc@{\qquad}cccc@{\qquad}cccc@{\qquad}ccccc} C & \stackrel {a}{\longrightarrow } & C & & C & \stackrel {b}{\longrightarrow } & C & \\ C & \stackrel {}{\longrightarrow } & A & & C & \stackrel {}{\longrightarrow } & B & & C & \stackrel {}{\longrightarrow }& \varepsilon \\ A & \stackrel {a}{\longrightarrow } & A & & B & \stackrel {b}{\longrightarrow } & B & & A & \stackrel {}{\longrightarrow }& \varepsilon & & B & \stackrel {}{\longrightarrow }& \varepsilon \\ \end{array} $$

One easily observes that A||B≈C. To see that \(A||B \not \simeq C\) consider a Spoiler’s move \(C\stackrel {}{\longrightarrow }\varepsilon \). Duplicator obviously has to reply also by reaching ε. There are two possibilities, \(A||B \stackrel {}{\longrightarrow }A \stackrel {}{\longrightarrow }\varepsilon \) and \(A||B \stackrel {}{\longrightarrow }B \stackrel {}{\longrightarrow }\varepsilon \). In both cases a single variable process is visited, A or B, and none of them is branching bisimilar to C.

For the rest of this paper we assume that each variable X has a sequence of transitions \(X\stackrel {\zeta _{1}}{\longrightarrow }\ldots \stackrel {\zeta _{m}}{\longrightarrow }\varepsilon \) leading to the empty process. A process definition that fulfills this requirement is usually called normed. By the norm of X, denoted norm(X), we mean the smallest possible number of visible transitions that appears in some sequence as above. Formally speaking, the norm of X is the length of the shortest word a ₁…a _n ∈A ^∗ such that

$$X\stackrel {}{\Longrightarrow }\stackrel {a_1}{\longrightarrow }\stackrel {}{\Longrightarrow }\ldots \stackrel {}{\Longrightarrow }\stackrel {a_n}{\longrightarrow }\stackrel {}{\Longrightarrow }\varepsilon . $$

We additively enhance the definition of norm to processes and write norm(α) for any α∈V ^⊗. Note that the norm is weak in the sense that silent transitions do not count.

The normedness assumption makes the equivalence testing easier as both bisimilarities considered in this paper are norm preserving:

$$\text{if } \alpha \simeq \beta\text{ or } \alpha \approx \beta\text { then } \text {norm}(\alpha) = \text {norm}(\beta). $$

Indeed, if norm(α)<norm(β) then Spoiler wins Bisimulation Game with a sequence of moves from α to ε that witnesses the norm of α. On the other hand we do not know if branching bisimilarity remains decidable without the normedness assumption.

3 Decidability via Bounded Response Property

It was known before that branching and weak bisimilarities are semi-decidable [4]. A main obstacle for a semi-decision procedure for inequivalence is that commutative context-free processes are not image finite with respect to branching or weak bisimilarity: a priori Duplicator has infinitely many possible responses to a Spoiler’s move. The main insight of this paper is that commutative context-free processes are essentially image-finite, in the following sense. Define the size of a process as its multiset cardinality. For instance,

$$\text {size}\big (A^4||B^3||C \big ) = 8. $$

Then Duplicator has always a response of size bounded linearly with respect to a Spoiler’s process (as formulated in Theorem 6 below). The linear bound is formalized as follows:

Definition 5

(Bounded Response Bisimulations)

For \(c \in\mathbb{N}\), by a c-branching bisimulation we mean a relation B defined as in Definition 3 with the additional requirements:

$$ \text {size}(\beta'), \text {size}(\beta'') \leq c \cdot \text {size}(\alpha'). $$

(1)

Analogously we define c-weak bisimulation, similarly as in Sect. 2 but with the additional requirements:

$$ \text {size}(\beta') \leq c \cdot \text {size}(\alpha'). $$

(2)

Then we define in a standard way c-branching bisimilarity (c-weak bisimilarity), denoted ≃ _c (≈ _c , respectively), as the greatest c-branching bisimulation (c-weak bisimulation, respectively).

Let the size of a process definition be the sum of sizes of all production rules. Our main technical result is an efficient estimation of the constant c in Definition 5, with respect to the size of a process definition:

Theorem 6

(Bounded Response Property of ≃)

Given a normed process definition, one can compute \(c \in\mathbb{N}\) such that branching bisimilarity ≃, over the transition graph induced by the process definition, is a c-branching bisimulation.

The proof of Theorem 6 is deferred to Sects. 4–6.

In consequence of the theorem, a Spoiler’s winning strategy, seen as a tree, becomes finitely branching. This observation leads directly to decidability:

Theorem 7

Branching bisimilarity ≃ is decidable over normed commutative context-free processes.

Proof

The decision procedure starts with computing \(c \in\mathbb{N}\), according to Theorem 6, such that branching bisimilarity coincides with c-branching bisimilarity. Then we run two semi-decision procedures (along the lines of [11]): the positive one for branching bisimilarity and the negative one for c-branching bisimilarity.

For the positive side we use a standard semi-linear representation of bisimulation, knowing that each congruence, including ≃, is semi-linear [6, 9]. The algorithm guesses a base-period representation of a semi-linear set and then checks validity of a Presburger formula that says that this set is a branching bisimulation containing the input pair of processes.

For the negative side, we observe that due to Theorem 6 Duplicator has only finitely many possible answers to each Spoiler’s move. Thus, if Spoiler wins then its winning strategy may be represented by a finitely-branching tree. Furthermore, by König Lemma this tree is finite. The algorithm thus simply guesses a finite Spoiler’s strategy. This can be done effectively: for given β,β′,β″ and ζ it is decidable if \(\beta \stackrel {}{\Longrightarrow }\beta'' \stackrel {\zeta }{\longrightarrow } \beta'\), as the \(\stackrel {}{\Longrightarrow }\) relation is effectively semilinear [4]. □

For weak bisimilarity we obtain a result weaker than Theorem 6, as we are not able to prove that the coefficient c is computable:

Theorem 8

(Bounded Response Property of ≈)

For every normed process definition, there is \(c \in\mathbb{N}\) such that weak bisimilarity ≈, over the transition graph induced by the process definition, is a c-weak bisimulation.

Theorem 8 follows, similarly as Theorem 6, from our results in Sects. 4–6. We note that Theorem 8 does not imply decidability of weak bisimilarity. In Sect. 3.1 we investigate in detail the possible impact on decidability.

3.1 Approximations

In order to discuss in detail the actual impact of Theorems 6 and 8 on decidability, we now define standard approximating hierarchies for branching and weak bisimilarity. For convenience we use a new symbol ≡ to stand for any of the two equivalences, ≃ or ≈. Thus, whenever we state a property of ≡, it should be understood as the property of both ≃ and ≈.

One may define a sequence of approximating relations ≡^m as follows. Every pair of processes belongs to the first approximant ≡⁰. Every consecutive approximant ≡^m+1 contains those pairs of processes that satisfy branching/weak bisimulation expansion wrt. ≡^m. Thus the relation ≡^m relates two processes iff Duplicator has a strategy to survive at least m rounds of the Bisimulation Game.

In general, the hierarchy does not stabilize, both for branching and weak bisimilarity:

$$\equiv \ \subsetneq\ \cap_{m < \omega} \equiv ^m . $$

Indeed, the counterexample for approximability of weak bisimilarity has been given in [17], and it works for branching bisimilarity just as well, see [8]. On the technical level, the inapproximability is actually the main obstacle in proving decidability of the two bisimilarities.

Let \(c \in\mathbb{N}\) be an arbitrary natural number. In an entirely analogous way one defines approximants \(\equiv _{c}^{m}\), describing m steps in the variant of Bisimulation Game where Duplicator is obliged to play under the size restrictions (1) or (2), respectively. We have the following ω-stabilization result applying both to branching and weak bisimilarity:

Proposition 9

(ω-Approximation)

For every \(c \in\mathbb{N}\), \(\equiv _{c}\, = \cap_{m < \omega} \equiv _{c}^{m}\).

Proof

As usual, one proves that \(\cap_{m < \omega} \equiv _{c}^{m}\) is a c-branching/weak bisimulation, similarly as for strong bisimilarity for image-finite systems. □

This may be surprising at first sight, in view of Theorems 6 and 8. Theorems 6 and 8 say jointly that ≡ coincides with ≡ _c , for some c:

Corollary 10

For every normed process definition there is \(c \in\mathbb{N}\) with ≡ = ≡ _c .

Thus for every process definition one obtains the following seeming contradiction. On one hand, ≡ is not equal to the limit ∩ _m<ω ≡^m. On the other hand, By Proposition 9 and Corollary 10, ≡ is equal to \(\cap_{m < \omega} \equiv _{c}^{m}\), for some \(c \in \mathbb{N}\). The following example serves as an illustration:

Example 11

Consider weak bisimilarity for the process definition from Example 1:

$$\begin{array}{ccc@{\qquad}lccc@{\qquad}lccc@{\qquad}lcccl} P & \stackrel {}{\longrightarrow }& \varepsilon & & P & \stackrel {}{\longrightarrow }& P||A & & P & \stackrel {b}{\longrightarrow } & \varepsilon & & P & \stackrel {}{\longrightarrow }& Q & \\ Q & \stackrel {}{\longrightarrow }& \varepsilon & & Q & \stackrel {}{\longrightarrow }& Q||A & & A & \stackrel {a}{\longrightarrow } & \varepsilon & & A & \stackrel {}{\longrightarrow }&\varepsilon & \end{array} $$

We have \(P \not \approx P||Q\) but P≈ⁿ P||Q for all n<ω. Indeed, if for instance Spoiler starts with \(P||Q \stackrel {b}{\longrightarrow } Q\) then Duplicator can respond with \(P \stackrel {}{\Longrightarrow }P||A^{k} \stackrel {b}{\longrightarrow } A^{k}\) for an arbitrarily large k.

On the other hand ≈ coincides with (≈)₁, i.e., Duplicator can respond with a process of size at most equal to the size of Spoiler’s process. Intuitively, this is due to an observation that two processes are bisimilar iff

• they have the same number of occurrences of P;

• Q occurs in both, or in none of them; and

• in the latter case, the number of occurrences of A is the same.

Therefore Duplicator, conforming to the size restriction, can keep this invariant. (Thus ≈ coincides with ≈ _c for any c≥1.)

In consequence \(P \not \approx _{1} P||Q\). In agreement with Proposition 9 it is not true that \(P \approx _{1}^{n} P||Q\) for all n, for instance \(P \not \approx _{1}^{3} P||Q\).

3.2 Decidability of Weak Bisimilarity?

Observe that ≡ _c need not be an equivalence relation in general. However, due to Theorems 6 and 8 we know that for every process definition, for sufficiently large c the relation ≡ _c is an equivalence indeed. We claim the following:

Theorem 12

For every normed process definition, if ≡ _c is an equivalence then it is decidable.

The proof is entirely analogous to the proof of Theorem 7. The equivalence assumption is necessary for the correctness of the positive semi-procedure: the assumption guarantees existence of a semi-linear bisimulation. Furthermore, there is an algorithm whose input is a process definition, a constant c and a pair of processes, and it answers whether the pair is related by ≡ _c .

At first sight Theorem 8 together with Theorem 12 seems to open the way to a decision procedure for weak bisimilarity. This is however not the case, as the constant c depends in general on a given process definition and we do not know any way of estimating this constant, for an arbitrary given process definition. In fact we may only conclude semi-decidability of ≈ (which is however pretty well known, see for instance [4]), as we have the following approximation hierarchy:

$$\approx _0 \, \subseteq\, \approx _1 \subseteq \ldots $$

that reaches finally ≈ for any process definition, by Corollary 10:

$$\approx \, = \bigcup_{c\in\mathbb{N}} \approx _c . $$

3.3 Proof Strategy

The rest of this paper is devoted to the proof of Theorems 6 and 8. Consider a fixed normed process definition from now on. In Sect. 4 we define a notion of normal form nf(α) for a process α and provide linear lower and upper bounds on its size:

$$ \text {size}(\alpha) \leq \text {size}\big (\text {nf}(\alpha)\big ) \leq c \cdot \text {size}(\alpha) $$

(3)

(the lower bound holds assuming that α is minimal wrt. multiset inclusion in its bisimulation class). The results of Sect. 4 apply both to branching and weak bisimilarity (as well as to other variants of bisimulation that lie between branching and weak bisimilarity, cf. [19]). However, the linear coefficient c is not bounded effectively.

The computable estimation of the coefficient c is derived in Sect. 5, in the case of branching bisimilarity. Finally, in Sect. 6 we show how the bounds (3) are used to prove Theorem 6. Section 6 contains also the proof of Theorem 8.

As observed e.g. in [16], a crucial obstacle in proving decidability is so called generating transitions of the form \(X \stackrel {}{\longrightarrow }X||Y\), as they may be used by Duplicator to reach silently X||Y ^m for arbitrarily large m. A great part of our proofs is an analysis of combinatorial complexity of generating transitions and, roughly speaking, elimination of ‘unnecessary’ generations.

Weak Bisimilarity

Branching bisimilarity is more discriminating than weak bisimilarity. The whole development of Sect. 4 is still valid if weak bisimilarity is considered in place of branching bisimilarity. Furthermore, except one single case, the entire proof of estimation of the coefficient in Sect. 5 remains valid too. Interestingly, this single case is obvious under assumptions of [16], thus our proof remains valid for weak bisimilarity over the subclass studied there. We conjecture that the single missing case is provable for weak bisimilarity and thus Theorem 6 holds for weak bisimilarity just as well. This would imply decidability.

4 Normal Form by Squeezing

The results of this section are quite general and apply equally well to branching bisimilarity ≃ and to weak bisimularity ≈. (This will not be however the case in later sections.) We will thus continue using the symbol ≡ to stand for either ≃ or ≈ in this section. Actually the only place where we need to distinguish between weak and branching bisimilarity is Lemma 31 that speaks of matching Duplicator’s responses. Furthermore, we claim that all the results of Sect. 4 apply equally well to intermediate notions of bisimulation, lying between branching and weak bisimilarity, as introduced in [19].

In the sequel we will use, sometimes implicitly, the well-known fact that both branching and weak bisimilarities is substitutive over commutative context-free processes, i.e.

$$\alpha \equiv \beta\quad \implies\quad \alpha ||\gamma \equiv \beta ||\gamma . $$

4.1 Normal Forms

In this section we develop a framework useful for the proofs of Theorems 6 and Theorem 8, to be given in the following sections.

By the bisimulation class of a process α we mean the set of all processes β with β≡α. Note that this definition applies both bisimilarities, as ≡ instantiates either with ≃ or ≈. An important role in our development will be played by normal forms of processes that identify the bisimulation classes uniquely. The normal forms are defined using the linear well-founded order ⪯ on processes, as defined in Definition 22 in Sect. 4.3 below. We prefer to postpone the definition of ⪯, in order to avoid inessential technical details at this early stage.

Definition 13

(Normal Form)

For any process α let nf(α) denote the smallest process with respect to ⪯, bisimilar to α.

Clearly α≡nf(α) and thus we conclude that bisimulation equivalence is characterized by syntactic equality of normal forms:

Lemma 14

α≡β if and only if nf(α)=nf(β).

The main contribution of Sect. 4 is, roughly speaking, providing lower and upper bound on the size of nf(α), relative to the size of α, (cf. Lemmas 40 and 41 appearing at the end of this section). The technical tool will be an operation called below squeeze (defined in Sect. 4.4), transforming a process α into an equivalent one, squeeze(α)≡α. We will prove that iterative application of squeeze eventually converges to the normal form:

$$\alpha \equiv \text {squeeze}(\alpha) \equiv \text {squeeze}^{2}(\alpha) \equiv \ldots \equiv \text {squeeze}^{i}(\alpha) = \text {nf}(\alpha), $$

for some i depending on α. The estimations on the size of normal form will follow easily from the fact that we will be able to control the increase of size of squeeze at every iteration.

4.2 Decreasing Transitions

We will often use the following easy observation, that actually holds for unnormed processes as well.

Lemma 15

If \(\alpha \stackrel {}{\Longrightarrow }\beta \stackrel {}{\Longrightarrow }\alpha'\) and α≡α′ then β≡α.

Proof

Immediate using Definition 3. If Spoiler plays from α, Duplicator uses its response from α′, precomposed with \(\beta \stackrel {}{\Longrightarrow }\alpha'\). On the other hand, if Spoiler plays from β, Duplicator moves \(\alpha \stackrel {}{\Longrightarrow }\beta\) and then copies the Spoiler’s transition. □

A transition \(\alpha \stackrel {\zeta }{\longrightarrow }\beta\) is norm preserving if |α|=|β| and norm reducing if |α|=|β|+1. In the sequel we will pay special attention to norm preserving ε-transitions. Therefore we write \(\alpha \stackrel {}{\longrightarrow }_{0} \beta\), respectively \(\alpha \stackrel {}{\Longrightarrow }_{0}\beta\), to emphasize that the transitions are norm preserving. Note that in the definition of branching bisimulation (Definition 3) one could equivalently use \(\stackrel {}{\Longrightarrow }_{0}\) instead of \(\stackrel {}{\Longrightarrow }\), as all the transitions performed in a Duplicator’s response, except possibly the last one, are necessarily norm-preserving. Similarly, the \(\stackrel {}{\Longrightarrow }\) transitions in Lemma 15 are actually \(\stackrel {}{\Longrightarrow }_{0}\) transitions, i.e. whenever \(\alpha \stackrel {}{\Longrightarrow }\alpha'\) and α≡α′ then the transitions from α to α′ are necessarily norm-preserving.

Definition 16

We call the transition \(\alpha \stackrel {\zeta }{\longrightarrow } \beta\) decreasing if either ζ∈A and the transition is norm-reducing; or ζ=ε and the transition is norm preserving.

Note that every variable has a sequence of decreasing transitions leading to the empty process ε.

Lemma 17

(Decreasing Response)

Whenever α≡β and \(\alpha \stackrel {\zeta }{\longrightarrow } \alpha'\) is decreasing then any Duplicator’s matching sequence of transitions from β contains exclusively decreasing transitions.

Proof

Follows from the following simple observations: ≡ is norm preserving; for a≠ε, the transition relation \(\stackrel {a}{\longrightarrow }\) may decrease the norm by at most one; the transition relation \(\stackrel {\varepsilon }{\longrightarrow }\) never decreases the norm. □

Due to Lemma 15, instantiated to single variables, we may assume wlog. that there are no two distinct variables X,Y with \(X\stackrel {}{\Longrightarrow }_{0} Y\stackrel {}{\Longrightarrow }_{0} X\). Indeed, since reachability via the \(\stackrel {}{\Longrightarrow }_{0}\) transitions is decidable [4], in a preprocessing one may eliminate such pairs X,Y. Relying on this assumption, we may define a partial order induced by decreasing transitions.

Definition 18

For variables X,Y, let X>_decr Y if there is a sequence of decreasing transitions leading from X to Y. Let > denote an arbitrary total order extending >_decr.

Note that we do not assume that X>Y⇒norm(X)≥norm(Y). Indeed, the order > may be chosen in arbitrary way. In Sect. 4 it is only relevant to have some fixed linear order on variables. In the next sections we will alternate between different orders, but only those extending >_decr.

In the sequel we assume that there are n variables {X ₁,…,X _n }, ordered:

$$X_1 > X_2 > \cdots> X_n. $$

If α∈{X ₁,…X _k }^⊗ and β∈{X _k+1,…,X _n }^⊗, for k∈{0,…,n}, we say that k separates α and β. (Note that there may be more than one k separating a given pair of processes.) If some such k exists, we say that α and β are separated. By α⋅β we mean concatenation, that is the composition of processes α, β under the assumption that α and β are separated. Thus formally speaking, concatenation is a partially defined operation, and whenever we write α⋅β we implicitly assume that α and β are separated.

Directly from the definition of > we deduce:

Lemma 19

(Decreasing Transition)

If a decreasing transition \(X_{1}^{a_{1}}\cdot \ldots \cdot X_{n}^{a_{n}} \stackrel {\zeta }{\longrightarrow } X_{1}^{b_{1}}\cdot \ldots \cdot X_{n}^{b_{n}}\) is performed by X _k , say, then b ₁=a ₁,…,b _k−1=a _k−1.

Consider a norm preserving silent transition rule \(X \stackrel {}{\longrightarrow }_{0} \delta\). If X appears in δ, i.e. \(\delta= X \bar{\delta}\), we call the transition rule generating. We use the name generating also for a transition \(\alpha \stackrel {}{\longrightarrow }_{0} \beta\) induced by a generating transition rule. Note that generating transitions are decreasing.

Lemma 20

(Decreasing Transition cont.)

If a decreasing transition, as in Lemma 19, is not generating then b _k =a _k −1.

Following [16], we say that X generates Y if \(X \stackrel {}{\Longrightarrow }_{0} X||Y\). Thus if \(X \stackrel {}{\Longrightarrow }_{0} X||\bar{\delta}\) then X generates every variable that appears in \(\bar{\delta}\). In particular, X may generate itself. Note that each generated variable is of norm 0. More generally, we say that α generates β if \(\alpha \stackrel {}{\Longrightarrow }_{0} \alpha ||\beta \). This is the case precisely iff every variable occurring in β is generated by some variable occurring in α.

We write α⊑β if there is some γ such that α||γ=β (⊑ is thus the multiset inclusion of processes). As an easy implication of Lemma 15 we obtain:

Lemma 21

If α generates β then \(\alpha \equiv \alpha ||\bar{\beta}\) for any \(\bar{\beta} \sqsubseteq \beta\).

Lemma 21 will be useful in the sequel, as a tool for eliminating unnecessary transitions and thus decreasing the size of a resulting process.

4.3 Unambiguous Processes

Once we have a fixed ordering on variables, a process \(X_{1}^{a_{1}}\cdot \dots \cdot X_{n}^{a_{n}}\) may be equivalently presented as a sequence of exponents \((a_{1}, \dots, a_{n}) \in\mathbb{N}^{n}\). In this perspective, ⊑ is the point-wise order. The sequence presentations induce additionally the lexicographic order on processes, denoted ⪯.

Definition 22

We define the order ⪯ on processes as follows:

$$X_1^{a_1}\cdot \dots \cdot X_n^{a_n} \prec X_1^{b_1}\cdot \dots \cdot X_n^{b_n} \ \text{ iff } \ \exists k . \ (a_k < b_k \text{ and } \forall i < k . \ a_i = b_i) . $$

The same may be written briefly using concatenation: α≺β if \(\alpha= \gamma \cdot X^{a}_{k}\cdot \alpha'\), \(\beta= \gamma \cdot X^{b}_{k}\cdot \beta'\), and a<b.

For instance, the decreasing non-generating transitions \(\alpha \stackrel {\zeta }{\longrightarrow } \beta\) always go strictly down the lexicographical order, i.e. α≻β.

We will exploit the fact that the order ⪯ is total, and thus each bisimulation class exhibits the least element. The least process in the bisimulation class of α will serve as the normal form of α, denoted nf(α) (cf. Definition 13 in Sect. 4.1).

The sequence presentation allows us to speak naturally of prefixes of a process: the k-prefix of \(X_{1}^{a_{1}}\cdot \dots \cdot X_{n}^{a_{n}}\) is the process \(X_{1}^{a_{1}}\cdot \dots \cdot X_{k}^{a_{k}}\), for k=0…n.

We now introduce one of the core notions used in the proof: unambiguous processes and their greatest extensions.

Definition 23

(Unambiguous Processes)

A process \(X_{1}^{a_{1}}\cdot \dots \cdot X_{n}^{a_{n}}\), is called k-unambiguous if for every i∈{1,…,k}, α,β∈{X _i+1,…,X _n }^⊗ and \(b, c\in \mathbb{N}\), if b≠c and

$$\begin{aligned} X_1^{a_1}\cdot \dots \cdot X_{i-1}^{a_{i-1}}\cdot {X_i^{b}\cdot \alpha} \ \equiv \ X_1^{a_1}\cdot \dots \cdot X_{i-1}^{a_{i-1}}\cdot {X_i^{c}\cdot \beta} \end{aligned}$$

(4)

then b,c≥a _i . When k=n we write simply unambiguous.

Note that being k-unambiguous is a property of the k-prefix: a process is k-unambiguous iff its k-prefix is so.

Observe that an unambiguous process is necessarily the least one wrt. ⪯ in its bisimulation class, as the definition disallows the equivalence (4) to hold for a _i =b>c. On the other hand, it is not immediately clear whether the opposite implication holds, i.e. whether every bisimulation class contains some unambiguous process. In the sequel we will show that this is actually the case.

Example 24

Consider the following process definition:

$$\begin{array}{ccc@{\qquad}cccc@{\qquad}cccc} X_1 & \stackrel {a}{\longrightarrow } & X_1 & & X_2 & \stackrel {b}{\longrightarrow } & X_3 & & X_3 & \stackrel {b}{\longrightarrow } & \varepsilon \\ X_1 & \stackrel {}{\longrightarrow }& \varepsilon & & X_2 & \stackrel {}{\longrightarrow }& X_3 & & X_3 & \stackrel {}{\longrightarrow }& \varepsilon \end{array} $$

and an order X ₁>X ₂>X ₃ on variables. We observe that \(X_{1}^{2}\approx X_{1}\), therefore the process \(X_{1}^{2}\) is not (1-)unambiguous. On the other hand \(X_{1}\not \approx \alpha\) for any α∈{X ₂,X ₃}^⊗ (because neither X ₂ nor X ₃ can perform an a transition), so X ₁ is unambiguous. Furthermore \(X_{1}\cdot X_{2} \approx X_{1}\cdot X_{3}^{2}\), hence X ₁⋅X ₂ is not (2-)unambiguous. Finally we observe that \(X_{1}\cdot X_{3}^{2} \not \approx X_{1}\cdot X_{3}\). Therefore \(X_{1}\cdot X_{3}^{2}\) is unambiguous, but also X ₁⋅X ₃ is so.

Note that a prefix of a k-unambiguous process is k-unambiguous as well. Moreover, k-unambiguous processes are downward closed wrt. ⊑: whenever α⊑β and β is k-unambiguous, then α is k-unambiguous as well.

Directly by Definition 23, if \(\gamma= X_{1}^{a_{1}}\cdot \ldots \cdot X_{k-1}^{a_{k-1}}\) is (k−1)-unambiguous then it is automatically k-unambiguous (in fact j-unambiguous for any j≥k). This corresponds to a _k =0; we will be especially interested in the greatest value of a _k possible, as formalized in the definition below.

Definition 25

(The Greatest Extension)

The greatest k-extension of a (k−1)-unambiguous process γ∈{X ₁…X _k−1}^⊗ is that process among k-unambiguous processes \(\gamma \cdot X_{k}^{a}\) that maximizes a.

Clearly the greatest extension does not need exist in general, as illustrated below.

Example 26

Consider the processes from Example 24. The process X ₁ is the greatest 1-extension of the empty process as \(X_{1}^{2}\) is not 1-unambiguous. X ₁ is also its own greatest 2-extension. Furthermore, X ₁ does not have the greatest 3-extension. Indeed, \(X_{1} X_{3}^{a}\) is not bisimilar to \(X_{1} X_{3}^{b}\), for a≠b, therefore \(X_{1} X_{3}^{a}\) is 3-unambiguous for any a.

Definition 27

(Unambiguous Prefix)

By an unambiguous prefix of a process \(X_{1}^{a_{1}}\cdot \dots \cdot X_{n}^{a_{n}}\) we mean any k-prefix \(X_{1}^{a_{1}}\cdot \dots \cdot X_{k}^{a_{k}}\) that is k-unambiguous, for k=0…n. The maximal unambiguous prefix is the one that maximizes k.

Example 28

For the process definition from Example 24, the maximal unambiguous prefix of \(X_{1}\cdot X_{2}^{2}\) is X ₁, and the maximal unambiguous prefix of \(X_{1}^{2}\cdot X_{2}\) is the empty process.

4.4 Squeezes

The following lemma is fundamental for our subsequent development. The rough idea is as follows. For an unambiguous α consider a sequence of decreasing transitions from α⋅β, for an arbitrary β. The resulting process is necessarily of the form α′||β′, where α′ is obtained from α by a subsequence of transitions, and β′ is obtained from β by the remaining subsequence of transitions. The lemma says that if α′||β′ is still bisimilar to α||γ for some γ then up to bisimilarity, the same process is reached by the latter subsequence of transitions.

Lemma 29

Consider a process α⋅β, where α is unambiguous, and a sequence of decreasing transitions:

$$\begin{aligned} \alpha \cdot \beta \stackrel {\zeta _1}{\longrightarrow } \ldots \stackrel {\zeta _l}{\longrightarrow } \alpha'||\beta' \end{aligned}$$

(5)

with α′ and β′ originating from α and β, respectively, i.e.

$$\begin{aligned} \alpha \stackrel {\zeta _{i_1}}{\longrightarrow } \ldots \stackrel {\zeta _{i_k}}{\longrightarrow } \alpha' \quad\mathit{and} \quad \beta \stackrel {\zeta _{j_1}}{\longrightarrow } \ldots \stackrel {\zeta _{j_m}}{\longrightarrow } \beta', \end{aligned}$$

(6)

for some sequences i ₁<⋯<i _k and j ₁<⋯<j _m of indices that partition the sequence 1,2,…,l. Suppose that

$$\alpha'||\beta' \equiv \alpha ||\gamma $$

for some γ. Then α′≡α and hence α′||β′≡α⋅β′.

Proof

Our goal is to show the following two facts:

• α and β′ are separated (in other words, β′ contains only variables which are smaller than all variables from α with respect to >), and

• α′≡α.

Indeed, in this case α⋅β′ is well defined and α′||β′≡α⋅β′ due to substitutivity.

Let’s prove the first item first. Observe that each variable X occurring in the process β′ is an effect of a sequence of decreasing transitions originating from some variable Y occurring in the process β, hence Y≥X. Thus α and β′ are separated since α and β are.

Now it remains to prove the second item, namely α′≡α. Extend the sequence of transition (5) with

$$\alpha'||\beta' \stackrel {}{\Longrightarrow }_0 \bar{\alpha}'||\beta' $$

induced by a sequence

$$\alpha' \stackrel {}{\Longrightarrow }_0 \bar{\alpha}' $$

leading from α′ to a ⊑-minimal process \(\bar{\alpha}' \sqsubseteq \alpha'\) bisimilar to α′. By substitutivity \(\bar{\alpha}'||\beta' \) is bisimilar to α′||β′, and thus also to α||γ:

$$\begin{aligned} \bar{\alpha}'||\beta' \equiv \alpha ||\gamma . \end{aligned}$$

(7)

We claim that \(\bar{\alpha}'=\alpha\), which immediately implies α′≡α.

Towards contradiction, suppose \(\bar{\alpha}'\neq\alpha\). Let k be the first coordinate on which \(\bar{\alpha}'\) doesn’t agree with α. In other words:

$$\begin{aligned} \alpha=\theta \cdot X_k^{a}\cdot \omega, \quad \bar{\alpha}'=\theta \cdot X_k^{a'}\cdot \omega' \quad \text{and} \quad a\neq a', \end{aligned}$$

for some k,a,a′ and processes θ,ω, and ω′. We consider two cases.

First suppose a>a′. As α and β′ are separated, and a>0, we know that all variables appearing in β′ are smaller than X _k . Thus \(\bar{\alpha}'||\beta' \) may be presented as

$$\begin{aligned} \bar{\alpha}'||\beta' = \theta \cdot X_k^{a'}\cdot {(\omega'||\beta' )}. \end{aligned}$$

Recall that the process \(\alpha=\theta \cdot X_{k}^{a}\cdot \omega\) is unambiguous. By the very definition of unambiguous processes, as a′<a then the process \(\bar{\alpha}'||\beta' \) can not be bisimilar to α||γ, which contradicts (7).

As the last remaining case, suppose a<a′. Because in the sequence of transitions \(\alpha \stackrel {}{\Longrightarrow } \bar{\alpha}'\) we use only decreasing transitions, and because k is the first coordinate on which \(\bar{\alpha}'\) differs from α, by Lemmas 19 and 20 we deduce that X _k was created via some generating transition. Thus \(\theta \cdot X_{k}^{a} \) generates X _k , and by Lemma 21 we conclude that

$$\theta \cdot X_k^{a'} \equiv \theta \cdot X_k^{a}. $$

This means that \(\bar{\alpha}' = \theta \cdot X_{k}^{a'}\cdot \omega' \equiv \theta \cdot X_{k}^{a}\cdot \omega'\) and \(\bar{\alpha}' \sqsupset \theta \cdot X_{k}^{a}\cdot \omega'\) which is in contradiction with ⊑-minimality of \(\bar{\alpha}'\). □

The following simple example illustrates the reasoning in the proof above.

Example 30

Consider the process definition from Example 1 with an order P>Q>A. Clearly process P is the only one which can perform action b and no other variable can reach P via a sequence of transitions, thus P is unambiguous. Instantiate Lemma 29 with α=P, β=Q, and a sequence of decreasing transitions

$$P\cdot Q\stackrel {}{\Longrightarrow }P\cdot Q\cdot A^9\stackrel {a}{\longrightarrow } P\cdot Q\cdot A^8\stackrel {}{\longrightarrow }P\cdot A^8, $$

with all A’s produced using the transition rule \(P \stackrel {}{\longrightarrow }P||A\). Clearly the assumption of Lemma 29 holds as P⋅A ⁸⊒P.

Then Lemma 29 says that P⋅A ⁸≡P. Indeed, this must be true as P generates A. This simple example has an advantage of being general enough: in Lemma 29, all variable occurrences in α′ that do not belong to α are actually generated by α.

Lemma 31

Under the assumptions of Lemma 29, if the sequence of transitions (5) is a matching Duplicator’s move (which means in particular that all symbols ζ _i are ε, except possibly one), then the subsequence of transitions originating from β:

$$\begin{aligned} \alpha \cdot \beta \stackrel {\zeta _{j_1}}{\longrightarrow } \ldots \stackrel {\zeta _{j_m}}{\longrightarrow } \alpha \cdot \beta' \end{aligned}$$

(8)

is also a matching Duplicator’s move.

Proof

For weak bisimilarity it is sufficient that the last process α⋅β′ in (8) is bisimilar to the last process in (5). In case of branching bisimilarity we need to inspect also the second last process in (8). We know however that the sequence in (5), being a matching Duplicator’s response, has the form:

$$\begin{aligned} \alpha \cdot \beta \stackrel {}{\Longrightarrow }\stackrel {a}{\longrightarrow } \alpha'||\beta' \end{aligned}$$

(9)

(i.e. ζ ₁=⋯=ζ _l−1=ε). Recall that α′ is bisimilar to α, by Lemma 29. As the last transition in (9) is the only one in the sequence that may change bisimulation class, and α′||β′ is bisimilar to α⋅β′, the process obtained by transitions originating from β, we claim that the last transition necessarily originates from β, i.e.

$$\begin{aligned} \alpha \cdot \beta \stackrel {}{\Longrightarrow }\alpha'||\beta'' \stackrel {a}{\longrightarrow } \alpha'||\beta' \end{aligned}$$

for some β″. Thus restricting to only transitions originating from β we obtain

$$\begin{aligned} \alpha \cdot \beta \stackrel {}{\Longrightarrow }\alpha \cdot \beta'' \stackrel {a}{\longrightarrow } \alpha \cdot \beta' . \end{aligned}$$

The sequence is necessarily a matching Duplicator’s response as α⋅β″ is bisimilar to α′||β″. □

A direct conclusion from Lemmas 29 and 31 is the following result that speaks about an interplay between composition and concatenation with an unambiguous process. Consider an unambiguous γ and suppose that the following two processes are bisimilar:

$$\begin{aligned} \gamma \cdot \alpha \equiv (\gamma ||\beta). \end{aligned}$$

(10)

Then for any decreasing Spoiler’s move from the right process originating from β, there is a matching Duplicator’s move from the left one that only engages α. The precise formulation follows.

Lemma 32

Let γ be a k-unambiguous process and let α,β be arbitrary processes satisfying (10). Then for any decreasing transition \(\beta \stackrel {\zeta }{\longrightarrow } \beta'\), giving rise to a Spoiler’s move

$$\gamma ||\beta \stackrel {\zeta }{\longrightarrow } \gamma ||\beta' $$

there is a sequence of decreasing transitions:

$$\alpha \stackrel {\zeta _1}{\longrightarrow } \ldots \stackrel {\zeta _n}{\longrightarrow } \alpha' $$

that gives rise to a matching Duplicator’s move

$$\gamma \cdot \alpha \stackrel {\zeta _1}{\longrightarrow } \ldots \stackrel {\zeta _n}{\longrightarrow } \gamma \cdot \alpha' , $$

as required by the definition of branching or weak bisimulation expansion.

Proof

Consider a matching Duplicator’s move (all transitions are necessarily decreasing by Lemma 17):

$$\begin{aligned} \gamma \cdot \alpha \stackrel {\zeta _1}{\longrightarrow } \ldots \stackrel {\zeta _n}{\longrightarrow } \gamma'\cdot \alpha'. \end{aligned}$$

(11)

As the move is matching, we know that

$$\gamma'\cdot \alpha' \equiv \gamma ||\beta' . $$

The process γ is unambiguous and γ||β′⊒γ, which allows us to apply Lemma 29, to obtain a subsequence of (11)

$$\alpha \stackrel {\zeta _{j_1}}{\longrightarrow } \ldots \stackrel {\zeta _{j_m}}{\longrightarrow } \bar{\alpha}$$

such that \(\gamma \cdot \bar{\alpha} \equiv \gamma'\cdot \alpha'\). Then by Lemma 31 we learn that the subsequence is a matching Duplicator’s move. □

The lemma to follow applies Lemma 32 to a special kind of unambiguous processes, namely to the greatest k-extensions \(\gamma \cdot X_{k}^{a}\) of unambiguous processes γ.

Lemma 33

(Squeezing Out)

Suppose γ is a (k−1)-unambiguous process with the greatest k-extension \(\gamma \cdot X_{k}^{a}\). Then for some process δ it holds:

$$ \gamma \cdot X_{k}^{a+1} \equiv \gamma \cdot X_{k}^{a}\cdot \delta . $$

(12)

Proof

By δ,δ′, etc. we denote below processes from {X _k+1…X _n }^⊗.

As a is the maximal extension of γ, there is some b>a and some processes δ,δ′ such that

$$\gamma \cdot X_{k}^{b}\cdot \delta \equiv \gamma \cdot X_{k}^{a}\cdot \delta' . $$

Consider an arbitrary sequence of decreasing transitions

$$X_k^{b}\cdot \delta \stackrel {\zeta _1}{\longrightarrow } \dots \stackrel {\zeta _m}{\longrightarrow } X_k^{a+ 1}. $$

By Lemma 32 applied to the unambiguous process \(\gamma \cdot X^{a}_{k}\), there is a sequence of matching (necessarily decreasing) transitions

$$\delta' \stackrel {\psi_1}{\longrightarrow } \dots \stackrel {\psi_l}{\longrightarrow } \delta'', $$

for some δ″, such that

$$\gamma \cdot X_k^{a + 1} \equiv \gamma \cdot X_k^{a}\cdot \delta''. $$

This completes the proof. □

Definition 34

If a (k−1)-unambiguous process γ∈{X ₁…X _k−1}^⊗ has the greatest k-extension, say \(\gamma \cdot X_{k}^{a}\), then any δ∈{X _k+1…X _n }^⊗ satisfying (12) is called a γ-squeeze of X _k .

By the very definition, X _k has a γ-squeeze only if γ has the greatest k-extension. Lemma 33 shows the opposite: if γ has the greatest k-extension then X _k has a γ-squeeze, that may depend in general on γ and k. The squeeze is however not uniquely determined and in fact X _k may admit many different γ-squeezes. In the sequel assume that for each (k−1)-unambiguous γ∈{X ₁…X _k−1}^⊗ and X _k , some γ-squeeze of X _k is chosen; this squeeze will be denoted by δ _k,γ .

Example 35

Consider again the process definition from Example 1, with the order P > Q > A. Observe that Q ²≡Q which means that Q ² is not an unambiguous process. If we fix γ=P ³, say, then ne possible γ-squeeze of Q is the empty one: P ³⋅Q ²≡P ³⋅Q⋅ε, but there are many others, for instance P ³⋅Q ²≡P ³⋅Q⋅A ⁿ, for any n≥0. The same squeezes are fine for any other γ∈{P}^⊗.

Definition 36

(Squeezing Step)

For a given process α, assuming it is not n-unambiguous, let γ be its maximal unambiguous prefix. Thus there is k≤n such that

$$\alpha = \gamma \cdot X_k^{a}\cdot \delta, $$

γ∈{X ₁…X _k−1}^⊗, δ∈{X _k+1…X _n }^⊗, and \(\gamma\, X_{k}^{a}\) is not k-unambiguous. Note that a is surely greater than 0. We define squeeze(α) by

$$\text {squeeze}(\alpha) = \gamma \cdot X_k^{a - 1}\cdot {(\delta_{k,\gamma} ||\delta )}. $$

Otherwise, i.e. when α is n-unambiguous, for convenience put squeeze(α)=α.

By Lemma 33 and by substitutivity of ≡ we conclude that α≡squeeze(α) and if α is not unambiguous then squeeze(α)≺α.

4.5 Bounds on Normal Forms

For an arbitrary partial order \(\unlhd \) on processes, a process α is called \(\unlhd \)-minimal if it is minimal with respect to \(\unlhd \) in its bisimulation class (in other words, there is no β◁α with β≡α). In the sequel in this section we will often refer to ⊑-minimal processes, and to ⪯-minimal ones. Clearly in every bisimulation class there is exactly one ⪯-minimal process, the normal form of processes from that class. In the following sections we will use the notion of \(\unlhd \)-minimality also for other orders than ⪯ and ⊑.

For a process α, by a \(\unlhd \)-minimization of α we mean any \(\unlhd \)-minimal process β with β≡α and \(\beta \unlhd \alpha\). In particular, if α is \(\unlhd \)-minimal then it is its own minimization, in fact the unique one. Clearly, if the order is well-founded then every process has some \(\unlhd \)-minimization. All orders considered in this paper are refinements of the lexicographical order ⪯ and are thus well-founded.

Due to Lemma 33 we learn that every bisimulation class contains an unambiguous processes:

Lemma 37

A process α is unambiguous if and only if it is ⪯-minimal.

Proof

One implication does not refer to squeezes. Suppose α is not the least process in its bisimulation class. That is, for some i≤n we have \(\alpha = \gamma \cdot X_{i}^{a}\cdot \bar{\alpha}\) and there is some \(\beta = \gamma \cdot X_{i}^{b}\cdot \bar{\beta} \equiv \alpha\) with b<a. Thus, according to the definition, α is not unambiguous.

The other implication is easily provable building on the development of this section. If α is not unambiguous then it is not the least one in its bisimulation class wrt. ⪯ as α≡squeeze(α) and squeeze(α)≺α. □

It follows that the squeezing step, applied in a systematic manner sufficiently many times on a process α, leads to the normal form process nf(α).

Lemma 38

(Normal Form via Squeezing)

Let α be an arbitrary process. Then consecutive applications of the squeezing step eventually stabilize at nf(α), i.e. for some m≥0, squeeze^m(α)=nf(α).

Finally we formulate lower and upper bounds on the size of nf(α), with respect to the size of α, that will be crucial for the proof of Theorem 6. The first one, stated in Lemma 40, applies uniquely to ⊑-minimal processes. The following lemma is the technical preparation:

Lemma 39

If α is ⊑-minimal then \(\text {size}(\alpha) \leq \text {size}(\bar{\alpha})\), for any ⊑-minimization \(\bar{\alpha}\) of squeeze(α).

Proof

If α is unambiguous the proof is trivial, therefore assume otherwise. According to Definition 36, let \(\alpha= \gamma \cdot X_{k}^{a}\cdot \delta\) and let

$$ \text {squeeze}(\alpha) = \gamma \cdot X_k^{a - 1}\cdot {( \delta_{k,\gamma} ||\delta )}. $$

(13)

Consider any \(\bar{\alpha} \sqsubseteq \text {squeeze}(\alpha)\) such that \(\bar{\alpha} \equiv \text {squeeze}(\alpha)\). First we observe that γ is necessarily a (k−1)-prefix of \(\bar{\alpha}\) as α is (k−1)-unambiguous and \(\alpha \equiv \bar{\alpha}\). Therefore

$$\bar{\alpha}= \gamma \cdot X_k^{b-1}\cdot {( \bar{\delta}_{k,\gamma} ||\bar{\delta})} $$

for some b≤a and \(\bar{\delta}_{k,\gamma} \sqsubseteq \delta_{k,\gamma}\) and \(\bar{\delta} \sqsubseteq \delta\). We observe that \(\bar{\delta}_{k,\gamma}\) is necessarily non-empty, as α is ⊑-minimal and \(\alpha \equiv \bar{\alpha}\). For \(\text {size}(\alpha) \leq \text {size}(\bar{\alpha})\) it is thus sufficient to demonstrate that

$$b = a \quad \text{and}\quad \bar{\delta}= \delta. $$

Towards a contradiction assume the opposite, i.e. either b<a, or \(\bar{\delta} \sqsubset \delta\). As \(\alpha \equiv \bar{\alpha}\), i.e.,

$$\gamma \cdot X_k^a \cdot \delta \equiv \gamma \cdot X_k^{b-1}\cdot {(\bar{\delta}_{k,\gamma} ||\bar{\delta})}, $$

knowing that a>b−1 we deduce that the process γ⋅X ^b may not be k-unambiguous. Thus we may apply squeeze(_) to \(\gamma \cdot X^{b} \cdot \bar{\delta}\) to obtain

$$\text {squeeze}\big (\gamma \cdot X_k^{b}\cdot \bar{\delta}\big ) = \gamma \cdot X_k^{b-1}\cdot {(\delta_{k,\gamma} ||\bar{\delta})}. $$

By Lemma 15 applied to

$$\begin{aligned} \text {squeeze}(\alpha) = \gamma \cdot X_k^{a - 1}\cdot {( \delta_{k,\gamma} ||\delta)} &\stackrel {}{\Longrightarrow }_0 \gamma \cdot X_k^{b-1}\cdot {( \delta_{k,\gamma} ||\bar{\delta})}\\ &\stackrel {}{\Longrightarrow }_0 \gamma \cdot X_k^{b-1}\cdot {(\bar{\delta}_{k,\gamma} ||\bar{\delta})} = \bar{\alpha} \end{aligned}$$

we deduce \(\text {squeeze}(\alpha) \equiv \gamma \cdot X_{k}^{b-1} \cdot {(\delta_{k,\gamma} ||\bar{\delta})}\), i.e.,

$$\text {squeeze}(\alpha) \ \equiv \ \text {squeeze}\big (\gamma \cdot X_k^{b}\cdot \bar{\delta}\big ). $$

Since always α≡squeeze(α) we obtain

$$\alpha = \gamma \cdot X_k^a \cdot \delta \equiv \ \text {squeeze}(\alpha) \ \equiv \ \text {squeeze}\big (\gamma \cdot X_k^{b}\cdot \bar{\delta}\big ) \ \equiv \ \gamma \cdot X_k^{b} \cdot \bar{\delta}, $$

with either b<a or \(\bar{\delta} \sqsubset \delta\), thus contradicting the ⊑-minimality of α. This completes the proof. □

Lemma 40

(Lower Bound)

If α is ⊑-minimal then size(nf(α))≥size(α).

Proof

This lemma is a corollary of Lemma 39, once one observes that the same normal form is obtained by consecutive applications of the following non-deterministic modification of the squeezing step:

• the minimization-squeezing step: replace α by any ⊑-minimization of squeeze(α).

Indeed, as minimization preserves the bisimulation class, the unambiguous process obtained at the end, starting from a process α, is necessarily nf(α). □

Contrarily to Lemma 40, the upper bound holds for all processes.

Lemma 41

(Upper Bound)

There is a constant c, depending only on the process definition, such that size(nf(α))≤c⋅size(α) for any process α.

Proof

Let α be an arbitrary process. We claim that the size of nf(α) is bounded by:

$$ \text {size}\big (\text {nf}(\alpha)\big ) \leq \text {size}(\alpha) \cdot \text {size}(\delta_{k_1,\gamma _1}) \cdot\ldots\cdot \text {size}(\delta_{k_n, \gamma_n}) $$

(14)

for some unambiguous processes γ ₁…γ _n not depending on α. Indeed, let γ _k be the (k−1)-unambiguous process witnessing the squeezing step for X _k (if any). The size of the process, during all squeezing steps for X _k , increases at most \(\text {size}(\delta_{k_{k}, \gamma_{k}})\) times.

However, in general, there may be infinitely many different processes δ _k,γ used in the squeezing steps for different processes α, as there may be in general infinitely many unambiguous processes γ. We will argue that for the purpose of estimating the size of nf(α) for all processes α, it is sufficient to take into account only a finite subset of unambiguous processes. We will rely on the following simple observation. Let γ,γ′∈{X ₁…X _k−1}^⊗, for some k≤n, be both (k−1)-unambiguous and γ⊑γ′, respectively. Let the greatest k-extensions of γ and γ′ be \(\gamma \cdot X_{k}^{a}\) and \(\gamma \cdot X_{k}^{a'}\). The exponents necessarily satisfy a≥a′. The crucial observation is that whenever a=a′ then every γ-squeeze, like δ _k,γ , is also a γ′-squeeze. Indeed:

$$\gamma \cdot X_k^{a+1}\cdot \delta\ \equiv \ \gamma \cdot X_k^a\cdot \delta_{k,\gamma} \cdot \delta \quad \text{implies}\quad \gamma'\cdot X_k^{a+1}\cdot \delta\ \equiv \ \gamma'\cdot X_k^a \cdot \delta_{k,\gamma} \cdot \delta, $$

since ≡ is substitutive. In other words: one may safely assume δ _k,γ′=δ _k,γ whenever γ⊑γ′ and a≤a′.

Now we easily obtain the estimation. For every k∈{1…n}, consider all pairs (γ,a), where γ∈{X ₁…X _k−1}^⊗ is any (k−1)-unambiguous process that exhibits the greatest extension \(\gamma X_{k}^{a}\) (note that only such processes γ witness a squeezing step). Choose those among them that are minimal wrt. ⊑ on the first coordinate, and wrt. ≤ on the second one. By Dickson’s Lemma there are only finitely many such minimal pairs. The set of all processes δ _k,γ , for all chosen minimal pairs (γ,a), jointly for all k, has an element which is maximal wrt. size; denote this maximal size by s. The size of any process \(\delta_{k_{i},\gamma_{i}}\) in (14) is dominated by s and thus we obtain:

$$ \text {size}\big (\text {nf}(\alpha)\big ) \leq \text {size}(\alpha) \cdot s^n $$

(15)

which completes the proof by putting c=s ⁿ. Note that c only depends on a process definition, and does not depend on a process α. □

Concerning the upper bound, in the following section we demonstrate a sharper result, with the constant c estimated effectively. However, the estimation will be only shown for branching bisimilarity.

5 Effective Bound on Normal Form

In this section we only consider branching bisimilarity ≃. In particular, the notion of normal form is understood with respect to ≃. Fix an arbitrary process definition and denote its size by d.

Contrarily to the previous section, where the linear order > on variables was fixed, in this section we consider all linear orders on variables that extend >_decr (cf. Definition 18); such orders we call briefly admissible. Note however that the whole development of Sect. 4 strongly depends on the choice of >. In particular, the normal form of a process may change if one changes the order. Thus in this section we will have to be careful enough to explicitly specify the order we use, whenever we apply any notation or result of Sect. 4.

Concerning the notation, we will use indexed variable names X ₁,X ₂,…,X _n as in Sect. 4, assuming that the indexing is consistent with a currently used admissible order:

$$X_1 > X_2 > \cdots> X_n . $$

The following lemma is the main result of this section. The lemma will be used in Sect. 6 for the proof of Theorem 6.

Lemma 42

(Upper Bound)

For every admissible order >, and for every process α, size(nf(α))≤d ⁿ⁻¹⋅size(α).

Lemma 42 is a direct corollary of Lemma 43 which says that whatever admissible order is chosen, squeezing does not increase a weighted measure of size, defined as:

$${d}\text {-}\text {size}\big (X_1^{a_1} \dots X_n^{a_n}\big ) = a_1 \cdot d^{n-1} + a_2 \cdot d^{n-2} + \cdots+ a_{n-1} \cdot d + a_n. $$

(The measure of size clearly depends on the choice of >.)

Lemma 43

For every k∈{1…n}, for every admissible order > and (k−1)-unambiguous γ∈{X ₁…X _k−1}^⊗ that has the greatest k-extension, the variable X _k has a γ-squeeze δ with d-size(δ)≤d-size(X _k ).

(Note that even the variable X _k , as well as the property of being (k−1)-unambiguous, depend on the choice of >.) Indeed, whatever an admissible order > is chosen, Lemma 43 together with Lemma 38 imply d-size(nf(α))≤d-size(α) and then Lemma 42 follows:

$$\text {size}\big (\text {nf}(\alpha)\big ) \leq {d}\text {-}\text {size}\big (\text {nf}(\alpha)\big ) \leq {d}\text {-}\text {size}(\alpha) \leq d^{n-1} \cdot \text {size}(\alpha). $$

All the rest of this section is devoted to the proof of Lemma 43.

5.1 Proof of Lemma 43

The proof is by induction on n−k. The induction basis is for k=n. Whatever an admissible order is chosen, if k=n then it trivially holds that d-size(δ)≤d-size(X _k ), as the only possible γ-squeeze δ of X _n is the empty process, whose weighted size is 0.

For the induction step, fix some k and an admissible order >, assuming that the lemma holds for all greater values of k, for all admissible orders.

Then fix a (k−1)-unambiguous process γ∈{X ₁…X _k−1}^⊗, assuming that γ has the greatest k-extension, say \(\gamma \cdot X_{k}^{a}\). The assumption guarantees existence of some γ-squeeze of X _k , that is a process δ satisfying

$$\begin{aligned} \gamma \cdot X_k^{a+1}\simeq \gamma \cdot X_k^a\cdot \delta. \end{aligned}$$

(16)

The proof is split into three cases:

• a>0,

• a=0 and X _k has a γ-squeeze δ such that \(X_{k} \stackrel {}{\Longrightarrow }_{0} \delta\),

• a=0 and X _k has no γ-squeeze δ such that \(X_{k} \stackrel {}{\Longrightarrow }_{0} \delta\).

Case 1: a>0

In this case we will not refer to the induction assumption at all.

The idea behind that proof is based on the fact that a>0, and thus, roughly speaking, X _k does not vanish during squeezing. From this we deduce that variables generated by X _k do not appear in some squeeze δ of X _k . Bounding the number of occurrences of other variables in δ is an easy conclusion from Claim 44, formulated below.

Claim 44

The variable X _k has a γ-squeeze η such that \(\gamma \cdot X_{k}^{a+1} \stackrel {}{\Longrightarrow }_{0} \gamma \cdot X_{k}^{a}\cdot \eta\).

Proof

Choose an arbitrary γ-squeeze of X _k , say δ. Consider the pair (16) and an arbitrary non-generating decreasing transition \(X_{k} \stackrel {\zeta }{\longrightarrow } \omega\) (due to normedness assumption every variable has such a transition). The transition gives rise to a Spoiler’s move

$$\gamma \cdot X_k^{a}\cdot \delta \stackrel {\zeta }{\longrightarrow } \gamma \cdot X_k^{a-1}\cdot {(\delta ||\omega)}, $$

matched by some sequence of transitions of the form

$$\gamma \cdot X_k^{a+1} \stackrel {}{\Longrightarrow }_0 \alpha \stackrel {\zeta }{\longrightarrow } \alpha'. $$

We claim that

$$\alpha= \gamma \cdot X_k^a\cdot \eta \quad\text{and} \quad \alpha' = \gamma \cdot X_k^{a-1}\cdot \eta', $$

for some processes η and η′. The claim follows due to the equivalences

$$\alpha \simeq \gamma \cdot X_k^{a}\cdot \delta \quad\text{and} \quad \alpha'\simeq \gamma \cdot X_k^{a-1}\cdot ({\delta ||\omega}), $$

using the fact that \(\gamma \cdot X_{k}^{a}\) is k-unambiguous. Thus η is a γ-squeeze of X _k :

$$\gamma \cdot X_k^a\cdot \eta \simeq \gamma \cdot X_k^{a}\cdot \delta \simeq \gamma \cdot X_k^{a+1}, $$

and \(\gamma \cdot X_{k}^{a+1} \stackrel {}{\Longrightarrow }_{0} \gamma \cdot X_{k}^{a}\cdot \eta\) as required. □

Remark 45

Actually it follows easily that \(X_{k} \stackrel {}{\Longrightarrow }_{0} \eta\). We will however not need this property in the remaining part of the proof.

Consider the sequence of transitions \(\gamma \cdot X_{k}^{a+1} \stackrel {}{\Longrightarrow }_{0} \gamma \cdot X_{k}^{a}\cdot \eta\) and assume that all transitions originating from γ precede all transitions originating from \(X_{k}^{a+1}\). Distinguish the very first transition of X _k , say \(X_{k} \stackrel {}{\longrightarrow }_{0} \phi\), that decreases the exponent from a+1 to a:

$$ \gamma \cdot X_k^{a+1} \stackrel {}{\Longrightarrow }_0 \gamma \cdot X_k^{a+1}\cdot \theta \stackrel {}{\longrightarrow }_0 \gamma \cdot X_k^{a} \cdot {( \phi ||\theta)} \stackrel {}{\Longrightarrow }_0 \gamma \cdot X_k^{a} \cdot \eta. $$

(17)

Note that by Lemma 15 we have:

$$ \gamma \cdot X_k^{a+1} \simeq \gamma \cdot X_k^{a}\cdot {( \theta ||\phi)} . $$

(18)

Furthermore, as \(\gamma \cdot X_{k}^{a+1}\) generates θ, namely \(\gamma \cdot X_{k}^{a+1} \stackrel {}{\Longrightarrow }_{0} \gamma \cdot X_{k}^{a+1} \cdot \theta\), and a>0, we observe that \(\gamma \cdot X_{k}^{a}\) generates θ as well, and hence

$$\gamma \cdot X_k^{a} \simeq \gamma \cdot X_k^{a}\cdot \theta . $$

This allows us to obtain, using substitutivity and the equation (18), a γ-squeeze of X _k of size at most d:

$$\gamma \cdot X_k^{a+1} \simeq \gamma \cdot X_k^{a}\cdot {( \theta ||\phi)} \ \simeq \ \gamma \cdot X_k^{a}\cdot \phi. $$

Knowing that ϕ∈{X _k+1…X _n }^⊗ and size(ϕ)<d, we easily deduce the required bound on the weighted size of ϕ:

$${d}\text {-}\text {size}(\phi) \leq d \cdot d^{n-k-1} = d^{n-k} = {d}\text {-}\text {size}(X_k). $$

The proof of Case 1 is thus completed.

Case 2.1: a=0 and X _k Has a γ-Squeeze δ such that \(X_{k} \stackrel {}{\Longrightarrow }_{0} \delta\)

This is the only case that we are not able to adapt to weak bisimilarity.

Recall that we have a fixed admissible order >, for which we should provide an estimation on the size of a γ-squeeze δ of X _k . The idea of the solution for this case is to do a proof for an admissible order >′ different than >, knowing that both orders are k-consistent, which means that they agree on k greatest elements. For instance, the two orders on the set {A,B,C,D,E}:

$$A > B > C > D > E \quad\text{and} \quad A >' B >' D >' E >' C $$

are 2-consistent but not 3-consistent. The estimation on the size of a γ-squeeze δ will transfer easily to the original order >, as we will actually prove that size(δ)≤d. Our proof is based on the simple observation that if two orders are k-consistent then for l≤k, l-unambiguous prefixes with respect to both orders are the same, as well as squeezes of X _l .

The modified order, denoted >′, is any one that satisfies the following conditions:

1. 1.

   >′ is k-consistent with >, and

2. 2.

   all variables generated by X _k are smaller with respect to >′ than all variables not generated by X _k .

Note that the second condition is satisfiable: whenever Y is generated by X _k and Z is not, then there exists no sequence of decreasing transitions from Y to Z, thus Y>_decr Z is impossible. From now on we work with the order >′, so indexing of variables X _i , squeezes, normal forms, etc. are implicitly understood to be defined with respect to that order.

To make the notation more readable, we will constantly use symbols α,α′, etc. for processes containing exclusively variables smaller than X _k that are not generated by X _k , and symbols β,β′, etc. for those containing exclusively variables generated by X _k .

Let δ be a γ-squeeze of X _k such that \(X_{k} \stackrel {}{\Longrightarrow }_{0} \delta\). In the sequence of transitions \(X_{k} \stackrel {}{\Longrightarrow }_{0} \delta\), distinguish the transition that makes X _k disappear, induced by a transition rule \(X_{k} \stackrel {}{\longrightarrow }_{0} \omega\), say. We may thus write:

$$\begin{aligned} \gamma \cdot X_k\stackrel {}{\Longrightarrow }_0\gamma \cdot X_k\cdot \hat{\beta} \stackrel {}{\longrightarrow }_0\gamma \cdot {(\omega ||\hat{\beta})} \stackrel {}{\Longrightarrow }_{0}\gamma \cdot \delta \end{aligned}$$

(19)

for some process \(\hat{\beta}\). Let nf(γ⋅X _k )=γ⋅α⋅β. As the first step we prove the following:

Lemma 46

\(\text {nf}(\gamma \cdot \omega)=\gamma \cdot \alpha \cdot \bar{\beta}\) for some process \(\bar{\beta}\).

Proof

As the first step we compute \(\text {nf}(\gamma \cdot {( \omega ||\hat{\beta})})\). Knowing that δ is a γ-squeeze of X _k , we may apply Lemma 15 to (19) to obtain

$$\gamma \cdot X_k \simeq \gamma \cdot {( \omega ||\hat{\beta})} $$

and thus

$$\text {nf}\big (\gamma \cdot {(\omega ||\hat{\beta})}\big ) = \text {nf}(\gamma \cdot X_k) = \gamma \cdot \alpha \cdot \beta. $$

Now we claim that normal forms of the processes

$$\begin{aligned} \gamma \cdot \omega \quad\text{and} \quad \gamma \cdot {(\omega ||\hat{\beta})} \end{aligned}$$

(20)

differ only on variables generated by X _k , which immediately proves the lemma. Indeed the processes themselves (20) differ only on variables generated by X _k (i.e. variables appearing in \(\hat{\beta}\)). Recall that the order on variables has been chosen so that the variables generated by X _k are smaller than other variables. As normal form is obtained by consecutive squeezing (cf. Lemma 38), the normal forms of processes (20) may only differ on variables generated by X _k , as required. □

Recall that nf(γ⋅X _k )=γ⋅α⋅β and consider Bisimulation Game from the pair of processes

$$\gamma \cdot X_k \simeq \gamma \cdot \alpha \cdot \beta. $$

Suppose the first Spoiler’s move is \(\gamma \cdot X_{k}\stackrel {}{\longrightarrow }_{0} \gamma \cdot \omega\), answered by a matching Duplicator’s move:

$$\begin{aligned} \gamma \cdot \alpha \cdot \beta \stackrel {}{\Longrightarrow }_0 \tau' \stackrel {}{\longrightarrow }_0 \tau. \end{aligned}$$

The sequence of transitions satisfies assumptions of Lemma 29: γ⋅α is unambiguous and

$$\tau \simeq \gamma \cdot \omega \simeq \gamma \cdot \alpha \cdot \bar{\beta} $$

for some \(\bar{\beta}\) (the latter equivalence follows by Lemma 46). We apply Lemma 29 together with Lemma 31 and deduce that Duplicator has a matching move engaging only variables generated by X _k , thus of the form:

$$\begin{aligned} \gamma \cdot \alpha \cdot \beta \stackrel {}{\Longrightarrow }_0 \gamma \cdot \alpha \cdot ({\beta'||Y})\stackrel {}{\longrightarrow }\gamma \cdot \alpha \cdot ({\beta'||\theta}). \end{aligned}$$

(21)

Finally we use (21) to provide a γ-squeeze of X _k of size at most d. Recall that (21) is a matching Duplicator’s move, i.e.

$$\begin{aligned} \gamma \cdot \alpha \cdot ({\beta'||Y}) \simeq \gamma \cdot X_k, \qquad \gamma \cdot \alpha \cdot ({\beta'||\theta}) \simeq \gamma \cdot \omega. \end{aligned}$$

(22)

Using these two equivalences we derive the following sequence of equivalences:

$$\gamma \cdot X_k \simeq \gamma \cdot X_k\cdot \theta \simeq \gamma \cdot \alpha \cdot {(\beta'||Y||\theta)} \simeq \gamma \cdot \alpha \cdot {(\beta'||\theta ||Y)} \simeq \gamma \cdot ({\omega ||Y}). $$

The first one is due to the fact that θ is generated by X _k . The second one is by substitutivity, using the first equivalence in (22). The third one is simply commutativity of composition, and the last one is by substitutivity again, this time using the second equivalence in (22).

The process ω, being the right-hand side of a transition rule, is of size smaller than d. Hence ω||Y is a γ-squeeze of size at most d. This completes the proof of Case 2.1.

Case 2.2: a=0 and X _k Has no γ-Squeeze δ such that \(X_{k} \stackrel {}{\Longrightarrow }_{0} \delta\)

We start with a lemma that only holds under assumptions of Case 2.2:

Lemma 47

No ⊑-minimal γ-squeeze of X _k contains a variable generated by X _k .

Proof

Suppose the contrary, namely

$$ \gamma \cdot X_k \simeq \gamma \cdot ({\delta'||Y}), $$

(23)

with δ′||Y∈{X _k+1…X _n }^⊗, Y generated by X _k , and δ′||Y being ⊑-minimal. Consider Bisimulation Game for the pair (23), and suppose Spoiler performs an arbitrary sequence of silent decreasing transitions \(Y \stackrel {}{\Longrightarrow }_{0} \varepsilon \) from Y to the empty process ε, giving rise to the sequence of Spoiler’s moves

$$\begin{aligned} \gamma \cdot ({\delta'||Y}) \stackrel {}{\Longrightarrow }_0 \gamma \cdot \delta' \end{aligned}$$

(24)

from the right process. Observe that due to ⊑-minimality of δ′||Y, the Spoiler’s transitions surely change the bisimulation class, i.e.

$$\begin{aligned} \gamma \cdot ({\delta'||Y}) \not \simeq \gamma \cdot \delta' \end{aligned}$$

(25)

as otherwise δ′⊏δ′||Y would be a γ-squeeze of X _k smaller than δ′||Y.

By Lemma 32 we know that there is a sequence of matching Duplicator’s responses to (24) that does not engage γ at all:

$$\begin{aligned} \gamma \cdot X_k \stackrel {}{\Longrightarrow }_0 \gamma \cdot \omega \end{aligned}$$

(26)

(i.e. \(X_{k} \stackrel {}{\Longrightarrow }_{0} \omega\)). Knowing γ⋅ω≃γ⋅δ′, by (25) we deduce

$$\begin{aligned} \gamma \cdot X_k \not \simeq \gamma \cdot \omega. \end{aligned}$$

(27)

Thus X _k does not appear in ω, as otherwise (26) and (27) would be in contradiction with Lemma 21.

As γ⋅ω≃γ⋅δ′, we may substitute γ⋅ω in place of γ⋅δ′ in (23), to obtain a γ-squeeze of X _k

$$\gamma \cdot X_k \simeq \gamma \cdot ({\omega ||Y}), $$

such that \(X_{k} \stackrel {}{\longrightarrow }_{0} X_{k}\cdot Y \stackrel {}{\Longrightarrow }_{0} \omega ||Y\). This is in contradiction with the assumption that no γ-squeeze is reachable from X _k by \(\stackrel {}{\Longrightarrow }_{0}\). Thus the lemma is proved. □

Recall that we have a fixed admissible order >, for which we should provide an estimation on the weighted size of a γ-squeeze δ of X _k . As in Case 2.1, we will use in the proof an admissible order >′ different than >, namely an arbitrary admissible order >′ fulfilling the following conditions:

1. 1.

   >′ is k-consistent with >,

2. 2.

   all variables generated by X _k are smaller with respect to >′ than all variables not generated by X _k , and

3. 3.

   the orders > and >′ coincide on variables not generated by X _k .

The first two conditions are exactly as before, the last one is added. Similarly as before, the conditions are satisfiable. Moreover, the estimation on the weighted size of a γ-squeeze with respect to >′ easily transfers to the original order >. Indeed, by Lemma 47, a ⊑-minimal squeeze contains only variables not generated by X _k , and these variables are placed higher in the order >′ than in the order >, thus their contribution to the weighted size with respect to the order >′ is not smaller than with respect to >.

From now on we work with the order >′ instead of >, and thus indexing of variables, squeezes, normal forms, etc. are implicitly understood to be defined with respect to that order.

Let nf(γ⋅X _k )=γ⋅α. By Lemma 47 we know that no variable appearing in α is generated by X _k . We are aiming at showing that the d-size(α)≤d-size(X _k ).

Case 2.2 is the only one which requires referring to the induction assumption. We will invoke the induction assumption for variables smaller than X _k , and the same admissible order >′ on variables. To this aim, we will start by considering Bisimulation Game starting with a decreasing non-generating Spoiler’s move, as outlined below.

Let X _m be the smallest variable occurring in α, i.e. α=α′||X _m (note that X _m may occur in α′). Consider the Bisimulation Game for

$$\gamma \cdot X_k \simeq \gamma \cdot \alpha $$

and the first Spoiler’s move from the right process induced by some decreasing non-generating transition rule of X _m , say \(X_{m} \stackrel {\zeta }{\longrightarrow } \omega\):

$$\gamma \cdot ({\alpha'||X_m}) \stackrel {\zeta }{\longrightarrow } \gamma \cdot \alpha'\cdot \omega. $$

By Lemma 32 we know that there is a matching Duplicator’s response that does not engage γ. As no γ-squeeze of X _k is reachable from X _k by \(\stackrel {}{\Longrightarrow }_{0}\), the response has necessarily the following form

$$\gamma \cdot X_k \stackrel {}{\Longrightarrow }_0 \gamma \cdot X_k\cdot \eta \stackrel {\zeta }{\longrightarrow } \gamma \cdot ({\sigma ||\eta}), $$

where η is generated by X _k and X _k disappears in the last transition:

$$X_k \stackrel {}{\Longrightarrow }_0 X_k\cdot \eta \quad \text{and}\quad X_k \stackrel {\zeta }{\longrightarrow } \sigma. $$

Indeed, otherwise the second last process in the sequence forming a matching Duplicator’s move would be a γ-squeeze of X _k , forbidden by the assumption of Case 2.2. We have γ⋅(σ||η)≃γ⋅α′⋅ω and thus also

$$ \text {nf}\big (\gamma \cdot ({\sigma ||\eta})\big ) = \text {nf}(\gamma \cdot \alpha'\cdot \omega). $$

(28)

Now we are going to deduce from equality (28) how the weighted sizes of nf(γ⋅σ) and nf(γ⋅α′) are related, in order to conclude that the weighted size of α is as required.

Let’s inspect the m-prefix of the left processes in (28). Process η can not contribute to the m-prefix of the normal form. Indeed, η contains only variables generated by X _k , which are necessarily smaller than X _m , as X _m is not generated by X _k , since it appears in nf(γ⋅X _k ). Thus if we restrict to the m-prefixes we have the equality

$$ {m}\text {-}\text {prefix}\big (\text {nf}\big (\gamma \cdot ({\sigma ||\eta})\big )\big ) = {m}\text {-}\text {prefix}\big (\text {nf}(\gamma \cdot \sigma)\big ). $$

(29)

Similarly, let’s inspect the m-prefix of the right process in (28). Again, ω can not contribute to the m-prefix of the normal form, thus if we restrict to the m-prefixes we have the equality

$${m}\text {-}\text {prefix}\big (\text {nf}\big (\gamma \cdot \alpha'\cdot \omega\big )\big ) = {m}\text {-}\text {prefix}\big (\text {nf}\big (\gamma \cdot \alpha' \big )\big ). $$

As γ⋅α is the normal form, γ⋅α′ is unambiguous and thus we have nf(γ⋅α′)=γ⋅α′. From this we derive that

$$ {m}\text {-}\text {prefix}\big (\text {nf}\big (\gamma \cdot \alpha'\cdot \omega\big )\big )= {m}\text {-}\text {prefix}\big (\text {nf}\big (\gamma \cdot \alpha' \big )\big )={m}\text {-}\text {prefix}\big (\gamma \cdot \alpha' \big )= \gamma \cdot \alpha' . $$

(30)

Combine the equalities (29), (30) and (28) to obtain:

$$ \gamma \cdot \alpha' = {m}\text {-}\text {prefix}\big (\text {nf}(\gamma \cdot \sigma )\big ) $$

(31)

and to observe that

$$ {d}\text {-}\text {size}\big ( \gamma \cdot \alpha' \big ) = {d}\text {-}\text {size}\big ( {m}\text {-}\text {prefix}\big (\text {nf}(\gamma \cdot \sigma )\big ) \big ) \leq {d}\text {-}\text {size}\big (\text {nf}(\gamma \cdot \sigma )\big ). $$

(32)

Now we will use induction assumption for the variables smaller than X _k , to derive that every variable X _i smaller than X _k (i.e. for i>k) has a γ-squeeze of weighted size smaller than X _i . As normal form is obtained via a sequence of squeezes, and γ is unambiguous, the induction assumption implies that

$${d}\text {-}\text {size}\big (\text {nf}(\gamma \cdot \sigma )\big ) \leq {d}\text {-}\text {size}(\gamma \cdot \sigma ) $$

which leads to the following estimation:

$$ {d}\text {-}\text {size}\big (\text {nf}(\gamma \cdot \sigma )\big ) \leq {d}\text {-}\text {size}(\gamma)+ {d}\text {-}\text {size}(\sigma) \leq {d}\text {-}\text {size}(\gamma)+ \text {size}(\sigma) \cdot d^{n-k-1}. $$

(33)

The inequalities (32) and (33) jointly imply:

$${d}\text {-}\text {size}\big ( \gamma \cdot \alpha' \big ) \leq {d}\text {-}\text {size}(\gamma)+ \text {size}(\sigma) \cdot d^{n-k-1}, $$

and removing γ from both sides of the inequality, we get:

$${d}\text {-}\text {size}\big ( \alpha'\big ) \leq\ \text {size}(\sigma) \cdot d^{n-k-1} \leq (d-1) \cdot d^{n-k-1}. $$

Recalling that α=α′⋅X _m :

$$\begin{aligned} {d}\text {-}\text {size}(\alpha) = {d}\text {-}\text {size}\big ( \alpha'\cdot X_m\big ) \leq \text {size}(\sigma) \cdot d^{n-k-1}\ +\ d^{n-m} \\ \ \leq\ (d-1)\cdot d^{n-k-1}\ +\ d^{n-k-1} = d^{n-k} = {d}\text {-}\text {size}(X_k) \end{aligned}$$

which is the required bound. As Case 2.2 is the last one, we have thus completed the proof of Lemma 43.

Remark 48

Lemma 43 is formulated for ≃ but the major part of the proof either works for weak bisimilarity directly, or may be adapted. The only case that we can not adapt to weak bisimilarity is Case 2.1. Importantly, under the restriction of [16] the proof of this subcase is straightforward.

The restriction on a process definition assumed in [16] is the following: whenever a variable X generates (some variable) then every silent transition rule of X is generating, i.e. of the form \(X \stackrel {}{\longrightarrow }X\cdot \omega\). In short words, generators can not vanish silently.

Consider a γ-squeeze γ⋅X≈γ⋅δ such that \(X\stackrel {}{\Longrightarrow }_{0} \delta\). We can easily produce a new squeeze with size bounded by d. Indeed, due to the restriction of [16] the variable X may not be a generator, and thus must vanish in the very first transition of the sequence \(X\stackrel {}{\Longrightarrow }_{0} \delta\):

$$\gamma \cdot X\stackrel {}{\longrightarrow }_0\gamma \cdot \omega \stackrel {}{\Longrightarrow }_0 \gamma \cdot \delta, $$

due to a non-generating transition rule \(X \stackrel {}{\longrightarrow }\omega\). By Lemma 15 we deduce γ⋅X≈γ⋅ω, which means that already ω is a γ-squeeze of X of size at most d.

We claim that our proof, after slight adaptations in Cases 1 and 2.2, shows decidability of weak bisimilarity in the subclass of [16].

6 Proof of the Bounded Response Property

This section contains finally the proofs of two main results announced in Sect. 3, namely Theorem 6 and Theorem 8. The two theorems state the bounded response property for branching and weak bisimilarity, respectively; moreover the former one claims a response of an effectively bounded size.

6.1 Proof of Theorem 8

In case of weak bisimilarity ≈, the bounded response property follows easily from the estimations given in Lemmas 40 and 41. Fix a process definition and an admissible order on variables. Consider α≈β, a Spoiler’s move \(\alpha \stackrel {\zeta }{\longrightarrow } \alpha'\) and a matching Duplicator’s response:

$$\beta \stackrel {}{\Longrightarrow }_0 \stackrel {\zeta }{\longrightarrow } \stackrel {}{\Longrightarrow }_0 \beta', $$

with α′≈β′. Extend the Duplicator’s response with

$$\beta \stackrel {}{\Longrightarrow }_0 \stackrel {\zeta }{\longrightarrow } \stackrel {}{\Longrightarrow }_0 \beta' \stackrel {}{\Longrightarrow }_0 \bar{\beta}', $$

for an arbitrary ⊑-minimal \(\bar{\beta}'\). Then using Lemma 40, Lemma 41, and the equality \(\text {nf}(\alpha') = \text {nf}(\bar{\beta}')\), we obtained the required bound:

$$\text {size}(\bar{\beta}') \leq \text {size}(\text {nf}(\bar{\beta}')) = \text {size}(\text {nf}(\alpha')) \leq c \cdot \text {size}(\alpha'), $$

for a constant c from Lemma 41.

6.2 Proof of Theorem 6

From now on we focus on branching bisimilarity only. Compared to weak bisimilarity, the case of branching bisimilarity is slightly more subtle. As previously, consider a fixed process definition and a fixed admissible order on variables.

Before showing how Theorem 6 follows from Lemmas 40 and 42, we will need a definition and a lemma. Define a partial order \(\unlhd \) as a refinement of the lexicographical order ⪯:

$$\alpha \unrhd \beta\ \text{ iff } \ \alpha \succeq \beta\text{ and } \alpha \stackrel {}{\Longrightarrow }_0 \beta. $$

In the sequel we will consider \(\unlhd \)-minimal processes (cf. definition of \(\unlhd \)-minimality and \(\unlhd \)-minimization in Sect. 4). Due to the following apparent inclusions of partial orders:

$$\sqsubseteq \quad\subseteq \quad \unlhd \quad\subseteq\quad \preceq $$

we have the following dependencies between minimal processes:

$$\begin{aligned} \preceq \text{-minimal} \ \implies\ \unlhd \text{-minimal} \ \implies\ \sqsubseteq \text{-minimal}. \end{aligned}$$

(34)

Lemma 49

If α is \(\unlhd \)-minimal and \(\alpha \stackrel {}{\Longrightarrow }_{0} \beta \simeq \alpha\) then α⊑β.

Proof

We will show that

$$\begin{aligned} \beta= \alpha ||\delta\quad \text{for some } \delta \text{ generated by } \alpha. \end{aligned}$$

(35)

For the sake of contradiction assume the contrary and consider the shortest sequence of transitions \(\alpha \stackrel {}{\Longrightarrow }_{0} \beta\) such that β≃α and β fails to satisfy (35). Consider the last transition, say

$$\alpha ||\delta \stackrel {}{\longrightarrow }_0 \beta, $$

performed necessarily by a variable, say X, that appears in α but not in δ. This last transition has the following form

$$\alpha ||\delta \stackrel {}{\longrightarrow }_0 \alpha'||\delta, $$

due to a transition \(\alpha \stackrel {}{\longrightarrow }_{0} \alpha'\). As the latter transition is necessarily decreasing and non-generating, α′≺α. Recall that α≃α′||δ and α⪯α′||δ. By Lemma 21 we know that those variables in δ that are generated by a variable different than X may be safely canceled via silent steps \(\stackrel {}{\longrightarrow }_{0}\) while preserving the bisimulation class. Hence

$$\begin{aligned} \alpha \stackrel {}{\Longrightarrow }_0 \alpha'\cdot \delta' \simeq \alpha, \end{aligned}$$

(36)

where all variables appearing in δ′⊑δ are generated by X, and thus smaller than X wrt. <. Knowing that α′≺α we obtain

$$\begin{aligned} \alpha'\cdot \delta' \prec \alpha. \end{aligned}$$

(37)

The facts (36) and (37) jointly contradict \(\unlhd \)-minimality of α. □

From now on, the remaining part of Sect. 6 is devoted to proving Theorem 6, using Lemmas 40 and 42 together with Lemma 49.

Consider α≃β, a Spoiler’s move \(\alpha \stackrel {\zeta }{\longrightarrow } \alpha'\) and a Duplicator’s response:

$$\begin{aligned} \beta \stackrel {}{\Longrightarrow }_0 \beta_1 \stackrel {\zeta }{\longrightarrow } \beta_2, \end{aligned}$$

(38)

with α≃β ₁ and α′≃β ₂. We will show that Duplicator has a matching response where β ₁ and β ₂ are of size bounded by c⋅size(α) and c⋅size(α′), respectively, where c= (2d ⁿ⁻¹+d), n is the number of variables and d is the size of the process definition.

We can not simply extend this response analogously as for weak bisimilarity, and we have to estimate the size of the process β ₂ resulting from the last transition. The basic idea of the proof is essentially to eliminate some unnecessary generation done by the transitions \(\beta \stackrel {}{\Longrightarrow }_{0} \beta_{1}\), without affecting executability of the transition \(\beta_{1} \stackrel {\zeta }{\longrightarrow } \beta_{2}\).

As the first step we observe that without loosing generality we could assume that the response (38) starts in a \(\unlhd \)-minimal process. Indeed, if we prove our claim in this case, then we easily obtain a matching response, of required size bound, from an arbitrary β by adjoining at the beginning of a matching response from \(\bar{\beta}\),

$$\begin{aligned} \bar{\beta} \stackrel {}{\Longrightarrow }_0 \beta_1 \stackrel {\zeta }{\longrightarrow } \beta_2, \end{aligned}$$

(39)

a sequence of transitions \(\beta \stackrel {}{\Longrightarrow }_{0} \bar{\beta}\), for some \(\unlhd \)-minimization \(\bar{\beta}\) of β, thus obtaining

$$ \beta \stackrel {}{\Longrightarrow }_0 \bar{\beta} \stackrel {}{\Longrightarrow }_0 \beta_1 \stackrel {\zeta }{\longrightarrow } \beta_2 . $$

(40)

As \(\beta \simeq \bar{\beta}\), we know that the response from β is really matching: α≃β ₁ and α′≃β ₂.

Thus from now on we consider a pair \(\alpha \simeq \bar{\beta}\), with \(\bar{\beta}\) a \(\unlhd \)-minimal process, instead of arbitrary α≃β, together with a matching Duplicator’s response (39). Note that by Lemma 49 we know that \(\bar{\beta} \sqsubseteq \beta_{1}\).

As the second step extend (40) with any sequence \(\beta _{2} \stackrel {}{\Longrightarrow }_{0} \bar{\beta}_{2}\) leading to a ⊑-minimal process \(\bar{\beta}_{2} \sqsubseteq \beta_{2}\) bisimilar to β ₂. Our knowledge by now may be outlined with the following diagram (the subscript in \(\stackrel {}{\Longrightarrow }_{0}\) is omitted):

Both left-most processes in the diagram are size bounded. Indeed, as both \(\bar{\beta}\) and \(\bar{\beta}_{2}\) are ⊑-minimal, Lemma 40 applies:

$$\text {size}(\bar{\beta}) \leq \text {size}\big (\text {nf}(\beta)\big ) = \text {size}\big (\text {nf}(\alpha)\big ) \quad \text{and}\quad \text {size}(\bar{\beta}_2) \leq \text {size}\big (\text {nf}(\beta_2)\big ) = \text {size}\big (\text {nf}(\alpha')\big ) . $$

Then applying Lemma 42 to α and α′ we obtain:

$$ \text {size}(\bar{\beta}) \leq \text {size}(\alpha) \cdot d^{n-1} \quad \text{and}\quad \text {size}(\bar{\beta}_2) \leq \text {size}(\alpha') \cdot d^{n-1} . $$

(41)

As the third and the last step of the proof, we claim that β ₁ and β ₂ may be replaced by processes of size bounded, roughly, by the sum of sizes of \(\bar{\beta}\) and \(\bar{\beta}_{2}\).

Claim 50

There are some processes \(\beta'_{1} \simeq \beta_{1}\) and \(\beta'_{2} \simeq \beta_{2}\) such that

$$ \bar{\beta} \stackrel {}{\Longrightarrow }_0 \beta'_1 \stackrel {\zeta }{\longrightarrow } \beta'_2 $$

(42)

and

$$ \text {size}(\beta'_1), \text {size}(\beta'_2) < \text {size}(\bar{\beta}) + \text {size}(\bar{\beta} _2) + d. $$

(43)

The claim is sufficient for Theorem 6 to hold, by inequalities (41). Thus to complete the proof we only need to demonstrate the claim. The idea underlying the proof of the claim is illustrated in the following diagram:

We will use now an intuitive coloring argument. Let us color uniquely every variable occurrence in β ₁ and let every transition preserve the color of the left-hand side variable of a transition rule that is used. Obviously at most \(\text {size}(\bar{\beta}_{2})\) of these colors will still be present in \(\bar{\beta}_{2}\), name them surviving colors. Suppose the \(\beta_{1} \stackrel {\zeta }{\longrightarrow } \beta_{2}\) transition be induced by a transition rule \(X \stackrel {\zeta }{\longrightarrow } \delta\) and color the occurrence of X in β ₁ involved in this transition, say, brown.

Let \(\beta'_{1} \sqsubseteq \beta_{1}\) contain sufficiently many variables occurrences from β ₁ so that \(\bar{\beta} \sqsubseteq \beta'_{1}\) and all occurrences colored a surviving color or brown are included. Clearly

$$\bar{\beta} \sqsubseteq \beta'_1 \sqsubseteq \beta_1. $$

One easily observes that after firing the brown transition \(X \stackrel {\zeta }{\longrightarrow } \delta\) from \(\beta'_{1}\) we get a process \(\beta'_{2}\) such that

$$\bar{\beta}_2 \sqsubseteq \beta'_2 \sqsubseteq \beta_2, $$

because all surviving colored variables are still present. We now only need to check that all the requirements are satisfied by \(\beta'_{1}\) and \(\beta'_{2}\).

By Lemma 15 we have \(\beta'_{1} \simeq \beta_{1}\) and \(\beta'_{2} \simeq \beta_{2}\). Clearly there is a sequence \(\beta_{1} \stackrel {}{\Longrightarrow }_{0} \beta'_{1}\), that simply cancels superfluous variable occurrences, hence the condition (42) is fulfilled.

Finally we obtain the size estimation \(\text {size}(\beta'_{1}) \leq \text {size}(\bar{\beta}) + \text {size}(\bar{\beta}_{2}) + 1\) as in \(\beta'_{1}\) there can be at most \(\text {size}(\bar{\beta}_{2}) + 1\) surviving and brown colored variables occurrences, except for those that come from \(\bar{\beta}\). This easily implies the required size estimation for \(\text {size}(\beta'_{2})\). Thus the required condition (43) holds.