Correctness of Graph Programs Relative to HR + Conditions

In (Pennemann 2009), the correctness of graph programs relative to nested graph conditions is considered. Since these conditions are expressively equivalent to rst-order graph formulas, non-local graph properties in the sense of Gaifman are not expressible by nested graph conditions. We generalize the concept of nested graph conditions to socalled HR conditions and investigate the correctness for graph programs relative to these generalized conditions. Modeling of system states. As software systems increase in complexity, there is a growing need for design concepts that allow an intuitive overview of a system, usually by visual modeling techniques. Graph transformation systems are a visual modeling approach that emphasizes the interconnections of data structures. The states of a regarded real-world system are modeled by graphs, and changes to the system state are described by graph programs. Structural properties of the system are described by graph conditions. In [6], nested graph conditions are introduced. These conditions enhance rst-order logic on graphs with a graphical representation of the nodes and edges involved. Nested conditions are expressively equivalent to rst-order graph properties [10]. As such, they can express only local properties in the sense of Gaifman [4]. However, many real-world properties are non-local, i.e. they cannot be expressed by nested graph conditions. For instance, it is not possible to express the property there is a path from node 1 to node 2 , the connectedness or circlefreeness of a graph with these conditions, as these properties go beyond the kneighbourhood for any node and any xed k. Therefore, an extension is desired that can capture such properties. HR conditions. We propose to integrate hyperedge replacement systems with the nested graph conditions to form HR conditions [8]. The graphs in HR conditions are enriched with hyperedge variables, which are then replaced by graphs according to a hyperedge replacement system. Further enhancement to deal with subgraphs leads to HR conditions. This way, non-local properties can be expressed by hyperedge replacement. In fact, HR conditions are more expressive than monadic second-order formulas over graphs. The HR condition ∃(• • 1 2 + ) ? This work is supported by the German Research Foundation (DFG), grants GRK 1076/1 (Graduate School on Trustworthy Software Systems). with the hyperedge replacement system + ::= • • 1 2 |• • • 1 2 + is satis ed for all graphs with a path between two nodes 1 and 2. The following car platooning example after [9] may further illustrate the need for increased expressiveness. In order to save space and gas on highway lanes, cars travelling in the same direction drive in platoons, i.e. a tight row of cars with little distance in between. To ensure safety, the cars are partially controlled by a system adhering to a car platooning protocol. Each platoon has one and only one leader (designated by a small α) and an arbitrary number of followers. This property is representated by the following condition: