A stable non-interleaving early operational semantics for the pi-calculus

We give the ﬁrst non-interleaving early operational semantics for the pi-calculus which generalises the standard interleaving semantics and unfolds to the stable model of prime event structures. Our starting point is the non-interleaving semantics given for CCS by Mukund and Nielsen, where the so-called structural (preﬁxing or subject) causality and events are deﬁned from a notion of locations derived from the syntactic structure of the process terms. We conservatively extend this semantics with a notion of extruder histories , from which we infer the so-called link (name or object) causality and events introduced by the dynamic communication topology of the pi-calculus. We prove that the semantics generalises both the standard interleaving early semantics for the pi-calculus and the non-interleaving semantics for CCS. In particular, it gives rise to a labelled asynchronous transition system unfolding to prime event structures. © 2019 The Authors. Published by Elsevier Inc. This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/).


Introduction
The pi-calculus [30] is the seminal model for concurrent mobile processes, representing mobility by the fresh creation and communication of channel names. The standard operational semantics [30,29] adopt an interleaving approach to concurrency, that represents concurrent execution of actions as their arbitrary sequential interleaving and employ basic transition systems as semantic models.
To give a non-interleaving semantics one needs to identify the underlying events and their concurrency and causality relationships, and from that define a notion of non-interleaving observations, e.g. in terms of a bisimulation or testing equivalence [38,42] or employ a non-interleaving model (e.g., event structures [34,47], asynchronous transition systems [3,40] or Petri nets [9]), in which the concurrency can be represented explicitly. The dynamic communication topology of the pi-calculus makes it non-trivial to identify what accounts for causality, and indeed several possible approaches have been proposed. As described in [5], the source of the complexity is that the causal dependencies fall in two categories: appearing in P , by bn(P ) the bound names, i.e. those n that are restricted by (νn) or by the input action a(n), and by fn(P ) = n(P )\bn(P ) the free names. E.g. for the process (νn)a(x) we have n((νn)a(x)) = {n, a, x}, bn((νn)a(x)) = {n, x}, and fn((νn)a(x)) = {a}. We let P {x := n} denote the process P where every free occurrence of the name x has been substituted by the name n. We assume all bound names are unique in a process and identify processes up to α-conversion. We make a habit of using a, b, ... for names that are meant to indicate channels/links for communication, m, n, ... for names that are being transmitted over channels, and x, y, z, ... when we intend these names to be substituted. We often omit the indexing set I in the notation for a sum process i∈I ϕ i .P i and use only ϕ i .P i . When I = ∅ then we write 0 instead of i∈∅ ϕ i .P i , and when I is singleton we omit the sum symbol, e.g., a n .P . As standard, we often omit the trailing 0, e.g. writing a(x).b m instead of a(x).b m .0.
Next we recall the standard interleaving early semantics for the pi-calculus (see e.g. [37,31]).

Definition 2.2 (Standard pi-calculus semantic rules).
We denote by − → π the standard interleaving early semantics given by the following operational rules, ignoring the symmetric versions of the (par), (close) and (com) rules.
(inp) a(x).P a(n) −−→ π P {x := n} (out) a n .P a n −−→ π P Note we use the (also standard) notation (νn)a n for the bound output (extrusion) of n instead of the notation a(n) used in e.g. [37]. Definition 2.3 (Standard pi generated transition system). The transition system generated using the standard interleaving, early operational semantics from Definition 2.2 is denoted TS π = (S, , − → π ) and defined similarly: • The set of states contains just process terms as in Definition 2.1, i.e., S ={P | P ∈ Proc}; • The set of labels λ ∈ is defined by the grammar λ ::= (νn)m n | m n | m(n) | τ ; • − → π ⊆ S × × S are the transitions from Definition 2.2.
For a pi-process P , the transition system reachable from P is denoted TS π (P ).

Early non-interleaving operational semantics
We now give the early non-interleaving operational semantics for pi-processes given by the rules in Fig. 1 (H, H) to the left of the turnstile. For reasons to be explained below, we have also simplified action labels by not having scope extrusion represented in the labelling. Formally, action labels are defined as follows.
Definition 2.4. The action labels (or simply actions) ranged over by α, β are of the following three kinds: a n output a(n) input τ silent For an action α, let n(α) denote the set of names appearing in the label, that is, n(a n ) = n(a(n)) = {a, n}. Recalling from [33], the set of prefix locations, i.e. locations of action prefixes inside process terms, is defined as follows.   The location labels identify the location of the prefixes in the term contributing to a transition and allowing to infer structural (CCS-like) events and causalities following the approach in [33]. The extrusion histories keep track of the location of extrusion and reception of names. As we will prove later, if one ignores extrusion histories and location labels, the semantics is almost the standard early semantics. The only difference is in the labelling of actions in the open rule, where we do not add the extruded name to the label as in the standard semantics. There are two reasons for doing this, as will become clear later: Firstly, since the extruder histories capture the extrusion, there is no need for recording it in the label. Secondly, if the extruded name is recorded in the label, the same event can occur in the transition system two places with different labels. That is, the labelling of events will not be unique and we could not give a direct semantics in terms of standard labelled asynchronous transition systems. 3 The extrusion histories are defined formally as follows. We now describe the use of locations and histories to capture structural and link dependencies in the semantics.

Structural dependencies
We begin with an example showing how locations are used to record the difference between the choice between interleavings of two actions and the parallel execution of two structurally independent actions. Example 2.9 (Non-interleaving vs. interleaving). Fig. 2 shows the transition semantics of the Pi process a a .b b + b b .a a ("a a then b b or b b then a a ") to the left and the Pi process a a || b b ("a a and in parallel b b ") to the right, enriched with locations under the transition arrows. If one can only observe the transitions and action labels then it is not possible to tell the difference. However, the location labels under the transitions make it possible to see that in the process to the left, all transitions are due to different prefixes located at the top location, while in the process to the right, the two a-transitions are due to the same prefix at the location u 1 and the two b-transitions are due to the same prefix at the location u 2 . Finally, the 0 and the 1 in the paths of location u 1 and u 2 show that the two locations are in two different components of a parallel composition. This is the basis for defining events and the structural independence relation on events below.
From the locations we define our first notion of structural events and independence, which correspond to the events respectively independence relation defined for CCS in [33]. We will later show how to take into account the additional link causal relationships of the pi-calculus. For e = (α, u) ∈ Ev define Loc(e) ⊆{0, 1} * , the locations where e occurs, by Note that to keep locations of action prefixes fixed, we cannot assume the usual structural congruence making parallel composition commutative. Therefore we must use two rules (par i ), i ∈ {0, 1}, for parallel composition and two rules (com i ), i ∈ {0, 1}, for communication.

Example 2.11 (Associativity and commutativity break location labels).
Often in presentations of pi-calculus one considers structural rules like for the parallel composition being commutative and associative. We cannot have such structural rules because of how we create the location labels of the events and how we define the independence relation on events in Definition 2.12. For the commutativity of parallel composition we can easily see how our labels do not work any more, in the example process P = a a || b b . Here we can get the event e = (a a , 0[a a ][0]) for the transition on channel a. If we had a structural rule saying that parallel composition can commute, i.e., that the two processes P = a a || b b = b b || a a = P are equivalent for the semantic rules, we would see P = b b || a a executing the same event for the same channel a but which has a different location label e = (a a , 1[a a ][0]). This breaks our reasoning about which components execute which events. For the associativity of parallel consider the process P = (a a || b b ) || c c where the event for b would be ). If we allow the parallel to be associative we could write P = a a || ). These two events again have completely different location labels, though they should be seen as coming from the same component.
Note how the definition of independence relation correctly identifies the two events (a a , u 1 ) and (b b , u 2 ) from Fig. 2b as being independent. Thus, the transitions form a correct independence diamond in the sense of labelled asynchronous transition systems (see definition later). Moreover, the four events from Fig. 2a are not independent as they all have the same location path identified by the empty string. Working in this way with location labels also handles correctly recursion as explained nicely in [33, Fig. 2].

Link dependencies
The structural independence relation I s as defined on structural events above misses the link dependencies resulting from extrusion of names. The following example shows a simple link dependency and how it is captured by the extrusion histories and refining the events. Example 2.13 (Simple link dependency). Consider the process (νn)(a n ||n(x)), with its behaviour pictured in Fig. 3. According to I s the two events e = (a n , u) and e m = (n(m), u ), for u = 0[a n ][0] and u = 1[n(x)][0], are structurally independent. 4 The semantics, however, does not allow the input event to happen until after the name n has been extruded by the output event. As also observed in e.g. [17,20], there is a link dependency between the extruding output and the input. The extrusion histories allow for capturing the link causalities of the pi-calculus. Only the output history is needed to capture the link causality in this simple example. Initially, the input and output histories are empty, i.e. H = H = ∅. The (open) rule records the extrusion of the name n in the output history, resulting in the extrusion history ({(n, u)}, ∅). For now we can ignore the complicated pre-conditions of the (par) rule, since when H = H = ∅ it follows that [ǐ]H = H = [i]H = ∅. For the following input transition, the (in) records the location of the prefix receiving the name, which we will need to handle the more complex situations of parallel extrusion possible in the late semantics to be explained below. To capture the link dependency from the events (and ensure proper splitting of events, to be explained later) we enrich in Definition 2.18 below the location under the transitions to include also the location u where the name n was extruded (as recorded in the output history): This extra information is used to split events and refine the structural independence relation to a causal independence relation, as defined formally in Definition 2.20. The causal independence relation does not relate the two events e = (a n , u) and e m = (n(m), u {(n, u)}), since the latter can be seen to be link dependent on the first.
Extrusion of names in the above example is immediate in the (open) rule. However, as shown by the next example, other events in parallel, under the same scope, may also be extruders, and we capture this in the (par) rule. We will refer to the immediate extruders inferred by the (open) as initial extruders and to the latter as possible extruders. Example 2.14 (Parallel extruders). Consider the process (νn)(a n || (b n || n(x))), which has two independent parallel extruders a n and b n . According to Definition 2.10 we have the three structural events e a = (a n , 0[a n ][0]), e b = (b n , 10[b n ][0]), and e m = (n(m), 11[n(x)][0]). 5 The event e m for the input action is structurally independent of both output events, but it cannot happen before at least one has happened.
If [0] ensures e.g. that the output transition on the name c in the following processes is not considered a parallel extruder of the output transition on a: (νn)(a n || (b n .c n || n(x))) and (νn)(a n || b n .(c n || n(x))). The condition that there is no (n, l) where the name has been received before extruded, which is also illustrated in Example 2.16. In the context of the present example, it means that the output transition on the name c in the following processes: (νn)(a n || (b(m).c n || n(x))) is not considered a parallel extruder of the output transition on a, if the name received on b is the previously extruded name n. Now, we want that the following input on n is disjunctively dependent on the two extruders, but we cannot have that in a stable semantics. The solution is to split the input event e m in two events e ma and e mb , one for each parallel extruder, i.e. we get from Definition 2.18 the two input transitions Finally, the two input events will not be independent of each other, since they happen at the same location path.
As shown in Example 2.14 above, instead of a single event e m for the input event, we use the extrusion histories to split the event e m in two conflicting events, e ma and e mb , one causally dependent on output event e a and one dependent on output event e b . Crafa et al. in [17,Sec. 6] deem the approach of splitting events intractable and instead follow a different approach by defining a specially tailored, non-stable event structure model incorporating a global set of extruded names. Our approach, however, works with the standard stable model of asynchronous transition systems (which unfolds to prime event structures [47, Ch. 10]) since we split events involved in disjunctive causalities using the insights from [17].
The next example illustrates that in an early semantics both names in an input action m(n) may have been previously extruded. In other words, the early semantics allow a form of conjunctive causality that cannot happen in the late semantics. Example 2.15 (Link dependency on two names in one action in early semantics). Consider the process P = (νn)(νm)(a n || (b m || m(x))) from which there are two extruding outputs on channels a respectively b of the names n respectively m. We now may have an input action with label m(n) that depends on both extruders. We also have input actions with labels m(n ) for n = n that only depend on the extruder at location 10[b m ][0]. In the late semantics, we only have the latter situation, since the name being input can not be a previously extruded name.
We illustrate the use of the input history in Example 2.16.
After the first transition we may receive either n or an arbitrary name m = n: In the first case, a subsequent output of n on channel c will not be an extrusion, since it happens after the input of n from the environment. In the second case it will, since this output is independent of the extrusion in transition 1. The input history thus allows the (par i ) rules to distinguish between outputs that knew of n before the scope of n was opened and outputs that learned of n by receiving it after it was extruded.
Finally we illustrate the use of the input history in the (com) rule in Example 2.17 below, based on a process also appearing in [17]. Example 2.17. Consider the process P = (νn) (a n || b n ) || (b(x).c x || n( y)) given in [17].
The first point to note is that the name n can be extruded by three actions: 1) The a n action at location 00[a n ] This means that we have three different events for the input action n( y). The next point to note is that either a n and b n are parallel extruders of n or, a n and c n (after the internal communication on channel b).
To illustrate the use of the input history in the (com) rule, we consider the transition sequence beginning with the extrusion of n by the action a n followed by the internal communication on the channel b. The first transition updates the output history with the location of the extruding action as follows: ({(n, 00[a n ][0])}, ∅) P 1 , for The second transition, using the (com) rule, does not update the histories: Looking at the premises of the rule, we get that the set H = ∅, since n has not been extruded or received at a prefix of the location output action b n . This means that the action c n will be detected as a parallel extruder by the definition of H in the (par) rule.
Consider now the example process P = (νn) (a n || d n .b n ) || (b(x).c x || n( y)) and assume again we have executed the a n as the first transition but then also executed the d n transition, resulting in the following process H P for .c x || n( y)) and extrusion history having two parallel extruders recorded in the output history. Now the internal communication using the (com) rule will update the input history: The fact that the reception of the name n is recorded in the input history now prevents the action c n being treated as a parallel extruder by the definition of H in the (par) rule. Finally, note that this example holds for both the early and late semantics.
Based on the examples above, we refine our transitions and events to also capture link dependencies by enriching the transitions with a set D, which we call deterministic sub-history, recording the link dependencies for each non-output name in α, i.e. the past extruding events a name depends on, if it was extruded in the past. The set D contains only one entry per name, even if several entries for the same name can be found in the history (coming from multiple extrusions). Moreover, D is a largest such set. In consequence, several D sets can be extracted from the same transition, thus multiplying the number of causal transitions according to the different ways names could have been extruded. Note that the histories and processes are not changed by the above definition.

Proposition 2.19.
The causal semantics is more fine grained than the structural semantics of Fig. 1 in the sense that: Proof. Trivial (note that D may be ∅). 2 The link dependencies D allow us to define the final notion of events and independence relation for the causal semantics.

Definition 2.20 (Causal independence).
Let the set of events Ev be defined by: Note that from the irreflexivity of the structural independence relation I s , two events (e, D) and (e, D ) that only differ on the splitting sets, i.e. D = D , can never be independent.
We now briefly summarise the rules in Fig. 1.
The (in) rule is the standard early input rule, substituting a received name n for the parameter x in P , yielding P = P {x := n}, and enriched by recording the location u = [a(x).P ][P ] on the transition. Moreover, the rule takes care to add the name n to the input history H.
The (out) rule is the standard output rule, enriched by bookkeeping the location u = [a n .P ][P ] on the transition.
The (open) rule is standard, except the location is recorded for the extruded name n in the output history and not in the action label, as is customary for the standard pi-semantics. Avoiding name extrusions in the labels ensures unique labels for events in Section 4, and only one (com) rule. Otherwise, if we were to follow the pi-calculus conventions and have different action labels we would need to complicate the technicalities by adding a notion of equivalence of events (which would equate action labels with and without bound names), and proving results such as the independence relation has to respect this event equivalence (this more complicated approach can be seen in the technical report [35]).
The (scope), (rep) and (sum) rules are the standard rules, just extended to retain locations and histories.
If we do not consider the locations and histories, the (par i ) rules, for i ∈ {0, 1}, are the standard left and right parallel rules, except that we need to extract the possibly extruded name from the histories by the set b = dom(H i )\dom([ǐ]H), and not from the action label α. The location label is extended by prefixing with i ∈ {0, 1}, to record in which component of the parallel composition the action happened. The extruders recorded in the set H capture exactly the parallel extrusion illustrated in Example 2.14. Specifically, an output location is added to the output extruder history, if the name has been extruded in the other parallel component and not previously extruded (recorded in the output history) nor received (recorded in the input history) by the current component.
Finally, if we again ignore histories and locations, the (com i ) rules are the usual communication rules combined with the close rule, closing a scope previously opened by an (open) rule. The combination is by abuse of notation, writing (ν∅)P for P when there is the communication of a free name (in the same style to how the standard (close) rule for communication of a bound name). The location label is made into a pair, recording the two prefixes taking part in the communication.
Looking at the histories, we discard any changes to histories formed in each component and only forward input histories from the sender to the receiver via the set H .

Correctness results and discussion of difference between late and early semantics
In this section we prove two correctness results for our semantics and in the end we remark on the difference between late and early semantics. The first correctness result shows that the standard interleaving, early operational semantics of pi-calculus recalled in Definition 2.2 can be obtained from the rules in Fig. 1 by ignoring the locations (Lemma 3.5) and histories (Lemma 3.2) and extracting only the scope extrusion from the histories. The result is stated as a bisimulation Corollary 3.8 from the two results of Proposition 3.6 which shows that every transition from pi-calculus is preserved in our semantics, and Proposition 3.7 which shows that our semantics does not introduce more transitions. The second correctness result from Theorem 3.9 shows that our semantics is a conservative extension of the one for CCS given in [33]. For some particular process P we add an initial state (∅, ∅) P and work only with the transition system reachable from this initial state, denoted TS(P ), and defined as the restriction TS| S P of TS to only the states with − → * being the reflexive and transitive closure of the transition relation T .
We prove that in our semantics the histories do not affect the enabling of a standard π transition. The statement of Lemma 3.2 is on transitions directly derived from our semantic rules of Fig. 1 but it extends to causal semantics transitions (i.e., split transitions) as in Definition 2.18 due to Proposition 2.19.
Proof. We use induction on the length of the derivation tree for the given transition. We look at the last rule application (the root of the derivation tree), and show that we can apply it also to the different histories (H v , H v ).
The base cases for rules (in) and (out) are easy since the histories are not influencing the decision of the transition (neither the action label nor the location label). The (in) rule updates the resulting input history though, but this has no bearing on our lemma.
We take now cases.
1. For rules (rep), (sum), and (scope), we see that a general history H = (H, H) is propagated, unchanged, from the conclusion of the rule to the hypotheses. This allows to apply the induction hypothesis thus allowing to replace the history with any history (H v , H v ). Moreover, the adjacent requirements of these rules (when any) do not involve the history information. 2. For rule (open) the left-side history is just propagated to the hypothesis, and the adjacent requirements do not involve the history. This allows to apply the induction hypothesis as before. The output history is changed though, but of no importance here. 3. For rules (par i ) the argument uses the induction hypothesis and also the fact that we can derive one transition with some history (H, H) from the process P 0 || P 1 . We prove that we can derive the same transition from any other history and the same process (H v , H v ) P 0 || P 1 . From the fact that we can derive one transition it means we can derive from the component process ( By the induction hypothesis this means we can derive the same transition from any output history, including the empty history as well as the history [ǐ]H v . This means that for the outcome of the lemma we have the existence of the transition that is required by the (par i ). The other requirements of this rule do not influence its application, with one exception. In particular, the construction of H is only used to update the output history on the right side of the derived transition. The exception is the fact that we need to check that no names from the other component process appear in the output ). The intuition of b is that it keeps the names that were opened, which in standard pi-calculus are called bound names in the action label. However, these bound action names are derived only from the process, and the history does not influence them. In other words, the changes in the domain of the output histories that b records are the same for any history. Therefore, since we already know from the existing transition that (dom(H i )\dom([ǐ]H)) ∩ fn(P j ) = ∅ this would hold for our arbitrary history as well dom([ǐ]H v ). Formally this is proven using induction on the derivation as the following Lemma 3.3. 4. The same argument as for (par) works for (com) rules, only that we need to apply two times the induction hypothesis. 2 Intuitively, the proof of Lemma 3.2 makes clear how only the process term is needed when deciding the existence of a transition, and the histories are only used to keep track of which names have been extruded, so that the (com i ) rules can close the scope if needed. For the standard pi-calculus this is kept in the action label as the bound name of the action. Otherwise, histories are used in Definition 2.18 to split transitions.
The following two lemmas prove some simple observations which are used in several places throughout the paper, sometimes without explicit mention. Lemma 3.3 intuitively states that change in the domains of the output histories in a transition is the same irrespective of the left-side histories.
Proof. We use an inductive argument based on the derivation tree for the transition, and look at the last rule application in cases.
The base cases are for (in) and (out) for which the output histories are not changed by the transition, thus proving the claim trivially.
For the induction cases (rep), (sum), and (scope), just apply the induction hypothesis trivially, since the histories are copied from the hypothesis of the rule.
The case for (open) changes the output history by adding the name n. However, since this name was coming from under a restriction operator (ν) it means the name cannot appear in any other component of the process. Therefore, the name n cannot appear in the left-hand history either; and for any other history we have to the left it would not contain n either, when this rule is applicable.
The case for (par i ) is more complex since this transition changes the output histories in two ways.
The case for (com i ) is trivial, as the output histories are copied from the left to the right side of the conclusion ignoring what they might have been in the hypothesis. 2 Proof. The proof is done by induction on the derivation tree. The base case for (out) rule is trivial since this does not change the histories. Whereas for the (in) rule the input history is changed by adding the name that is received. But this is fine since this name cannot appear bound in neither the process before nor the one after.
The induction case for the rules (scope), (rep), and (sum) is immediate by the induction hypothesis since the histories below the derivation line are the same as the ones above.
The (open) rule adds to the output histories the name n but removes the restriction operator on this name from the process before the transition. The induction hypothesis then finishes the proof.
For the (com) rules we need to prove that Take one rule (par 0 ), as the argument is analogous for the other, and we prove that We take each set from the sequence of unions. For H \ [0]H since it removes all names starting with 0 this will not contain bound names from P 0 either. From the assumption on the left of the transition, we know that the remaining names are not in P 1 either. The same argument goes for H \[0]H. Now use the induction hypothesis to deduce that H 0 ∩ bn(P 0 ) = ∅ as well as H 0 ∩ bn(P 0 ) = ∅. Note that adding the digit 0 keeps the domains the same. We are left with H which we know it is a subset of [1]H and does not already appear to have been part of the histories coming from the P 0 component. Therefore, by the assumption we also have that H does not have names in the bound names of neither P 1 nor in P 0 . 2 In order to compare our semantics with the standard one for pi-calculus we still need to show how the location labels can be ignored, since these can be determined solely from the two process terms involved in the transition. Proof. We generate the location u in the derivation tree of the transition. We assume inductively that the shorter tree generates a unique label. We then look at the structure of P and P , and consider cases on the last rule applied at the root of the derivation tree.
• If P = a n .P 0 or P = a(n).P 0 then we know from (out) respectively (in) that u = [a n .P 0 ][P 0 ] respectively u = [a(n).P 0 ][P 0 ] are unique. This forms the base case of the induction. • If P = P 0 || P 1 and P = P 0 || P 1 then we know that (par 0 ) rule is applied at the root and it adds to the location label u = 0v where v is the unique label obtained from the proof of the P 0 branch. Similarly we find u = 1v if P = P 0 || P 1 using (par 1 ).
• If P = P 0 || P 1 and P = P 0 || P 1 we know that (com) rule is applied and that u = 0u 0 , 1u 1 , which is uniquely obtained by continuing up each branch finding the unique u 0 for the P 0 part and u 1 for the P 1 part.
• If P is of any other process type then the respective application of the remaining rules just copy the location labels.  (H, H), and when α = (νn)m n then α = m n otherwise α = α.
Note that Proposition 3.6 claims the transition starting with the empty history, but then Lemma 3.2 allows any histories to be used. Lemma 3.5 tells how the location label u is determined.
Proof. We use induction on the derivation tree and show how for each rule application in the pi-calculus we find rules applied in our semantics which return the required process.
It is easy to see how when the pi-rules (inp) and (out) are applicable, then the respective rules in Fig. 1 are also applicable to the empty histories, and the output process as well as the action label are the same as in the pi-rule. In the rules from Fig. 1 we update the input history in the (in) rule, and create the respective location labels.
The pi-rule (bang) is the same as our rule (rep). The same for the pi-rule (res) with its requirements which appear the same in our rule (scope). The pi-rule (sum) is as our rule. To all these the resulting processes are exactly the same. Moreover, the histories are not even changed, neither the location labels.
The pi-rules (par), (com), and (open) are manipulating the same processes as our respective rules from Fig. 1, and the respective requirements can be correlated. In our case we manipulate histories and construct location labels.
In particular, the (open) rule from Fig. 1 has the same requirement on the name n = a and it changes the output history to record the bound name that was output from under a scope, thus opening it. In the pi-rule this bound name is recorded in the action label, which in their case changes to (νn)a n . This is why the statement of this proposition captures this distinction between action labels.
For the pi-rules (par) the requirement bn(α) ∩ fn(Q ) = ∅ is captured in our (par i ) rules by b ∩ fn(P j ) = ∅ where b is stored in the output history.
For the pi-rule (com) note that the output action has no bound name, and thus no restriction operator is surrounding the parallel process. In our (com) rules this implies that b = ∅, and we use the syntactic sugar (ν∅)P 0 || P 1 instead. Otherwise, for the pi-rule (close) in our rules the b = ∅ and thus the restriction operator will be exactly as in the pi-rule.
One last aspect that we need to show is that the histories do not prohibit transitions which otherwise are allowed in the pi-calculus transition system. This was done in Lemma 3.2. 2 Proof. Consider our operational rules from Fig. 1 and use induction on the derivation tree to show that for each rule applied in our semantics when we remove the histories and location labels than either the same rule is applicable in the pi-calculus or we find other rules applied which return the required process. The reasoning is very similar to what we did in the proof of Proposition 3.6. The only special aspect is the fact that we need to extract from the output history the action label when this needs to have a bound name, as coming from the (open) rule. 2 Combining Propositions 3.6 and 3.7 we now get the following corollary stating the conformance of our semantics with the standard early pi-semantics. We now show that the non-interleaving semantics is a conservative extension of the one for CCS given in [33]. To this end, consider as equivalent to CCS the sub-calculus of the pi-calculus obtained by allowing only input and output prefixes in which the subject and object are the same, i.e. of the form n(n) and n n , referred to as the CCS subset. In this case it is easy to see that the output histories and link dependencies D are always empty and thus the independence relation and events coincide with the structural independence and events. Fig. 1 is bisimilar to the non-interleaving semantics for CCS given in [33].

Theorem 3.9 (Conservative extension). For the CCS subset of the pi-calculus, the non-interleaving semantics of
Proof. To be precise, the CCS calculus from [33] builds processes using the grammar: They use recursive definitions instead of our replication construct; but these are encodable, e.g., see [2,Def. 6], so we will not be concerned with this. Otherwise, the difference is in their action prefixes which are only names of the two kinds output/input. Therefore, this forms a subset of the pi-calculus that we considered in Definition 2.1 when we allow only output/input with the same subject and object, i.e., n n \ n(n). See a nice comparison of CCS and pi-calculus in this sense as psi-calculi instances in [4]. The proof is then formed of the following observations.
1. the output histories are always empty; 2. the link dependencies D are always empty, thus events are never split; 3. the independence relation and events coincide with the structural independence and events; 4. any transition in the CCS semantics is matched by the same transition in our semantics of Fig. 1, and the other way around.
To prove these we investigate our semantic rules, and discuss how these relate to the semantic rules from [33], which we do not reproduce here as they are revealed from our comparative arguments.  .12, which is that of CCS from [33]. 4. We already observed that (open) is never applicable, which implies that the "close" part of the (com i ) rules is not applicable (i.e., when the b = ∅ and thus a restriction operation is moved from the parallel component with the output prefix to the whole parallel composition process). Otherwise, the remaining (com i ) rules are the same as in [33], building the same location label, since our restriction about names is vacuously satisfied for CCS. Also note that the (in) and (out) rules are always applicable as the immediate rule on top of the (sum) rule. Therefore, we can view these three rules as the single SUM rule from [33] which is also performing the action, and exhibiting the respective output/input action name on the transition. However, the location label that we build in this case contains only the branch process, whereas in [33] it contains the whole summation process. This is fine for our proofs, and does not interfere with the deduced transitions. The (scope) rule is the same as the RES rule from [33], also with the required restriction, only that in the location label we do not need to record the name that is bound by the restriction operator as [33] needs. For the (par i ) rules our restriction on names is vacuously satisfied, and the location label is updated exactly as in [33]. We do not discuss the (rep) rule. The above observations make it clear that whenever from a P C C S process one can derive a transition in the semantics of [33], we can also derive the same transition, with the same action label, and analogous location label in our semantics. The location label in our case does not contain bound names, and contains in the last process part of the label only the summation branch. However, these location labels do not contribute in [33] to deciding which transitions can be derived. The opposite is also true, i.e., in our semantics we cannot derive a transition which the semantics of [33] cannot derive also. 2 Remark 3.10 (Late version of our semantics). The transition for the input prefix generated by the (in) rule in the standard early semantics (see Definition 2.2) contains a concrete name m, which is substituted for the parameter x. Assuming that all bound names are unique and different from all free names, one can define the transition for the input prefix generated by the (in) rule in the late semantics simply by removing the substitution. The resulting process P will thereby contain the name x as a fresh free name. In the late semantics, the substitution is then performed in the (com) rule. A late style version of the rules in Fig. 1 will be obtained by replacing the (in) and (com i ) by the following rules (for clarity we only give the (com 0 -late) rule replacing (com 0 )): Because of the assumption that all bound names are unique and different from all free names, the received name x in the input transition with label a(x) will not be identical to any of the names that the extruders output. In consequence, we do not need to record the received name in the input history in the (in-late) rule. Also, the case in Example 2.16 where the previously extruded name is received can not happen in the late semantics.
However, the input histories are still needed to keep track of names that are being received during communications. A new variant of Example 2.16 shows this and how (com 0 -late) still updates the input histories. Consider the process P = (νn)(a n .b n || b(x).c x ) for which after an output on channel a, the name n is communicated on channel b between the location 0 and location 1. We still want that in the remaining process 0 || c n the output of n on channel c is not an extruder. This is done as in the early semantics, using the input histories in the (par) rules and updating them in the (com i -late) rules. In the late semantics, also Example 2.15 does no longer apply. This is captured by changing the definition The late semantics would thus have less events for two reasons: Firstly, the (in-late) rule will only generate one transition, for the one (fresh) input n(x), instead of the infinitely many transitions for each possible name m in the action n(m) produced by the (in) rule. Secondly, the splitting of these events will only depend on the subject and not the object of the communication. We leave for future work to prove that the above semantics provides an asynchronous transition system conservatively generalising the non-interleaving late semantics and to study in detail the correspondence between the late semantics given here and the one in [17]. The two semantics are not identical, since the semantics in [17] does not split events and thus results in a non-stable semantics.

Early labelled asynchronous transition systems semantics of pi-calculus
In this section we show that the operational semantics, events and independence relation given for the pi-calculus in the previous section yields a labelled asynchronous 6 transition system (LATS) as defined in [3,40,47,22] and recalled in Definition 4.1. LATS are known to satisfy the stability property, that is, every event depends on a unique set of events, and unfold to standard labelled prime event structures [47,Ch. 7]. The last two conditions ensure that independent events always form interleaving diamonds and imply stability, i.e. unique cause of events. Fig. 1
To prove this we need several intermediate results and definitions. The following lemma states that the transition system is event deterministic, i.e. that it satisfies property 2. of Definition 4.1. Proof. The events that we are interested in are the ones in Ev obtained through splitting in Definition 2.20. But each split event is obtained from a transition derived with the rules from Fig. 1 and all splits make transitions between the same pairs of processes and histories. Therefore we are not interested in the splits but in the kernel event, which is formed of the first two elements of the three-tuple event, i.e., the action name and the location where the event appears. In consequence, we show that for some arbitrary event and process (together with some history), there is a unique operational rule that is applicable. This results in a unique transition, as in the statement of the lemma.
The histories do not contribute to the decision whether an operational rule is applicable or not; and neither do the histories influence how the resulting process looks like. These facts have been established in Proposition 3.2.
For the rest we use induction on the structure of the location label and the process P , thus identifying which of the operational rules applies for the particular reduction. The induction is double, depending on how the location label looks rule applies, and the outcome process is unique with respect to the original process P . If P = (νb)Q then the rule (open) also applies and changes the output action to one having a bounded name b, and the resulting process is also restricted as (νb)Q with Q determined by the communicating processes. Otherwise, if P is only a parallel composition, then the resulting process is not under a restriction.
For the induction case we consider that the event has the location with s ∈ {0, 1}, and any of the s , s 0 , s 1 may be empty. We take cases after s and for each case we look at the structure of P and α to determine the rule used. It turns out that each time only one rule applies. Moreover, each rule changes the histories from the left of the transition in a determined way, ensuring the history equality from the statement of the lemma.
1. For the case when s = 0 we have that (a) if P = P 0 || P 1 then the only rule that could have been applied to generate this transition is (par 0 ). From the induction hypothesis we know that the required transition for this rule, which applies to a shorter location label, produces the unique process P 0 , which when composed in parallel produces a unique outcome process P 0 || P 1 . (b) if P =!P 1 then only rule (rep) applies to produce Q || !Q . Further up the derivation tree one of the (par) rules apply.
When s = 0 the (par 0 ) rule produces the unique P || !Q . (c) if P = (νn)P 1 then i. if α = a n then only rule (open) applies, ii. otherwise only (scope) is applicable. Further up in the derivation tree we can apply the induction hypothesis on the same location label, but a smaller process (without the restriction operator), to produce a unique process, thus the whole derivation is unique.
2. For the case when s = 1 we have that • if P = P 0 || P 1 then only rule (par 1 ) applies, and an argument analogous to 1a goes through.
• if P =!P 1 then use analogous arguments as for 1b producing the unique Q || P by the induction hypothesis.
• if P = (νn)P 1 then use analogous arguments as for 1c.
3. For all location labels and action labels if P = i∈I : ϕ i .P i then the unique rule application is (sum). Even if two branches of the sum induce a transition with the same action name but different output process, these will be considered as different events because of the location label containing different processes at the end. Therefore, the nondeterminism no longer exists here. The induction hypothesis is applicable further up on the derivation tree to the smaller label as well as smaller process, to produce a unique outcome.
For the location label ss 0s 0 [P 0 ][P 0 ], 1s 1 [P 1 ][P 1 ] an inductive argument as before reduces the s and s to the case when they are empty. In this case the only rule that could have created this label is the (com) rule. This implies that P = Q 0 || Q 1 . Using the previous case on Q 0 and location s 0 [P 0 ][P 0 ] we know that Q 0 uniquely reduces to Q 0 , and similarly for Q 1 and the location s To prove that the transition system from Theorem 4.2 satisfies the last two (diamond) properties of a labelled asynchronous transition system we follow the approach from [33].
The following partial function makes precise how a sequence s ∈ {0, 1} * identifies a subprocess, called the component, in a process.

Definition 4.4 (Components). Define inductively the partial function
Comp : {0, 1} * × Proc Proc 1. Comp( , P ) = P , when P = !P 1 and P = (νn)P 1 (and is the empty string) 2. Comp(0s,  Take s = 0s 0 for which Comp is defined when P is one of P 0 || P 1 , (νn)P 0 , or !P 0 . For P = P 0 || P 1 from Definition 4.4 (2) we have that Comp(0s 0 , P 0 || P 1 ) = Comp(s 0 , P 0 ), which implies that the left part of the lemma equality becomes Comp(s, Comp(s 0 , P 0 )). The right part becomes Comp(s 0 s, P 0 ) by applying Definition 4.4 (2) as Comp(0s 0 s, P 0 || P 1 ) = Comp(s 0 s, P 0 ). The equality of these last two formulas is given by the induction hypothesis. In the case when P = !P 0 then we first apply Definition 4.4(5) and then we follow the above reasoning verbatim. For the case for P = (νn)P 0 we first use Definition 4.4(4) then follow as above.
The case for s = 1s 1 is analogous, using Definition 4.4(3) for P = P 0 || P 1 and Definition 4.4(4) for P = (νn)P . Note that no matter what the structure of s is, the Comp is defined when P = !P 0 . This then reduces to a process where only the cases Definition 4.4 (2) and (3)   3. when s = ε and P = (νñ)P 1 and P 1 = (νm)P 2 , for ñ and m non-empty, 7 we either have (ñ ∩ n(α) = ∅ or (∃b ∈ñ : α = a b with a / ∈ñ). 7 By the assumption that all bound names are unique and different from all free names we can prove that all restrictions can be moved to the front of the process term. Thus we denote by (νñ) the list of all bound names of P .
• When s = 0 the rule that adds 0 to the location label is (par 0 ), therefore we work with the transition (H, H) • When s = 1 we follow the same argument as above using (par 1 ) instead of (par 0 ).
• When s = we consider the three rules (open), (scope), and (rep), where we do not add anything to the location label.
The structure of P and of α determine which rule is applicable. We omit the histories when obvious from the context in order to not clutter the text.
-Consider the application of (open) to process P = (νn)P 0 and action α = a n where a = n. We thus work with a tran- From any communication transition we can then recover the transitions in the components identified by the location labels.

Lemma 4.8 (Decomposing communications). For location strings s, s
where s l = s0s 0 , s r = s1s 1 , and α notation is defined as a n = a(n) and a(n) = a n .
Proof. We first make use of Lemma 4.6 to simplify to only considering s = ε. Then we work with the labels 0s 0 and 1s 1 and make two arguments in parallel. Therefore, we consider P of the form P 0 || P 1 and apply the (com) rule at the root of the transition derivation tree. This (H 1 , H 1 ) P 1 , with Comp(0, P ) = P 0 and Comp(1, P ) = P 1 . Moreover, α and α must be of the forms a m and a(m), and We know that the channel name a must be the same in both α's and the output name m is the same as the received name on the input side. Moreover, if b = , the only time a name can be added to an output action label is by the (open) rule, which opens the scope of b and thus we must have m = b.
Apply now Lemma 4.6 (in fact Corollary 4.7 when the labels are strings) to the two transitions to obtain which by Corollary 4.5 are the same as ([ To see how the right components become the ones from the statement of the lemma apply Definition 4.4(4) to P with the respective location labels 0s 0 and 1s 1 , having e.g., Conversely, we can lift a transition from a component to the whole process, when it does not enter a communication. 3. for s = ε and P = (νn)P 1 if n / ∈ n(α) or (α = a n and n = a).
1. When s = 0 it implies that P = P 0 || Q since Comp(0, P ) = P 0 , otherwise is undefined or it enters under the cases below. The requirements for the rule (par 0 ) are satisfied by the restrictions of the lemma. Therefore, we have the 2. When s = 1 use an argument as for s = 0 where we use rule (par 1 ) instead.
3. When s = ε we consider the two non-trivial cases for which Comp is applicable, i.e., when either P =!P 1 or P = (νn)P 1 .
• For P =!P 1 we have that Comp( , !P 1 ) = Comp( , P 1 || !P 1 ) = P 1 || !P 1 . Therefore, the transition given by the lemma is in fact P 1 and we are allowed to apply the rule (rep) to obtain !P 1 P 1 which is the transition we are looking for, i.e., having s = ε, P = P 1 , and Comp( , P 1 ) = P 1 . The histories do not change, so we omitted them.
• For P = (νn)P 1 we have Comp( , (νn)P 1 ) = Comp( , P 1 ) = P 1 . We take two cases: -where n / ∈ n(α) for which the only applicable rule is  Proof. The statement of the lemma implies that Comp is applicable to P , both for a label 0 and 1. This means that P has the structure of a parallel composition. Because of the restriction a / ∈b we are allowed to use the (com) rule, which gives us that P = (νb)(P 0 || P 1 ) after the transition. From Definition 4.4(4) we have that Comp(0, (νb)(P 0 || P 1 )) = Comp(s, (P 0 || P 1 )). which by Definition 4.4(2) becomes Comp(0, P 0 || P 1 ) = P 0 . Following the same reasoning using first Definition 4.4(4) and then Definition 4.4(3) we have that Comp(1, P 0 || P 1 ) = P 1 proving the lemma. The histories are updated by the rule, but this is not relevant for the lemma, thus we denote them just (H , H ). The symmetric version follows the same lines of reasoning. 2 Lemma 4.12 (Localisation). For any process P and a location string s, whenever Comp is defined, we have: (H , H ) P and (ss 0 , s ) ∈ I l and (ss 1 , s ) ∈ I l then Comp(s , P ) = Comp(s , P ).
Proof. We first prove the part 1.
Since (s, s ) ∈ I l then we can split s and s into s = u0l 1 , s = u1l 1 respectively where u = lcp(s, s ) is the largest common prefix, or the symmetric s = u1l 1 , s = u0l 1 , which can be treated analogous. From Corollary 4.5 we have that Comp(s, P ) = Comp(u0l 1 , P ) = Comp(0l 1 , Comp(u, P )), and denote Comp(u, P ) = P u . The decomposition Lemma 4.6 (i.e., Corollary 4.7 for u a string) allows us to derive the transition: (H , H ) Comp(u, P ) = P u with α = α except for the case when (open) rule is applied in the derivation tree, with α = a n , a = n and α = a n .
Because of the location label 0l 1 it means that P u = P 0 || P 1 , and applying Lemma 4.6 to the above transition we derive:
We already know that Comp(u, P ) = P u and Comp(u, P ) = P u . Therefore, we need to show Comp(1l 1 , P u ) = Comp(1l 1 , P u ).
Since we already have proven that Comp(1, P u ) = Comp(1, P u ) this part is done. For the part 2 we can consider ss 0 and s to be written as ss 0 = u 0 l 0 respectively s = u 0 l 0 , for which the independence says that u 0 is maximal and l 0 start with a 0 and l 0 with a 1 (the symmetric case is analogous). Similarly, for ss 1 and s their independence implies that ss 1 = u 1 l 1 and s = u 1 l 1 . Since u 1 l 1 = s = u 0 l 0 we can identify two cases: Recall that since they are part of a communication location label the s 0 starts with a 0 and s 1 starts with a 1. The case (i) means that u 0 ≺ s ∧ u 1 ≺ s. Because of this, the component identified by s is outside any of the two components that participate in the communication, and thus the rest of this case follows as for part 1.
For the case (ii) we know that ss 0 can be written as s0s 0 and ss 1 can be written s1s 1 , which implies that u 0 ≺ u 1 ∨ u 1 ≺ u 0 . We work with the first substring inclusion, as the second one would be analogous. In this case we deduce that u 0 = s, for otherwise we would break the requirement that u 0 is maximal. This implies that s can now be written as s = s1l 0 (when u 1 is the shortest then s = s0l 1 ), which means that the component we are working with is in the right part of the communication. Moreover, u 1 can be written as s1v and thus the whole s = s1v l 1 and ss 1 = s1v l 1 . Since s I l ss 1 and s1v is maximal then l 1 I l l 1 (and they start one with 0 and the other with 1).
Using the decomposition Lemma 4.8 we obtain the transition We can apply the current lemma inductively to this transition and the independent labels l 1 I l l 1 to obtain which by Corollary 4.5 transforms in the expected result. 2

Proof of Theorem 4.2.
It is easy to see that the independence relation I of Definition 2.20 is irreflexive, because it inherits this from I s , and symmetric, because I s is and the second part is symmetric by definition.
For the first ATS requirement 4.1(1) each event in the generated transition system is a split event, which by Definition 2.18 is attached to a transition between two process.
To prove the ATS requirement 4.1(3) consider a history (H, H) and some process P , and two events e = (α, u, D), e = (α , u , D ) enabled in this state (H, H) P , which are also independent eIe . Take the two transitions corresponding to these events in the generated transition system, i.e.: We can have three possible combinations of events, depending on the structure of their location labels: We treat the first case.
Since eIe then Definition 2.20 implies that eI s e and that n : D(n) = u ∧ n : D (n) = u (which we use towards the end of the proof, when showing the ATS Property 4.1(4)). Since Loc(e) = {s} and Loc(e ) = {s } we have by Definition 2.12 that sI l s which means that they look like s = v0s 3 and s = v1s 3 with v = lcp(s, s ) being the largest common prefix. In consequence, Comp(v, P ) = P 0 || P 1 is a parallel composition, and the decomposition Lemma 4.6 applied using v allows to derive the transitions For this part of the proof we can ignore the D, D sets because these are derived from the histories of transitions like the above. Therefore, we reason over simpler transitions as above, and in the end we argue that the same split transitions on the respective D and D can be obtained from the resulting histories.
At this point the two derivation trees are different in the sense that in one the (par 0 ) rule is applicable whereas in the other the (par 1 ) rule. From the two (par) rules we have the following respective transitions According to the decomposition Lemma 4.6 we also have Comp(v0, P ) = P 0 and Comp(v1, P ) = P 1 , as well as Comp(v0, P ) = P 0 and Comp(v1, P ) = P 1 . Moreover, Lemma 4.6 also provides the following dom  Comp(v, P )) and thus we can deduce that Comp(v, P ) = P 0 || P 1 . To this we can now apply the rule (par 1 ) with the right transition from above, and deduce the transition We were able to apply the right transition from above with a different (correct) history because of Lemma 3.2. Moreover, the requirement of the (par 1 ) rule (i.e., b ∩ fn(P 0 ) = ∅, with b the change in histories from the respective transition above) was provided above by Lemma 4.6 but through the result in Lemma 3.3, which says that the change in the domain of the is the same for any starting histories (using moreover the fact that fn(P 0 ) = fn(P 0 )).
In order to obtain the full required transition we need to show that now we can apply Lemma 4.9 for composing transitions on the above last transition (i.e., the respective restrictions of Lemma 4.9 need to be satisfied). For this we consider a minimal v ∈ {0, 1} and take cases depending on it.
To any of the above we can apply rules that P with Comp(v, P ) = P 0 || P 1 .
It remains to argue that P = P . This is the case because of the localisation Lemma 4.12 which says that for any independent location label v I l v we have: Therefore, we get Comp(v , P ) = Comp(v , P ), which together with the fact that Comp(v, P ) = P 0 || P 1 = Comp(v, P ) we have our expected result P = P .

Claim:
The histories H and H are changed by the two derived transitions into the same history H = H .
We look in the derivation tree of the transition to identify how histories are being changed. Observe that rules (sum), (rep), (scope), copy the histories from the hypothesis to the conclusion, i.e., they only propagate down the tree the changes done further up by the other rules. Rule (out) makes no change to the histories.
We discuss how the rest of the rules (in), (par i ), (open), (com i ), change the histories. The only rule that adds new names to the input history H is (in) and this can only be applied once in a derivation tree.
Therefore, the action label α of the transition will tell whether the (in) rule has been applied, and thus we know exactly what has been added to the input history, i.e., the pair (n, ε) with n the name from the action α = a(n). Moreover, when (in) is applied then in the same derivation tree the rule (out) cannot appear, and thus also not the rule (open) as it needs further up in the tree an application of (out) (as seen from the action label in the hypothesis of (open)). In consequence, in a derivation tree, together with rule (in) only (par) or (com) rules may still be applicable. The (par) rules update any history information coming from further up in the derivation tree by adding the respective component label, i.e., replacing The (par) rules add new information to the extruder history as H . The pair that is added in the H depends on the action label α = a n and on the history that we work with (both input and extruder parts of the history). In any case, at most one name is added to the history. Moreover, when (in) is applicable, then H is empty because it depends on α being an output action.
All these tell that when the actions on the transitions that we work with, i.e., either α or α are input actions, then the history is changed by adding one name pair to the input history H and leaving the output history unchanged. The (open) rule requires a previous application of (out), and therefore, no application of (in) is possible, thus the input history H remains unchanged throughout the derivation tree. The (open) rule adds one single pair (n, u) which we extract from the transition labels, i.e., having α = a n and the location label u. Note that at this point in the derivation tree the name n is added as extruder with the current location u, but this location is updated by the (par) rules through prefixing with location labels depending on the respective component. Thus, at the root of the tree this extruded name appears as new in the history but with the full label u which we see on the transition that we work with.
To finish the proof of this claim we take cases after α and α .
1. When both α = a(n) and α = b(m) are input actions.  (b) When both actions extrude the same name n = m (and thus P contains only (νn)), we are in the situation of parallel extruders. Here is the case when in the initial transitions we apply the rule (open) whereas in the derived transitions the rule (par) (for possible extruder). This is fine since the name n will be initially added to the histories H and H by the (open) rule, and then in the deduced transitions it will satisfy the requirements to be added to the histories again, but with an independent location.
(c) The case when P does not have a (ν) but the history contains a name n ∈ H is handled by the (par) rules since this means that the respective output is a possible extruder (not an initial extruder). For the (par) rule to add to the extruder history, i.e., so H = ∅, the name that needs to be added must already exist in the history but with an independent location label. Assume this for α, thus (n, u ) ∈ H with u I l u. No matter what the α does it only adds to the histories and thus we will still have (n, u ) ∈ H . Therefore α will still add the (n, u), and thus we get the same histories in both deduced transitions. (d) Any other possibilities are as simple as the last case above, or are trivial since they do not change any history (like when the outputs do not extrude).
3. When α is an input action and α is an output action the reasoning is simple similar to the one done in the last cases.

Claim:
The deduced transitions can be split with the respective D, D based on the respective histories.
From the two given transitions we know that both D ⊆ H and D ⊆ H. Since the histories only (at most) increase through transitions and we have seen that H ⊆ H then we also have that D ⊆ H , meaning that the transition can be split with D (the same for D ⊆ H ).

For the second case, when locations
, the proof follows similar arguments as for the first case, with few differences which we comment about in the following. Note that the independence of the events now offers two pairs of independent locations: ss 0 I l s and ss 1 I l s , which give rise to several cases. Recall that s 0 and s 1 start with a 0 respectively 1.
Assume that in both independences we have v = lcp(ss 0 , s ) ≺ s and v = lcp(ss 1 , s ) ≺ s, which means that v = v . It is easy to see that now we can immediately apply the same reasoning as we did before, for the first case. Moreover, recall that the (com) rule which is applied for the transition with u does not change histories, and thus the transition at u does not change histories. This makes the above reasoning about histories even simpler and we can easily deduce the existence of the splitting sets D, D .
Assume that v = s which means that ss 0 = v0s 0 and s = v1s 3 . This in turn implies that s 3 = ε because otherwise we would get s ≺ ss 1 = v1s 1 which breaks the independence of these two. Moreover, since v1s 1 = ss 1 I l s = v1s 3 we get that s 1 I l s 3 and denote lcp(s 1 , s 3 ) = v , thus having ss 1 = v1v 0s 1 and s = v1v 1s 3 (or a symmetric variant).
Since u is a communication location label the (com) rule must have been applied in the derivation tree, which requires Comp(v, P ) = P 0 || P 1 , thus, having the following transitions We must deduce the existence of the following two transitions with H = H , H = H and P = P . We concentrate on deducing the left transition.
Using Lemma 4.6 on the first given transition we can find the following transition (ignoring the splitting sets D, D for now, as we did before) At this point the (com) rule is applicable and we know that Comp(v, P ) = P 0 || P 1 to some Comp(v, P ) = P 0 || P 1 . Using the decomposition of communications Lemma 4.8 we get two transitions Whereas applying the same decomposition Lemma 4.6 to the second given transition from the beginning we obtain Because of the localisation Lemma 4.12 and the independence of these last two location labels we can apply the same transition with α but to the component of P , i.e., deduce Comp(v1v , P ).
Note that the histories do not matter at this point, because of the same arguments that we gave before; therefore we do not mention histories in these last transitions. We can lift this transition using localisation Lemma 4.12 and the composition of transitions Lemma 4.9 because the restrictions are satisfied by the previous decomposition lemma applications (similarly as we argued in the first case above) and obtain the transition

Comp(v, P ).
Because of the independence with the label 0s 0 we can apply the localisation lemma to deduce that this part of the process also remains unchanged. Therefore, when applying again the composition Lemma 4.9 we lift the transition to the top-most process, as expected P with P the same as P only with the component Comp(v1v , P ) changed accordingly. This component is different than the part that was changed through the communication.
To deduce the second transition apply a similar argument, but when lifting up apply the composition of communications Lemma 4.11 to deduce the correct τ -transition. The resulting process will be the same as P because when first we applied the transition with α we change a part which was then not touched by the communication transition.
It is easy to see that these deduced transitions are allowed, and that the histories are the same, i.e., H = H = H . For the fourth ATS requirement of Definition 4.1(4) consider a history H, some process P , an event e = (α, u, L) with a transition H, P We will only prove the first of the transitions and rely on the proof for the requirement Definition 4.1(3) to show the existence of the second transition. This is the case because once we have deduced the transition from P , deducing the fourth transition will fall in under Definition 4.1(3).
We have four different combinations of events depending on the structure of their location labels: For case 1 we first write s and s as we did in the proof of case 1 for 4. P with Comp(lcp(s, s ), P ) = P 0 .
In consequence we can apply the second transition to this component to obtain the transition that we are looking for, with P 0 = Comp(lcp(s, s ), P ). Here we have to apply the decomposition and composition lemmas to go down respectively up the location string, similar to what we argued in the previous relevant case for ATS restriction 4.1 (3).
It remains to make sure that the above derived transition is allowed, which by Definition 3.1 means to show that L ⊆ H. We know that L ⊆ H and we know that H = H ∪ H 0 where H 0 may be of the form ({n, u| {0,1,[P]} }, ∅). In fact, any name that is added to H 0 by α will have the location u| {0,1,[P]} . To show our inclusion we can show that L ∩ H 0 = ∅. This is given by the independence relation eI π e which implies that n : L (n) = u| {0,1,[P]} .
The remaining three cases follow similar arguments as the above case 1 and the respective cases 2 and 3 from the proof for the ATS requirement 4.1(3). 2

Conclusion and related work
We provided the first stable, non-interleaving, early operational semantics for the pi-calculus conservatively generalising the interleaving early operational semantics. The semantics is given as labelled asynchronous transition systems (LATS). We followed and conservatively generalised the approach for CCS in [33] by capturing the link causalities introduced by the pi-calculus processes through a notion of extrusion histories inspired from the recent work of [17]. In this respect, our semantics treats all the examples that are discussed in [17,Sec. 6].
Part of our motivation was to give a non-interleaving semantics that is close to the standard early semantics of picalculus; hence our use of operational rules and a transition-like model. Moreover, we aimed to stay close to standard non-interleaving models; hence the stable model of asynchronous transition systems, which required us to split events in order to handle disjunctive causalities.
There have been several works on causal models for pi-calculi using various techniques. The work of [12,13] uses indexed labelled asynchronous transition systems (N-LATS), which extend the general works based on category theory for CCS [3,47], looking at early bisimulation semantics [5,6]. This work takes what they refer to as a model-theoretic approach, identifying N-LATS as a transition system model suitable for representing causality and linking of pi-calculi independently of the syntax. This work uses similar concepts as the work of [17] that we were inspired by; i.e., the N-LATS keep a set of names, and use special labels and dependencies between these labels in order to keep track of the special link dependencies that pi-calculus introduces. However, [13] views the model categorically, whereas [17] not; and [13] works with an extension of LATS whereas [17] with a similar extension of event structures. A deeper investigation of the relationship between our semantics and the one in [12,13] could perhaps lead to also a deeper understanding between our semantics and the one of [17].
The work of [24] takes a domain theoretic semantic of the pi-calculus given in terms of pomsets and appropriate operations on these. The papers [9,21] present Petri nets semantics for the pi-calculus, and thus, the same as the previous work, are not structural operational in nature.
The work of [6] makes the distinction between "subject and object dependencies", which we also adopted, and they define the notion of causal bisimulation to distinguish processes wrt. their subject or object dependencies. However, this causal equivalence is shown to be encoded into the ordinary interleaving observational equivalence, thus not giving the true concurrency semantics that we are looking for in this paper. A similar study is carried by [38] in the setting of location bisimulation [8] with a similar (fully abstract) encoding into observational bisimulation as above. Good comparative overviews of location equivalence versus other causality equivalences are provided by [26,15]. This last line of work is what we adopt in our paper as well, i.e., using locations (static locations, as opposed to dynamic locations as above) to capture where in a process the concurrent actions are performed, i.e., by which parallel component. We started from the work of [33] for CCS; however there exist several related works including [1,10] for static locations and [8] for dynamically assigned locations. The handbook chapter [11] gives a good introduction and more recent overview of this subject. A thorough investigation of non-interleaving semantics for CCS is carried in [7], which compared to [33] and our work, uses the general choice operator instead of guarded summation. In our case we would need to enrich the labels to keep track of the branches being taken, similar to what [7] are doing. However, [7] records the whole computation along with the structure of the choices (which should not be confused with what we record in our extruder histories); which might be too much for our case, and an approach as in [11] with sequences of L/R branching markers could be enough. The models used in [7] (i.e., using equivalences of sequences of transitions) capture what LATS capture using the diamond properties. The paper [20] also investigates the distinction between the CCS causality and the specific pi-calculus causalities as [6] did, but which they call "structural and link dependencies". The paper studies to some extent the notion of extruders generating different kinds of causalities in the late style of pi-calculus. They also make use of the same static location labels as in the case of CCS above, which they call "proof terms".
None of these approaches deal with the notion of parallel extruders, which implies disjunctive causalities and thus requires event splitting in order to regain stability of the concurrency models. The work of [32] introduces a graph rewriting semantics of the early style of pi-calculus (without summation) that deals with parallel extruders. More thoroughly, the works of [16,45,17] treat parallel extruders and full pi-calculus in a denotational semantics, using an extended form of event structure with a set holding the bound names of the process.
The work of [19] on reversible pi-calculus (Rpi) also provides a stable causal semantics as a by-product, given in [19, Chap. V] when one views Rpi as an annotated version of pi-calculus. Concretely, the memories in Rpi carry more information (needed for the purpose of reversibility) than needed for capturing causalities (i.e., information of extrusion that we record in histories). Still, it is not trivial to provide a formal relationship between their memories and our histories, mainly because we use explicit location labels, whereas they use a split symbol on the memory stacks. It could also be worth noting that (to simplify presentation) the syntax used in [19] does not consider choices nor replication (i.e., only covers finite, deterministic processes). However, [19] does not explicitly identify the events and thus neither a non-interleaving (event-based) model underlying their semantics (as we do here using asynchronous transition systems). The reversible semantics is given in terms of reduction contexts, with no given formal relations with other models. Note also that a main goal of [19] is to have a compositional semantics, whereas we paid attention to obtaining a stable operational model.
As future work we aim to prove that the late semantics given in Remark 3.10 yields a labelled asynchronous transition system, and then explore the differences between early and late style non-interleaving semantics in the setting of this paper. We conjecture that it is possible to define a splitting for the extended event structures of [17] to obtain the prime event structures given by unfolding the asynchronous transition systems provided by our late semantics. This we believe would also be relevant for comparing the semantics of Rpi [19] with our semantics and the compositional denotational semantics of [17]. An alternative could be to work with more expressive models of concurrency than prime event structures and ATS, which can also capture disjunctive causalities, like higher dimensional automata [36,44] or configuration structures [43] and ST-structures [25] if aiming for an event-based model.
The free choice (compared to our use of guarded choice in this paper) introduces more details in a non-interleaving semantics; see [11] or our report [35] where we have worked out the generalisation of the present semantics to unguarded choice. Finally, we are working on lifting the present results to psi-calculi [4], laying the foundations for generalising the meta-theory and operational semantics of psi-calculi to non-interleaving semantics.