MuCRL and the PSF-Toolkit

This example is due to Jan Friso Groote (jfg@phil.ruu.nl)
29 july 1993

The following example describes a simple synchronization algorithm.
It has been described on page 1172 of the Handbook of Theoretical Computer
Science (Jan van Leeuwen Editor, Elsevier, 1990) in a contribution of
Leslie Lamport and Nancy Lynch on "Distributed Computing Models and
Methods". The example is not described with the explicit use of data as
the current version (29-7-1993) of the PSF toolkit cannot handle data
of mCRL specifications in the simulator and the equivalence checker.

The example consists of two processes p and q that must alternately access
their critical sections. For simplicity this is indicated by the actions
`csp' and `csq'. The processes p and q communicate via a common store
that has also been modelled by the process S (in this concrete case by
S00 -- S11). The store has two variables, called x and y. The first value
after S correspond to the value of x and the second to the value of y.
Both p and q may read x and y, but only p may write x and only q is
allowed to write y. With the actions rx en sx the value of x is read and
with the actions rrx and ssx the value of x is written (likewise for y).

The whole simple synchronizer is then described as the parallel 
composition of p, q and S. The `correct' behaviour of the system
is described by the process Correct. 

The following sequence of commands can be used to simulate the simple
synchronizer, and to prove it correct. (Assuming that the file which
contains the specification is simplesyn.mcrl.)

	mcrl_til simplesyn.mcrl > simplesyn.til
	sim simplesyn.til
	trans simplesyn.til simplesyn.lts
	equiv -d -t SimpleSyn,Correct simplesyn.lts

The only thing that is left to be said is that the sort Bool in the
beginning is superfluous. But the definition of mCRL requires that the
sort Bool is included in every specification.  Below you find the mCRL
specification of simplesyn.


sort Bool
func T,F:->Bool
act  rx0 rx1 ry0 ry1 sx0 sx1 sy0 sy1
     rrx0 rrx1 rry0 rry1 ssx0 ssx1 ssy0 ssy1
     i csp csq
comm rx0|sx0=i rx1|sx1=i ry0|sy0=i ry1|sy1=i
     rrx0|ssx0=i rrx1|ssx1=i rry0|ssy0=i rry1|ssy1=i
proc p=rx0.(ry0.csp.ssx1.p+ry1.p)+rx1.(ry0.p+ry1.csp.ssx0.p)
     q=rx0.(ry0.q+ry1.csq.ssy0.q)+rx1.(ry0.csq.ssy1.q+ry1.q)
     S00=rrx0.S00+rrx1.S10+rry0.S00+rry1.S01+sx0.S00+sy0.S00
     S01=rrx0.S01+rrx1.S11+rry0.S00+rry1.S01+sx0.S01+sy1.S01
     S10=rrx0.S00+rrx1.S10+rry0.S10+rry1.S11+sx1.S10+sy0.S10
     S11=rrx0.S01+rrx1.S11+rry0.S10+rry1.S11+sx1.S11+sy1.S11
     
     SimpleSyn=
        hide({i},
           encap({rx0,rx1,ry0,ry1,sx0,sx1,sy0,sy1,
               rrx0,rrx1,rry0,rry1,ssx0,ssx1,ssy0,ssy1},p||S00||q))

     C = csp.csq.C
     Correct=tau.C
