Universal Coalgebra

H. Peter Gumm
February 21, 2012
Philipps-Universitat Marburg
Fachbereich Mathematik und Informtik
35032 Marburg
gumm@mathematik.uni-marburg.de
3
Contents
1 State Based Systems 9
1.1 Black Boxes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1.1.1 Observations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
1.1.2 Indistinguishability and bisimulations . . . . . . . . . . . . . . . . 10
1.1.3 Factor structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
1.1.4 Streams and Functional Programming . . . . . . . . . . . . . . . 12
1.1.5 Proofs by coinduction . . . . . . . . . . . . . . . . . . . . . . . . 14
1.1.6 From Black Boxes to Streams . . . . . . . . . . . . . . . . . . . . 15
1.1.7 Introducing ... the iBox . . . . . . . . . . . . . . . . . . . . . . . 15
1.2 Automata . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
1.2.1 Bisimulations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
1.2.2 Observations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
1.2.3 Acceptors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
1.2.4 Languages and observations . . . . . . . . . . . . . . . . . . . . . 19
1.3 Data Types and Co-Data Types . . . . . . . . . . . . . . . . . . . . . . . 19
1.3.1 Constructors and selectors . . . . . . . . . . . . . . . . . . . . . . 19
1.3.2 Object oriented programming . . . . . . . . . . . . . . . . . . . . 20
1.4 Nondeterministic Systems . . . . . . . . . . . . . . . . . . . . . . . . . . 21
1.4.1 Kripke structures . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
1.4.2 Indistinguishability - bisimilarity . . . . . . . . . . . . . . . . . . 23
1.4.3 Observational equivalence . . . . . . . . . . . . . . . . . . . . . . 24
1.5 Synthesis: The notion of coalgebra . . . . . . . . . . . . . . . . . . . . . 25
1.5.1 Nonstandard examples . . . . . . . . . . . . . . . . . . . . . . . . 26
1.5.2 Coalgebras and algebras . . . . . . . . . . . . . . . . . . . . . . . 26
1.5.3 Homomorphisms . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
1.6 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
2 Basics of Category Theory 29
2.1 Categories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
2.1.1 Concrete categories . . . . . . . . . . . . . . . . . . . . . . . . . 29
2.1.2 Abstract categories . . . . . . . . . . . . . . . . . . . . . . . . . . 30
2.1.3 Commutative diagrams . . . . . . . . . . . . . . . . . . . . . . . . 30
2.1.4 Duality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
2.1.5 Special morphisms . . . . . . . . . . . . . . . . . . . . . . . . . . 31
2.2 Limits and Colimits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
2.2.1 Initial and terminal objects . . . . . . . . . . . . . . . . . . . . . 34
5
Contents
2.2.2 Products and sums . . . . . . . . . . . . . . . . . . . . . . . . . . 35
2.2.3 Equalizer and coequalizer . . . . . . . . . . . . . . . . . . . . . . 36
2.2.4 Pullbacks and pushouts . . . . . . . . . . . . . . . . . . . . . . . 38
2.2.5 Limits and colimits, in general . . . . . . . . . . . . . . . . . . . . 39
2.3 Regular categories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
2.3.1 Regular morphisms . . . . . . . . . . . . . . . . . . . . . . . . . . 40
2.3.2 Orthogonality . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
2.3.3 Properties of pullbacks . . . . . . . . . . . . . . . . . . . . . . . . 43
2.3.4 Preimages and intersections . . . . . . . . . . . . . . . . . . . . . 43
2.3.5 Kernels and cokernels . . . . . . . . . . . . . . . . . . . . . . . . . 43
2.4 The category of sets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
2.4.1 Epis and monos in Set . . . . . . . . . . . . . . . . . . . . . . . . 46
2.4.2 Diagram lemmas . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
2.4.3 Products and sums . . . . . . . . . . . . . . . . . . . . . . . . . . 47
2.4.4 Equalizers and coequalizers . . . . . . . . . . . . . . . . . . . . . 48
2.4.5 Pullbacks and Pushouts . . . . . . . . . . . . . . . . . . . . . . . 48
2.4.6 Preimages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
2.5 Functors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
2.5.1 Contravariant functors . . . . . . . . . . . . . . . . . . . . . . . . 52
2.5.2 Functors as Parameterized Data Types . . . . . . . . . . . . . . . 53
2.5.3 Natural Transformations . . . . . . . . . . . . . . . . . . . . . . . 53
2.5.4 Properties of Set-Functors . . . . . . . . . . . . . . . . . . . . . . 54
2.6 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
3 Coalgebras 57
3.1 The category Set
F
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
3.1.1 Isomorphisms and diagram lemmas for coalgebras . . . . . . . . . 58
3.1.2 Substructures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
3.1.3 Homomorphic images . . . . . . . . . . . . . . . . . . . . . . . . . 59
3.1.4 Congruences, factor coalgebras . . . . . . . . . . . . . . . . . . . . 60
3.2 Colimits of Coalgebras . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
3.2.1 Sums . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
3.2.2 Coequalizers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
3.2.3 Pushouts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
3.3 Limits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
3.3.1 Epis and Monos in Set
F
. . . . . . . . . . . . . . . . . . . . . . . 64
3.3.2 Equalizer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
3.3.3 Preimages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
3.4 Bisimulations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
3.4.1 Congruences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
3.4.2 Congruences vs. bisimulations . . . . . . . . . . . . . . . . . . . . 71
3.5 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
6
Contents
4 Terminal Coalgebras 73
4.1 Behaviors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
4.2 Streams as terminal black box . . . . . . . . . . . . . . . . . . . . . . . . 74
4.3 Terminal automata . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75
4.4 Existence of terminal coalgebras . . . . . . . . . . . . . . . . . . . . . . . 76
4.4.1 Weakly terminal coalgebras . . . . . . . . . . . . . . . . . . . . . 76
4.4.2 Accessible functors . . . . . . . . . . . . . . . . . . . . . . . . . . 77
4.4.3 Cofree coalgebras . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
4.4.4 Behaviour patterns . . . . . . . . . . . . . . . . . . . . . . . . . . 81
4.4.5 Operators on classes of coalgebras . . . . . . . . . . . . . . . . . . 82
4.4.6 Pattern dened classes are covarieties . . . . . . . . . . . . . . . . 82
4.4.7 The Co-Birho Theorem . . . . . . . . . . . . . . . . . . . . . . . 83
4.5 Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
5 Coalgebraic Modal Logic 85
5.1 Classical modal logic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
5.1.1 Hennessy-Milner Logic . . . . . . . . . . . . . . . . . . . . . . . . 86
5.1.2 Bisimilarity and logical equivalence . . . . . . . . . . . . . . . . . 88
5.1.3 Rescuing completeness . . . . . . . . . . . . . . . . . . . . . . . . 89
5.2 Coalgebraic modal Logic . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
5.2.1 Bisimilarity and observational equivalence . . . . . . . . . . . . . 90
5.2.2 Modal logic setup . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
5.2.3 Functors, shapes and patterns . . . . . . . . . . . . . . . . . . . 93
5.2.4 Syntax and semantics . . . . . . . . . . . . . . . . . . . . . . . . 94
5.2.5 Bounded functors . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
5.2.6 Application: Probabilistic transition systems . . . . . . . . . . . . 97
7
1 State Based Systems
Universal Coalgebra is the theory of general state based systems. Such systems are
characterized by the fact that their behavior depends on some internal state, which
cannot be directly observed. In particular, the output produced by such a system does
not only depend on the current input, but also on its internal state. The input may,
as a side eect, change that state, so that two identical successive inputs may produce
dierent outputs.
Example 1. A digital watch may have three buttons: SET, MODE, STP. The display
does not only depend on the most recently pressed button, but also on earlier inputs.
When specifying a state based system, one is only interested in its input-output-
behavior. The states are just part of the implementation. The user is solely interested
in the observable behavior.
An engineer will rst try to implement a working system, displaying some correct
behavior. In a second step, the system may be optimized - perhaps by using a minimal
number of states. Such a minimization step will remove superuous states or repeatedly
merge states which are externally indistinguishable. In this context, two states are called
indistinguishable, if they cannot be distinguished by the input-output-behavior of the
system.
The mathematical notion that we shall introduce for this purpose is called bisimilarity.
Intuitively, two states s and s

are bisimilar, if they are indistinguishable by their input-

output-behavior. In this case, we shall write s s

. The relation will turn out to be

reexive and symmetrical and it will be compatible with the system behavior in a sense
that we shall describe below.
A closely related notion will be observational equivalence. Roughly, two states will
be called observationally equivalent, if they can be merged in obtaining a minimal sys-
tem. Indistinguishable states will be observational equivalent, but the converse is not
necessarily true.
Before giving a mathematical denition of coalgebras, we want to consider some pro-
totypical systems and we shall motivate and develop the corresponding notions of com-
patibility and indistinguishability.
1.1 Black Boxes
Imagine a device equipped with two push-buttons, labeled h and t, and a display. If
button h is pressed, the display shows some number, or, more general, some element
d out of some xed set of data D. When we release h, the output disappears again.
9
1 State Based Systems
Button t is used for changing the internal state, so that pressing t one or more times,
then again pressing h, may show a dierent d

D in the display.
h
t
42
We can describe the system B = (S; h, t) as consisting of a set S of internal states and
a pair of maps :
h : S D
t : S S.
1.1.1 Observations
We assume that the states of a black box are not directly visible. All we can immediately
observe are the elements of d D when they appear in the display as a result of pressing
the h-button. Thus the only observations we can perform is pressing the t-button several
times, followed by pressing the h-button once, i.e. an observation is a composition of
maps: h t
n
, where as usual, we recursively dene for any s S:
t
0
(s) = s
t
n+1
(s) = t(t
n
(s)).
Accordingly, two states s, s

S are indistinguishable by nite observations if for each

n N
h(t
n
(s)) = h(t
n
(s

)).
For each n N we obtain an equivalence relation

n
= {(s, s

) | h(t
n
(s)) = h(t
n
(s

))}
and two states are observationally equivalent i they are contained in the intersection
:=

nN

n
.
1.1.2 Indistinguishability and bisimulations
There is another method for dening indistinguishability that is introduced by means
of some natural axioms for an indistinguishability relation R, where (s, s

) R (which
we often write as s Rs

) is to mean that we cannot distinguish s from s

. Traditionally,
such relations are called bisimulations, but their intended meaning as indistinguishability
relation suggests the following axioms:
Assuming s Rs

, then
10
1.1 Black Boxes
h(s) = h(s

),
for otherwise the value in the display would immediately distinguish s from s

, and
t(s) R t(s

),
for if t(s) were distinguishable from t(s

), we could also distinguish s from s

by
rst pressing t.
This recursive condition for an indistinguishability relation or bisimulation will be dis-
played as an inference rule in the following manner:
s Rs

h(s) = h(s

), t(s) Rt(s

)
(1.1.1)
This notation signies, that from the premises, written above the line, one is allowed to
conclude all facts which are written below the line.
The above inference rule does not really dene the relation R, for there are many
relations satisfying the requirement. The smallest one, in fact, is the empty relation
S S, another one is the diagonal
S
= {(s, s) | s S}. Moreover, it is easy to
check that the union of a family (R
i
)
iI
of such bisimulations is a bisimulation again. It
follows that the union of all bisimulations on a state set S is a bisimulation, and it must
be the largest bisimulation, which we denote by :
:=

{R | R is a bisimulation}.
It can now be easily veried that for every black box we have
Proposition 2. =
Proof. Assume s s

then t
n
(s) t
n
(s

) by n-fold application of the second bisim-

ulation condition. Finally, using the rst condition on this, it follows that h(t
n
(s)) =
h(t
n
(s

)), i.e. s
n
s

. Since this is true for each n, we have ss

.
For the converse it suces to show that is a bisimulation. Given ss

, then in
particular s
0
s

, which is to say h(s) = h(s

), establishing the rst condition of a

bisimulation. Observe moreover that s
n
s

implies that t(s)

n1
t(s

) for n > 0. Since

by assumption ss

n>0

n
it follows that t(s)

n0

n
t(s

) , i.e. t(s)t(s

) ,
establishing the second condition of 1.1.1.
1.1.3 Factor structure
Since = is an equivalence relation we can form the factor structure B/ = (S/; h

, t

)
with state set
S/ := {[s] | s S}
where [s] denotes the equivalence class of s S , that is:
[s] := {s

S | ss

}.
11
1 State Based Systems
We obtain structure maps h

and t

from the corresponding map on the representatives:

h

([s]) := h(s), and

t

([s]) := [t(s)].
The bisimulation conditions 1.1.1 just assure us that these denitions do not depend
on the choice of representatives. It turns out, that this black box is indeed the minimal
one with the same behaviors as the original.
Example 3. Consider a Black Box with an eight-element state set. The states are
represented as circles and the transition function t by the arrows in the following gure.
The numbers inside the circles represent the output in that state.
GFED @ABC
33
GFED @ABC
17

GFED @ABC
42

GFED @ABC
17
GFED @ABC
42
GFED @ABC
33
GFED @ABC
42

GFED @ABC
17

Two states labeled with dierent values are immediately distinguishable. But we can
also distinguish the two states labeled by 33: If we press t, followed by h, we get the
output 17 in one case and 42 in the other. In contrast, all states labeled with 42 are
indistinguishable. Thus, the minimal Black Box with the same behavior is given by
GFED @ABC
33
GFED @ABC
17

GFED @ABC
42

GFED @ABC
33

1.1.4 Streams and Functional Programming

Streams are innite lists, as they occur in many operating systems. The rst element of
a stream s is called the head of s. If it is removed, an innite stream remains, which is
called the rest or the tail of s. Mathematically, an innite stream of data of type D
can be dened as a map : D, where is the ordered sequence of natural numbers
and (k) for each k is the k-th element of stream .
The head and tail operations, abbreviated by hd and tl, can be dened as
hd() = (0)
and
tl()(n) = (n + 1)
for all n . Indeed, if is written as an innite list [(0), (1), . . . ], then hd() = (0)
is its head and tl() = [(1), . . . ] its tail .
Example 4. In Unix, the command yes returns the stream consisting of the innite
sequence each of whose element is the character y :
yes = [ y, y, y, . . . ]
With the Unix command yes | remove * , for instance, one can delete all les in the
current directory. The question
12
1.1 Black Boxes
Do you really want to delete f [y/n]?
which the remove-command usually asks for each le f will automatically, and as
often as necessary, be answered with a y from the innite list yes.
A stream of elements of type D, together with the functions hd and tl, can be con-
sidered a special Black Box D

, whose state set is D

, the set of all maps from to D,

and whose operations
h : D

D
t : D

are given as h() = hd() and t() = tl().

Streams, considered as states in the black box D

, have the remarkable property that

any two of them are distinguishable. That is bisimilar streams are equal. Equivalently,
the largest bisimulation is the equality. We can express this in our rule notation as :
Proposition 5. For any two streams s, s

we have:
s s

s = s

. (1.1.2)
Proof. If s s

then ss

by Proposition 2, that is h(t

n
(s)) = h(t
n
(s

)) for all n .
But in the case of streams, h(t
n
(s)) denotes the n-th element of s, or s(n) when we
consider s as a map s : D. Thus s s

entails s = s

.
Rule 1.1.2 is called the coinduction rule for streams and we shall use it to prove
equality of streams. But rst, let us look at some programming with streams.
Modern functional programming languages, such as e.g. Haskell or ML, can deal
with stream data types. Innite streams may be used as arguments or as results of
functions and they allow a very elegant style of programming. In the following example,
we present a short interaction with such a functional language. After the prompt > the
programmer enters a denition (marked in italic). In our example, we deal with streams
of numbers and operations on such streams. A stream with head hd and reststream tail
is denoted by [hd : tail] . The user denes streams and functions returning streams. If
the result is a stream, the system prints out its rst elements.
> ones = [1 : ones]
[ 1, 1, 1, ... ]
> from n = [n : from(n + 1)]
> nats = from(0)
[ 0, 1, 2, ... ]
> add([n
1
: l
1
], [n
2
: l
2
]) = [(n
1
+ n
2
) : add(l
1
, l
2
)]
> add nats ones == from 1
[ true, true, true, ... ]
13
1 State Based Systems
In the presented example, we have rst dened the stream ones which is the innite
sequence of the constant number 1. The system always presents the beginning of the
stream, the ellipsis . . . represents all the other elements. After dening the unary
function from, we call it with argument 0 and dene nats to be its result. Then the
denition of the binary addition operation on streams, add, follows. Finally, we check,
whether the equation
add nats ones == from 1
is true. Of course, we are not convinced by the answer, as equality has only been checked
on the rst couple of terms - fortunately, the result there is always true.
1.1.5 Proofs by coinduction
We would rather want a mathematical proof that the stream resulting from add nats ones
is indeed equal to the stream from 1. This can be obtained using the rule opf coinduction,
which, fortunately, is valid for streams. All we need to nd is any bisimulation R with
(add nats ones, from1) R. It then follows add nats ones from1 from which the
coinduction principle 1.1.2 allows us to conclude add nats ones = from1.
Now the only

creative step in this process is, coming up with a suitable candidate

for R. Neither R = nor R = {(add nats zero, from1)}, nor R = (N

, N

) qualify. The
rst one is a bisimulation, but it does not contain the pair in question, the other ones
do contain that pair, but they are not bisimulations.
A suitable candidate is
R = {(add (fromn) ones, from(n + 1)) | n }
It is easy to check that this R is a bisimulation as dened in 1.1.1: Assume (s, s

) =
(add(fromn) ones, from(n + 1)) R, then
h(s) = hd(add (fromn) ones)
= hd(add [n : (from(n + 1))] [1 : ones])
= hd[(n + 1) : add from(n + 1) ones]
= n + 1
= hd[n + 1 : from(n + 2)]
= hd(from(n + 1))
= h(s

)
and
14
1.1 Black Boxes
t(s) = tl(add (fromn) ones)
= tl(add [n : (from(n + 1))] [1 : ones])
= tl[(n + 1) : add from(n + 1) ones]
= add from(n + 1) ones
R from(n + 2)
= tl[n + 1 : from(n + 2)]
= tl(fromn + 1)
= t(s

).
It follows that R is the equality, hence
n .add (fromn) ones = from(n + 1)
which is a statement, nmore general than the one we have set out to prove.
The method of proof is certainly reminiscent of a proof by induction, where the only
creative step, nding an appropriate inductive hypothesis, often requires proving a gen-
eralization of the original goal. In a proof by coinduction, the bisimulation R plays the
same role as the inductive hypothesis does in an inductive proof.
1.1.6 From Black Boxes to Streams
Given a Black Box, we van associate to each state s S a stream (s) D

by
unravelling the sequence of states beginning at s and noting their h-value, that is:
(s) = (h(s), h(t(s)), ..., h(t
n
(s)), ...)
i.e. (s)(n) = h(t
n
(s)). For instance, unravelling the leftmost state in example 3, we
obtain the stream = (33, 17, 42, 17, 42, ...). This procedure denes a map : S D

from an arbitrary black Box B = (S, h, t) with output set D to the black box of streams
D Streams = (D

, head, tail) which satises:

h(s) = h((s)) (1.1.3)
(t(s)) = tail((s)). (1.1.4)
In fact, it is an easy exercise to show that : S D

as dened above is the unique

map satisfying 1.1.3 and 1.1.4.
1.1.7 Introducing ... the iBox
Note that the two maps making up a Black Box h : S D and t : S S could be
combined into one map
: S D S.
15
1 State Based Systems
This means, that our Black Box would be redesigned into one having only one button,
labeled by . An observation would now consist of pressing n-times. The ouput gen-
erated would be a sequence d
1
, d
2
, ..., d
n
described by d
i+1
=
1
((s
i
)), s
i+1
=
2
((s
i
)),
starting with s
0
= s. Observational equivalence of two states s and s

would be dened
again as producing for each n the same sequence of observations. We arrive at the
same notion of observational equivalence as before: ss

i for each n they produce

the same output in the above sense.
1.2 Automata
Let be a set (of symbols) and an arbitrary set (of data). An automaton over with
output in consists of a set S of states, a transition function and an output function
where
: S S
: S .
If the automaton in state s S receives input e , it will enter the new state
s

= (s, e), and each state s S produces the output (s) .

1.2.1 Bisimulations
Assuming again, that the states are not directly observable, but only the outputs gen-
erated, an indistinguishability relation or bisimulation R on the states of an automaton
is specied by the following rule:
s R s

(s) = (s

), e . (s, e) R (s

, e)
. (1.2.1)
That is, bisimilar states must give the same output, and after some identical input e ,
the resulting states (s, e) and (s

, e) must remain indistinguishable. Just as in the case

of black boxes, it is easy to see that there is always a largest such indistinguishability
relation, and we shall also call it .
1.2.2 Observations
To observe an automaton in a state s, we can feed it some input and observe the output
generated. Thus an observation of a state s S consists of choosing a sequence of
elements e
1
, e
2,
. . . , e
n
which then causes the automaton to pass through the states
s
0
= s, s
1
= (s
0
, e
1
), . . . , s
n
= (s
n1
, e
n
) and then observing its output (s
n
). So, an
observation can be specied by the (possibly empty) sequence of inputs e
1
, e
2
, . . . , e
n
.
The input set of an automaton is often called its alphabet. One imagines an alphabet
as a (usually nite) set of possible input characters - perhaps the keys of a keyboard.
Any nite sequence of characters from is called a word and the set of all words with
characters from is called

.
16
1.2 Automata
A special element in

is the empty word . Every nonempty word w is of the form

w = e v, where e is the rst letter of w and v the rest which remains of w if its rst letter
is removed. The concatenation symbol which denotes the operation of attaching a
letter to the front of a word, is often not shown. Inductively, one can therefore dene
the set

of all words with letters from :

(i)

,
(ii) if e and w

, then e w

.
Thus the word consisting of the letters e
1
, e
2
, . . . , e
n
arises as e
1
e
2
. . . e
n
, where we
let the concatenation operator associate to the right.
The transition function is usually extended to a function

: S

S:
(i)

(s, ) = s,
(ii)

(s, e v) =

((s, e), v).

Two states are observationally equivalent, if all observations obtain the same result.
This yields a denition of observational equivalence as
Denition 6. [observational equivalence for automata]
:= {(s, s

) | w

.(

(s, w)) = (

(s

, w))}.
Not surprisingly, we nd
Lemma 7. =.
Proof. We rst show that is a bisimulation, i.e. it satises (1.2.1) with in place of
R. From ss

we conclude
(s) = (

(s, ))
= (

(s

, ))
= (s

),
and for each e and arbitrary w

((s, e), w)) = (

(s, e w))
= (

(s

, e w))
= (

((s

, e), w)),
hence (s, e)(s

, e). This shows that is a bisimulation, so .

Let R be an arbitrary bisimulation, we must show R . By induction over the
construction of words w we show for all w

:
s, s

A. s R s

= (

(s, w)) = (

(s

, w)). (1.2.2)
17
1 State Based Systems
For the empty word w = the claim follows immediately from the rst condition of
(1.2.1). If w = e v, assume that the claim (1.2.2) has already been veried for w = v.
Since R is a bisimulation, the state pair ((s, e), (s

, e)) is in R, so
(

((s, e), v)) = (

((s

, e), v)),
that is
(

(s, e v)) = (

(s

, e v)),
establishing the inductive step.
Again, it is possible to dene the factor-automaton A/ which is the minimal au-
tomaton. That is to say that the largest bisimulation on A/ is the equality, so A/
satises the coinduction principle.
1.2.3 Acceptors
Automata play an important role in the recognition of words (called tokens) of a pro-
gramming language. For this purpose one uses automata with a nite set of states S
and a predened set F S of accepting states. A word w

is then a legal word

of the programming language precisely if it leads from some initial state s
0
S into an
accepting state, i.e. if

(s
0
, w) F. Such automata are called Acceptors. For a xed
alphabet , they are typically represented as A = (S, , F) where
: S S
F S.
The set F of accepting states can be coded with the help of an output function : S
{0, 1} where =
F
is the characteristic function of F S.
Automata are often represented by their graphs. Vertices correspond to the states of
the automaton. An edge labeled by e is drawn from s to s

, if (s, e) = s

. Accepting
states are marked by a double border around its vertex.
Example 8. The following graph represents an automaton for recognizing real number
constants in the programming language Pascal:
GFED @ABC
s
0
+

digit

GFED @ABC
s
1
digit
GFED @ABC ?>=< 89:;
s
2
digit

GFED @ABC
s
3
digit
GFED @ABC ?>=< 89:;
s
4
E

digit

GFED @ABC
s
5
+

digit

GFED @ABC
s
6
digit
GFED @ABC ?>=< 89:;
s
7
digit

digit stands for an arbitrary digit. Missing edges, e.g. the one with label . leaving
s
0
, are meant to leave to some error state which is not shown here.
A correct real number constant must lead from the initial state s
0
into one of the three
accepting states. For the input 0.0314159E+02, for instance, we have (s
0
, 0.0314159E+
02) = s
7
F, hence the input is an acceptable Pascal real.
18
1.3 Data Types and Co-Data Types
1.2.4 Languages and observations
Generally, each subset L

is called a language over . Choosing a a particular

initial state s for an acceptor, the language accepted by A from initial state s is
L(A, s) = {w

(s, w) F}.
Since acceptors are just automata with output set {0, 1}, it follows from 7 that two
states s and s

are bisimilar if and only if L(A, s) = L(A, s

).
1.3 Data Types and Co-Data Types
1.3.1 Constructors and selectors
Data types, such as e.g. the notorious stack data type are usually modelled as free,
0-generated Algebra, that is by the set of terms which can be properly built from the
emptyStack by a nite number of push-operations. To be precise, consider a set D of
data and the operations
emptyStack : Stack
push : D Stack Stack.
Each object of type stack is then either the empty stack (emptyStack), or it is of shape
push(d
1
(push(d
2
(. . . (push(d
n
, emptyStack) . . .). This modelling by constructors is then
classical data type modelling of stacks, which in a sense contradicts the object oriented
modelling: We should not be interested in the state of an object, but in its public accessor
methods. In the case of a stack, these are top and pop.
The operations top and pop do not directly appear in this modelling. They arise
as inverse functions of push and pop in the following manner: With the help of the
one-element set 1 := {} and notation + for the disjoint union of two sets, push and
emptyStack can be combined into a single map
k : 1 + D Stack Stack
where k() := emptyStack and k(d, s) := push(d, s). This map is bijective and its
inverse
l : Stack 1 + D Stack
is given by
l(s) =

if s = emptyStack
(d, s

) if s = push(d, s

)
which apparently combines the partially dened functions top and pop into a single
totally dened function.
Considering, that the operations h and t of a black box can also be coded into a single
function
h t : S D S
19
1 State Based Systems
a stack with the above dened map l
l : Stack 1 + D Stack
can be considered as a black box that may break, which is described by l(s) = . In
all other cases, l yields a pair (d, s

), consisting of a result d and a new state s

.
Two states are indistinguishable, s s

, if either l(s) = = l(s

), or top(s) = top(s

)
and pop(s) pop(s

), where top =
1
l and pop =
2
l. As inference rule we have
therefore:
s s

(empty(s) empty(s

)) (top(s) = top(s

) pop(s) pop(s

))
.
If the elements of Stack are interpreted as states, one obtains, starting from an arbi-
trary state s
0
and by repeatedly applying l the states s
0
, s
1
, . . ., s
i
, . . ., where always
s
i+1
= pop(s
i
). Simultaneously, one can observe the sequence of outputs top(s
0
), top(s
1
), . . . ,top(s
i
). . . .
The sequences terminate if at some instance l(s
i
) = occurs, i.e. if the stack is empty.
In any case, an observation is represented by a nite or innite sequence of elements
from D.
Conversely, the set D

= D

+D

of all nite or innite sequences of elements from

D can be turned into a system of the above type by setting:
l() =

if = ,
(hd(), tl()) else.
One easily checks that for this system, too, the rule of co-induction is true:
s s

s = s

.
1.3.2 Object oriented programming
In object orientiented programming, a class is a collection of data elements, called ob-
jects. All objects from the same class possess a common structure which is given by a
list of data elds and methods. A user may access objects only through methods and
attributes which are declared public, and he can modify only those public attributes.
An important property of classes and objects is that they can be extended by further
attributes and methods. The so extended class is called a subclass of the former and it
inherits from this all attributes and methods.
Here we present the denition of a class Account which is to model a simple bank
account in the programming language Java.
class Account{
private int balance;
Account(){ balance = 0; }
public void trans(int n){ balance += n; }
public int show(){ return balance; }
}
20
1.4 Nondeterministic Systems
If an account is created using the constructor method Account(), the integer variable
balance is initialized with 0. This variable is declared private, so it is not directly
accessible. The user can only utilize the public method show to read it or the public
method trans to change it.
It is important that the user does not need to know how the latter methods are
implemented, she only must be assured that they work as expected. Among those
expectations is the certainty that the following equation is satised for each account x
and arbitrary integers n
1
and n
2
:
x.trans(n
1
).trans(n
2
).show() == x.trans(n
1
+ n
1
).show()
Observe that methods are being written to the right of the object they are applied to.
The above requirement states that two successive transactions will result in the same
balance as one transaction over the sum of the transferred amounts.
In practice, an account x may encompass further information which is inaccessible to
the user. For this reason, he will not be able to insist on the stronger requirement
x.trans(n
1
).trans(n
2
) == x.trans(n
1
+ n
2
)
since this is a requirement on the internal state. The bank might for instance decide to
add a counter to the account to measure the number of transactions. Each transaction
trans would increment that counter. After this change in implementation, which is
simply achieved by subclassing the existing account, the latter requirement would be
violated, since the counters tracking the number of transactions are dierent. The user
would not notice the dierence - and would hardly care - since the only way for him
to obtain account information is through the public method show(). Thus the former,
weaker requirement is enough for the user, since it is all that he can ever observe.
It is clear that a bank account as shown above is a variation on the theme of automaton
with output, and indeed an indistiguishability relation should dened by the rule
x x

x.show() = x

.show(), n Z.x.trans(n) x

.trans(n)
.
More generally, trans, resp. show, stand prototypically for any collection of mutator,
resp. accessor methods of a class in an OO-Programming language.
1.4 Nondeterministic Systems
1.4.1 Kripke structures
Many systems consist of several interacting components. Large programs consist of
parallel executing processes, technical systems consist of many interacting sensoring,
calculating and control components. The exact sequence and the precise interleaving of
the actions of the single components are not foreseeable, so that the complete system
remains indetermined to an outside observer. In order to specify such systems, one
21
1 State Based Systems
restricts the permitted state transitions by some transition relation T S S. This
relation need not be a function, which is why one speaks of a nondeterministic system.
Furthermore, we may have some set of elementary properties which are known to be
true at certain states. The validity of these elementary properties at particular states
is usually encoded by some validity function v : S where v(s) is the set of all
properties p which hold in state s.
Denition 9. Let be a set. A Kripke-Structure over is a triple K = (S, T, v) where
T S S and v : S P().
Often, the transition relation T is denoted by an arrow , so that (s, s

) T is
expressed pictorially as ss

and we say that s

is a successor of s.
Example 10. A concurrent program may consist of two processes sharing the integer
variable x. Each process initializes x and increments it thereafter. If both processes run
in parallel, it is not clear, what the result of the variable x will be when the program
has nished. In the following trivial example, the nal value stored in x may be either
2,3, or 4, depending on when the statements of the two processes are scheduled
x := 0;
cobegin
begin x := 1; x := x+1 end;
begin x := 2; x := x+1 end;
coend
To fully describe the evolution of this program we would need to dene a state as a triple
(x, PC
1
, PC
2
) where PC
1
and PC
2
denote the program-counters in the two processes.
The resulting Kripke-structure has 10 states. The externally observable properties
might, for instance, describe the values of x and the fact that the program is running
or has stopped. An example transition, for instance, leads from state (3, 0, 2), where
the second process has already nished executing, to the state (1, 1, 2) where the rst
statement of process 1 has executed, i.e. (3, 0, 2)
1

(1, 1, 2) .
Example 11. Atomic propositions are often given by boolean expressions expressed
in the underlying programming language in which these variables occur, such as e.g.
main street = free, side street = waiting in a system modelling a trac intersection.
State transitions are often described by expressions relating a state s at time t with a
permitted successor state s

at time t + 1, for instance:

signal = red (signal

= red OR signal

= yellow)
Example 12. Kripke structures can also be graphically represented by drawing states as
small circles or bullets and the possible transactions as arrows. Atomic propositions valid
in some state s, are written as superscripts to the node representing s. The following
22
1.4 Nondeterministic Systems
gure shows two Kripke structures that will be of interest later:
s
p
R

t
t
t
t
t
t
t
t
t

t
t
t
t
t
t
t
t
t
s

q
Q

s
s
s
s
s
s
s
s
s

u
u
u
u
u
u
u
u
u
u

v
q

u

v
q

1.4.2 Indistinguishability - bisimilarity

All that we can directly observe about the states of a Kripke-Structure are the properties
in , so indistinguishable states s and s

must denitely have v(s) = v(s

). But we can
also take any transition from s and see whether s

has a corresponding transition. If not,

we have distinguished s and s

.
In the above example, the states s and s

have the same elementary properties. How-

ever, if we take a transition from s

, we will not nd a corresponding transition from s.

Whichever transition we take from s, we shall get into a state with no successor satisfy-
ing v or with no successor satisfying u. The state reachable from s

, however, leaves both

options open - a transition to a state satisfying u or a state satisfying v. Therefore, s
and s

are not bisimilar. Formally, we dene a bisimulation as a binary relation R such

that
s Rs

implies :
(i) v(s) = v(s

)
(ii) for each transition st there is a transition s

for some t

S with t Rt

(iii) for each transition s

there is a transition st for some t S with t Rt

.
The following diagram visualizes the last two conditions:
x R

and
x R

R y

R y

We can also express the requirements of a bisimulation R as inference rules:

x R y
v(x) = v(y)
.
and
x R y xx

.(y y

Ry

)
and
x R y yy

.(x x

Ry

)
.
Again, it is easy to check that there is always a largest bisimulation , which is given
by the union of all bisimulation. Elements s, s

with s s

are called bisimilar.

23
1 State Based Systems
1.4.3 Observational equivalence
The way to make observations, starting from a state s is by performing some transitions
and observing the properties p in the states we arrive at. This suggests a notion of
observational equivalence which is not able to capture bisimilarity. In the last example
of a Kripke-structure we can match every path starting from s with a path starting in s

exhibiting the same elementary properties, even though s and s

are not bisimilar. We

need a more sophisticated way to describe properties of states and we shall use modal
logic.
Modal logic enables us to speak not only about the properties p holding directly
in some state s, but also about properties q holding in some or in all successors of state
s. For this it introduces, aside from the usual Boolean connectors ,and also the
unary operators (modalities) and . The formal syntax for formulas of modal logic
is given by the following grammar:
::= p (for eachp )
| true | false |
1

2
|
1

2
|
| |
The semantics of these formulae is dened for states s of a Kripke structure and we
write s |= if formula holds in state s. Formally, validity |= is dened following the
inductive denition of formulae:
s |= p p v(s) (for each p )
s |= true true
s |=
1

2
s |=
1
and s |=
2
s |= s |=
s |= t S.( st ) = t |=
s |= t S.s t t |= .
Two formulae are called logically equivalent, if they hold in the same states of every
Kripke-Structure. In particular, it is easy to check that, for example, is logically
equivalent to :
s |= not s |=
t S.st = t |=
t S.st t |=
t S.st t |=
s |= .
24
1.5 Synthesis: The notion of coalgebra
1.5 Synthesis: The notion of coalgebra
We are looking for common features in the systems considered so far. We always had at
our disposal a set S of states and transitions leading us from a state s to a new state or
to some combination of new states and outputs. The following list demonstrates that
all systems can be coded with a single map
: S F(S)
where F is some set theoretic construction which constructs out of a given set S in a
systematic way a new set F(S) which oers all the necessary combinations of states and
outputs.
In order to mold all systems into this common shape, we make use of the fact that a
pair of maps h : S D and t : S S can be coded into a single map : S D S.
Analogously, can a multi-ary map : S S be replaced by single map

: S S

,
if one sets

(s)(e) := (s, e). A binary relation R A B, nally, can be coded as a

map R : A P(B) by setting R(a) := {b B | a R b}, and a subset U of S can be
coded by its characteristic map
S
U
: S {0, 1}, dened as
S
U
(s) :=

1 if s U
0 otherwise
.
Black box
h : S D
t : S S

: S D S
Bank account
show : S Z
trans : S Z S

: S Z S
Z
Automaton
: S D
: S S

: S D S

Acceptor
F S
: S S

: S {0, 1} S

-Kripke Structure
R S S
v : S P()

: S P() P(S)
25
1 State Based Systems
1.5.1 Nonstandard examples
Our nal example shows that the theory of coalgebras might also be of interest for
classical areas of mathematics: A topological space (S, ) can be uniquely represented
by the map U : S F(S) into the set of all lters on S. Each point s S is associated
with its neighborhood lter U(s).
Topological space
P(P(S))

: S F(S)
After having thus observed a clear structural connection among the considered systems
we can try to formulate a preliminary denition for the notion of coalgebra. For a
xed set theoretical construktion F we dene a coalgebra of signature F as a pair,
A = (A,
A
), consisting of a set A and a map

A
: A F(A).
Unfortunately, the notion of set theoretical construction is not yet precise enough.
We shall only consider such constructions that are systematic in a way that they do not
depend on the nature of the elements in S. This means that a transformation f : S S

should in some natural way induce a transformation Ff : F(S) F(S

).
The language of category theory, which we shall introduce in the next chapter pro-
vides us with exactly the right notions and denitions for describing such constructions
and their properties. Afterwards we will develop the structure theory of coalgebras of
signature F. In that course, we shall discover a surprising amount of similarities with
the structure theory of universal algebras. In order to discover and to carve out this
similarities, the language of categories is indispensable.
1.5.2 Coalgebras and algebras
Finishing this chapter we want to answer the question why we are speaking of co-algebras
and what these have to do with algebras.
Let A be an algebra of signature F = (f
i
)
iI
, with arities (f
i
) = n
i
, then we can
combine all individual operations f
i
: A
n
i
A into a single common map
f :

iI
A
n
i
A
from the disjoint union of all A
n
i
into A.
Conversely, too, can each such map f be split into a family of n
i
-ary operations. Thus
a universal algebra is nothing but a pair A = (A, f
A
), consisting of a set A and a map
f
A
: F(A) A,
with
F(X) =

iI
X
n
i
26
1.5 Synthesis: The notion of coalgebra
being the set theoretical construction. It is easy to see how a map g : X Y naturally
extends to a map Fg : F(X) F(Y ): Simply put
(Fg)(x, . . . , x
n
i
) := (g(x
1
), . . . , g(x
n
i
))
for (x, . . . , x
n
i
) X
n
i
, then obviously
Fid
X
= id
F(X)
(1.5.1)
and for maps g : X Y and h : Y Z
Fh Fg = F(h g). (1.5.2)
In the language of the following chapter this means precisely that F is functor.
1.5.3 Homomorphisms
Given two algebras f
A
: F(A) A and f
B
: F(B) B, then a map : A B is
called a homomorphism, i
(f
A
(a
1
, ..., a
n
i
)) = f
B
((a
1
, ..., a
n
i
)) for all i I.
Note that this can conveniently be expressed by
f
A
= f
B
(F),
or simply by the comutativity of
F(A)
f
A

F(B)
f
B

B
.
The same diagram also describes algebras whose operations are not nitary, such as
e.g. complete lattices or semilattices. The latter have operations of type P, that is a
semilattice is a map P(A) A with certain axioms, and a homomorphism is dened by
the same diagram as above with F replaced by P.
For coalgebras, the structure map turns around as
A
: A F(A), resp.
B
: B
F(B) otherwise the same principles apply: A map : A B is a homomorphism i

B
= F
A
pictorially:
A

F(A)
F

F(B)
The requirements for F are precisely what is needed so that
27
1 State Based Systems
(i) the identity map is always a homomorphism, and
(ii) the composition of homomorphisms is a homomorphism.
Therefore, coalgebras (just like algebras) together with homomorphisms form a category.
And since the many possible set theoretical constructions F to be dealt with at once
in the case of coalgebras, it is a category theoretical language that is required to deal
with them in appropriate generality. We shall develop as much of this as necessary, in
the following chapter.
1.6 Exercises
(i) Let R and S be bisimulations on black boxes. Show that the relational product
R S and the union R S are again bisimulations.
(ii) Show that from any Black Box B = (S, h, t) with output set D there exists exactly
one map to the black Box of D-streams (D

, head, tail), satisfying 1.1.3 and 1.1.4.

(iii) Show that black boxes always possess a largest bisimulation and that this is a
congruence relation on the many-sorted algebra B = (B, D; h, t).
(iv) Argue that the following are set theoretical constructions in the sense discussed in
section 1.5:
F(X) := D X for some xed D.
F(X) := X X
F(X) = P(X)
F(X) := X + 1
F(X) = 2
X
28