A general account of coinduction upto
 904 Downloads
 5 Citations
Abstract
Bisimulation upto enhances the coinductive proof method for bisimilarity, providing efficient proof techniques for checking properties of different kinds of systems. We prove the soundness of such techniques in a fibrational setting, building on the seminal work of Hermida and Jacobs. This allows us to systematically obtain upto techniques not only for bisimilarity but for a large class of coinductive predicates modeled as coalgebras. The fact that bisimulations up to context can be safely used in any language specified by GSOS rules can also be seen as an instance of our framework, using the wellknown observation by Turi and Plotkin that such languages form bialgebras. In the second part of the paper, we provide a new categorical treatment of weak bisimilarity on labeled transition systems and we prove the soundness of upto context for weak bisimulations of systems specified by cool rule formats, as defined by Bloom to ensure congruence of weak bisimilarity. The weak transition systems obtained from such cool rules give rise to lax bialgebras, rather than to bialgebras. Hence, to reach our goal, we extend the categorical framework developed in the first part to an ordered setting.
1 Introduction
1.1 Coinduction upto
The rationale behind coinductive upto techniques is the following. Suppose you have a characterisation of an object of interest as a greatest fixedpoint. For instance, behavioural equivalence in CCS is the greatest fixedpoint of a monotone function B on relations, describing the standard bisimulation game. This means that to prove two processes equivalent, it suffices to exhibit a relation R that relates them, and which is a Binvariant, i.e., \(R\subseteq B(R)\). However, such a task may be cumbersome or inefficient, and one might prefer to exhibit a relation which is only a Binvariant up to some function A, i.e., \(R\subseteq B(A(R))\).
Not every function A can safely be used: A should be sound for B, meaning that any Binvariant up to A should be contained in a Binvariant. Instances of sound functions for behavioural equivalence in process calculi usually include transitive closure, contextual closure and congruence closure. The use of such techniques dates back to Milner’s work on CCS [34]. A famous example of an unsound technique is that of weak bisimulation up to weak bisimilarity. Since then, coinduction upto proved useful, if not essential, in numerous proofs about concurrent systems (see [41] for a list of references); it has been used to obtain decidability results [16], and more recently to improve standard automata algorithms [12].
The theory underlying these techniques was first developed by Sangiorgi [45]. It was then reworked and generalised by one of the authors to the abstract setting of complete lattices [40, 41]. The key observation there, is that the notion of soundness is not compositional: the composition of two sound functions is not necessarily sound itself. The main solution to this problem consists in restricting to compatible functions, a subset of the sound functions which enjoys nice compositionality properties and contains most of the useful techniques.
An illustrative example of the benefits of a modular theory is the following: given a signature \({\varSigma }\), consider the congruence closure function, that is, the function \( Cgr \) mapping a relation R to the smallest congruence containing R. This function has proved to be useful as an upto technique for language equivalence of nondeterministic automata [12]. It can be decomposed into small pieces as follows: \( Cgr = Trn \circ Sym \circ Ctx \circ Rfl \), where \( Trn \) is the transitive closure, \( Sym \) is the symmetric closure, \( Rfl \) is the reflexive closure, and \( Ctx \) is the context closure associated to \({\varSigma }\). Since compatibility is preserved by composition (among other operations), the compatibility of \( Cgr \) follows from that of its smaller components. In turn, transitive closure can be decomposed in terms of relational composition, and contextual closure can be decomposed in terms of the smaller functions that close a relation with respect to \({\varSigma }\) one symbol at a time. Compatibility of these functions can thus be obtained in a modular way.
A key observation in the present work is that when we move to a coalgebraic presentation of the theory, compatible functions generalise to functors equipped with a distributive law (Sect. 3).
1.2 Fibrations and coinductive predicates
two states \(x,y\in X\) are equivalent if they are mapped to the same element in the final coalgebra.
This situation can be further generalised using fibrations. We refer the reader to the first chapter of [26] for a gentle introduction, but Sect. 4 provides all the definitions required for the understanding of our results. The running example of a fibration is the functor \(p :\mathsf {Rel}\rightarrow \mathsf {Set}\) mapping a relation \(R\subseteq X^2\) to its support set X, see Sect. 4. In this fibration, the inverse image \(\xi ^*\) is the reindexing functor of \(\xi \).
By choosing a different fibration than \(\mathsf {Rel}\), one can obtain coinductive characterisations of objects that are not necessarily binary relations, e.g., unary predicates like divergence, ternary relations, or metrics.
Our categorical generalisation of compatible functions provides a natural extension of this fibrational framework with a systematic treatment of upto techniques: we provide functors (i.e., monotone functions in the special case of the \(\mathsf {Rel}\) fibration) that are compatible with those functors B corresponding to coinductive predicates.
For instance, when the chosen lifting \(\overline{F}\) is a fibration map, the functor corresponding to a technique called “up to behavioural equivalence” is compatible (Theorem 6.1). The canonical lifting of a functor is always such a fibration map, so that when F is the functor for LTSs, we recover the soundness of the first upto technique introduced by Milner, namely “bisimulation up to bisimilarity” [34]. One can also check that another lifting of this same functor but in another fibration yields the divergence predicate, and is a fibration map. We thus obtain the validity of the “divergence up to bisimilarity” technique.
1.3 Bialgebras and up to context
Another important class of techniques comes into play when considering systems with an algebraic structure on the state space (e.g., the syntax of a process calculus). A minimal requirement for such systems usually is that behavioural equivalence should be a congruence. In the special case of bisimilarity on LTSs, several rule formats have been proposed to ensure such a congruence property [1]. At the categorical level, the main concept to study such systems is that of bialgebras. Assume two endofunctors T, F related by a distributive law \(\lambda :TF\Rightarrow FT\). A \(\lambda \)bialgebra is a triple \((X,\alpha ,\xi )\) consisting of a Talgebra \((X,\alpha )\) and an Fcoalgebra \((X,\xi )\), compatible in the sense that a certain diagram involving \(\lambda \) commutes. It is well known that in such a bialgebra, behavioural equivalence is a congruence with respect to T [54]. This is actually a generalisation of the fact that bisimilarity is a congruence for all GSOS specifications [6]: GSOS specifications are in onetoone correspondence with distributive laws between the appropriate functors [4, 54].
This congruence result can be strengthened into a compatibility result [43]: in any \(\lambda \)bialgebra, the contextual closure function that corresponds to T is compatible for behavioural equivalence. However [43] deals only with the canonical relational liftings. Using fibrations, we generalise this result to arbitrary liftings, both on the coalgebraic and on the algebraic side. Using other fibrations than \(\mathsf {Rel}\) we obtain up to context techniques for arbitrary coinductive predicates, e.g., for unary predicates like divergence. Our framework also encompasses other relations than behavioural equivalence, like the behavioural preorders mentioned above.
Now, starting from a \(\lambda \)bialgebra \((X,\alpha ,\xi )\), and given two liftings \(\overline{T}\) and \(\overline{F}\) of T and F, respectively, the question is whether the above functor C is compatible with the functor B defined earlier in \((\dagger )\). The simple condition we give in this paper is the following: the distributive law \(\lambda :TF\Rightarrow FT\) should lift to a distributive law \(\overline{\lambda }:\overline{T}\,\overline{F}\Rightarrow \overline{F}\,\overline{T}\) (Theorem 6.7).
This condition is always satisfied in the bifibration \(\mathsf {Rel}\), when \(\overline{T}\) and \(\overline{F}\) are the canonical liftings of T and F. Thus we obtain as a corollary the compatibility of bisimulation of up to context in \(\lambda \)bialgebras, which is the main result from [43] and appeared in a slightly different form in [33]—soundness was previously observed by Lenisa et al. [31, 32] and then Bartels [4].
1.4 Contributions and applications
The main contributions of this paper are as follows. Firstly, Sect. 6 develops an abstract framework for proving soundness of upto techniques. Secondly, this allows us to derive the soundness of a wide range of both novel and wellestablished upto techniques for arbitrary coinductive predicates. These results are summarised in two tables in Sect. 6.4 and illustrated by examples in Sect. 8. We further extend our results in Sect. 7 to deal with abstract GSOS specifications [29, 54]. Thirdly, in the second part of the paper (Sects. 10–13) we extend our theoretical framework to an ordered setting, to provide upto techniques for weak bisimulations and simulations.
In Sect. 8.2 we prove the compatibility of a novel technique called “divergence up to behavioural equivalence and left contextual closure”. In this example we use the predicate fibration on \(\mathsf {Set}\) that, in general, is suitable to characterise formulas from modal logic as coinductive predicates. (See [17] for an account of coalgebraic modal logic.) One can also change the base category: by considering the fibration of equivariant relations over nominal sets, we show how to obtain upto techniques for language equivalence of nondeterministic nominal automata [7]. In Sect. 8.3, these techniques allow us to prove the equivalence of two nominal automata using an orbitfinite relation, where the standard method would require an infinite one (recall that the determinisation of a nominal automaton is not necessarily orbitfinite).
The second part of this paper deals with other applications for which an ordered setting is required. The main motivation comes from weak bisimilarity, a behavioural equivalence allowing to abstract over internal transitions, labeled with the special action \(\tau \). When the player proposes a transition \(\mathop {\rightarrow }\limits ^{a}\), the opponent must answer with a saturated transition \(\mathop {\Rightarrow }\limits ^{a}\), which is roughly a transition \(\mathop {\rightarrow }\limits ^{a}\) possibly combined with internal actions \(\mathop {\rightarrow }\limits ^{\tau }\). This slight dissymmetry results in a much more delicate theory of upto techniques. For instance, upto weak bisimilarity and upto transitive closure are no longer sound for weak bisimulations. And upto context has to be restricted: the external choice from CCS cannot be freely used [46].
The results we prove in Sects. 6 and 7 require bialgebras and, unfortunately, the saturated transition system does not form a bialgebra. Intuitively, in a bialgebra all and only the transitions of a composite system can be derived from transitions of its components. For the saturated transition relation \(\Rightarrow \), one implication fails: a composite system performs weak transitions which are not derived from transitions of its components (see Example 9.2). But the other implication holds, which is made precise by the observation that the saturated transition relation gives rise to a socalled lax bialgebra. This is the key observation that leads to the rather involved refinement we propose in Sect. 10. This allows us to prove in Sect. 11 that upto context is compatible for lax models of positive GSOS specifications [1] and thus to obtain in Sect. 12 the soundness of upto context for weak bisimulations in systems specified by the cool rule format from [55].
Finally, in Sect. 13 we consider upto techniques for similarity. Using the coalgebraic presentation of similarity in terms of lax relation lifting, (see, e.g., [25]) and the infrastructure developed in Sect. 11, we obtain that “up to context” is compatible whenever we start from a monotone distributive law. In the special case of LTSs, this monotonicity condition amounts to the positive GSOS rule format [20]: GSOS without negative premises.
Previous work This paper is an extended version of [10] and [11]. We extended the previous works with careful explanations and detailed proofs, three motivating examples (Sect. 2) and several side results (such as those in Sects. 3.1 and 7).
Outline We present motivating examples in Sect. 2. Then we introduce coinduction and upto techniques in a categorical setting (Sect. 3), before recalling the basic definitions of fibrations (Sect. 4) and coinductive predicates (Sect. 5). The main results are developed in Sect. 6, where we obtain upto techniques in a fibrational setting. Sect. 7 is devoted to technical results allowing to import tools from abstract GSOS specifications. At this point we give several examples of our theory at work (Sect. 8). Then we explain the difficulties that arise with weak bisimulation in Sect. 9, which motivates an extension of our framework to an ordered setting (Sect. 10). In Sect. 11 we come back to abstract GSOS specifications in the ordered setting, before dealing with weak bisimulation in Sect. 12, and simulation in Sect. 13. We conclude with directions for future work in Sect. 14. For the sake of clarity, we postponed many proofs to the appendices, whose structure follows that of the main text.
2 Motivating examples
Before starting the main technical development, we present three motivating examples where we provide a coinductive perspective on some classical results of automata theory. First, we recall the basic notions of deterministic automaton, bisimulation and coinduction in a lattice theoretic setting.
A deterministic automaton on the alphabet A is a pair \((X,\langle o,t\rangle )\), where X is a set of states and \(\langle o,t\rangle :X \rightarrow 2\times X^A\) is a function with two components: o, the output function, determines if a state x is final (\(o(x) = 1\)) or not (\(o(x) = 0\)); and t, the transition function, returns for each input letter \(a \in A\) the next state.
2.1 Hopcroft and Karp’s algorithm
In general, bisimulations upto can be smaller than plain bisimulation and this feature can have a relevant impact in the performance of algorithms for checking language equivalence. A naive version of Hopcroft and Karp’s algorithm that does not use upto equivalence might have to explore \(n^2\) pairs of states (where n is the number of states) while, by exploiting this technique, Hopcroft and Karp’s algorithm visits at most n pairs (that is the number of equivalence classes). The case of nondeterministic automata is even more impressive: another upto technique, called upto congruence, allows for an exponential improvement on the performance of algorithms for checking language equivalence [12]. In Sect. 8.3, we will provide an example of bisimulation upto congruence in the setting of nondeterministic nominal automata.
2.2 Regular expressions and Kleene algebra
Beyond algorithms, upto techniques are useful to prove different sorts of properties of systems specified by a given syntax. Indeed, this was the original motivation for the introduction of upto techniques in Milner’s work on CCS [34]. To keep the presentation simpler and, at the same time, to show to the reader the large spectrum of applications of upto techniques, we consider regular expressions and we provide coinductive proofs for some of the axioms of Kleene Algebra [30] with respect to the regular language interpretation.
define the transition function \(t:RE\rightarrow RE^A\) as \(t(e)(a)=e'\) iff \(e\mathop {\rightarrow }\limits ^{a}e'\). The above presentation of Brzozowski derivatives by means of inference rules is unusual, but it is convenient here to stress the similarity with GSOS specifications [6] that will be pivotal for our development in Sect. 7.
2.3 Arden’s rule
As the last example of this section, we provide a coinductive proof of Arden’s rule. This is usually formulated for arbitrary languages, but we rephrase it here in terms of regular expressions so to reuse the notation introduced so far. The coinductive proof for arbitrary languages is completely analogous, see [42].
 (a)
it is the smallest solution (up to \(\sim \)), namely if \(f \sim k f+m\) then \(k^\star m \precsim f\);
 (b)
if Open image in new window , then it is the unique solution (up to \(\sim \)), namely if \(f \sim k f+m\) then \(k^\star m \sim f\).
For (b), we assume Open image in new window and \(f \sim k f+m\), and we show that \(R = \{(k^\star m,f)\}\) is a bisimulation up to \( Bhv \circ Ctx \). For the outputs, since \(k^\star {\downarrow }\), Open image in new window and \(f\sim kf+m\), we have \(k^\star m{\downarrow } \Leftrightarrow m{\downarrow } \Leftrightarrow (kf+m){\downarrow } \Leftrightarrow f{\downarrow } \). For every \(a\in A\), the transitions are the same as in (3), and the proof that the arriving states are related by \( Bhv \circ Ctx (S)\) is similar. The only difference is that the step \(k'f+ m' \precsim (k'f+o(k)f')+m'\) is replaced by \(k'f+ m' \sim (k'f+o(k)f')+m'\), which is valid since Open image in new window by assumption.
3 Coalgebras and compatible functors
In the previous section, we have seen three examples of coinductive proofs exploiting upto techniques: bisimulation up to \( Eqv \), bisimulation up to \( Bhv \circ Ctx \) and simulation up to \( Slf \circ Ctx \). Note that, so far, we have no elements to deduce that these coinductive proofs are correct: we need a formal proof principle.
In this paper we provide a framework to prove soundness of (a) different sorts of upto techniques for (b) different sorts of coinductive properties, like \(\sim \) or \(\precsim \), defined on (c) different sorts of state based systems. Moreover, (d) we would like to make these proofs modular so to be able to entail the soundness of a composite technique, like \( Bhv \circ Ctx \) or \( Slf \circ Ctx \), from the soundness of its components.
In order to achieve (a) and (b), we use poset fibrations and coinductive predicates, introduced in Sects. 4 and 5. For (c), we model state machines as coalgebras, and we recall the basic definitions next. For (d), we introduce compatible functors, defined later in this section.
Given an endofunctor F on a category \(\mathcal {C}\), an Fcoalgebra is a pair \((X, \xi )\) where X is an object of \(\mathcal {C}\) and \(\xi :X\rightarrow F(X)\) is a morphism. State machines can be thought of as coalgebra for some functor on \(\mathsf {Set}\), the category of sets and functions. In this case, X is the set of states of the machine and \(\xi \) its transition function (or dynamics) [44]. The functor F represent the type of the machine: for \(F=2 \times \mathrm {Id}^A\), Fcoalgebras are just deterministic automata. An Fhomomorphism from an Fcoalgebra \((X,\xi )\) to an Fcoalgebra \((Y,\zeta )\) is a morphism \(h:\, X \rightarrow Y\) such that \(\zeta \circ h = F(h) \circ \xi \). We denote by \(\mathsf {Coalg}(F)\) the category of Fcoalgebras and their morphisms and by \(U:\mathsf {Coalg}(F)\rightarrow \mathcal {C}\) the forgetful functor mapping every coalgebra \((X,\xi )\) to X. An Fcoalgebra \(({\varOmega },\omega )\) is said to be final if for any Fcoalgebra \((X,\xi )\) there exists a unique Fhomomorphism \([\![  ]\!] :X\rightarrow {\varOmega }\). For \(\mathcal {C}=\mathsf {Set}\), \({\varOmega }\) can be thought as the set of all Fbehaviours and \([\![  ]\!]\) as the function assigning to each state of the machine its behaviour. Two states \(x,y\in X\) are said behaviourally equivalent, written \(x\sim y\), iff \([\![ x ]\!]=[\![ y ]\!]\). In the case of deterministic automata behavioural equivalence coincides with language equivalence. Another important example, is that of labeled transition systems (LTSs). These are coalgebras for the functor \(FX=(\mathcal {P}_{\omega }X)^L\) where L is a set of labels and \(\mathcal {P}_{\omega }\) is the finite powerset functor. In this case behavioural equivalence coincides with the standard notion of bisimilarity.
 1.
as usual, we will view state machines as coalgebras for a functor F on some base category \(\mathcal {B}\), with typical choice \(\mathcal {B}=\mathsf {Set}\) (or the category \(\mathsf {Nom}\) of nominal sets for the example of nominal automata in Sect. 8.3);
 2.
in addition, coalgebras for some monotone function B over some poset category \(\mathcal {C}\) will represent invariants.
\(F:\mathcal {B}\rightarrow \mathcal {B}\)  \(B:\mathcal {C}\rightarrow \mathcal {C}\)  

Coalgebras  Systems  Invariants 
Final coalgebra  Behaviour  Coinductive predicate 
Theorem 3.1
Let A, B be endofunctors on a category \(\mathcal {C}\) with countable coproducts. If A is Bcompatible then it is Bsound.
Proof
We obtain a natural transformation as in (4) using the naturality of \(\kappa _0\).
Alternatively, we can replace the countable coproduct \(A^\omega \) by the free monad on A, assuming the latter exists. In this case, the result is an instance of the generalised powerset construction [47]. \(\square \)
To exploit the compositional aspect of compatible upto techniques to its full potential, it is useful to extend the notion of compatibility to arbitrary functors of type \( \mathcal {C}\rightarrow \mathcal {C}'\) rather than just endofunctors.
Definition 3.2
Consider two endofunctors \(B:\mathcal {C}\rightarrow \mathcal {C}\) and \(B':\mathcal {C}'\rightarrow \mathcal {C}'\). We say that a functor \(A:\mathcal {C}\rightarrow \mathcal {C}'\) is \((B,B')\) compatible when there exists a natural transformation \(\gamma :AB\Rightarrow B'A\).
The pair \((A,\gamma )\) is a morphism between endofunctors B and \(B'\) in the sense of [32]. Since the examples dealt with in this paper only involve categories which are posets, in these examples we only have one choice of natural transformation \(\gamma \), so we omit it from the notation. Moreover, given an endofunctor \(B:\mathcal {C}\rightarrow \mathcal {C}\), we will simply write that \(A:\mathcal {C}^n\rightarrow \mathcal {C}^m\) is Bcompatible, when A is \((B^n,B^m)\)compatible.
The following Proposition generalises the compositionality results for compatible functions on lattices, see [40] or [41, Proposition 6.3.11].
Proposition 3.3
 (i)
composition: if A is (B, C)compatible and \(A'\) is (C, D)compatible, then \(A'\circ A\) is (B, D)compatible;
 (ii)
pairing: if \((A_i)_{i\in \iota }\) are (B, C)compatible, then \(\langle A_i\rangle _{i\in \iota }\) is \((B,C^\iota )\)compatible;
 (iii)
product: if A is (B, C)compatible and \(A'\) is \((B',C')\)compatible, then \(A\times A'\) is \((B{\times }B',C{\times }C')\)compatible;
 (vi)
the identity functor \(\mathrm {Id}:\mathcal {C}\rightarrow \mathcal {C}\) is Bcompatible;
 (v)
the constant functor to the carrier of any Bcoalgebra is Bcompatible, in particular the final one if it exists;
 (vi)
the coproduct functor \(\coprod :\mathcal {C}^\iota \rightarrow \mathcal {C}\) is \((B^\iota ,B)\)compatible.
Proof
 (i)Given \(\gamma :AB\Rightarrow CA\) and \(\gamma ':A'C\Rightarrow DA'\) we obtain
 (ii)Given natural transformations \(\gamma _i:A_iB\Rightarrow CA_i\) for all \(i\in \iota \) we obtain a natural transformation
 (iii)
Given \(\gamma :AB\Rightarrow CA\) and \(\gamma ' :A'B'\Rightarrow C'A'\) we construct the natural transformation \(\gamma \times \gamma ':(A\times A')(B\times B')\Rightarrow (C\times C')(A\times A')\).
Proposition 3.3 plays a key role in our strategy to prove the soundness of upto techniques. For instance, to prove Bsoundness of the equivalence closure \( Eqv :\mathsf {Rel}_X \rightarrow \mathsf {Rel}_X\) (Sect. 2.1), we will first decompose it as \( Eqv \triangleq Trn \circ Sym \circ Rfl \), where \( Trn , Sym , Rfl :\mathsf {Rel}_X \rightarrow \mathsf {Rel}_X\) are, respectively, functors that map a relation to the transitive, symmetric and reflexive closure. In Sect. 6.2, we will show the Bcompatibility of \( Trn \), \( Sym \) and \( Rfl \) (based, in fact, on a further decomposition of \( Sym \) and \( Rfl \)). Then Bcompatibility of \( Eqv \) follows by Proposition 3.3. Soundness will be a consequence of Theorem 3.1.
3.1 Respectful functors
There exist upto techniques which are not Bcompatible, but are nevertheless Bsound. We will see such an example in Sect. 8.2. In this case, the upto technique at issue is Brespectful [45], i.e., \(B\times \mathrm {Id}\)compatible. A similar problem arises for CCS and more generally, as explained in Sect. 7, it may happen for any GSOS specification. Being Brespectful is a weaker property than Bcompatibility that still implies soundness.
Proposition 3.4
 (i)
If A is Bcompatible then it is \(B \times \mathrm {Id}\)compatible.
 (ii)
If A is \(B \times \mathrm {Id}\)sound and there is a natural transformation \(\eta :\mathrm {Id}\Rightarrow A\) then A is Bsound.
 (iii)
If A is \(B \times \mathrm {Id}\)compatible, then A is Bsound.
Proof
 (i)
Given a natural transformation \(\gamma :A B \Rightarrow BA\), we have a natural transformation \(\langle \gamma \circ A\pi _1, A\pi _2 \rangle :A (B \times \mathrm {Id}) \Rightarrow (B \times \mathrm {Id}) A\).
 (ii)Consider the following diagram. The existence of the middle square is the \(B \times \mathrm {Id}\)soundness of A. The left and right squares are equalities. The above diagram asserts that A is Bsound.
 (iii)Since A is \(B\times \mathrm {Id}\)compatible, by Proposition 3.3 the functor \(A + \mathrm {Id}\) is also \(B \times \mathrm {Id}\)compatible. Hence, by Theorem 3.1, \(A+\mathrm {Id}\) is \(B \times \mathrm {Id}\)sound. By item (ii), choosing \(\eta \) to be the coproduct injection \(\kappa _0 :\mathrm {Id}\Rightarrow A + \mathrm {Id}\), we obtain that \(A+ \mathrm {Id}\) is Bsound. Using the other coproduct injection \(\kappa _1 :A \Rightarrow A + \mathrm {Id}\), this implies that A is Bsound: where the left square is an equality and the right square comes from the Bsoundness of \(A+\mathrm {Id}\).\(\square \)
4 Poset fibrations
Here, we give the basic definitions about fibrations, with the fibration of relations over sets as a running example. We refer the reader to [26] for a more thorough introduction.
An essential example used throughout this paper is that of the fibration of relations over sets \(p:\mathsf {Rel}\rightarrow \mathsf {Set}\). The category \(\mathsf {Rel}\) has as objects pairs (R, X) where \(R\subseteq X^2\) is a relation on X. The morphisms in \(\mathsf {Rel}\) are relation preserving maps, that is, a morphism \(f:(R,X)\rightarrow (S,Y)\) is a function \(f:X\rightarrow Y\) between the underlying sets, such that \((x,y)\in R\) implies \((f(x),f(y))\in Y\). The functor p maps a relation \(R\subseteq X^2\) to its underlying set X. Given a set X we denote by \(\mathsf {Rel}_X\) the subcategory of \(\mathsf {Rel}\) that has as objects pairs (R, X) and whose morphisms are inclusions: they have as underlying arrow the identity on X. That is, \(\mathsf {Rel}_X\) is the poset of relations on X ordered by inclusion and seen as a category.
The formal definition of a fibration is rather technical, but it essentially captures the idea of having a category of “properties” indexed over a base category. Moreover, for each morphism f in the base category we have a functor \(f^*\) satisfying a universal property generalising the one we mentioned above in the special case of relations.
Definition 4.1
Given a functor \(p:\mathcal {E}\rightarrow \mathcal {B}\) and an object X of \(\mathcal {B}\), the fibre above X is the subcategory \(\mathcal {E}_X\) of \(\mathcal {E}\) whose objects are mapped by p to X and whose arrows are mapped by p to the identity on X.
Definition 4.2
 1.
For every object X in \(\mathcal {B}\), the fibre \(\mathcal {E}_X\) is a poset.
 2.
For every morphism \(f:X\rightarrow Y\) in \(\mathcal {B}\) and every R in \(\mathcal {E}\) with \(p(R)=Y\) there exists an object \(f^*(R)\) above X (i.e., in \(\mathcal {E}_X\)) and a map \(\widetilde{f_R}:f^*(R)\rightarrow R\) such that every \(u:Q\rightarrow R\) in \(\mathcal {E}\) sitting above f (i.e., \(pu=f\)) factors through \(\widetilde{f_R}\): there exists a unique map \(v:Q\rightarrow f^*(R)\) in \(\mathcal {E}_X\) such that \(u=\widetilde{f_R}v\).
A map \(\widetilde{f_R}\) as above is called a (weak) Cartesian lifting of f and is unique up to isomorphism. If we make a choice of Cartesian liftings, the association \(R\mapsto f^*(R)\) gives rise to the socalled reindexing functor \(f^*:\mathcal {E}_Y\rightarrow \mathcal {E}_X\). We have that \((\mathrm {id}_X)^*= \mathrm {id}_{\mathcal {E}_X}\), and, since Cartesian liftings are closed under composition, we have \((f\circ g)^*= g^*\circ f^*\).
Remark 4.3
All our proofs work just as fine in the more general setting of arbitrary fibrations, but we considered that the definition of poset fibrations is easier to grasp. For this reason we do not explicitly mention hereafter that the fibrations are posetal, but the reader can safely assume this and skip the rest of the remark. The general definition, see [26], does not require \(\mathcal {E}_X\) be a poset, but the maps \(\widetilde{f_R}:f^*(R)\rightarrow R\) satisfy a slightly stronger universal property: for any maps \(g:Z\rightarrow X\) in \(\mathcal {B}\) and for any u sitting above fg, there exists a unique v such that \(u=\widetilde{f_R}v\) and \(p(v)=g\). Such a map \(\widetilde{f_R}\) is called a Cartesian lifting (as opposed to weak Cartesian lifting), and, in general, we have an isomorphism \((f\circ g)^*\cong g^*\circ f^*\) rather than an equality (as is the case in poset fibrations).
Definition 4.4
A functor \(p:\mathcal {E}\rightarrow \mathcal {B}\) is called a bifibration if both \(p:\mathcal {E}\rightarrow \mathcal {B}\) and \(p^ op :\mathcal {E}^ op \rightarrow \mathcal {B}^ op \) are fibrations.
A fibration \(p:\mathcal {E}\rightarrow \mathcal {B}\) is a bifibration if and only if each reindexing functor \(f^*:\mathcal {E}_Y\rightarrow \mathcal {E}_X\) has a left adjoint \(\coprod _f\dashv f^*\), see [26, Lemma 9.1.2].
Example 4.5
Example 4.6
A second example of a bifibration is that of predicates over sets. Let \(\mathsf {Pred}\) be the category of predicates whose objects are pairs of sets (P, X) with \(P\subseteq X\) and morphisms \(f:(P,X)\rightarrow (Q,Y)\) are arrows \(f:X\rightarrow Y\) that can be restricted to \({ \left. f \phantom {\big } \right _{P} }:P\rightarrow Q\).
The functor mapping predicates to their underlying sets is a bifibration. The fibre \(\mathsf {Pred}_X\) sitting above X is the poset of subsets of X ordered by inclusion. The reindexing functors are given by inverse images and their left adjoints by direct images.
A fibration map from \(p:\mathcal {E}\rightarrow \mathcal {B}\) to \(p':\mathcal {E}'\rightarrow \mathcal {B}\) is a pair \((\overline{F},F)\) such that \(\overline{F}\) is a lifting of F that preserves Cartesian liftings, i.e., for any \(\mathcal {B}\)morphism f and Cartesian lifting \(\widetilde{f}\) the map \(\overline{F}\widetilde{f_R}:\overline{F}f^*(R)\rightarrow \overline{F}R\) is a Cartesian lifting of Ff. This entails that \((Ff)^*\overline{F}\cong \overline{F}f^*\) for any \(\mathcal {B}\)morphism f (in fact, in a poset fibration, this isomorphism is an equality). We denote by \(\mathsf {Fib}(\mathcal {B})\) the category of fibrations with base \(\mathcal {B}\).
Every \(\mathsf {Set}\) endofunctor F has a canonical lifting in the fibration \(\mathsf {Rel}\rightarrow \mathsf {Set}\), which we call the canonical relation lifting of F and denote by \(\mathsf {Rel}(F):\mathsf {Rel}\rightarrow \mathsf {Rel}\). In order to define it, represent \(R\in \mathsf {Rel}_X\) as a jointly mono span \(X\xleftarrow {\pi _1} R\xrightarrow {\pi _2} X\) and apply F. Then \(\mathsf {Rel}(F)(R)\) is obtained as the image of the induced map \(FR\rightarrow FX\times FX\). Below, we list a number of important properties of the canonical relation lifting. We use \({\varDelta }_X\) to denote the diagonal relation on X, \(R^{1}\) to denote the converse relation of R and \(R \otimes S =\{(x,z) \mid \exists y.~x \mathrel R y \wedge y\mathrel R z\}\) for the composition of relations R and S.
Lemma 4.7
 1.
\(\mathsf {Rel}(\mathrm {Id})=\mathrm {Id}\)
 2.
\(\mathsf {Rel}(F)({\varDelta }_X) = {\varDelta }_{FX}\)
 3.
\(\mathsf {Rel}(F)(R^{{1}}) = (\mathsf {Rel}(F)(R))^{{1}}\)
 4.
\(\mathsf {Rel}(F)(R \otimes S) \subseteq \mathsf {Rel}(F)(R) \otimes \mathsf {Rel}(F)(S)\)
 5.
\(\mathsf {Rel}(F)(f^*(R)) \subseteq (Ff)^*\mathsf {Rel}(F)(R)\)
 6.
\(\mathsf {Rel}(F)(\mathsf {Gr}(f))\subseteq \mathsf {Gr}(Ff)\) where \(\mathsf {Gr}(f)\) denotes the graph of a \(\mathsf {Set}\)function f.
 7.
\(\mathsf {Rel}(FG) = \mathsf {Rel}(F)\mathsf {Rel}(G)\)
 8.
\(\mathsf {Rel}(F \times G) \cong \mathsf {Rel}(F) \times \mathsf {Rel}(G)\)
 9.
Any \(\lambda :F \Rightarrow G\) restricts to a natural transformation \(\overline{\lambda } :\mathsf {Rel}(F) \Rightarrow \mathsf {Rel}(G)\).
 8.
\((\mathsf {Rel}(F),F)\) is a fibration map (i.e., Item 5 above is an equality).
 9.
Item 4 is an equality.
Proof
For 1, 2, 3, 4 and 7, 8, 9 see [27, Propositions 4.4.2, 4.4.3; Exercise 4.4.6]. Items 6, 7 and 8 are standard, but we prove 7 in Lemma 14.1 in “Appendix 1”. \(\square \)
For a fibration \(p :\mathcal {E}\rightarrow \mathcal {B}\) we say that p has fibred finite (co)products if each fibre has finite (co)products, preserved by reindexing functors. If p is a bifibration with fibred finite products and coproducts, and \(\mathcal {B}\) has finite products and coproducts, then the total category \(\mathcal {E}\) also has finite products and coproducts, strictly preserved by p [26, Propositions 9.1.1 and 9.2.2, Example 9.2.5]. In this paper, we assume the bifibration under consideration to have fibred (co)products only in Sect. 7.
5 Coinductive predicates
Example 5.1
In fact, given an arbitrary \(\mathsf {Set}\) endofunctor F and a coalgebra \(\xi :X \rightarrow FX\), \(\mathsf {Rel}(F)_{\xi }\)coalgebras are Hermida–Jacobs bisimulations [23]. But instantiating \(\overline{F}\) to a different lifting than the canonical one gives rise to different coinductive predicates.
Example 5.2
As explained above, a lifting \(\overline{F}\) of F defines a functor on the fibre above any Fcoalgebra. The following result emphasises that these functors are defined uniformly.
Proposition 5.3
which lifts the adjunction \(\textstyle {\coprod }_f \dashv f^*\).
Proof
The right adjoint maps the final \(\overline{F}_{\zeta }\)coalgebra, i.e., the coinductive predicate defined on \(\zeta \) by \(\overline{F}\), to the final \(\overline{F}_{\xi }\)coalgebra, i.e., the coinductive predicate defined on \(\xi \) (which is [22, Proposition 3.11 (ii)]). This captures formally the idea that coinductive predicates, defined in the above way by a functor lifting, are preserved and reflected by coalgebra homomorphisms, if \(\overline{F}\) is a fibration map. For the canonical lifting \(\mathsf {Rel}(F)\) this is the case whenever F preserves weak pullbacks, see Lemma 4.7. Since bisimilarity on an Fcoalgebra \(\xi \) is the final \(\mathsf {Rel}(F)_{\xi }\)coalgebra, the above proposition is a generalisation of the wellknown fact that coalgebra homomorphisms preserve and reflect bisimilarity [44].
6 Upto techniques in a fibration
Throughout this section we fix a bifibration \(p:\mathcal {E}\rightarrow \mathcal {B}\), an endofunctor \(F :\mathcal {B}\rightarrow \mathcal {B}\), a lifting \(\overline{F}:\mathcal {E}\rightarrow \mathcal {E}\) of F and a coalgebra \(\xi :X \rightarrow FX\). As explained in Sect. 5, the studied system \(\xi \) lives in the base category \(\mathcal {B}\). The lifting \(\overline{F}\) defines a coinductive predicate on X as the final coalgebra of the functor \(\overline{F}_{\xi } = \xi ^*\circ \overline{F}_X:\mathcal {E}_X \rightarrow \mathcal {E}_X\), and the associated coinductive proof technique amounts to the construction of suitable \(\overline{F}_{\xi }\)invariants, i.e., \(\overline{F}_{\xi }\)coalgebras.
We instantiate the theory of upto techniques and compatible functors from the previous section to the category \(\mathcal {E}_X\) and the functor \(\overline{F}_{\xi }\). In this context, a (potential) upto technique is a functor \(A :\mathcal {E}_X \rightarrow \mathcal {E}_X\). If such a functor A is sound then the construction of \(\overline{F}_{\xi }\)invariants up to A is a valid proof technique for the coinductive predicate defined by \(\overline{F}_{\xi }\). In this section we introduce three families of upto techniques A. For each family we provide abstract conditions on the lifting \(\overline{F}\) and on A that guarantee their compatibility, and hence their soundness. More specifically, we consider upto techniques based on behavioural equivalence (Sect. 6.1), transitive and equivalence closure (Sect. 6.2) and contextual closure (Sect. 6.3).
6.1 Compatibility of behavioural equivalence closure
In Sect. 2.2, we have seen that, in coinductive proofs of language equivalence, one can exploit language equivalence itself by using the upto technique \( Bhv \). In [34], Milner introduced up to bisimilarity [34] motivated by a similar intent. From a coalgebraic perspective these two techniques are essentialy the same: both language equivalence and bisimilarity are instances of behavioural equivalence \(\sim \), i.e., the kernel of the final morphism \([\![  ]\!]\).
Theorem 6.1
Suppose that \((\overline{F}, F)\) is a fibration map. For any Fcoalgebra morphism \(f:(X,\xi )\rightarrow (Y,\zeta )\), the functor \(f^*\circ \coprod _f\) is \(\overline{F}_{\xi }\)compatible.
Proof sketch
 (a)
Since \((\overline{F}, F)\) is a fibration map we have that \(\overline{F}f^*\cong (Ff)^*\overline{F}\).
 (b)
is a consequence of Lemma 14.3 in “Appendix 2”.
 (c)
is a natural isomorphism and comes from the fact that f is a coalgebra map.
 (d)
is obtained from (c) using the counit of \(\coprod _{f}\dashv f^*\) and the unit of \(\coprod _{Ff}\dashv (Ff)^*\).
Corollary 6.2
If F is a \(\mathsf {Set}\)functor preserving weak pullbacks then the behavioural equivalence closure functor \( Bhv \) is \(\mathsf {Rel}(F)_{\xi }\)compatible.
Both the functor \(FX=(\mathcal {P}_{\omega }X)^L\) for labeled transition systems and the functor \(FX=2\times X^A\) for deterministic automata preserve weak pullbacks. Hence, Corollary 6.2 provides the compatibility of both Milner’s uptobisimilarity and \( Bhv \) as used in Sect. 2.2.
From Theorem 6.1 we also derive the soundness of upto \( Bhv \) for unary predicates: the monotone predicate liftings used in coalgebraic modal logic [17] are fibration maps [27], so they satisfy the hypothesis of Theorem 6.1.
6.2 Compatibility of equivalence closure
We propose a general approach for deriving the compatibility of the reflexive, symmetric and transitive closure. Composing these functors yields compatibility of the equivalence closure, as outlined in Sect. 3.
It turns out that we can capture composition, relation converse and the functor mapping a set to the diagonal relation as functors of the form \( G:\mathcal {E}^{\times _{\mathcal {B}}^n}\rightarrow \mathcal {E}\) that have the additional property to be liftings of the identity functor on \(\mathcal {B}\). Given such a functor G, for each X in \(\mathcal {B}\) we have a functor \(G_X:(\mathcal {E}_X)^n \rightarrow \mathcal {E}_X\).
Proposition 6.3
Lemma 6.4
 \((n{=}0)\)
 Let \( Dia :\mathsf {Set}\rightarrow \mathsf {Rel}\) be the functor mapping each set X to \({\varDelta }_X\), the diagonal relation on X. \( Dia _X :1 \rightarrow \mathsf {Rel}_X\) is \(\overline{F}_{\xi }\)compatible if
 \((n{=}1)\)
 Let \( Inv :\mathsf {Rel}\rightarrow \mathsf {Rel}\) be the functor mapping each relation \(R\subseteq X^2\) to its converse \(R^{1}\subseteq X^2\). \( Inv _X :\mathsf {Rel}_X \rightarrow \mathsf {Rel}_X\) is \(\overline{F}_{\xi }\)compatible if for all relations \(R\subseteq X^2\)
 \((n{=}2)\)
 Let \(\otimes :\mathsf {Rel}\times _\mathsf {Set}\mathsf {Rel}\rightarrow \mathsf {Rel}\) be the relational composition functor. Then \(\otimes _X :\mathsf {Rel}_X \times \mathsf {Rel}_X \rightarrow \mathsf {Rel}_X\) is \(\overline{F}_{\xi }\)compatible if for all \(R,S\subseteq X^2\) If moreover \(T_1,T_2:\mathsf {Rel}_X\rightarrow \mathsf {Rel}_X\) are two \(\overline{F}_{\xi }\)compatible functors, their pointwise composition \(T_1\otimes T_2=\otimes _X\circ \langle T_1,T_2\rangle \) is \(\overline{F}_{\xi }\)compatible by Proposition 3.3 (i,ii).
Corollary 6.5
Given a \(\mathsf {Set}\)functor F and a relation lifting \(\overline{F}\) such that \((*{*}*)\) holds, then the transitive closure functor \( Trn _X\) is \(\overline{F}_{\xi }\)compatible.
Proof
Corollary 6.6
If F is a \(\mathsf {Set}\)functor then the reflexive and symmetric closure functors \( Rfl _X\) and \( Sym _X\) are \(\mathsf {Rel}(F)_{\xi }\)compatible. Moreover, if F preserves weak pullbacks, then the transitive closure functor \( Trn _X\) and the equivalence closure functor \( Eqv _X\) are both \(\mathsf {Rel}(F)_{\xi }\)compatible.
Proof
By Lemma 4.7, the conditions \((*)\) and \((**)\) from Lemma 6.4 always hold for the canonical lifting \(\overline{F}=\mathsf {Rel}(F)\), and \((*{*}*)\) holds when F preserves weak pullbacks. As a consequence of Lemma 6.4 and Corollary 6.5, the functors \( Rfl _X\), \( Sym _X\) and \( Trn _X\) are \(\mathsf {Rel}(F)_{\xi }\)compatible. Compatibility of \( Eqv _X\) follows since it is a composition of compatible functors, as explained above. \(\square \)
In particular, the fact that \( Eqv _X\) is Bcompatible, for the endofunctor B defined in Sect. 2.1, follows from Corollary 6.6 and the characterisation of B given in Example 5.1.
When \(\overline{F}_{\xi }\) has a final coalgebra \({\varOmega }\), one can define a “self closure” \(\mathcal {E}_X\)endofunctor \( Slf =\widetilde{{\varOmega }}\otimes \mathrm {Id}\otimes \widetilde{{\varOmega }}\), where \(\widetilde{{\varOmega }}:\mathcal {E}_X\rightarrow \mathcal {E}_X\) is the constant to \({\varOmega }\) functor. Thanks to Proposition 3.3, the functor \( Slf \) is \(\overline{F}_{\xi }\)compatible whenever \((*{*}*)\) holds. For instance, one can prove compatibility of \( Slf \) for the endofuctor \(B'\) of Sect. 2.3 by checking that \((*{*}*)\) holds for \(\overline{F}\) defined as in Example 5.2.
If \(\overline{F}\) is instantiated to the canonical lifting \(\mathsf {Rel}(F)\), then \({\varOmega }\) is the bisimilarity relation. In this case, if F preserves weak pullbacks, then \({\varOmega }\) coincides with behavioural equivalence, so then \( Slf = Bhv \).
If instead we consider the lifting that yields weak bisimilarity (to be defined in Sect. 9), \( Slf \) corresponds to a technique called “weak bisimulation up to weak bisimilarity”, while \( Bhv \) corresponds to “weak bisimulation up to (strong) bisimilarity”.
6.3 Compatibility of contextual closure
where f is an arbitrary operator of S of arity n and \(s,s_i,t,t_i\) are terms in T0. It is easy to see that this definition generalises the contextual closure introduced for regular expressions in Sect. 2.2.
Theorem 6.7
Let \(\overline{T},\overline{F}:\mathcal {E}\rightarrow \mathcal {E}\) be liftings of T and F. If \(\overline{\rho } :\overline{T}\,\overline{F}\Rightarrow \overline{F}\,\overline{T}\) is a natural transformation sitting above \(\rho \), then \(\coprod _\alpha \circ \,\overline{T}\) is \(\overline{F}_{\xi }\)compatible.
Proof sketch
 (a)
is the counit of the adjunction \(\coprod _{\rho _X}\dashv \rho _X^*\).
 (b)
comes from \(\overline{\rho }\) being a lifting of \(\rho \), see Lemma 14.5.
 (c)
comes from the bialgebra condition, and the units and counits of the adjunctions \(\coprod _{\alpha }\dashv \alpha ^*\), \(\coprod _{F\alpha }\dashv (F\alpha )^*\), and \(\coprod _{\rho _X}\dashv \rho _X^*\), see Lemma 14.6.
 (d)
arises since \(\overline{T}\) is a lifting of T, using the universal property of the Cartesian lifting \((T\xi )^*\), see Lemma 14.2.
 (e)
comes from \(\overline{F}\) being a lifting of F, combined with the unit and counit of the adjunction \(\coprod _{\alpha }\dashv \alpha ^*\), see Lemma 14.3.
When \(\overline{F}\) and \(\overline{T}\) are the canonical liftings \(\mathsf {Rel}(F)\) respectively \(\mathsf {Rel}(T)\) in the relation fibration, we get as a corollary the following result, equivalent to Theorem 4 in [43].
Corollary 6.8
If F, T are \(\mathsf {Set}\)functors and \((X, \alpha , \xi )\) is a bialgebra for \(\rho :T F \Rightarrow F T\), then the contextual closure functor \( Ctx \) is \(\mathsf {Rel}(F)_{\xi }\)compatible.
Proof
By [27, Exercise 4.4.6], the canonical relation lifting preserves natural transformations, i.e., there is a natural transformation \(\overline{\rho } :\mathsf {Rel}(TF) \Rightarrow \mathsf {Rel}(FT)\) above \(\rho \). By Lemma 14.1, using that every \(\mathsf {Set}\) functor preserves epis, we obtain the desired \(\overline{\rho } :\mathsf {Rel}(T)\mathsf {Rel}(F) \Rightarrow \mathsf {Rel}(F)\mathsf {Rel}(T)\). \(\square \)
Our interest in Theorem 6.7 is not restricted to proving compatibility of up to \( Ctx \): taking different liftings \(\overline{T}\) yields different types of contextual closure, similar to the fact that taking different liftings \(\overline{F}\) yields different coinductive predicates. Indeed, in Sect. 8 we consider the left contextual closure for reasoning about divergence, and the monotone contextual closure for weighted automata; both these variants of the contextual closure (instances of (6)) substantially differ from \( Ctx \).
In order to apply Theorem 6.7 in situations where either \(\overline{T}\) or \(\overline{F}\) is not the canonical relation lifting, one has to exhibit a \(\overline{\rho }\) sitting above \(\rho \). In \(\mathsf {Rel}\), such a \(\overline{\rho }\) exists if and only if for all relations \(R\subseteq X^2\), the restriction of \(\rho _X \times \rho _X\) to \(\overline{T}\,\overline{F}R\) corestricts to \(\overline{F}\,\overline{T}R\), i.e., \( (\rho _X \times \rho _X)(\overline{T}\, \overline{F}(R)) \subseteq \overline{F} \, \overline{T}(R) \), or equivalently, \(\coprod _{\rho _X}(\overline{T}\,\overline{F}R)\subseteq \overline{F}\,\overline{T}R\). A similar condition has to be checked in the fibration \(\mathsf {Pred}\rightarrow \mathsf {Set}\).
6.4 Summary
Notation  Definition  Condition \(\overline{F}_{\xi }\)compatibility 

\( Bhv \)  \([\![  ]\!]^* \circ \textstyle {\coprod }_{[\![  ]\!]}\)  \((\overline{F},F)\) is a fibration map 
–  \(\textstyle {\coprod }_{\alpha } \circ \overline{T}\)  \((X,\alpha ,\xi )\) is a \(\rho \)bialgebra, and there is a distributive law of \(\overline{T}\) over \(\overline{F}\) above \(\rho \) 
Notation  Definition  Condition \(\overline{F}_{\xi }\)compatibility 

\( Rfl _X\)  reflexive closure  \({\varDelta }_{FX}\subseteq \overline{F}({\varDelta }_X)\) 
\( Sym _X\)  symmetric closure  \((\overline{F}R)^{1}\subseteq \overline{F}(R^{1})\) for all \(R \subseteq X^2\) 
\(\otimes _X\)  rel. composition  \(\overline{F}(R) \otimes \overline{F}(S) \subseteq \overline{F}(R\otimes S)\) for all \(R,S \subseteq X^2\) 
\( Slf \)  \(R \mapsto {\varOmega } \otimes R \otimes {\varOmega }\)  \(\otimes _X\) is \(\overline{F}_{\xi }\)compatible 
\( Trn _X\)  transitive closure  \(\otimes _X\) is \(\overline{F}_{\xi }\)compatible 
\( Eqv _X\)  equivalence closure  \( Rfl _X\), \( Sym _X\) and \(\otimes _X\) are \(\overline{F}_{\xi }\)compatible 
\( Ctx \)  \(\textstyle {\coprod }_{\alpha } \circ \mathsf {Rel}(T)\)  \((X,\alpha ,\xi )\) is a \(\rho \)bialgebra 
7 Abstract GSOS
We now consider uptocontext techniques to reason about models of abstract GSOS, which provides specification formats for defining operations on coalgebras, and allows us to study operational semantics in a general fashion. An abstract GSOS specification is a natural transformation of the form \( \lambda :S(F \times \mathrm {Id}) \Rightarrow FT \), where T is the free monad for S, assumed to exist. The name abstract GSOS is motivated by the fact that, as shown in [29, 54], it generalizes the the standard GSOS specification format [6].
Example 7.1
The concrete GSOS rule format [6] can be retrieved by taking F to be the functor \(FX=(\mathcal {P}_{\omega }X)^L\) for labeled transition systems and S to be a polynomial functor representing an algebraic signature. In this case, TX is the set of terms over this signature with variables in X. The notion of model as given in (8) corresponds to the usual notion of model of a GSOS specification. Informally, it means that all and only the transitions of \(\xi \) can be derived by instantiating the rules in the specification.
Example 7.2
An abstract GSOS specification \(\lambda \) and a model \((X,\alpha ,\xi )\) for it uniquely correspond to, respectively, a distributive law \(\rho _{\lambda } :T(F \times \mathrm {Id}) \Rightarrow (F \times \mathrm {Id})T\) of the monad T over the copointed functor \(F \times \mathrm {Id}\) and a bialgebra \((X,\alpha ^{\sharp },\langle \xi ,\mathrm {id}\rangle )\) for \(\rho _{\lambda }\). For details, see “Appendix 3” or [29, 54]. Hereafter, to make the notation lighter we will often refer to \(\rho _\lambda \) as to \(\rho \). This construction entails compatibility of the contextual closure.
Corollary 7.3
Let \(\lambda :S(F \times \mathrm {Id}) \Rightarrow FT\) be an abstract GSOS specification and let \((X,\alpha ,\xi )\) a model for it. Then \(\textstyle {\coprod }_{\alpha ^\sharp } \circ \mathsf {Rel}(T)\) is \((\mathsf {Rel}(F)\times \mathrm {Id})_{\langle \xi , \mathrm {id}\rangle }\)compatible.
Proof
From Corollary 6.8 we immediately obtain \(\mathsf {Rel}(F\times \mathrm {Id})_{\langle \xi , \mathrm {id}\rangle }\)compatibility. To conclude, it is enough to observe that \(\mathsf {Rel}(F\times \mathrm {Id}) \cong \mathsf {Rel}(F)\times \mathrm {Id}\) by Lemma 4.7. \(\square \)
In the case of noncanonical liftings, to prove compatibility of contextual closure for bialgebras of a distributive law \(\rho _{\lambda }\) generated from an abstract GSOS specification, one should exhibit a natural transformation \(\overline{\rho _{\lambda }}\) above \(\rho _{\lambda }\) and then apply Theorem 6.7. We next show how to simplify such a task by proving that, under mild additional conditions, it suffices to show that there exists \(\overline{\lambda } :\overline{S} (\overline{F} \times \mathrm {Id}) \Rightarrow \overline{F}\,\overline{T}\) above \(\lambda \). Here \(\overline{T}\) is the free monad of \(\overline{S}\) which, by Lemma 14.7 in “Appendix 3”, is a lifting of T.
Theorem 7.4
Let \((X,\alpha ,\xi )\) and \((X,\alpha ^{\sharp },\langle \xi ,\mathrm {id}\rangle )\) be a model and a bialgebra for, respectively, an abstract GSOS specification \(\lambda :S(F \times \mathrm {Id}) \Rightarrow FT\) and the corresponding distributive law \(\rho _{\lambda }:T(F\times \mathrm {Id}) \Rightarrow (F\times \mathrm {Id}) T\). Let \(\overline{S},\overline{F} \) be liftings of S, F and assume that \(\overline{S}\) has a free monad \(\overline{T}\).
 1.
there exists \(\overline{\rho _{\lambda }} :\overline{T}\,(\overline{F} \times \mathrm {Id})\Rightarrow (\overline{F} \times \mathrm {Id})\overline{T}\) sitting above \(\rho _{\lambda }\);
 2.
\(\textstyle {\coprod }_{\alpha ^\sharp } \circ {\overline{T}}\) is \((\overline{F}\times \mathrm {Id})_{\langle \xi ,\mathrm {id}\rangle }\)compatible.
It is easy to see that 2 is a direct consequence of 1 and Theorem 6.7. The idea of the proof for 1 is that the distributive law \(\overline{\rho _{\lambda }}\) is constructed from \(\overline{\lambda }\) in the same way as \(\rho _{\lambda }\) is constructed from \(\lambda \) (see “Appendix 3” for details). By relating free algebras in \(\mathcal {E}\) to free algebras in \(\mathcal {B}\), one then shows that \(\overline{\rho _{\lambda }}\) sits above \(\rho _{\lambda }\).
Observe that both Corollary 7.3 and Theorem 7.4 state compatibility with respect to a functor which is not exactly \(\overline{F}_{\xi }\), the functor of our interest. A similar issue was encountered in Sect. 3.1, where we dealt with Brespectful functors, i.e., functors that are \(B\times \mathrm {Id}\)compatible. The following lemma allows to link GSOS specifications and respectful functors.
Lemma 7.5
There is a natural isomorphism \((\overline{F}\times \mathrm {Id})_{\langle \xi ,\mathrm {id}\rangle } \cong \overline{F}_{\xi } \times \mathrm {Id}\) where the latter product is taken in the fibre \(\mathcal {E}_X\).
Proof
Example 7.6
In Example 7.2, we have seen that regular expressions carries a model \((RE,\alpha ,\xi )\) for the GSOS specification corresponding to the Brzozowski derivatives. From Corollary 7.3, we have that \(\textstyle {\coprod }_{\alpha ^\sharp } \circ \mathsf {Rel}(T)\) is \((\mathsf {Rel}(F)\times \mathrm {Id})_{\langle \xi , \mathrm {id}\rangle }\)compatible. As explained in Sect. 6.3, \(\textstyle {\coprod }_{\alpha ^\sharp } \circ \mathsf {Rel}(T)\) is just \( Ctx \) as defined in Sect. 2.2. Moreover, by Lemma 7.5, \( Ctx \) is \(\mathsf {Rel}(F)_{\xi } \times \mathrm {Id}\)compatible. The technique \( Bhv \) used in Sect. 2.2 is Bcompatible and thus, by Proposition 3.4(i), it is \(B\times \mathrm {Id}\)compatible. By Proposition 3.3(i), \( Bhv \circ Ctx \) is \(B\times \mathrm {Id}\)compatible. Bsoundness follows from Proposition 3.4(iii). We conclude that the composite technique \( Bhv \circ Ctx \) used in Sect. 2.2 is \(\mathsf {Rel}(F)_{\xi }\)sound, and thus Bsound (see Example 5.1).
Now we could use a similar strategy to prove the compatibility of \( Slf \circ Ctx \) with respect to the functor \(B'\) for simulation introduced in Sect. 2.3. Since, as shown in Example 5.2, this arises from a noncanonical lifting, we should use Theorem 7.4 rather than Corollary 7.3. However, at the end of this paper (Example 13.4), we will provide a simpler proof which avoids to exhibit the natural transformation \(\overline{\lambda }\).
We conclude this section with a technical observation. Theorem 7.4, and similarly Corollary 7.3, provides compatibility for a contextual closure induced by the free monad \(\overline{T}\) rather than the lifted functor \(\overline{S}\) itself, which may be the one presented in concrete cases. However, as shown by the next lemma, the contextual closure defined by \(\overline{S}\) is, in each fibre, below the one defined by \(\overline{T}\), so if the latter is sound, the former is sound as well.
Lemma 7.7
Let \(S, \overline{S}\), T and \(\overline{T}\) be as in Theorem 7.4. Given an algebra \(\alpha :S X \rightarrow X\) with induced algebra \(\alpha ^\sharp :T X \rightarrow X\) for the free monad T, there exists a natural transformation of the form \(\textstyle {\coprod }_{\alpha } \circ \overline{S} \Rightarrow \textstyle {\coprod }_{\alpha ^\sharp } \circ \overline{T}\).
8 Examples
8.1 Inclusion of weighted automata
To illustrate the theory in Sect. 6, we consider weighted automata over a given semiring \(\mathbb {S}\). In [43], a certain notion of upto context is shown to be compatible with respect to language equivalence of weighted automata. The theory in Sect. 6 allows us to extend this result to language inclusion: contextual closure is compatible wrt language inclusion whenever the underlying semiring satisfies certain conditions [listed in (a) and (b) below]. This suggests a novel technique, called monotone contextual closure, which is compatible even when the semiring does not meet these requirements.

\(0 :1 \rightarrow \mathbb {S}^X_\omega \) mapping every \(x\in X\) to 0,

\(\dot{x} :1 \rightarrow \mathbb {S}^X_\omega \) (for every \(x\in X\)) mapping x to 1 and the rest to 0,

\(r \cdot :\mathbb {S}^X_\omega \rightarrow \mathbb {S}^X_\omega \) (for every \(r\in \mathbb {S}\)) mapping f to \(r\cdot f\) defined for all \(x\in X\) as \(r \cdot f(x)\),

\(+ :\mathbb {S}^X_\omega \times \mathbb {S}^X_\omega \rightarrow \mathbb {S}^X_\omega \) mapping f, g to \(f+g\) defined for all \(x\in X\) as \(f(x)+g(x)\),
The Fcoalgebra \(\langle o^{\sharp },t^{\sharp } \rangle \) can be exploited to conveniently express the behaviour of functions \(f\in \mathbb {S}^X_\omega \). The carrier of the final Fcoalgebra is \(\mathbb {S}^{A^*}\), that is, the set of all functions \(\phi :A^* \rightarrow \mathbb {S}\), also known as weighted languages or formal power series. The unique map \([\![  ]\!]:\mathbb {S}^X_\omega \rightarrow \mathbb {S}^{A^*}\) assigns to each \(f\in \mathbb {S}^X_\omega \) the language \([\![ f ]\!]:A^*\rightarrow \mathbb {S}\) defined for all words \(w\in A^*\) as \([\![ f ]\!](\varepsilon )=o^\sharp (f)\) and \([\![ f ]\!](aw')=[\![ t^\sharp (f)(a) ]\!](w')\). In (10), the language \([\![ \dot{x} ]\!]\) accepted by \(\dot{x}\) maps the word \(a^n\) to the \(n^ th \) Fibonacci number.
Now, suppose that \(\mathbb {S}\) carries a partial order \(\le \). Such an order can be pointwise extended to an order \(\precsim \) on \(\mathbb {S}^{A^*}\), and thus induces a preorder on the states f, g of any Fcoalgebra defined by \(f \precsim g\) iff \([\![ f ]\!] \precsim [\![ g ]\!]\). We call this predicate inclusion: it coincides with language inclusion when \(\mathbb {S}\) is the Boolean semiring.
For any two \(f,g\in \mathbb {S}^X_\omega \), one can prove that \(f\precsim g\) by exhibiting a \(\overline{F}_{\langle o^{\sharp },t^{\sharp }\rangle }\)invariant relating them. These invariants are usually infinite, since there may be infinitely many reachable states in a bialgebra \(\mathbb {S}^X_\omega \), even for finite X. For instance, this is the case when trying to check \(\dot{x}\precsim \dot{y}\) in (10): we should relate infinitely many reachable states.
 (a)
\(n_1 + n_2 \le m_1 + m_2\), and
 (b)
\(n_1 \cdot n_2 \le m_1 \cdot m_2\).
8.2 Divergence of processes
In the previous example we have exploited the theory of Sect. 6 and the fibration \(\mathsf {Rel}\rightarrow \mathsf {Set}\). Now, we move to the theory in Sect. 7 and the fibration \(\mathsf {Pred}\rightarrow \mathsf {Set}\) from Example 4.6. The use of GSOS specifications also makes it necessary to exploit several results about respectful functors (Sect. 3.1). Rather than weighted automata, we consider labeled transition systems which, as explained in Example 7.1, are coalgebras for the functor \(FX=(\mathcal {P}_{\omega }X)^L\) with \(\tau \in L\).
 (a)
since pq diverges by hypothesis, then also (pq)p diverges, and
 (b)
since (pq)p is bisimilar (i.e., behavioural equivalent) to (pp)q, then also (pp)q diverges.
In order to prove soundness of this “up to behavioural equivalence and left contextual closure”, it is essential to recall that the rules for parallel composition in Example 7.1 form a GSOS specification \(\lambda :S(F \times \mathrm {Id}) \Rightarrow FT\), where S is the functor for the binary parallel operator \(SX=X\times X\). Now we assume that X is some set of terms that includes p and q and that is closed under parallel composition, i.e., there exists an algebra \(\alpha :SX \rightarrow X\). We take \((X,\alpha ,\xi )\) to be a model for \(\lambda \).
Assume that \((f,x), (g,y)\in \overline{S}( \overline{F}^{\langle \tau \rangle } \times \mathrm {Id})P\). Then, by definition of \(\overline{S}\) we have \(f\in \overline{F}^{\langle \tau \rangle }P\), so by definition of \(\overline{F}^{\langle \tau \rangle }\) there exists \(x'\in f(\tau )\) such that \(x'\in P\). By the definition of \(\lambda _X\) in (9), \((x',y) \in \lambda _X ((f,x), (g,y))(\tau )\) and, since \(x'\in P\), we have \((x',y) \in \overline{S} P\). By definition of \(\overline{F}^{\langle \tau \rangle } \), \(\lambda _X ((f,x), (g,y)) \in \overline{F}^{\langle \tau \rangle }\overline{S} P\). Since \(\overline{T}\) is the free monad of \(\overline{S}\), we have a natural transformation \(\overline{S}\Rightarrow \overline{T}\) and thus \(\lambda _X ((f,x), (g,y)) \in \overline{F}^{\langle \tau \rangle }\overline{T} P\).
This proves that \(\textstyle {\coprod }_{\alpha ^\sharp } \circ \overline{T}\) is \((\overline{F}^{\langle \tau \rangle } \times \mathrm {Id})_{\langle \xi , \mathrm {id}\rangle }\)compatible. By Lemma 7.5, it is \(\overline{F}^{\langle \tau \rangle }_{\xi }\times \mathrm {Id}\)compatible.
For \( Bhv \), we note that \(\overline{F}^{\langle \tau \rangle }\) is defined exactly as in coalgebraic modal logic [17, 22] and thus \((\overline{F}^{\langle \tau \rangle }, F)\) is a fibration map: Theorem 6.1 applies. By using Proposition 3.4(i), \( Bhv \) is \(\overline{F}^{\langle \tau \rangle }_{\xi }\times \mathrm {Id}\)compatible. By Proposition 3.3(i), \( Bhv \circ \textstyle {\coprod }_{\alpha ^\sharp } \circ \overline{T}\) is \(\overline{F}^{\langle \tau \rangle }_{\xi }\times \mathrm {Id}\)compatible and thus \(\overline{F}^{\langle \tau \rangle }_{\xi }\)sound by Proposition 3.4(iii). Note that this technique is not yet \( Bhv \circ Ctx ^{\ell }\). However, by Lemma 7.7, \( Ctx ^{\ell } \Rightarrow \textstyle {\coprod }_{\alpha ^\sharp }\circ \overline{T}\) and thus \( Bhv \circ Ctx ^{\ell } \Rightarrow Bhv \circ \textstyle {\coprod }_{\alpha ^\sharp }\circ \overline{T} \). Thus \( Bhv \circ Ctx ^{\ell }\) is \(\overline{F}^{\langle \tau \rangle }_{\xi }\)sound.
8.3 Equivalence of nominal automata
All the examples that we have considered so far concern systems that are modeled as coalgebras in the category \(\mathsf {Set}\). With the next example, we exploit the full generality of the theory in Sect. 6 to obtain upto techniques for nominal automata, modeled as coalgebras in the category \(\mathsf {Nom}\) of nominal sets. By doing so, we are able to extend bisimulation up to congruence from nondeterministic automata [12] to nondeterministic nominal automata.
Nominal automata and variants [7] have been considered as a means of studying languages over infinite alphabets, but also for the operational semantics of process calculi [35]. Nominal sets are sets equipped with actions of the group of permutations on a countable set \(\mathbb {A}\) of names, satisfying an additional finite support condition. We refer the reader to [39] for details. Full details for the fibration and functors involved in this example are provided in Appendix “Nominal automata”.
With this semantics in mind, one can see that the state \(*\) accepts the language of words in the alphabet \(\mathbb {A}\) where some letter appears twice: it reads a word in \(\mathbb {A}\), then it nondeterministically guesses that the next letter will appear a second time and verifies that this is indeed the case. The state \(\star \) accepts the same language, in a different way: it reads a first letter, then guesses if this letter will be read again, or, if a distinct letter—nondeterministically chosen—will appear twice.
The soundness of this technique is established in Appendix “Nominal automata” using the fibration \(\mathsf {Rel}(\mathsf {Nom})\rightarrow \mathsf {Nom}\) of equivariant relations. We derive the compatibility of contextual closure using Theorem 6.7, and compatibility of the transitive, symmetric, and reflexive closures using Proposition 6.3. Compatibility of congruence closure follows from Proposition 3.3(i).
9 The problem with weak bisimulation
Weak bisimilarity is a behavioural equivalence which is coarser than (strong) bisimilarity, and which is quite important in practice. This notion of equivalence allows one to abstract over internal transitions, labeled with the special action \(\tau \). When the player proposes a transition \(\mathop {\rightarrow }\limits ^{a}\), the opponent must answer with a saturated transition \(\mathop {\Rightarrow }\limits ^{a}\), which is roughly a transition \(\mathop {\rightarrow }\limits ^{a}\) possibly combined with internal actions \(\mathop {\rightarrow }\limits ^{\tau }\).
Corollary 9.1
\( Bhv \) is \(\overline{F \times F}_{ \xi }\)compatible.
For \(\xi = \langle \rightarrow , \Rightarrow \rangle \), behavioural equivalence is simply strong bisimilarity. Consequently, Corollary 9.1 actually gives the compatibility of weak bisimulation up to strong bisimilarity [41]. One could wish to use up to \( Slf \) or up to \( Trn \) for weak bisimulations. However, the condition \((*{*}*)\) from Sect. 6.2 fails, and indeed, weak bisimulations up to weak bisimilarity or up to transitivity are not sound [41].
The case of upto context is much more delicate: upto parallel composition is compatible with respect to weak bisimulation [41] but this cannot be proved inside the theory developed so far. Indeed, already for the simple case of parallel composition in CCS, the saturated transition system \(\Rightarrow \) is not a model for the GSOS specification.
Example 9.2
Intuitively, a bialgebra requires that all and only the transitions of a composite system can be derived by transitions of its components. Instead a composite system may perform more weak transitions than those derived from the transitions of its components (e.g., in the example above, \(a.b  \overline{a}.\overline{b}\mathop {\Rightarrow }\limits ^{\tau }00\) while such a transition cannot be derived using the GSOS specification of parallel composition).
 (a)
we explain how to move to lax bialgebras in an ordered setting and we adapt accordingly the proof of compatibility of the contextual closure (Sect. 10);
 (b)
we prove that upto context is compatible for lax models of positive [1] GSOS specifications (Sect. 11); and,
 (c)
as an application, we obtain soundness of upto context for weak bisimulations of systems specified by the cool rule format from [55] (Sect. 12).
10 Ordered setting
In the first part of this paper, we have seen how to prove soundness of upto techniques of different sorts of binary predicates by lifting functors and distributive laws along \(p:\mathsf {Rel}\rightarrow \mathsf {Set}\). Now we extend those results to an ordered setting. The first step (Sect. 10.1) consists in replacing the base category \(\mathsf {Set}\) with \(\mathsf {Pre}\), the category of preorders. (An object in \(\mathsf {Pre}\) is a set equipped with a preorder, that is, a reflexive and transitive relation; morphisms are monotone maps.) Accordingly, we move from the category \(\mathsf {Rel}\) of relations to its subcategory \(\mathsf {Rel}^\uparrow \) of upclosed relations (Sect. 10.2). We finally obtain the ordered counterpart to Theorem 6.7, using the notion of lax bialgebra (Sect. 10.3, Theorem 10.14).
10.1 Lifting functors from sets to preorders
We first explain how to lift functors and distributive laws from \(\mathsf {Set}\) to \(\mathsf {Pre}\). Extensions of \(\mathsf {Set}\)functors to preorders or posets have been studied via relators as in [25, 53] and using presentations of functors and (enriched) Kan extensions [2, 3]. We are interested in extending not only functors, but also natural transformations to an ordered setting. In order to do so, we exploit the notion of lax relation lifting from [25] which is closely related to the canonical relation lifting introduced in the first part of this paper.
For a weak pullback preserving \(\mathsf {Set}\)endofunctor T we can consider its canonical relation lifting \(\mathsf {Rel}(T):\mathsf {Rel}\rightarrow \mathsf {Rel}\). Then, using the following wellknown result, we obtain an extension of T to \(\mathsf {Pre}\), hereafter called the canonical \(\mathsf {Pre}\) lifting of T and denoted by \(\mathsf {Pre}(T)\).
Lemma 10.1
If T preserves weak pullbacks, then \(\mathsf {Rel}(T)\) restricts to a functor \(\mathsf {Pre}(T)\) on \(\mathsf {Pre}\).
Example 10.2
The LTS functor \((\mathcal {P}_{ c })^L\) has a stable order \(\subseteq _{(\mathcal {P}_{ c }X)^L}\) given by pointwise inclusion. The lax \(\mathsf {Pre}\)lifting of \((\mathcal {P}_{ c })^L\) with respect to this order coincides with the lifting described above in (15). (See [25] for more details.)
Example 10.3
For weighted automata on a semiring \(\mathbb {S}\) equipped with a partial order \(\le \), the functor \(FX=\mathbb {S}\times X^A\) is ordered with \(\subseteq _{FX}\) defined as \((p,\phi ) \subseteq _{FX} (q,\psi )\) iff \(p\le q\) and \(\phi =\psi \). It is immediate to see that \(\mathsf {Rel}_{\subseteq }(F)\) coincides with the lifting \(\overline{F}\) defined in Sect. 8.1. Moreover, when \(\mathbb {S}\) is the boolean semiring 2 and \(\le \) is the trivial ordering \(0\le 1\), the functor \(\mathsf {Rel}_{\subseteq }(F)\) is the lifting \(\overline{F}\) defined in Example 5.2 modeling simulations on deterministic automata.
We now show how to lift a natural transformation \(\rho :F\Rightarrow G\) between \(\mathsf {Set}\)functors to a natural transformation \(\varrho :\mathcal {F}\Rightarrow \mathcal {G}\) between \(\mathsf {Pre}\)functors. If F and G preserve weak pullbacks and \(\mathcal {F}\) and \(\mathcal {G}\) are the canonical \(\mathsf {Pre}\)liftings \(\mathsf {Pre}(F)\) and \(\mathsf {Pre}(G)\), then \(\varrho \) is obtained via the restriction of the natural transformation \(\mathsf {Rel}(\rho )\) between the corresponding canonical relation liftings (\(\mathsf {Rel}()\) is functorial, see [27]). The situation is slightly more complex for noncanonical liftings, such as the lax lifting of the LTS functor. In this case we can use Lemma 10.5 below whenever \(\rho \) enjoys the following monotonicity property.
Definition 10.4
Let \(F,G :\mathsf {Set}\rightarrow \mathsf {Set}\) be ordered functors that respectively factor through \(F_{\subseteq },G_{\subseteq }:\mathsf {Set}\rightarrow \mathsf {Pre}\). We say that a natural transformation \(\rho :F\Rightarrow G\) is monotone if it lifts to a natural transformation \(\varrho :F_{\subseteq }\Rightarrow G_{\subseteq }\) defined by \(\varrho _X=\rho _X\).
Lemma 10.5
Let \(F, G:\mathsf {Set}\rightarrow \mathsf {Set}\) be ordered functors with orders respectively given by \(F_{\subseteq },G_{\subseteq }:\mathsf {Set}\rightarrow \mathsf {Pre}\), and assume \(\rho :F\Rightarrow G\) is a monotone natural transformation. Then \(\rho \) lifts to a natural transformation \(\overline{\rho }:\mathsf {Rel}_\subseteq (F)\Rightarrow \mathsf {Rel}_\subseteq (G)\). Furthermore, if the lax relation liftings of F and G restrict to \(\mathsf {Pre}\)endofunctors \(\mathsf {Pre}_\subseteq (F)\) and \(\mathsf {Pre}_\subseteq (G)\) then \(\rho \) lifts to a natural transformation \(\varrho :\mathsf {Pre}_\subseteq (F)\Rightarrow \mathsf {Pre}_\subseteq (G)\).
Proof
The monotonicity condition in Definition 10.4 boils down to the fact that \(\rho \) can be lifted to a natural transformation \(\overline{\rho }^1:\overline{\subseteq _F}\Rightarrow \overline{\subseteq _G}\), given for any \(R\in \mathsf {Rel}_X\) by \(\overline{\rho }^1_R:=\rho _X\). This is indeed well defined, since the relation \(\subseteq _{FX}\) on FX is contained in \((\rho _X\times \rho _X)^{1}(\subseteq _{GX})\).
We also have a canonical lifting \({\mathsf {Rel}}(\rho ):\mathsf {Rel}(F)\Rightarrow \mathsf {Rel}(G)\). We combine \(\overline{\rho }^1\) and \(\mathsf {Rel}(\rho )\) to obtain the desired \(\overline{\rho }=\overline{\rho }^1\otimes \mathsf {Rel}(\rho )\otimes \overline{\rho }^1\).
For the second part of the lemma, since \(\mathsf {Pre}_\subseteq (F)\) and \(\mathsf {Pre}_\subseteq (G)\) are the restrictions to \(\mathsf {Pre}\) of \(\mathsf {Rel}_\subseteq (F)\) and \(\mathsf {Rel}_\subseteq (G)\) respectively, we obtain \(\varrho \) as the restriction of \(\overline{\rho }\) above. \(\square \)
Lemma 10.6
10.2 Relation liftings for \(\mathsf {Pre}\)endofunctors
In the previous section we have seen how to extend \(\mathsf {Set}\) functors, such as those involved in GSOS specifications, to preorders. To reason about relation liftings in this setting we ought to consider a category of relations with a forgetful functor to \(\mathsf {Pre}\). On a preorder \((X,\le )\) we consider relations that are upclosed with respect to \(\le \), as defined next.
Definition 10.7
Given a preorder \((X,\le )\) we define an upclosed relation on X as a relation \(R\subseteq X^2\) such that for every \(x',x,y,y'\in X\) with \(x\le x'\), \(y\le y'\) and \(x \mathrel R y\) we have that \(x' \mathrel R y'\). A morphism between upclosed relations R and S on \((X,\le )\), respectively \((Y,\le )\), is a monotone map \(f :(X,\le )\rightarrow (Y,\le )\) such that \(R\subseteq (f\times f)^{1}(S)\).
We denote by \(\mathsf {Rel}^\uparrow \) the category of upclosed relations. We have an obvious forgetful functor þ\(:\mathsf {Rel}^\uparrow \rightarrow \mathsf {Pre}\) mapping every upclosed relation to its underlying preorder. For each preorder \((X,\le )\) we denote by \(\mathsf {Rel}^\uparrow _X\) the subcategory of \(\mathsf {Rel}^\uparrow \) whose objects are mapped by þto \((X,\le )\) and morphisms are mapped by þto the identity on \((X,\le )\). Notice that \(\mathsf {Rel}^\uparrow _X\) is a category, with morphisms given by inclusions of relations, hence, a preorder.
Remark 10.8
For every discrete preorder \((X,{\varDelta }_X)\), any relation on X is automatically upclosed. We can reformulate this in a conceptual way, using that the forgetful functor \(U :\mathsf {Pre}\rightarrow \mathsf {Set}\) has a left adjoint \(D :\mathsf {Set}\rightarrow \mathsf {Pre}\) mapping a set X to the discrete preorder \((X,{\varDelta }_X)\). Then the adjunction \(D\dashv U\) lifts to an adjunction \(\overline{D}\dashv \overline{U} : \mathsf {Rel}^\uparrow \rightarrow \mathsf {Rel}\).
The category \(\mathsf {Pre}\) has an enriched structure, in the sense that the homsets are equipped with a preorder themselves. Given morphisms \(f,g :(X,\le )\rightarrow (Y,\le )\) we say that \(f\le g\) iff \(f(x)\le _Yg(x)\) for every \(x\in X\). This preorder is preserved by the reindexing functors:
Lemma 10.9
For any \(\mathsf {Pre}\)morphisms \(f,g :(X,\le )\rightarrow (Y,\le )\) such that \(f\le g\), there exists a (unique) natural transformation \(f^*\Rightarrow g^*\).
We now show how to port liftings of functors from \(\mathsf {Rel}\) and \(\mathsf {Pre}\) to \(\mathsf {Rel}^\uparrow \).
Lemma 10.10
For any weak pullback preserving \(\mathsf {Set}\)functor T, the canonical \(\mathsf {Pre}\)lifting \(\mathsf {Pre}(T)\) has a lifting \(\overline{\mathsf {Pre}(T)}\) to \(\mathsf {Rel}^\uparrow \) acting on a relation as the canonical relation lifting \(\mathsf {Rel}(T)\).
Some of the liftings used in Sect. 12 to describe weak bisimulations are neither canonical, nor lax relation liftings. In Equation (14) we saw how to obtain the weak bisimulation game via a relation lifting \(\overline{F\times F}\) of the functor \(F\times F\) with \(FX=(\mathcal {P}_{ c }X)^L\). The next example gives a lifting of \(F\times F\) to \(\mathsf {Pre}\), such that the relation lifting (14) restricts to upclosed relations, thus yielding a functor on \(\mathsf {Rel}^\uparrow \) for the weak bisimulation game.
Example 10.11
For \(F=(\mathcal {P}_{ c })^L\) we consider the \(\mathsf {Pre}\)endofunctor \(\mathsf {Pre}(F)\times \mathsf {Pre}_\subseteq (F)\), where \(\mathsf {Pre}(F)\) is the canonical \(\mathsf {Pre}\)lifting of F and \(\mathsf {Pre}_\subseteq (F)\) is the lax \(\mathsf {Pre}\)lifting of Example 10.2. In “Appendix 6”, we show that for any preorder \((X,\le )\) and \(R\in \mathsf {Rel}^\uparrow _{(X,\le )}\) we have that \(\overline{F\times F}(R)\) as defined in (14) is an upclosed relation on \(\mathsf {Pre}(F)(X,{\le })\times \mathsf {Pre}_\subseteq (F)(X,{\le })\).
Thus we obtain a lifting \(\overline{\mathsf {Pre}(F)\times \mathsf {Pre}_\subseteq (F)}\) of \(\mathsf {Pre}(F)\times \mathsf {Pre}_\subseteq (F)\) to \(\mathsf {Rel}^\uparrow \) such that \(\overline{U}\; \overline{\mathsf {Pre}(F)\times \mathsf {Pre}_\subseteq (F)}=(\overline{F\times F})\;\overline{U}\).
In Theorem 12.1 we will need liftings of natural transformations to \(\mathsf {Rel}^\uparrow \). We show next how to obtain them leveraging existing liftings to \(\mathsf {Rel}\) and \(\mathsf {Pre}\) introduced in Sects. 4 and 10.1.
Lemma 10.12
In the sequel, we use notations for liftings as in the above lemma: for a functor F, we denote by calligraphic \(\mathcal {F}\) a lifting along \(\mathsf {Pre}\rightarrow \mathsf {Set}\) and by \(\overline{\mathcal {F}}\) a lifting of \(\mathcal {F}\) along \(\mathsf {Rel}^\uparrow \rightarrow \mathsf {Pre}\); for natural transformations, we use \(\varrho \) for a lifting of \(\rho \) to \(\mathsf {Pre}\) and \(\overline{\varrho }\) for a lifting of \(\varrho \) to \(\mathsf {Rel}^\uparrow \).
10.3 Lax bialgebras and compatibility of contextual closure
As explained in Sect. 9, we moved to an order enriched setting because we want to reason about systems for which the saturated transition system forms a lax bialgebra.
Definition 10.13
Theorem 10.14
Let \(\mathcal {T},\mathcal {F}\) be \(\mathsf {Pre}\)endofunctors with liftings \(\overline{\mathcal {T}},\overline{\mathcal {F}}\) to \(\mathsf {Rel}^\uparrow \). Assume that \(\varrho :\mathcal {T}\mathcal {F}\Rightarrow \mathcal {F}\mathcal {T}\) is a natural transformation such that there exists a lifting \(\overline{\varrho }:\overline{\mathcal {T}}\overline{\mathcal {F}}\Rightarrow \overline{\mathcal {F}}\overline{\mathcal {T}}\) of \(\varrho \). If \((X,\alpha , \xi )\) is a lax \(\varrho \)bialgebra, then the functor \(\textstyle {\coprod }_\alpha \circ \overline{\mathcal {T}}\) is \(\overline{\mathcal {F}}_{\xi }\)compatible.
Proof
11 Monotone GSOS
In this section we describe how to obtain a distributive law in \(\mathsf {Pre}\) and a lax bialgebra from an abstract GSOS specification in \(\mathsf {Set}\) and a lax model for it. The key property is monotonicity (Definition 10.4) of the abstract GSOS specification.
If the GSOS specification \(\lambda \) is monotone with respect to the orders in (22) (recall Definition 10.4) then, by Lemma 10.5, \(\lambda \) lifts to \(\dot{\lambda }:\mathsf {Pre}(S)(\mathsf {Pre}_\subseteq (F)\times \mathrm {Id})\Rightarrow \mathsf {Pre}_\subseteq (F)\mathsf {Pre}(T)\).
Example 11.1
It is easy to see that this tiny modification does not change the semantics of regular expressions: for instance, in the simulation upto shown in Sect. 2.3 one has simply to replace o(e) with \(\tilde{o}(e)\) to obtain valid proofs. In Example 13.4, we will prove that, for regular expressions, simulation up to \( Ctx \) is sound, by relying on the monotonicity of \(\lambda '\). To this end, it is essential to observe that the set of extended regular expressions \(RE'\) carries a model \((RE',\alpha ', \xi ')\) for \(\lambda ' \).
Lemma 11.2
A monotone GSOS specification induces a distributive law \(\rho :T(F\times \mathrm {Id})\Rightarrow (F\times \mathrm {Id})T\) that lifts to a distributive law \(\varrho :\mathsf {Rel}(T)(\mathsf {Rel}_\subseteq (F)\times \mathrm {Id})\Rightarrow (\mathsf {Rel}_\subseteq (F)\times \mathrm {Id})\mathsf {Rel}(T)\), which in turn restricts to a distributive law \(\varrho :\mathsf {Pre}(T)(\mathsf {Pre}_\subseteq (F)\times \mathrm {Id})\Rightarrow (\mathsf {Pre}_\subseteq (F)\times \mathrm {Id})\mathsf {Pre}(T)\).
Proof
The following notion is the key to prove compatibility of \( Ctx \) with respect to weak bisimulation.
Definition 11.3
Example 11.4
Consider the GSOS specification \(\lambda \) given in Example 7.1. Since in the corresponding rules there are no negative premises, it conforms to condition (23), namely it is a positive GSOS specification. Lemma 11.2 ensures that we have a distributive law \(\varrho :\mathsf {Pre}(T)(\mathsf {Pre}_\subseteq (F)\times \mathrm {Id})\Rightarrow (\mathsf {Pre}_\subseteq (F)\times \mathrm {Id})\mathsf {Pre}(T)\).
Recall that \(\xi _2\) is the saturation of the standard semantics of CCS and that \((X,\alpha ,\xi _2)\) is not a model for \(\lambda \), since not all the weak transitions of a composite process pq can be deduced by the ones of the components p and q. However, \((X,\alpha ,\xi _2)\) is a lax model. Intuitively, the fact that the inequality (24) holds means that only the weak transitions of pq can be deduced by those of p and q, i.e., pq contains all the weak transitions that can be deduced from those of p and q and the rules for parallel composition.
The inclusion (25) in the previous example suggests a more concrete characterisation for the validity of (24): every transition that can be derived by instantiating a GSOS rule to the transitions in \(\xi \) should be already present in \(\xi \), namely, the transition structure is closed under the application of GSOS rules. In contrast to (strict) models (see (8)), in a lax model the converse does not hold: not all the transitions are derivable from the GSOS rules.
Lax models for a monotone GSOS specification \(\lambda \) induce lax bialgebras for the distributive law \(\varrho \) obtained as in Lemma 11.2.
Lemma 11.5
Let \((X,\alpha ,\xi )\) be a lax model for a monotone specification \(\lambda :S (F \times \mathrm {Id}) \Rightarrow FT\). Then we have a lax bialgebra in \(\mathsf {Pre}\) for the induced distributive law \(\varrho \) carried by \((X,{\varDelta }_X)\), i.e., the set X with the discrete order, with the algebra map given by \(\alpha ^\sharp :\mathsf {Pre}(T) X \rightarrow X\) and the coalgebra map given by \(\langle \xi , \mathrm {id}\rangle :X\rightarrow \mathsf {Pre}_\subseteq (F) X\times X\).
12 Weak bisimulation done right
We put together the results of Sects. 10 and 11 to an abstract account of upto context for weak bisimulation: if the saturation of a model of a positive GSOS specification is a lax model, then upto context is compatible for weak bisimulation.
Theorem 12.1
Let \(\lambda :S (F \times \mathrm {Id}) \Rightarrow FT\) be a positive GSOS specification. Let \(\xi _2\) be the saturation of an LTS \(\xi _1\). If \((X,\alpha ,\xi _1)\) and \((X,\alpha ,\xi _2)\) are, respectively, a model and a lax model for \(\lambda \), then \( Ctx \) is \((\overline{\mathsf {Pre}(F)\times \mathsf {Pre}_\subseteq (F)}\times \mathrm {Id})_{\langle \xi _1,\xi _2,\mathrm {id}\rangle }\)compatible.
Proof
 (a)
a distributive law \(\varrho \) between \(\mathsf {Pre}\)endofunctors;
 (b)
a lax bialgebra for \(\varrho \);
 (c)
a lifting \(\overline{\varrho }\) of \(\varrho \) between \(\mathsf {Rel}^\uparrow \)liftings of the aforementioned functors.
 1.
From a monotone \(\lambda :S (F \times \mathrm {Id}) \Rightarrow FT\) we first obtain a natural transformation \(\tilde{\lambda }:S(F\times F\times \mathrm {Id})\Rightarrow (F\times F)T\) by pairing the natural transformations \(\lambda \circ S\langle \pi _1,\pi _3\rangle :S(F\times F\times \mathrm {Id})\Rightarrow FT\) and \(\lambda \circ S\langle \pi _2,\pi _3\rangle :S(F\times F\times \mathrm {Id})\Rightarrow FT\). Let \(G:\mathsf {Set}\rightarrow \mathsf {Set}\) denote the functor \(F\times F\times \mathrm {Id}\). From the GSOS specification \(\tilde{\lambda }\) we obtain a distributive law \(\rho :TG\Rightarrow GT\) in \(\mathsf {Set}\). Since \(\lambda \) is monotone w.r.t. the order given by \(F_\subseteq \), we have that \(\tilde{\lambda }\) can be seen as a monotone abstract GSOS specification for the functor \(F\times F\) with the order \({\varDelta }_{FX}\times \subseteq _{FX}\) on \(FX\times FX\) given by the product of the discrete order and the one obtained from \(F_\subseteq \). We consider the \(\mathsf {Pre}\)lifting \(\mathcal {G}\) of G defined as \(\mathcal {G}=\mathsf {Pre}_\subseteq (F\times F)\times \mathrm {Id}\) where \(\mathsf {Pre}_\subseteq (F\times F)\) is the lax \(\mathsf {Pre}\)lifting of \(F\times F\) w.r.t. the order given above.^{3} By Lemma 11.2 we get a lifting \(\varrho :\mathsf {Pre}(T)\mathcal {G}\rightarrow \mathcal {G}\mathsf {Pre}(T)\) of \(\rho \), with \(\mathsf {Pre}(T)\) the canonical \(\mathsf {Pre}\)lifting of T.
 2.Since \((X,\alpha ,\xi _1)\) and \((X,\alpha ,\xi _2)\) are, respectively, a model and a lax model for \(\lambda \), we have Notice that the left model is strict, yet we can also see it as a lax model for the discrete order on F. Hence we can pair the two coalgebra structures to obtain a lax model for the monotone GSOS specification \(\tilde{\lambda }\) considered above. We apply Lemma 11.5 for the lax model in (26) to obtain a lax bialgebra as in the next diagram with the carrier \((X,{\varDelta }_X)\).
 3.
We consider the \(\mathsf {Rel}^\uparrow \) lifting \(\overline{\mathsf {Pre}(T)}\) of \(\mathsf {Pre}(T)\) obtained using Lemma 10.10 and the \(\mathsf {Rel}^\uparrow \) lifting \(\overline{\mathcal {G}}\) of \(\mathcal {G}\) obtained from Example 10.11. Using Proposition 14.11 in “Appendix 8” we know that the distributive law \(\rho \) lifts to a distributive law \(\overline{\rho }:\overline{T}\overline{G}\Rightarrow \overline{G}\overline{T}\) in \(\mathsf {Rel}\). To obtain the lifting of \(\overline{\varrho }\) to \(\mathsf {Rel}^\uparrow \) we apply Lemma 10.12 for the liftings \(\overline{T}\), \(\overline{G}\), \(\overline{\mathsf {Pre}(T)}\) and \(\overline{\mathcal {G}}\) and the liftings \(\overline{\rho }\) and \(\varrho \) of \(\rho \) to \(\mathsf {Rel}\), respectively \(\mathsf {Pre}\).
By Remark 10.8, since the order on X is discrete, we have that \(\mathsf {Rel}^\uparrow _X\cong \mathsf {Rel}_X\). Hence the functor \( Ctx \) is indeed the usual predicate transformer for contextual closure and coalgebras for \((\overline{\mathsf {Pre}(F)\times \mathsf {Pre}_\subseteq (F)}\times \mathrm {Id})_{\langle \xi _1,\xi _2,\mathrm {id}\rangle }\) correspond to the usual weak bisimulations.
Example 12.2
Recall from Example 11.4 that \(\rightarrow \) and \(\Rightarrow \) are, respectively, a model and a lax model for the positive GSOS specification of Example 7.1. By Theorem 12.1, it follows that upto context (for the parallel composition of CCS) is compatible for weak bisimulation.
We can apply Theorem 12.1 to prove analogous results for the other operators of CCS with the exception of \(+\) which is not part of a lax model, see Example 11.4. More generally, for any process algebra specified by a positive GSOS, one simply needs to check that the saturated transistion systems is a lax model. As explained in Sect. 11, this means that whenever \(\Rightarrow \) satisfies the premises of a rule, it also satisfies its consequence. By [55, Lemma WB], this holds for all calculi that conform to the socalled simply WB cool format [5], amongst which it is worth mentioning the fragment of CSP consisting of action prefixing, internal and external choice, parallel composition, abstraction and the 0 process ([55, Example 1]).
Corollary 12.3
For a simply WB cool GSOS language, upto context is a compatible technique for weak bisimulation.
13 Simulation upto
In this section we recall simulations for coalgebras as introduced in [25] and we restrict our attention to ordered functors as defined in Sect. 10.1. The lax relation lifting \(\mathsf {Rel}_{\subseteq }(F):\mathsf {Rel}\rightarrow \mathsf {Rel}\) defined in (17) is used in [25] to give a coalgebraic characterisation of simulations. For a coalgebra \(\xi :X \rightarrow FX\), the coalgebras for the endofunctor \(\xi ^* \circ \mathsf {Rel}_{\subseteq }(F)_X\)—which we denote by \(\mathsf {Rel}_{\subseteq }(F)_{\xi }\)—are called simulations. The final \(\mathsf {Rel}_{\subseteq }(F)_{\xi }\)coalgebra, when it exists, is called similarity.
For instance, \(\mathsf {Rel}_{\subseteq }(F)_{\xi }\)coalgebras with respect to the order defined in Example 10.3 are simulations of deterministic automata and weighted automata, while the final \(\mathsf {Rel}_{\subseteq }(F)_{\xi }\)coalgebra is language inclusion. Taking instead the order in Example 10.2 one obtains the standard notions of simulations and similarity for LTSs. Since these orders are stable, the following result applies.
Proposition 13.1
If F preserves weak pullbacks and has a stable order, then \( Bhv \), \( Slf \), and \( Trn \) are \(\mathsf {Rel}_{\subseteq }(F)_{\xi }\)compatible.
Proof
Compatibility of \( Bhv \) follows from Theorem 6.1. Compatibility of \( Trn \) follows from Corollary 6.5. We can apply the latter since for stable ordered functors the lax relation lifting preserves relational composition by [25, Lemma 5.3], so \((*{*}*)\) holds for \(\mathsf {Rel}_{\subseteq }(F)\). Similarly, the proof for the compatibility of \( Slf \) relies on Lemma 6.4. \(\square \)
Proposition 13.2
If F, T are \(\mathsf {Set}\)functors with F stable ordered and \((X, \alpha , \xi )\) is a bialgebra for a monotone \(\rho :T F \Rightarrow F T\), where the orders on TF and FT are given as in Lemma 10.6, then the contextual closure functor \( Ctx \) is \(\mathsf {Rel}_{\subseteq }(F)_{\xi }\)compatible.
Proof
By Lemma 10.5, we obtain a natural transformation \(\overline{\rho }:\mathsf {Rel}_{\subseteq }(TF)\Rightarrow \mathsf {Rel}_{\subseteq }(FT)\) above \(\rho \). Using Lemma 10.6 twice, we have that \(\mathsf {Rel}_{\subseteq }(TF)=\mathsf {Rel}(T)\mathsf {Rel}_{\subseteq }(F)\) and \(\mathsf {Rel}_{\subseteq }(FT)=\mathsf {Rel}_{\subseteq }(F)\mathsf {Rel}(T)\), so we can see \(\overline{\rho }\) as a natural transformation of type \(\overline{\rho }:\mathsf {Rel}(T)\mathsf {Rel}_{\subseteq }(F) \Rightarrow \mathsf {Rel}_{\subseteq }(F)\mathsf {Rel}(T)\) sitting above \(\rho \). By Theorem 6.7, it follows that \( Ctx = \textstyle {\coprod }_{\alpha } \circ \mathsf {Rel}(T)\) is \(\mathsf {Rel}_{\subseteq }(F)_{ \xi }\)compatible. \(\square \)
A similar result can be obtained when starting with models of monotone abstract GSOS specifications as defined in Sect. 11.
Proposition 13.3
Let \(\lambda :S (F \times \mathrm {Id}) \Rightarrow FT\) be a monotone abstract GSOS specification and \((X, \alpha , \xi )\) be a model for \(\lambda \). Then \( Ctx \) is \((\mathsf {Rel}_{\subseteq }(F)\times \mathrm {Id})_{\langle \xi , \mathrm {id}\rangle }\)compatible.
Proof
As explained in Sect. 7, the model \((X, \alpha , \xi )\) yields the bialgebra \((X, \alpha ^\sharp , \langle \xi , \mathrm {id}\rangle )\) for the induced distributive law \(\rho \). By Lemma 11.2 there exists a natural transformation \(\varrho :\mathsf {Rel}(T)(\mathsf {Rel}_\subseteq (F)\times \mathrm {Id})\Rightarrow (\mathsf {Rel}_\subseteq (F)\times \mathrm {Id})\mathsf {Rel}(T)\), sitting above \(\rho \). By Theorem 6.7, it follows that \( Ctx = \textstyle {\coprod }_{\alpha ^{\sharp }} \circ \mathsf {Rel}(T)\) is \((\mathsf {Rel}_{\subseteq }(F)\times \mathrm {Id})_{\langle \xi , \mathrm {id}\rangle }\)compatible. \(\square \)
Example 13.4
In Sect. 2.2 we used simulation up to \( Slf \circ Ctx \) to prove Arden’s rule. We can finally prove the soundness of \( Slf \circ Ctx \) by exploiting the results in this section. To do so, we have to use the model \((RE',\alpha ',\xi ')\) of extended regular expressions seen in Example 11.1, rather than the standard one seen in Example 7.2, since the abstract GSOS specification for the former is monotone while the one for the latter is not.
The proof proceeds as follows. By Proposition 13.3, \( Ctx \) is \((\mathsf {Rel}_{\subseteq }(F)\times \mathrm {Id})_{\langle \xi ', \mathrm {id}\rangle }\)compatible and, by Lemma 7.5, it is also \((\mathsf {Rel}_{\subseteq }(F)_{\xi '}\times \mathrm {Id})\)compatible. By Proposition 13.1, \( Slf \) is \(\mathsf {Rel}_{\subseteq }(F)_{\xi '}\)compatible and, by Proposition 3.4(i), it is also \((\mathsf {Rel}_{\subseteq }(F)_{\xi '}\times \mathrm {Id})\)compatible. Therefore \( Slf \circ Ctx \) is \((\mathsf {Rel}_{\subseteq }(F)_{\xi '}\times \mathrm {Id})\)compatible by Proposition 3.3 and \(\mathsf {Rel}_{\subseteq }(F)_{\xi '}\)sound by Proposition 3.4(iii).
14 Directions for future work
Our nominal automata example leads us to expect that the framework introduced in this paper will lend itself to obtaining a clean theory of upto techniques for namepassing process calculi. For instance, we would like to understand whether the congruence rule format proposed by Fiore and Staton [19] can fit in our setting: this would provide general conditions under which upto techniques related to name substitution are sound in such calculi.
Another interesting research direction is suggested by the divergence predicate we studied in Sect. 8.2. Other formulas of (coalgebraic) modal logic [17] can be expressed by taking different predicate liftings, and yield different families of compatible functors. This suggests a connection with the proof systems in [18, 48]: we can regard proofs in those systems as invariants up to some compatible functors. By using our framework and the logical distributive laws of [28], we hope to obtain a systematic way to derive or enhance such proof systems, starting from a given abstract GSOS specification.
We have shown that upto context is compatible (and thus sound) for weak bisimulation whenever the strong and the weak transition systems are a model and a lax model for a positive GSOS specification, as it is the case for calculi adhering to the cool GSOS format [5, 55].
Using our tools, a similar result also holds for dynamic bisimilarity [36]. Indeed one can use the lifting in (14) with a different saturated transition system that is obtained as in (13) but without the axiom \(x\mathop {\Rightarrow }\limits ^{\tau }x\). Then for all the rules of CCS (including \(+\)), whenever this system satisfies the premises, it also satisfies its consequence, so it is a lax model; hence upto context is compatible for dynamic bisimulation.
We leave branching bisimilarity [56] and coupled simulation [37] for future work.
Our treatment of upto techniques for weak bisimulations only covers models based on labelled transition systems. We leave as future work to integrate in our framework the coalgebraic treatment of weak bisimilarity, developed for example in [13, 14, 21] for systems modelled as colagebras in an orderenriched setting. Thus, we expect to extend our results to encompass fully probabilistic and Segala models [49, 50].
Footnotes
 1.
Between functors, i.e., a plain natural transformation.
 2.
Notice that the functor \(D:\mathsf {Set}\rightarrow \mathsf {Pre}\) can be lifted to functors \(\mathsf {Coalg}(F)\rightarrow \mathsf {Coalg}(\mathsf {Pre}(F))\), respectively \(\mathsf {Coalg}(F)\rightarrow \mathsf {Coalg}(\mathsf {Pre}_\subseteq (F))\). The colagebras \(\tilde{\xi }_1\) and \(\tilde{\xi }_2\) are formally obtained by applying these lifted functors to \(\xi _1\), respectively \(\xi _2\).
 3.
Notice that \(\mathcal {G}=\mathsf {Pre}(F)\times \mathsf {Pre}_\subseteq (F)\times \mathrm {Id}\) where \(\mathsf {Pre}(F)\) and \(\mathsf {Pre}_\subseteq (F)\) are the canonical, respectively the lax \(\mathsf {Pre}\)liftings of F w.r.t. the order given by \(F_{\subseteq }\).
 4.
Notes
Acknowledgments
The second author’s research has been supported in part by the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme (grant agreement No. 67062). The third author is funded by the European Research Council (ERC) under the European Union’s Horizon 2020 programme (CoVeCe, grant agreement No. 678157). This work has also been supported by the project ANR 12IS02001 PACE. The research of the fourth author was performed within the framework of the LABEX MILYON (ANR10LABX0070) of Université de Lyon, within the program “Investissements d’Avenir” (ANR11IDEX0007) operated by the French National Research Agency (ANR).
References
 1.Aceto, L., Fokkink, W., Verhoef, C.: Structural operational semantics. In: Handbook of Process Algebra, pp. 197–292. Elsevier (2001). doi: 10.1016/B9780444828309/500217
 2.Balan, A., Kurz, A.: Finitary functors: from set to preord and poset. In: CALCO, LNCS, vol. 6859, pp. 85–99. Springer (2011). doi: 10.1007/9783642229442_7
 3.Balan, A., Kurz, A., Velebil, J.: Positive fragments of coalgebraic logics. In: CALCO, LNCS, vol. 8089, pp. 51–65. Springer (2013). doi: 10.1007/9783642402067_6
 4.Bartels, F.: Generalised coinduction. MSCS 13(2), 321–348 (2003)MathSciNetzbMATHGoogle Scholar
 5.Bloom, B.: Structural operational semantics for weak bisimulations. Theor. Comput. Sci. 146(1&2), 25–68 (1995). doi: 10.1016/03043975(94)001529 MathSciNetCrossRefzbMATHGoogle Scholar
 6.Bloom, B., Istrail, S., Meyer, A.R.: Bisimulation can’t be traced. In: POPL, pp. 229–239. ACM (1988). doi: 10.1145/73560.73580
 7.Bojanczyk, M., Klin, B., Lasota, S.: Automata with group actions. In: LICS, pp. 355–364 (2011)Google Scholar
 8.Bojanczyk, M., Klin, B., Lasota, S., Torunczyk, S.: Turing machines with atoms. In: LICS, pp. 183–192 (2013)Google Scholar
 9.Bonchi, F., Bonsangue, M., Boreale, M., Rutten, J., Silva, A.: A coalgebraic perspective on linear weighted automata. Inf. Comput. 211, 77–105 (2012)MathSciNetCrossRefzbMATHGoogle Scholar
 10.Bonchi, F., Petrişan, D., Pous, D., Rot, J.: Coinduction upto in a fibrational setting. In: CSLLICS’14, Article 20, pp. 1–9. ACM (2014). doi: 10.1145/2603088.2603149
 11.Bonchi, F., Petrisan, D., Pous, D., Rot, J.: Lax bialgebras and upto techniques for weak bisimulations. In: 26th International Conference on Concurrency Theory, CONCUR 2015, Madrid, Spain, September 1.4, 2015, pp. 240–253 (2015). doi: 10.4230/LIPIcs.CONCUR.2015.240
 12.Bonchi, F., Pous, D.: Checking NFA equivalence with bisimulations up to congruence. In: POPL, pp. 457–468. ACM (2013). doi: 10.1145/2429069.2429124
 13.Brengos, T.: Weak bisimulation for coalgebras over order enriched monads. Log. Methods Comput. Sci. 11(2), 1–44 (2015)MathSciNetCrossRefzbMATHGoogle Scholar
 14.Brengos, T., Miculan, M., Peressotti, M.: Behavioural equivalences for coalgebras with unobservable moves. J. Log. Algebr. Methods Program. 84(6), 826–852 (2015)MathSciNetCrossRefzbMATHGoogle Scholar
 15.Brzozowski, J.A.: Derivatives of regular expressions. J. ACM 11(4), 481–494 (1964)MathSciNetCrossRefzbMATHGoogle Scholar
 16.Caucal, D.: Graphes canoniques de graphes algébriques. ITA 24, 339–352 (1990). http://archive.numdam.org/article/ITA_1990__24_4_339_0.pdf
 17.Cîrstea, C., Kurz, A., Pattinson, D., Schröder, L., Venema, Y.: Modal logics are coalgebraic. Comput. J. 54(1), 31–41 (2011)CrossRefGoogle Scholar
 18.Dam, M.: Compositional proof systems for model checking infinite state processes. In: CONCUR, LNCS, vol. 962, pp. 12–26. Springer (1995)Google Scholar
 19.Fiore, M., Staton, S.: A congruence rule format for namepassing process calculi. Inf. Comput. 207(2), 209–236 (2009)MathSciNetCrossRefzbMATHGoogle Scholar
 20.Fiore, M., Staton, S.: Positive structural operational semantics and monotone distributive laws. In: CMCS, p. 8 (2010)Google Scholar
 21.Goncharov, S., Pattinson, D.: Coalgebraic weak bisimulation from recursive equations over monads. In: ICALP (2), Lecture Notes in Computer Science, vol. 8573, pp. 196–207. Springer (2014)Google Scholar
 22.Hasuo, I., Cho, K., Kataoka, T., Jacobs, B.: Coinductive predicates and final sequences in a fibration. In: MFPS (2013)Google Scholar
 23.Hermida, C., Jacobs, B.: Structural induction and coinduction in a fibrational setting. Inf. Comput. 145, 107–152 (1997)MathSciNetCrossRefzbMATHGoogle Scholar
 24.Hopcroft, J.E., Karp, R.M.: A Linear Algorithm for Testing Equivalence of Finite Automata. Tech. Rep. 114, Cornell Univ. (1971). http://techreports.library.cornell.edu:8081/Dienst/UI/1.0/Display/cul.cs/TR71114
 25.Hughes, J., Jacobs, B.: Simulations in coalgebra. TCS 327(1–2), 71–108 (2004)MathSciNetCrossRefzbMATHGoogle Scholar
 26.Jacobs, B.: Categorical Logic and Type Theory. Elsevier, Amsterdam (1999)zbMATHGoogle Scholar
 27.Jacobs, B.: Introduction to coalgebra. Towards mathematics of states and observations (2014). DraftGoogle Scholar
 28.Klin, B.: Bialgebraic operational semantics and modal logic. In: LICS, pp. 336–345. IEEE (2007)Google Scholar
 29.Klin, B.: Bialgebras for structural operational semantics: an introduction. TCS 412(38), 5043–5069 (2011)MathSciNetCrossRefzbMATHGoogle Scholar
 30.Kozen, D.: A completeness theorem for Kleene algebras and the algebra of regular events. In: Proceedings of the Sixth Annual Symposium on Logic in Computer Science (LICS ’91), Amsterdam, The Netherlands, July 15–18, 1991, pp. 214–225 (1991). doi: 10.1109/LICS.1991.151646
 31.Lenisa, M.: From settheoretic coinduction to coalgebraic coinduction: some results, some problems. ENTCS 19, 2–22 (1999)MathSciNetzbMATHGoogle Scholar
 32.Lenisa, M., Power, J., Watanabe, H.: Distributivity for endofunctors, pointed and copointed endofunctors, monads and comonads. ENTCS 33, 230–260 (2000)MathSciNetzbMATHGoogle Scholar
 33.Luo, L.: An effective coalgebraic bisimulation proof method. Electr. Notes Theor. Comput. Sci. 164(1), 105–119 (2006)MathSciNetCrossRefzbMATHGoogle Scholar
 34.Milner, R.: Communication and Concurrency. Prentice Hall, Englewood Cliffs (1989)zbMATHGoogle Scholar
 35.Montanari, U., Pistore, M.: Historydependent automata: An introduction. In: SFM, LNCS, pp. 1–28. Springer (2005)Google Scholar
 36.Montanari, U., Sassone, V.: CCS dynamic bisimulation is progressing. In: MFCS, pp. 346–356 (1991). doi: 10.1007/3540543457_78
 37.Parrow, J., Sjödin, P.: Multiway synchronization verified with coupled simulation. In: Cleaveland, R. (ed.) CONCUR ’92, Third International Conference on Concurrency Theory, Stony Brook, NY, USA, August 2427, 1992, Proceedings, Lecture Notes in Computer Science, vol. 630, pp. 518–533. Springer (1992). doi: 10.1007/BFb0084813
 38.Petrişan, D.: Investigations into Algebra and Topology Over Nominal Sets. Ph.D. Thesis, University of Leicester (2012)Google Scholar
 39.Pitts, A.M.: Nominal Sets. Cambridge University Press, Cambridge (2013)CrossRefzbMATHGoogle Scholar
 40.Pous, D.: Complete lattices and upto techniques. In: APLAS, LNCS, vol. 4807, pp. 351–366. Springer (2007). doi: 10.1007/9783540766377_24
 41.Pous, D., Sangiorgi, D.: Enhancements of the bisimulation proof method. In: Advanced Topics in Bisimulation and Coinduction, pp. 233–289. Cambridge University Press (2012). http://www.cambridge.org/gb/knowledge/isbn/item6542021
 42.Rot, J.: Enhanced Coinduction. Ph.D. Thesis, Leiden University (2015)Google Scholar
 43.Rot, J., Bonchi, F., Bonsangue, M., Pous, D., Rutten, J., Silva, A.: Enhanced coalgebraic bisimulation. MSCS 1–29 (2016). doi: 10.1017/S0960129515000523
 44.Rutten, J.: Universal coalgebra: a theory of systems. TCS 249(1), 3–80 (2000)MathSciNetCrossRefzbMATHGoogle Scholar
 45.Sangiorgi, D.: On the bisimulation proof method. MSCS 8, 447–479 (1998). doi: 10.1017/S0960129598002527 MathSciNetzbMATHGoogle Scholar
 46.Sangiorgi, D.: Introduction to Bisimulation and Coinduction. Cambridge University Press (2011). http://www.cambridge.org/gb/knowledge/isbn/item6542019/
 47.Silva, A., Bonchi, F., Bonsangue, M., Rutten, J.: Generalizing the powerset construction, coalgebraically. In: FSTTCS, pp. 272–283 (2010)Google Scholar
 48.Simpson, A.: Sequent calculi for process verification: Hennessy–Milner logic for an arbitrary GSOS. JLAP 60–61, 287–322 (2004)MathSciNetzbMATHGoogle Scholar
 49.Sokolova, A.: Probabilistic systems coalgebraically: a survey. Theor. Comput. Sci. 412(38), 5095–5110 (2011)MathSciNetCrossRefzbMATHGoogle Scholar
 50.Sokolova, A., de Vink, E.P., Woracek, H.: Coalgebraic weak bisimulation for actiontype systems. Sci. Ann. Comput. Sci. 19, 93–144 (2009)MathSciNetGoogle Scholar
 51.Staton, S.: Relating coalgebraic notions of bisimulation. Logic. Methods Comp. Sci. 7(1:13), 1–21 (2011)Google Scholar
 52.Street, R.: Fibrations and Yoneda’s lemma in a 2category. In: Kelly, G. (ed.) Category Seminar, Lecture Notes in Mathematics, vol. 420, pp. 104–133. Springer, Berlin, Heidelberg (1974). doi: 10.1007/BFb0063102
 53.Thijs, A.M.: Simulation and Fixpoint Semantics. Ph.D. Thesis, Univ. of Groningen (1996)Google Scholar
 54.Turi, D., Plotkin, G.D.: Towards a mathematical operational semantics. In: LICS, pp. 280–291. IEEE (1997)Google Scholar
 55.van Glabbeek, R.: On cool congruence formats for weak bisimulations. Theor. Comput. Sci. 412(28), 3283–3302 (2011). doi: 10.1016/j.tcs.2011.02.036. (Festschrift in Honour of Jan Bergstra)MathSciNetCrossRefzbMATHGoogle Scholar
 56.van Glabbeek, R., Weijland, W.: Branching time and abstraction in bisimulation semantics. J. ACM 43(3), 555–600 (1996). doi: 10.1145/233551.233556 MathSciNetCrossRefzbMATHGoogle Scholar