Controlling resource access in Directed Bigraphs


Electronic Communications of the EASST
Volume 10 (2008)

Proceedings of the
Seventh International Workshop on

Graph Transformation and Visual Modeling Techniques
(GT-VMT 2008)

Controlling resource access in Directed Bigraphs

Davide Grohmann, Marino Miculan

21 pages

Guest Editors: Claudia Ermel, Reiko Heckel, Juan de Lara
Managing Editors: Tiziana Margaria, Julia Padberg, Gabriele Taentzer
ECEASST Home Page: http://www.easst.org/eceasst/ ISSN 1863-2122

http://www.easst.org/eceasst/


ECEASST

Controlling resource access in Directed Bigraphs

Davide Grohmann1, Marino Miculan2

1 grohmann@dimi.uniud.it, 2 miculan@dimi.uniud.it
Department of Mathematics and Computer Science, University of Udine, Italy

Abstract: We study directed bigraph with negative ports, a bigraphical framework
for representing models for distributed, concurrent and ubiquitous computing. With
respect to previous versions, we add the possibility that components may govern the
access to resources, like (web) servers control requests from clients. This frame-
work encompasses many common computational aspects, such as name or channel
creation, references, client/server connections, localities, etc, still allowing to derive
systematically labelled transition systems whose bisimilarities are congruences.

As application examples, we analyse the encodings of client/server communications
through firewalls, of (compositional) Petri nets and of chemical reactions.

Keywords: Bigraphs, reactive systems, (open) Petri nets, graph-based approaches
to service-oriented applications.

1 Introduction

Bigraphical reactive systems (BRSs) are an emerging graphical framework proposed by Milner
and others [Mil01, Mil06] as a unifying theory of process models for distributed, concurrent and
ubiquitous computing. A bigraphical reactive system consists of a category of bigraphs (usually
generated over a given signature of controls) and a set of reaction rules. Bigraphs can be seen
as representations of the possible configurations of the system, and the reaction rules specify
how these configuration can evolve, i.e., the reaction relation between bigraphs. Often, bigraphs
represent terms up-to structural congruence and reaction rules represent term rewrite rules.

Many process calculi have successfully represented as bigraphical reactive systems: λ -calculus
[Mil07], CCS [Mil06], π -calculus [BS06, JM04], Mobile Ambients [Jen08], Homer [BH06],
Fusion [GM07b], Petri nets [LM06], and context-aware systems [BDE+06]. The advantage of
using bigraphical reactive systems is that they provide general results for deriving a labelled tran-
sition system automatically from the reaction rules, via the so-called IPO construction. Notably,
the bisimulation on this transition system is always a congruence; thus, bigraphical reactive sys-
tems provide general tools for compositional reasoning about concurrent, distributed systems.

Bigraphs are the key structures supporting these results. A bigraph is a set of nodes (the con-
trols), endowed with two independent structures, the place graph and the link graph (Figure 1).
The place graph is a tree over the nodes, representing the spatial arrangement (i.e., nesting) of the
various components of the system. The link graph represents the communication connections,
possibly traversing the place structure. A bigraph may be “not ground”, in the sense that it may
have one or more “holes”, or sites (the gray boxes) to be instantiated; these holes are specific
leaves of the place graph, where other bigraphs can be grafted, respecting the connection links.
This notion of composition between bigraphs yields a categorical structure.

1 / 21 Volume 10 (2008)

mailto:grohmann@dimi.uniud.it
mailto:miculan@dimi.uniud.it


Controlling resource access in Directed Bigraphs

directed bigraph
G : 〈3, ({r},{w, u})〉→〈2, ({x, z},{y})〉

0

v0

v1

v2

0
1

x y
e0

w

1

v3

v4
2 e1

z

ur
place graph
GP : 3 → 2
0

v0 v2

v1 1

0

1

v3

v4 2

directed link graph
GL : ({r},{w, u}) → ({x, z},{y})

v0 v1
v2

x y

e0

w

v3

v4

e1

z

ur

Figure 1: An example of directed bigraph, with negative ports.

In Milner’s “pure bigraphs” [Mil06], connections are represented by hyper-arcs between nodes.
This model has been successfully used to represent many calculi, such as CCS, and (with a small
variant) λ -calculus, π -calculus. Nevertheless, other calculi, such as Fusion [PV98], seem to
escape this framework. Aiming to a more expressive framework, in previous work [GM07a,
GM07b], we have introduced directed bigraphs. Pure and directed bigraphs differ only on the
link structure: in the directed variant, we distinguish “edges” from “connections”. Intuitively,
edges represent (delocalized) resources, or knowledge tokens, which can be accessed by con-
trols. Arcs are arrows from ports of controls to edges (possibly through names on the interfaces
of bigraphs); moreover, in the version considered in the present paper, we allow arcs to point to
other control’s ports (Figure 1). Outward ports on a control represent the capability of the control
to access to (external) resources; insted, inward ports represent the capability of the control to
“stop” or “govern” other node’s requests. The presence of both kinds of capabilities is common
in distributed scenarios, such as client/server communications, firewalls, web services etc; for
instance a system may ask to access to some data, but this attempt may be blocked, checked and
possibly redirected by a guarding mechanism. Moreover, controls with inward ports can repre-
sent localized resources, that is, resources with a position within the place hierarchy; this cannot
be represented easily by edges, which do not appear in the place graph.

Notably, these extended bigraphs have relative pushout (RPO) and idem pushout (IPO) con-
structions, admit a notion of normal form, and a sound a complete axiomatization can be given.
Therefore, these bigraphs can be conveniently used for building wide reaction systems from
which we can synthesize labelled transition systems, and whose bisimilarity is a congruence.

Due to lack of space, in this paper we can only skim over these theoretical results; we prefer
to focus on some interesting applications of this framework. In Section 2 we give the basic

Proc. GT-VMT 2008 2 / 21



ECEASST

definitions about directed bigraphs. General theoretical results (e.g., normal form, complete
axiomatization, RPO construction, etc.) are presented in Sections 3–5. Then, Section 6 is devoted
to example applications. We apply this framework to the representation of distributed services
and protocols (taking a three-tier architecture with a firewall as an example) and of chemical
reactions. Moreover, we consider the encoding of Petri nets in greater detail; in particular, we
show that the IPO bisimilarity is sound with respect to the η -bisimilarity of open Petri nets.

Conclusions and direction for future work are in Section 7.

2 Directed bigraphs over polarized signatures

In this section we introduce directed bigraphs, with inward (“negative”) ports on controls, ex-
tending [GM07a]. Following previous developments about pure and directed bigraphs, we work
in supported monoidal precategories; we refer to [JM04, §3] for an introduction.

A polarized signature is a signature of controls, which may have two kind of ports: nega-
tive and positive. Let K be a polarized signature; we denote with arn, ar p : K → N the arity
functions of the negative and positive ports, respectively. Thus, for k ∈ K , the arity function is
ar(k) , (arn(k), ar p(k)). A control k is positive if it has only positive ports (i.e., arn(k) = 0); it
is negative if it has only negative ports (i.e., ar p(k) = 0).

Definition 1 A polarized interface X is a pair of sets of names X = (X−, X +); the two compo-
nents are called downward and upward interfaces, respectively.

A directed link graph A : X → Y is A = (V, E, ctrl, link) where X ,Y are the inner and outer
interfaces, V is the set of nodes, E is the set of edges, ctrl : V → K is the control map, and
link : Pnt(A)→Lnk(A) is the link map, where ports, points and links of A are defined as follows:

Prt n(A), ∑
v∈V

arn(ctrl(v)) Prt p(A), ∑
v∈V

ar p(ctrl(v)) Prt(A),Prt n(A)∪Prt p(A)

Pnt(A) , X +]Y−]Prt p(A) Lnk(A) , X−]Y +]Prt n(A)]E

The link map cannot connect downward and upward names of the same interface, i.e., the fol-
lowing condition must hold: (link(X +)∩X−)∪(link(Y−)∩Y +) = /0; moreover the link map
cannot connect positive and negative ports of the same node.

Directed link graphs are graphically depicted much like ordinary link graphs, with the differ-
ence that edges are explicit objects, and not hyper-arcs connecting points and names; points and
names are associated to links (that is edges or negative ports) or other names by (simple, non
hyper) directed arcs. An example are given in Figure 1. This notation aims to make explicit the
“resource request flow”: positive ports and names in the interfaces can be associated either to
internal or to external resources. In the first case, positive ports and names are connected to an
edge or a negative port; these names are “inward” because they offer to the context the access
to an internal resource. In the second case, the positive ports and names are connected to an
“outward” name, which is waiting to be plugged by the context into a resource.

In the following, by “signature”, “interface” and “link graphs” we will intend “polarized sig-
nature”, “polarized interface” and “directed link graphs” respectively, unless otherwise noted.

3 / 21 Volume 10 (2008)



Controlling resource access in Directed Bigraphs

Definition 2 The precategory of directed link graphs has polarized interfaces as objects, and
directed link graphs as morphisms.

Given two directed link graphs Ai = (Vi, Ei, ctrli, linki) : Xi → Xi+1 (i = 0, 1), the composition
A1◦A0 : X0 → X2 is defined when the two link graphs have disjoint nodes and edges. In this case,
A1 ◦A0 , (V, E, ctrl, link), where V ,V0 ]V1, ctrl , ctrl0 ]ctrl1, E , E0 ]E1 and

link : X +0 ]X
−
2 ]Prt

p(A0)]Prt p(A1) → X−0 ]X
+
2 ]E ]Prt

n(A0)]Prt n(A1)

is defined as follows:

link(p) ,




link0(p) if p ∈ X +0 ]Prt
p(A0) and link0(p) ∈ X−0 ]E0 ]Prt

n(A0)
link1(x) if p ∈ X +0 ]Prt

p(A0) and link0(p) = x ∈ X +1
link1(p) if p ∈ X−2 ]Prt

p(A1) and link1(p) ∈ X +2 ]E1 ]Prt
n(A1)

link0(x) if p ∈ X−2 ]Prt
p(A1) and link1(p) = x ∈ X−1 .

The identity link graph of X is idX , ( /0, /0, /0K , idX−∪idX + ) : X → X .

It is easy to check that composition is associative, and that given a link graph A : X →Y , the
compositions A◦idX and idY ◦A are defined and equal to A.

Definition 1 forbids connections between names of the same interface in order to avoid unde-
fined link maps after compositions. Similarly, links between ports on the same node are forbid-
den, because these graphs cannot be obtained by composing an “unlinked” node and a context.

It is easy to see that the precategory ′DLG is self-dual, that is ′DLG ∼= ′DLGop.
The notions of openness, closeness, leanness, etc. defined in [GM07a] can be easily extended

to the new framework, considering negative ports as a new kind of resources. Moreover, the
definition of tensor product can be derived extending to negative ports the one given in [GM07a].

Finally, we can define the (extended) directed bigraphs as the composition of standard place
graphs (see [JM04, §7] for definitions) and directed link graphs.

Definition 3 A directed bigraph with signature K is G = (V, E, ctrl, prnt, link) : I → J, where
I =〈m, X〉 and J =〈n,Y〉 are its inner and outer interfaces respectively. An interface is composed
by a width (a finite ordinal) and by a pair of finite sets of names. V and E are the sets of nodes and
edges respectively, and prnt, ctrl and link are the parent, control and link maps, such that GP ,
(V, ctrl, prnt) : m → n is a place graph and GL ,(V, E, ctrl, link) : X →Y is a directed link graph.

We denote G as combination of GP and GL by G = 〈GP, GL〉. In this notation, a place graph
and a (directed) link graph can be put together iff they have the same sets of nodes.

Definition 4 The precategory ′DBIG of directed bigraph with signature K has interfaces I =
〈m, X〉 as objects and directed bigraphs G = 〈GP, GL〉 : I → J as morphisms. If H : J → K is
another directed bigraph with sets of nodes and edges disjoint from the respectively ones of G,
then their composition is defined by composing their components, i.e.:

H ◦G , 〈H P ◦GP, H L ◦GL〉 : I → K.

The identity directed bigraph of I = 〈m, X〉 is 〈idm, idX〉 : I → I.

Proc. GT-VMT 2008 4 / 21



ECEASST

Analogously, the tensor product of two bigraphs can be defined tensoring their components.
It is easy to check that for every signature K , the precategory ′DBIG is wide monoidal; the

origin is ε = 〈0, ( /0, /0)〉 and the interface 〈n, X〉 has width n. Hence, ′DBIG can be used for
applying the theory of wide reaction systems and wide transition systems as developed by Jensen
and Milner; [JM04, §4, §5]. To this end, we need to show that ′DBIG has RPOs and IPOs. Since
place graphs are as usual, it suffices to show that directed link graphs have RPOs and IPOs.

Theorem 1 If a pair ~A of link graphs has a bound ~D, there exists an RPO (~B, B) for ~A to ~D.

As a consequence, ′DLG has IPOs too. See section 4 for the direct construction for RPOs in
directed bigraphs with negative ports, extending the construction given in [GM07a].

Actually, often we do not want to distinguish bigraphs differing only on the identity of nodes
and edges. To this end, we introduce the category DBIG of abstract directed bigraphs, which
is constructed from ′DBIG forgetting the identity of nodes and edges and any idle edge. More
precisely, abstract bigraphs are bigraphs taken up-to an equivalence m (see [JM04] for details).

Definition 5 Two concrete directed bigraphs G and H are lean-support equivalent, written
G m H, if there exists an iso between their nodes and edges sets after removing any idle edges.

The category DBIG of abstract directed bigraphs has the same objects as ′DBIG, and its arrows
are lean-support equivalence classes of directed bigraphs.

3 Algebra and Axiomatization

In this section, generalizing similar results for directed bigraphs, we describe the main classes
of bigraphs and the elementary bigraphs which can generate all bigraphs according to a well-
defined normal form. As main result we give a normalization theorem. We refer the reader to
[GM08] for a detailed presentation of the notation used here.

First, we introduce two distinct and complementary subclasses of bigraphs: wirings and dis-
crete bigraphs, that are used in defining the normal form and the axiomatization.

Definition 6 A wiring is a bigraph whose interfaces have zero width (and hence has no nodes).
The wirings ω are generated by the composition or tensor product of three elements: substitu-
tions σ : ( /0, X +) → ( /0,Y +), fusions δ : (Y−, /0) → (X−, /0), and closures HNxy : ( /0, y) → (x, /0).

Definition 7 An interface is prime if its width is 1. Often we abbreviate a prime interface
〈1, (X−, X +)〉 with 〈(X−, X +)〉, in particular 1 = 〈( /0, /0)〉. A prime bigraph P : 〈m, (Y−,Y +)〉→
〈(X−, X +)〉 has a prime outer interface and the names in Y +, X− are linked to negative ports of P.

An important prime bigraph is mergem : m → 1, it has no nodes and maps m sites to one root.

Definition 8 A bigraph is discrete if it has no edges and every open link has exactly one point.

The discreteness is well-behaved, and preserved by composition and tensor. It is easy to see
that discrete bigraphs form a monoidal sub-precategory of ′DBIG.

5 / 21 Volume 10 (2008)



Controlling resource access in Directed Bigraphs

y

x

HN
x
y : ( /0, y) → (x, /0)

closure

y

x1 x2 . . . xn
. . .

MyX : ( /0, X ) → ( /0, y)
substitution

x

y1 y2 . . . ym
. . .

OYx : (x, /0) → (Y, /0)
fusion

1 : ε → 1
a barren root

0 1

merge : 2 → 1
joining 2 sites in 1 root

1 0

γ1,1 : 2 → 2
swapping 2 sites

x−1 x
−
2

. . . x−n

x+1 x
+
2

. . . x+m

Y +1 Y
+
2

. . . Y +h

Y−1 Y
−
2

. . . Y−h
. . .

. . .

. . .

. . .

K(l) : 〈(~x−,~Y +)〉→〈(~Y−,~x+)〉
a discrete ion

Figure 2: Elementary Bigraphs over polarized signatures.

Definition 9 Let K be any non atomic control with arity (k−, k+), let ~x−,~x+ be two sequences
of distinct names, and let ~Y +,~Y− be two sequences of (possibly empty) sets of distinct names,
such that: |~x−|+|~x+| = k+ and |~Y−| = |~Y +| = k−. For a K-node v, we define the discrete ion

K(v, l) : 〈(~x−,~Y +)〉→〈(~Y−,~x+)〉

as the bigraph with exactly a node v and l is a pair of maps: an iso map l p : ~x−∪~x+ → Prt p(v)
describing the linking among positive ports and names in ~x− or ~x+, and another iso map ln :
~Y−∪~Y + → Prt n(v) describing the linking among negative ports and sets of upward inner names
(in ~Y +) and sets of downward outer names (in ~Y−). We omit v when it can be understood.

For a prime discrete bigraph P with outer names in (Z−, Z+), we define a discrete molecule as:

(K(l)⊗id(Z−\~x−,Z+\~Y +))◦P.

If K is atomic, we define the discrete atom, as an ion without the site

K(l) : (~x−,~Y +) →〈(~Y−,~x+)〉.

An arbitrary (non-discrete) ion, molecule or atom is formed by the composition of ω ⊗ id1
with a discrete one. Often we omit . . .⊗idI in the compositions, when there is no ambiguity.

Figure 2 shows the algebraic signature, that is a set of elementary bigraphs which allow to
define any other bigraph using solely composition and tensor product. Before giving a formal
result, we provide an intuitive explanation of the meaning of these elementary bigraphs.

• The first three bigraphs build up all wirings, i.e. all link graphs having no nodes. All sub-
stitutions (fusions, resp.) can be obtained tensoring elementary substitutions MyX (fusions O

Y
x ,

resp.); the tensor products of singleton substitutions Myx or singleton fusions Oxy give all renam-
ings. Composition and tensor product of substitutions, fusions and closures give all wirings.

• The next three bigraphs define all placings, i.e. all place graphs having no nodes; for example
mergem : m → 1, merging m sites in a unique root, are defined as:

merge0 , 1 mergem+1 , merge◦(id1 ⊗mergem).

Proc. GT-VMT 2008 6 / 21



ECEASST

Notice that merge1 = id and merge2 = merge, and that all permutations π are constructed by
composition and tensor product from the place symmetry γ1,1.

• Finally, for expressing any direct bigraph we need to introduce only the discrete ions K(l) :
〈(~x−,~Y +)〉→〈(~Y−,~x+)〉. In particular, we can express any discrete atoms as K(l)◦1.

The following proposition shows that every bigraph can be expressed in a normal form, called
discrete diagonal normal form (DDNF). We will use D, Q and N to denote discrete, prime and
discrete bigraphs, and discrete molecules respectively.

Theorem 2 1. A bigraph G on signature K can be expressed uniquely (up to iso) as:

G = (ω ⊗idn)◦D◦(ω′⊗idm) (1)

where D is a discrete bigraph and ω , ω′ are two wirings satisfying the following conditions:

i. in ω , if two outer downward names are peer, then their target is an edge;

ii. in ω′ there are no edges, and no two inner upward names are peer.

2. Every discrete bigraph D : 〈n, Z〉→〈m,W〉, may be factored uniquely (up to iso) on the width
m in the following form:

D = α⊗







(Q0 ⊗χ out1,0⊗χ
out
2,0 ⊗. . . )◦

(χ in0,1⊗ Q1 ⊗χ
out
2,1 ⊗. . . )◦

(χ in0,2⊗χ
in
1,2⊗ Q2 ⊗. . . )◦

. . .
( . . .⊗ Qm−3 ⊗χ outm−2,m−3⊗χ

out
m−1,m−3)◦

( . . .⊗χ inm−3,m−2⊗ Qm−2 ⊗χ
out
m−1,m−2)◦

( . . .⊗χ inm−3,m−1⊗χ
in
m−2,m−1⊗ Qm−1)



◦(π ⊗iddom(~Q))




shortly:

D = α ⊗(χ(Q0, . . . , Qm−1)◦(π ⊗iddom(~Q))) (2)

where α is a renaming, π is a permutation, each Qi : 〈hi, (X−i , X
+
i )〉→〈(Y

−
i ,Y

+
i )〉 is prime

and discrete, and χ outi,l (χ
in
i,l resp.) are the identities on the outer (inner resp.) names of Qi at

level l ∈{0, . . . , m−1}, which are not used by Ql , . . . , Qi−1 (Qi+1, . . . , Ql resp.). Formally:

χ
out
i,l , id〈(Y−i \(

⊎i−1
j=l X

−
j ),Y

+
i \(

⊎i−1
j=l X

+
j ))〉

for i > l

χ
in
i,l , id〈hi,(X−i \(

⊎l
j=i+1 Y

−
j ),X

+
i \(

⊎l
j=i+1 Y

+
j ))〉

for i < l.

3. Every prime and discrete Q, may be factored uniquely (up to iso) in the following form:

Q = (mergen+p ⊗idcodom(~N))◦(idn ⊗χ(N0, . . . , Np−1))◦(π ⊗iddom(~N)) (3)

where χ is defined as in 2.

7 / 21 Volume 10 (2008)



Controlling resource access in Directed Bigraphs

4. Every discrete molecule N, may be factored uniquely (up to iso) in the following form:

N = (K(l)⊗id(codom(Q)\(~x−,~Y +)))◦Q. (4)

Furthermore, the expression is unique up to iso on the parts and reordering of Ns in Q.

These equations can be used for normalizing any bigraph G as follows; first, we apply equa-
tions (1), (2) to G once, obtaining an expression containing prime discrete bigraphs Q0, . . . , Qm−1.
These are decomposed further using equations (3), (4) repeatedly: each Qi is decomposed into
an expression containing molecules Ni,0, . . . , Ni,pi−1, each of which is decomposed in turn into an
ion containing another prime discrete Q′i, j. The last two steps are repeated recursively until the
ions are atoms or have only holes as children. Note that 1 is a special case of Q when n = p = 0.

Notice that if the signature has only positive controls, then all the “Qi layers” can be collapsed
in a unique one, obtaining a normal form that is very similar to the Milner’s DNF (see [Mil06]).

Furthermore, a renaming is discrete but not prime (since it has zero width); this is why the
factorization has such a factor. The uniqueness of that factorization depends on the fact that
prime bigraphs have upward inner names and downward outer names linked to negative ports.

In Table 1 we give a set of axioms which we prove to be sound and complete.
Each of these equations holds only when both sides are defined; in particular, recall that the

tensor product of two bigraphs is defined only if the name sets are disjoint. It is important to
notice that for ions only the renaming axiom is needed (because names are treated positionally).

Theorem 3 Let E0, E1 be two expressions constructed from the elementary bigraphs by com-
position and tensor product. Then, E0 and E1 denote the same bigraph in DBIG if and only if
the equation E0 = E1 can be proved by the axioms in Table 1.

Sharing products To conclude this section ,we define some variants of the tensor product, which
allow the sharing of names. Actually, these operators can be defined in terms of composition and
tensor, but they turn out quite useful in the encoding of process calculi, where in the usual “par-
allel” P | Q, processes P and Q can share names. In directed bigraphs, this sharing can involve
inner downward names and/or outer upward names, as described by the following definitions.

Definition 10 The outer sharing product (	), inner sharing product (�) and sharing prod-
uct (‖) of two objects X = (X−, X +),Y = (Y−,Y +) and of two link graphs Ai : Xi →Yi (i = 0, 1)
are defined as follows:

(X−, X +)	(Y−,Y +) , (X−]Y−, X +∪Y +)
(X−, X +)�(Y−,Y +) , (X−∪Y−, X +]Y +)

A0 	 A1 , (V0 ]V1, E0 ]E1, ctrl0 ]ctrl1, link0 ]link1) : X0 ⊗X1 →Y0 	Y1
A0 � A1 , (V0 ]V1, E0 ]E1, ctrl0 ]ctrl1, link0 ]link1) : X0 � X1 →Y0 ⊗Y1
A0 ‖ A1 , (V0 ]V1, E0 ]E1, ctrl0 ]ctrl1, link0 ]link1) : X0 � X1 →Y0 	Y1

defined when interfaces are defined and Ai have disjoint node and edge sets.

Proc. GT-VMT 2008 8 / 21



ECEASST

Categorical Axioms

A◦id = A = id ◦A A◦(B◦C) = (A◦B)◦C
A⊗idε = A = idε ⊗A A⊗(B⊗C) = (A⊗B)⊗C
γI,ε = idI γJ,I ◦γI,J = idI⊗J γI⊗J,K = (γI,K ⊗idJ )◦(idI ⊗γJ,K )
(A1 ⊗B1)◦(A0 ⊗B0) = (A1 ◦A0)⊗(B1 ◦B0)
γI,K ◦(A⊗B) = (B⊗A)◦γH,J (where A : H → I, B : J → K)

Link Axioms

Mxx = id( /0,x) O
x
x = id(x, /0) HN

x
y ◦M

y
z = HN

x
z O

z
x ◦HN

x
y = HN

z
y Ox ◦HN

x
y ◦M

y = idε

Mz(Y]y)◦(id( /0,Y )⊗M
y
X ) = M

z
(Y]X ) (id(Y, /0)⊗O

X
y )◦O

(Y]y)
z = O

(X]Y )
z

Place Axioms

merge◦(1⊗id1) = id1 merge◦γ1,1 = merge
merge◦(merge⊗id1) = merge◦(id1 ⊗merge)

Node Axioms

Let K(l) : 〈(~x−,~Y +)〉→〈(~Y−,~x+)〉
(id1 ⊗α +⊗ζ−)◦K(l) = K(l′) with l′ = ((id~x−∪α +)◦l p, ((ζ−)op ∪id~Y + )◦l

n)
K(l)◦(id1 ⊗α−⊗ζ +) = K(l′′) with l′′ = ((α−∪id~x+ )◦l p, (id~Y−∪(ζ

+)op)◦ln)
where α + : ~x+ →~z+, α− : ~x− →~z− are renamings and
ζ
− : ~Z− →~Y−, ζ + : ~Z+ →~Y + are surjective fusions.

Table 1: Axiomatization for the abstract directed bigraphs.

The outer sharing product, inner sharing product and sharing product of two objects I =
〈m, X〉, J = 〈n,Y〉 and of two bigraphs Gi : Ii → Ji (i = 0, 1) are defined by extending the corre-
sponding products on their link graphs with the tensor product on widths and place graphs:

〈m, X〉	〈n,Y〉, 〈n + m, X 	Y〉 〈m, X〉�〈n,Y〉, 〈n + m, X �Y〉
G0 	 G1 , 〈GP0 ⊗G

P
1 , G

L
0 	 G

L
1〉 : I0 ⊗I1 → J0 	 J1

G0 � G1 , 〈GP0 ⊗G
P
1 , G

L
0 � G

L
1〉 : I0 � I1 → J0 ⊗J1

G0 ‖ G1 , 〈GP0 ⊗G
P
1 , G

L
0 ‖ G

L
1〉 : I0 � I1 → J0 	 J1.

defined when interfaces are defined and Gi have disjoint node and edge sets.

It is simple to verify that 	, � and ‖ are associative, with unit ε .

9 / 21 Volume 10 (2008)



Controlling resource access in Directed Bigraphs

4 Construction of RPOs

We first give an idea of how the construction works. Suppose D0 : X0 → Z, D1 : X1 → Z is a
bound for a span A0 : W → X0, A1 : W → X1 and we wish to construct the RPO (B0 : X0 → X̂ , B1 :
X1 → X̂ , B : X̂ → Z). In the following we will denote a pair (A0, A1) by ~A and the link map of A
simply by A. To form the pair ~B we truncate ~D by removing all the edges, nodes and ports not
present in ~A. Then in the outer interface of ~B, we create an outer name for each point unlinked
by the truncation: the downward names connected to the same link (name, edge or negative port)
must be “bound together”, i.e. we must consider all the possible ways to associate a downward
name of A0 with one of A1 and vice versa; further we must equate an upward name of A0 with
one of A1 if they are both connected to a point shared between A0 and A1. Formally:

Construction 1 A relative pushout (~B : ~X → X̂ , B : X̂ → Z), for a pair ~A : W →~X of link graphs
relative to a bound ~D : ~X → Z, will be built in three stages. Since RPOs are preserved by isomor-
phisms, we can assume the components of X0 and X1 disjoint.

nodes and edges If Vi are the nodes of Ai (i = 0, 1), then the nodes of Di are VDi = (Vī \Vi)]V2
for some V2. Define the nodes of Bi and B to be VBi ,Vī \Vi (i = 0, 1) and VB ,V2. Edges
Ei and ports P

p
i , P

n
i of Ai are treated analogously.

interface Construct the shared codomain X̂ = (X̂−, X̂ +) of ~B as follows: first we define the
names in each Xi = (X

−
i , X

+
i ), for i = 0, 1, that must be mapped into X̂ = (X̂

−, X̂ +):

X′−i ,{x ∈ X
−
i | ∃y ∈ X

−
ī s.t. Ai(x) = Aī(y) or Ai(x) ∈ (Ei \Eī)](P

n
i \P

n
ī )}

X′+i ,{x ∈ X
+
i | Di(x) ∈ (E2 ]P

n
2 ]Z

+)}.

Let Res ,W−](E0 ∩E1)](Pn0 ∩P
n
1 ). We define for each l ∈ Res the set of names in X

′−
i

linked to l:

X′−i (l) ,{x ∈ X
′−
i | Ai(x) = l} (i = 0, 1).

Now we must “bind together” names connected to the same link, so we create all the
possible pairs between a name in X′−0 and a name in X

′−
1 . Further we must add to X̂

− all
the names in X′−i “not associable” to any name of X

′−
ī

. Then the set of downward names
of ~B is:

X̂− ,
⋃

l∈Res
X′−0 (l)×X

′−
1 (l)∪ ∑

i∈{0,1}

⋃
e∈(Ei\Eī)](Pni \P

n
ī
)

X′−i (e).

Next, on the disjoint sum X′+0 + X
′+
1 , define

∼= to be the smallest equivalence for which
(0, x0) ∼= (1, x1) iff there exists p ∈W + ](P

p
0 ∩P

p
1 ) such that A0(p) = x0 and A1(p) = x1.

Then define:

X̂ + , (X′+0 + X
′+
1 )/∼=.

For each x ∈ X′+i we denote the equivalence class of (i, x) by î, x.

Proc. GT-VMT 2008 10 / 21



ECEASST

(W−,W +)

(X−0 , X
+
0 ) (X

−
1 , X

+
1 )(X̂

−, X̂ +)

(Ŷ−,Ŷ +)

(Z−, Z+)

A0 A1

B0 B1

C0 C1

D0 D1
C

B

Ĉ

Figure 3: Construction of the unique arrow form the RPO to any other candidate.

links Define the link maps of Bi as follows:

for x ∈ X +i : Bi(x) ,

{
Di(x) if x ∈ (X +i \X

′+
i )

î, x if x ∈ X′+i ;

for p ∈ Pp
ī
\Ppi : Bi(p) ,

{
Di(p) if Aī(p) /∈ X

+
ī̂̄i, x if Aī(p) = x ∈ X +ī ;

for x̂ ∈ X̂− : Bi(x̂) ,




x if x̂ = (x, y) and i = 0
y if x̂ = (x, y) and i = 1
x̂ if x̂ ∈ (X̂−∩X−i )
Aī(x̂) if x̂ ∈ (X̂−∩X

−
ī

).

Finally we define the link map of B:

for x̂ ∈ X̂ + : B(x̂) , Di(x) where x̂ = î, x and x ∈ X +i ;

for p ∈ Pp2 ]Z
− : B(p) ,




Di(p) if Di(p) ∈ (E2 ]Pn2 ]Z
+)

Dī(p) if Di(p) ∈ (Eī \Ei)](Pnī \P
n
i )

Di(p) if Dī(p) ∈ (Ei \Eī)](Pni \P
n
ī )

(x, y) if D0(p) = x ∈ X−0 and D1(p) = y ∈ X
−
1 .

Theorem 4 In ′DLG, whenever a pair ~A of link graphs has a bound ~D, there exists an RPO
(~B, B) for ~A to ~D, and Construction 1 yields such an RPO.

Proof. The proof is in two parts. First we have to check that (~B, B) is an RPO candidate; this is
done by long and tedious calculations. Next, for any other candidate (~C,C), we have to construct
the unique arrow Ĉ such that the diagram (in Figure 3) commutes. This link graph Ĉ can be

11 / 21 Volume 10 (2008)



Controlling resource access in Directed Bigraphs

constructed as follows: let be VC the nodes of C, for i = 0, 1 the set of nodes of Ci is VCi ,
(Vī \Vi)]V3, where V3 is such that V2 = V3 ]VC; edges ECi and ports PCi of Ci are defined
analogously. Then Ĉ has V3, E3 and P3 as sets of nodes, edges and ports respectively. Its link
map is defined as follows:

for ĵ, x ∈ X̂ + : Ĉ( ĵ, x) ,C j(x);

for p ∈ Pp3 ]Ŷ
− : Ĉ(p) ,




Ci(p) if Ci(p) ∈ (E3 ]Pn3 ]Ŷ
+)

C0(p) if C0(p) ∈ (X̂−∩X−0 )
C1(p) if C1(p) ∈ (X̂−∩X−1 )
(x, y) if C0(p) = x ∈ X−0 and C1(p) = x ∈ X

−
1

As an immediate consequence, since ′DLG is self-dual, we can calculate RPBs as well.

As regards IPOs, their existence is guaranteed by Theorem 4. Due to lack of space, we omit
here a direct construction of IPOs, which can be obtained by adapting the one presented in
[GM07a] to the RPO construction given above.

5 Directed Bigraphical Reactive and Transition Systems

In this section we introduce reactive systems and transition systems over directed bigraphs over
polarized signatures. For sake of simplicity, we will keep using the names directed bigraphical
reactive systems and directed bigraphical transition systems respectively, as in [GM07b]. For
the definitions about wide reactive systems over monoidal precategories, see [Mil06].

Definition 11 A ground reaction rule is a pair (r, r′), where r and r′ are ground with the same
outer interface. Given a set of ground rules, the reaction relation −→ over agents is the least,
such that Dr −→ Dr′ for each active context D and each ground rule (r, r′).

A parametric reaction rule has a redex R and reactum R′, and takes the form:

(R : I → J, R′ : I → J)

For any X and discrete d : I ⊗X , the parametric rule generates the ground rule:

((R⊗idX )◦d, (R′⊗idX )◦d).

Definition 12 A directed bigraphical reactive system (DBRS) over the polarized signature K ,
denoted by D(K , R) is the precategory ′DBIG(K ) equipped with a set R of reaction rules.

Now we can prove the following important result:

Proposition 1 DBRSs are wide reactive systems over a wide monoidal precategory

This result ensures that DBRSs inherit from the theory of WRSs the definition of transition
system based on IPOs [Mil06].

Proc. GT-VMT 2008 12 / 21



ECEASST

Definition 13 A transition for a DBRS D(K , R) is a quadruple (a, L, λ , a′), written as a L−→λ
a′, where a and a′ are ground bigraphs and there exist a ground reaction rule (r, r′) ∈ R and an
active context D such that La = Dr, and λ = width(D)(width(cod(r))) and a′ l Dr′.

A transition is IPO if the (L, D) is an IPO for (a, r).

Definition 14 A directed bigraphical transition system (DBTS) L for D is a pair (I , T ),
where I is a set of interfaces; the agents of L are the ground bigraphs with outer interfaces in
I ; T is a set of transitions whose sources and targets are agents of L .

The full (IPO, resp.) transition system has all interfaces, with all (IPO, resp.) transitions.

The following result follows from [Mil06, Theorem 4.6] and Proposition 1 above.

Theorem 5 In any DBRS equipped with the IPO transition system, wide bisimilarity is a con-
gruence.

6 Applications

6.1 Three-tier interaction with access control

As mentioned before, directed bigraphs over polarized signatures allow to represent resource
access control, by means of negative ports. This is particularly useful for representing access
policies between systems, possibly in different locations; the edges can represent access tokens
(or keys), which are global (although known possibly to only some controls). An example and
quite common scenario is a client-server connection, where the access to the server is subject to
authentication; after the request has been accepted, the server can route it to a back-end service
(e.g., a DBMS); see Figure 4. The security policy is implemented by the firewall control, which
allows a query to reach the server only if the client knows the correct key (rule AUTH). The
server routes the query to the correct back-end service using rules like ROUTE; finally the back-
end service provides the data (rule GET). An example computation is shown in Figure 5.

6.2 Compositional Petri Nets

In this section we recall briefly what a Petri net is and we give an encoding of these nets as
directed bigraphs; to this end it is preferable to work with sorted links, as in [LM06]. Notice that
this encoding yields naturally a notion of composition between Petri nets.

Definition 15 A place transition net (P/T net) is a 5-tuple (P, T, F, Mi) (P∩T = /0), where:
• P is the set of places; T is the set of transitions;

• F is the multiset of arcs, linking places to transitions and vice versa: F , 〈(P×T )∪(T ×
P), f : (P×T )∪(T ×P) → N〉, with the constrain ∀t ∈ T. ∃p, q ∈ P. (p,t) ∈ F ∧(t, q) ∈ F ;

• M : P → N is a marking, giving to each place a number of tokens, a place p is marked by M if
M(p) > 0 and unmarked if M(p) = 0; Mi is the initial marking.

13 / 21 Volume 10 (2008)



Controlling resource access in Directed Bigraphs

client

query

server

firewall

back-end service

data

x yk k′ . . . k′′
. . .

AUTH

x yk k′ . . . k′′
. . .

z w

ROUTE

z w

u

GET

u

Figure 4: Signatures and rules for three-tier architecture services through a firewall.

u u u u

Figure 5: An example of client-server interaction through a firewall.

We define •t ,{p | (p,t) ∈ F} to be the pre-multiset of the transition t, and t•,{p | (t, p) ∈ F}
the post-multiset of the transition t.

A transition t is enabled by a marking M if M marks every place in •t; a transition fires from a
marking M to a marking M′, written M

t→ M′, iff for all p ∈ P : M′(p) = M(p)−](•p) + ](p•),
where ](•p) and ](p•) are the number of occurrences of p in •t, t•, respectively.

Notice that we allow multiple connections between a place and a transition, which is analogous
to assign a weight to an arc representing the number of tokens to consume for firing the reaction.

Definition 16 Let N = (P, T, F, M) and N′ = (P′, T ′, F′, M′) be two P/T nets, we say that N and
N′ are isomorphic, if there exist two bijections α : P → P′ and β : T → T ′, such that:

• (p,t) ∈ F iff (α(p), β (t)) ∈ F′;

• (t, p) ∈ F iff (β (t), α(p)) ∈ F′;

• M = M′◦α .

We recall, as defined in [LM06], the definition of link sorting.

Proc. GT-VMT 2008 14 / 21



ECEASST

token

x : i y : o

x : i y : o

i o placex,yx,y
i
i

i

~x : i

o
o

o

~y : o

trans(|~x|,|~y|)~x,~y

Figure 6: Signature for the encoding of compositional Petri nets.

Definition 17 A link sorting is a triple Σ = (Θ, K , Φ), where Φ is a set of sorts, and K
is a sorted signature (that is, a signature enriched with a sort to ports of each control). Fur-
thermore, each name in the interface (X−, X +) is given a sort, so the interfaces take the form
({x−1 : θ

−
1 , . . . , x

−
n : θ

−
n },{x

+
1 : θ

+
1 , . . . , x

+
m : θ

+
m }). Finally, Φ is a rule on such enriched bigraphs,

that is preserved by identities, composition and tensor product.
We denote the precategory and category of, respectively, concrete and abstract Σ-sorted di-

rected bigraphs with ′DBIG(Σ) and DBIG(Σ).

Definition 18 A positive-negative sorting Σ = (Θ, K , Φ) has sorts: Θ = {θ1, . . . , θn}. The
signature K assigns sorts to ports arbitrarily. The unique Φ rule is: a point and a link (except of
edges) can be connected if they are equally sorted.

In order to define an encoding for compositional Petri nets, we introduce a positive-negative
sorting Σpetri, having sort Θpetri ,{i, o} and sorted signature:

Kpetri ,{token : (0, 0), place : ({1 : i, 1 : o}, 0), trans(h, k) : (0,{h : i, k : o})} where h, k > 0

where the controls token and trans are both atomic, while the control place is passive (i.e., no
reactions can take place inside such a node). Finally, the Φ rule ensures that the linking is allowed
only among ports having the same sort. An example of use of this sorted signature is shown in
Figure 6. The encoding function J·K is defined as follows:

J(P, T, F, M)K = merge(|P|+|T|)◦
(

id|P|�OP×{i,o}�
(
�

t∈T
trans(|•t|, |t•|)(•t×{i}, t•×{o})

))
◦(

∑
p∈P

place(p,i), (p,o)(p,i), (p,o)◦(merge(|M(p)|+1)◦(M
{(p,i), (p,o)}⊗(

M(p)

∑
i=0

token)⊗1))

)
.

(5)

where, with an abuse of notation, trans(|•t|, |t•|)(•t×{i}, t•×{o}) means that if in the multisets there
are some repetitions of places then the ports of trans are linked to the same downward inner name
(i.e., (p, i) or (p, o)), an alternative definition is to link every port of trans to a different downward
inner name and then (eventually) “equate” these names using fusions.

Proposition 2 Let N, N′ be two P/T nets, N is isomorphic to N′ iff JNK = JN′K.

We have a different reaction rule for any pair (h, k) associated to the control trans, in Figure 7
we show the reaction rule for the pair (3, 2), that is a transition having 3 inputs and 2 outputs.

15 / 21 Volume 10 (2008)



Controlling resource access in Directed Bigraphs

x:i x:o y:i y:o z:i z:o w:iw:ou:i u:o x:i x:o y:i y:o z:i z:o w:iw:ou:i u:o

Figure 7: Example of reaction rule in the case of 3 input and 2 output places.

x:i x:o y:i y:o z:i z:o x:i x:o y:i y:o z:i z:o

Figure 8: Example of reaction rule in the case of 2 input and 1 output places (with multiple arcs).

Moreover, we allow multiple connections between places and transitions, as in Figure 8, and we
can have transitions using some places as inputs and outputs, see Figure 9.

Now we can show that the given translation is adequate.

Theorem 6 Let (P, T, F, Mi) be a P/T net, M
t→ M′ iff J(P, T, F, M)K−→ J(P, T, F, M′)K.

Proof. (⇒) Suppose M t→ M′, so M enable the transition t, then there exists a trans-node in
J(P, T, F, M)K encoding the transition t, and the corresponding place-node of •t contain the nec-
essary tokens to fire the transition (by translation of M), then we can apply the appropriate rule
to perform the reaction reaching the configuration J(P, T, F, M′)K.

(⇐) If J(P, T, F, M)K −→ J(P, T, F, M′)K, there exists a matching of a rule with a sub-bigraph
of J(P, T, F, M)K, in particular the matched nodes have a counter part into the P/T net (P, T, F, M),
so the marking M enables a transition t (corresponding to the trans-node), and then M

t→ M′.

In order to study the relation between the open Petri nets, introduced in [BCE+07], and our
compositional Petri nets, we need some definitions.

Definition 19 An open Petri net is pair Z = (NZ , OZ ), where NZ is a P/T net and OZ = (O+Z , O
−
Z )∈

2P ×2P are the sets of input and output open places of the net.

The notion of enabledness for transitions remains the same; besides the reactions produced by
firing a transitions, we consider also the interactions with the environment, which are modelled
by producing or removing a token in an open place p (denoted by +p and −p respectively).

Proc. GT-VMT 2008 16 / 21



ECEASST

x:i x:o x:i x:o

Figure 9: Example of reaction rule in the case of 1 place used as input and output.

The definition of the pre-multiset and post-multiset for the new events is the obvious one:
•+p = /0, +•p = {p} and •−p = {p}, −•p = /0; moreover we can lift the firing of a transition to the
new setting: M

δ→ M′ iff ∀p ∈ P.M′(p) = M(p)−](•δ ) + ](δ•) (where δ ∈ T or δ = +p,−p).
The encoding function for open Petri nets is analogous to the previous one (5), the only differ-

ence is replacing OP×{i,o} with O((P\O+)×{i})∪((P\O−)×{o}). This means “opening” the places in
O, which is encoded by leaving an outer downward names linked to the i or o port of a place de-
pending if it is an input or output open place. In this way, places can be accessed by the context.
With an abuse of notation, we denote with J·K the new encoding function.

Now, we are ready to introduce a labelled transition system for open Petri nets.

Definition 20 The firing LTS associated to an open Petri net Z is the triple 〈M̄, Λ, M̄,Z〉, where
the states are the markings M ∈ M̄, the set of label Λ = {τ}∪{+p | p ∈ O+Z }∪{−p | p ∈ O

−
Z }

and the transition relation  M̄,Z ⊆ M̄ ×Λ×M̄ includes all transition M
λ
 M̄,Z M

′ iff M
λ→ M′

and λ = +p,−p or there exists t ∈ T such that M
t→ M′ and λ = τ .

We shall often omit the transition relation subscripts when derivable from the context.
The firing LTS has the following associated bisimulation.

Definition 21 Let Z1, Z2 be two open Petri nets, and η : OZ1 ↔ OZ2 a correspondence between
Z1 and Z2. A η -bisimulation between Z1, Z2 is a relation over markings R ⊆ M̄1 ×M̄2 such that
if M1 R M2 then

• if M1
l
 M′1, then there exists M

′
2 such that M2

η(l)
 M′2 and M

′
1 R M

′
2;

• the vice versa holds;

where η(+p) = +η(p), η(−p) = −η(p) and η(τ) = τ .
Two open Petri nets Z1, Z2 are η -bisimilar (denoted ∼η ) if η : O1 ↔ O2 is a correspondence

and there exists a η -bisimulation R such that MZ1 R MZ2 , where MZ1 , MZ2 are the initial mark-
ings. Z1, Z2 are bisimilar (written ∼) if they are η -bisimilar for some η .

In the rest of the section, when we compare η -bisimilarity and IPO bisimilarity, we consider η
defined implicitly as follows. In order to study if two bigraphical agent are bisimilar, they must
have the same outer interface; hence, the correspondence of places is defined by the downward

17 / 21 Volume 10 (2008)



Controlling resource access in Directed Bigraphs

x:i x:o y:o

y:o

plusx,y

x:i x:o y:o

y:o

plusx,y

y:iy:ox:o

x:o

minusx,y

y:iy:ox:o

x:o

minusx,y

Figure 10: The labels representing the consuming or adding of tokens inside an open place.

H

e

Na

e

Ce
e

e

e

Oe e
e

e

e e

Cle e
e

e e

e e

Figure 11: Example of atom encodings in directed link graphs.

names in the outer interface. In other words, an open place p1 of Z1 is in correspondence with an
open place p2 of Z2 iff in their encodings JZ1K and JZ2K, p1 and p2 are linked to the same names.

In order to prove the soundness result, we need to identify the IPO labels representing the
labels +p and −p of the firing LTS. These labels are listed in Figure 10, where denotes the
identity over the downward names of the agent filling the context. The following results hold.

Lemma 1 Given two open Petri nets Z1, Z2, and let C[·] ∈{minusx,y ⊗ idJZ1K, plusx,y ⊗ idJZ1K}
(where idJZ1K = idJZ2K), then C[JZ1K] ∼IPO C[JZ2K] iff JZ1K∼IPO JZ2K.

Theorem 7 The IPO bisimilarity is sound with respect to the firing bisimilarity.

Proof. We have to show that ∼IPO is a η -bisimulation. Suppose JZ1K∼IPO JZ2K, and let MZ1
λ
 

M′Z1 . We have to find a M
′
Z2 such that MZ2

λ
 M′Z2 and JZ

′
1K∼IPO JZ

′
2K, where Z

′
1 and Z

′
2 are the

encodings of Z1 and Z2 with the new markings. This can be proved by cases on λ .

6.3 Chemical Reactions

A chemical reaction is a process describing the conversions of a chemical compositions. The
chemical changes caused by a reaction always involve the motion of electrons in the forming or
breaking of chemical bonds. For example, the octet rule says that atoms tend to gain, lose or
share electrons so as to have eight electrons in their outer electron shell.

In this section, we give an encoding of atoms into directed link graphs, as shown in Figure 11,
inspired by the well-known Lewis structures. We describe the atoms as nodes, and those nodes
have a number of positive ports equal to the number of valence electrons. Each port is linked
to an electron, represented as a node having a negative port (accepting incoming connections;
for sake of simplicity we identify the node representing the electron with its port, that is, we

Proc. GT-VMT 2008 18 / 21



ECEASST

H
e

He
2H → H2

H
e

He

H

e

O

e

e
e

e

e
e

H
e 2H + O → H2O

H

e
O

e

e
e

e

e
e

H
e

C

e

e

e

e
C

e

e
e

e

H
e

H

e

H

e

H
e

4H + 2C → H4C2
C

e

e

e

e

C
e

e
e

e
H

e

H

e

H

e

H
e

Figure 12: Example of covalent bonds among atoms.

do not force all incoming connections to be linked to a precise point of the node). Moreover,
some nodes can have extra ports, that are initially linked to edges, hydrogen and oxygen can be
two examples, the idea is that such a configuration describes the aim of the atom to “capture”
electrons to complete its external shell; e.g. an oxygen atom has two missing electrons, so it tries
to share these two electrons with a pair of hydrogen atoms forming the water molecule.

We apply this model describing the forming and breaking of bonds among atoms, here we deal
with strong bonds, that is covalent and ionic bonds.

Some examples of covalent bonds are in Figure 12. The first shows how two hydrogen atoms
can share their electrons. The second one is well-know and describes how, in the generation of a
water molecule, the oxygen shares one electron with each hydrogen; in this way it gets the two
missing electrons in its external orbit, conversely each hydrogen atom completes its orbit sharing
an electron with the oxygen. The latter describes a more complicate situation, where two carbon
atoms (each needing four electron to complete its orbit) share two electron with the other carbon
atom, and the total remaining four missing electrons are provided by two pairs of hydrogen.

In Figure 13, we show an example of ionic bond: given an atom of sodium and a chlorine
one, it may happen (by octet rule) that the external electron of sodium is lost by the atom and
“captured” by the chlorine, forming a sodium (positive) ion and a chlorine (negative) ion. These
two ions attract each other by the electrostatic force caused by the electron exchange. Finally the
ions can be composed to form sodium-chloride molecule, that is the common salt.

An interesting future work is representing weak bonds: hydrogen and van der Waals bonds.

19 / 21 Volume 10 (2008)



Controlling resource access in Directed Bigraphs

Na
e

Cle e
e

e e

e e

Na Cle
e

e
e

e e

e e

Na
e

Cle e
e

e e

e e

Na + Cl → Na+ + Cl− → NaCl

Figure 13: Examples of ion bonds among atoms.

7 Conclusions

In this paper, we have considered directed bigraphs over polarized signatures, a bigraphical
model for concurrent, distributed system with resources and controls. The main difference with
previous versions of bigraphs is the capability of nodes (i.e., systems) to ask for resource access
(via the “positive ports”) and to control other’s requests, providing access to own resources (via
the negative ports). These bigraphs have RPO and IPO constructions, thus allowing to derive
systematically labelled transition systems from reactive systems, as in [JM03, GM07b], such
that the corresponding bisimilarities are always congruences. These directed bigraphs admit also
a notion of normal form, and a complete axiomatization.

We have exhibited the expressive power of this framework, by applying it some interesting
cases: a three-tier interaction between client, server and back-end service through a firewall,
the Petri nets (for which the induced IPO bisimilarity is proved to be sound with respect to η -
bisimilarity of open Petri nets), and chemical reactions. All these cases are faithfully encoded as
directed bigraphs with polarized signatures (possibly with sorting).

An interesting future work is to develop properly the treatment of web service interactions,
extending the ideas shown in Section 6.1. In particular, we would like to give a bigraphical
semantics of some formal calculus for web services, such as SCC or CC-Pi [BBC+06, BM07].

Another future development is to use this kind of bigraphs as a general framework for systems
biology. Some preliminary experiment about the representation of biochemical reactions, not
shown in this paper due to lack of space, are promising: ions, electrons, chemical links can
be represented as controls and arcs, and the place structure can be fruitfully used to represent
nesting of chemical compounds. It would be interesting to encode in directed bigraphs some
important formalism for systems biology, such as the κ -calculus [DL04]. Along this line, also
the possibility of adding quantitative aspects (i.e., reaction rates) sounds very promising.

Bibliography

[BBC+06] M. Boreale, R. Bruni, L. Caires, R. De Nicola, I. Lanese, M. Loreti, F. Martins,
U. Montanari, A. Ravara, D. Sangiorgi, V. Vasconcelos, G. Zavattaro. SCC: A Ser-
vice Centered Calculus. In Proc. WS-FM. LNCS 4184, pp. 38–57. Springer, 2006.

[BCE+07] P. Baldan, A. Corradini, H. Ehrig, R. Heckel, B. König. Bisimilarity and Behaviour-
Preserving Reconfigurations of Open Petri Nets. In Mossakowski et al. (eds.),

Proc. GT-VMT 2008 20 / 21



ECEASST

Proc. CALCO. Lecture Notes in Computer Science 4624, pp. 126–142. 2007.

[BDE+06] L. Birkedal, S. Debois, E. Elsborg, T. Hildebrandt, H. Niss. Bigraphical Models
of Context-Aware Systems. In Proc. FoSSaCS. Lecture Notes in Computer Sci-
ence 3921, pp. 187–201. Springer, 2006.

[BH06] M. Bundgaard, T. T. Hildebrandt. Bigraphical Semantics of Higher-Order Mo-
bile Embedded Resources with Local Names. Electr. Notes Theor. Comput. Sci.
154(2):7–29, 2006.

[BM07] M. G. Buscemi, U. Montanari. CC-Pi: A Constraint-Based Language for Speci-
fying Service Level Agreements. In Proc. ESOP. Lecture Notes in Computer Sci-
ence 4421, pp. 18–32. Springer, 2007.

[BS06] M. Bundgaard, V. Sassone. Typed polyadic pi-calculus in bigraphs. In Bossi and
Maher (eds.), Proc. PPDP. Pp. 1–12. ACM, 2006.

[DL04] V. Danos, C. Laneve. Formal molecular biology. Theor. Compu. Sci. 325, 2004.

[GM07a] D. Grohmann, M. Miculan. Directed bigraphs. In Proc. XXIII MFPS. Electronic
Notes in Theoretical Computer Science 173, pp. 121–137. Elsevier, 2007.

[GM07b] D. Grohmann, M. Miculan. Reactive Systems over Directed Bigraphs. In Proc. CON-
CUR 2007. Lecture Notes in Computer Science 4703, pp. 380–394. Springer, 2007.

[GM08] D. Grohmann, M. Miculan. An Algebra for Directed Bigraphs. In Mackie and Plump
(eds.), Proceedings of TERMGRAPH 2007. Electronic Notes in Theoretical Com-
puter Science 203(1), pp. 49–63. Elsevier, 2008.

[Jen08] O. H. Jensen. Mobile Processes in Bigraphs. PhD thesis, University of Aalborg,
2008. To appear.

[JM03] O. H. Jensen, R. Milner. Bigraphs and transitions. In Proc. POPL. Pp. 38–49. 2003.

[JM04] O. H. Jensen, R. Milner. Bigraphs and mobile processes (revised). Technical re-
port UCAM-CL-TR-580, Computer Laboratory, University of Cambridge, 2004.

[LM06] J. J. Leifer, R. Milner. Transition systems, link graphs and Petri nets. Mathematical
Structures in Computer Science 16(6):989–1047, 2006.

[Mil01] R. Milner. Bigraphical Reactive Systems. In Larsen and Nielsen (eds.), Proc. 12th
CONCUR. Lecture Notes in Computer Science 2154, pp. 16–35. Springer, 2001.

[Mil06] R. Milner. Pure bigraphs: Structure and dynamics. Information and Computation
204(1):60–122, 2006.

[Mil07] R. Milner. Local Bigraphs and Confluence: Two Conjectures. In Proc. EXPRESS
2006. Electronic Notes in Theoretical Computer Science 175(3), pp. 65–73. 2007.

[PV98] J. Parrow, B. Victor. The Fusion Calculus: Expressiveness and Symmetry in Mobile
Processes. In Proceedings of LICS ’98. Pp. 176–185. 1998.

21 / 21 Volume 10 (2008)


	Introduction
	Directed bigraphs over polarized signatures
	Algebra and Axiomatization
	Construction of RPOs
	Directed Bigraphical Reactive and Transition Systems
	Applications
	Three-tier interaction with access control
	Compositional Petri Nets
	Chemical Reactions

	Conclusions