Discovering anomalous frequent patterns from partially ordered event logs

Conformance checking allows organizations to compare process executions recorded by the IT system against a process model representing the normative behavior. Most of the existing techniques, however, are only able to pinpoint where individual process executions deviate from the normative behavior, without considering neither possible correlations among occurred deviations nor their frequency. Moreover, the actual control-flow of the process is not taken into account in the analysis. Neglecting possible parallelisms among process activities can lead to inaccurate diagnostics; it also poses some challenges in interpreting the results, since deviations occurring in parallel behaviors are often instantiated in different sequential behaviors in different traces. In this work, we present an approach to extract anomalous frequent patterns from historical logging data. The extracted patterns can exhibit parallel behaviors and correlate recurrent deviations that have occurred in possibly different portions of the process, thus providing analysts with a valuable aid for investigating nonconforming behaviors. Our approach has been implemented as a plug-in of the ESub tool and evaluated using both synthetic and real-life logs.     

基于DISCOVERER的Petri网不变式自动生成*

在Petri网的验证中,代数不变式起着非常重要的作用。将Petri网建模为半代数变迁系统,提出了自动生成不变式的算法,该不变式有助于更好地分析Petri网可达空间。算法首先将Petri网的不变式假定为一个含参数系统,然后通过求解半代数系统来求解不变式中的参数;最后,基于DISCOVERER和QEPCAD等Maple软件包实现了该算法,并通过实例说明了算法的有效性。     

Switched LAN simulation by colored Petri nets

The methodology of switched LAN models construction in the form of colored Petri net is introduced. For the simulation and analysis of the model the Design/CPN tool is used. The tasks of estimation of LAN switch’s buffer size and network response time were solved. The components of the model are switches, servers, and workstations.     

一种随机着色Petri网及模型的性能分析

针对随机Petri网（SPN）在系统性能分析时,其状态空间随着系统规模增大而指数性增长,造成求解稳定状态概率的复杂性的不足,提出了一种随机着色Petri网（SCPN）。分析了它的有界性和可达性,证明了它同构于一个一维连续时间的马尔可夫链;同时,也分析了随机着色Petri网用于建模和系统性能定量分析的方法。     

Algebraically structured colored Petri nets to model sequentialprocesses

Sequential processes can hardly be modeled with Colored Petri Nets (CPN). Their standard functions (such as "Succ" and "Prec") can only describe simple cases whereas modeling a complex sequence requires the definition of a function via a cumbersome and static table. In order to overcome these limitations, we first introduce a mixed structure based upon CPN and FIFO queues; then, we define an isomorphism between the set of colors and a finite field Z/pZ enabling symbolic calculation using polynomials associated with arcs instead of linear functions mapping sets into sets. Finally, several examples illustrate their modeling capabilities including failure recovery.     

改进型有色Petri网的安全协议分析

利用有色Petri网分析安全协议时存在空间爆炸问题,对此提出了构建入侵者成功攻击安全协议所需知识集RI与入侵者可以获得的知识集KI,并定义入侵成功函数的改进型有色Petri网。利用改进型有色Petri网对具体的Helsinki协议和TMN协议进行了分析。实验表明,该方法能大大简化带有入侵者的Petri网模型的构造过程,有效缓解了Petri网在分析安全协议时的空间爆炸问题。