Petri网的反向展开及其在程序数据竞争检测的应用

展开技术借助分支进程可在一定程度上缓解Petri网性质分析中的状态爆炸问题.但展开网中仍然包含了系统的所有状态信息.某些应用问题仅需对系统特定状态的可覆盖性进行判定,以此为目标有望缩减网系统展开的规模.为此,本文针对安全Petri网的可覆盖性判定问题提出了一种目标导向的反向展开算法,结合启发式技术缩减展开的规模,以此提高目标标识可覆盖性判定的效率.进而,将反向展开算法应用于并发程序的形式化验证,将并发程序的数据竞争检测问题转换为Petri网特定标识的可覆盖性判定问题.实验对比了正向展开与反向展开在Petri网可覆盖性判定问题上的效率,结果表明,当Petri网展开的正向分支较多时,反向展开相比正向展开具有更高的可覆盖性判定效率.最后,本文对影响反向展开效率的关键因素做了分析与总结.     

SAT-Solving the Coverability Problem for Petri Nets

Net unfoldings have attracted great attention as a powerful technique for combating state space explosion in model checking, and have been applied to verification of finite state systems including 1-safe (finite) Petri nets and synchronous products of finite transition systems. Given that net unfoldings represent the state space in a distributed, implicit manner the verification algorithm is necessarily a two step process: generation of the unfolding and reasoning about it. In his seminal work McMillan (K.L. McMillan, Symbolic Model Checking. Kluwer Academic Publishers, 1993) showed that deadlock detection on unfoldings of 1-safe Petri nets is NP-complete. Since the deadlock problem on Petri nets is PSPACE-hard it is generally accepted that the two step process will yield savings (in time and space) provided the unfoldings are small.In this paper we show how unfoldings can be extended to the context of infinite-state systems. More precisely, we show how unfoldings can be constructed to represent sets of backward reachable states of unbounded Petri nets in a symbolic fashion. Furthermore, based on unfoldings, we show how to solve the coverability problem for unbounded Petri nets using a SAT-solver. Our experiments show that the use of unfoldings, in spite of the two-step process for solving coverability, has better time and space characteristics compared to a traditional reachability based implementation that considers all interleavings for solving the coverability problem.     

Petri网展开图法的分析和应用

Petri网的展开图是一种特殊的并发系统状态空间搜索方法，它不需要重复考虑并发事件的所有可能的交集，从而大大缩减状态空间爆炸给验证分析带来的空间复杂度和时间复杂度。使用展开图分析Petri网的行为属性与传统的Petri网分析方法相比，具有自己的特点。该文首先介绍了Petri网展开图的构造算法，在此基础上使用展开图分析方法对一个典型Petri网的活性，有界性和可逆性等行为属性进行了分析，并与传统的Petri网分析方法作比较。     

Checking system boundedness using ordinary differential equations

Boundedness is one of the most important properties of discrete Petri nets. Determining the boundedness of a Petri net is usually done through building coverability graph or coverability tree. However, the computation is infeasible for complex applications because the size of the coverability graph may increase faster than any primitive recursive functions. This paper proposes a new technique to check the boundedness without causing this problem. Let a concurrent system be represented by a (discrete) Petri net. By relaxing the (discrete) Petri net to a continuous Petri net, we can model the concurrent system by a family of ordinary differential equations. It has been shown that the boundedness of the discrete Petri net is equivalent to the boundedness of the solutions of the corresponding ordinary differential equations. Hence, we can check the boundedness of a (discrete) Petri net by analyzing the solutions of a family of ordinary differential equations. A case study demonstrates the benefits of our technique.     

基于通信Petri网的异步通信程序验证模型

由于多栈的模型图灵等价,因此通用的异步通讯程序模型的验证问题不可判定.为此,基于Petri网,提出了一个新的模型通讯——通讯Petri网对异步通讯程序进行刻画,通过对输入通讯进行k-型限制,以及对每个栈进行基于正则语言泵引理的抽象,通过将这样限制下的模型编码到数据Petri网,证明了限制下的新模型可覆盖性可判定.     

S-invariant analysis of general recursive Petri boxex

The paper shows how to synthesise S-invariants and S-components for Petri Boxes constructed through general recursions, from S-invariants/S-components of their constituents. The construction is based on the tree-structure of the interface places used to define this operator and extends similar results obtained for the refinement operator. Emphasis is put on deriving coverability results; these results are then used to show that all the nets obtained through refinements and recursions from a family covered by S-components are self-concurrency free, at most 2-safe and exhibit a generalised emptiness property; in particular, this is the case for the nets obtained in the translation of the process algebra of Box expressions.Work done within the Esprit Basic Research Working Group 6067     

Some decision problems related to the reachability problem for Petri nets

In this paper, we show that (1) the question to decide whether a given Petri net is consistent, M_o-reversible or live is reduced to the reachability problem in a unified manner, (2) the reachability problem for Petri nets is equivalent to the equality problem and the inclusion problem for the sets of all firing sequences of two Petri nets, (3) the equality problem for the sets of firing sequences of two Petri nets with only two unbounded places under homomorphism is undecidable, (4) the coverability and reachability problems are undecidable for generalized Petri nets in which a distinguished transition has priority over the other transitions, and (5) the reachability problem is undecidable for generalized Petri nets in which some transitions can reset a certain place to zero marking.     

非交互式Petri网可覆盖性验证的高效实现

近年来,基于Petri网可覆盖性的验证技术已经成功地应用于并发程序的验证与分析中.然而,由于Petri网的可覆盖性问题复杂度太高,这类技术在应用时有较大的局限性,对于输入规模较大的问题常常会出现超时的情况.而Petri网的一个子系统——非交互式Petri网,其可覆盖性和可达性复杂性均是NP完备的,同时表达力又可以作为某类并发程序的验证模型.设计并实现了可以高效验证非交互式Petri网可覆盖性的工具CFPCV.采用基于约束的方法,从模型中提取约束,并使用Z3 SMT求解器对约束进行求解,同时,通过子网可标记方法对候选解进行验证,从而保证每组解都是正确解.通过实验分析了该工具的成功率、迭代次数以及运行效率,发现该算法不仅验证成功率高,而且性能非常优异.     

Diagnosability of Petri nets with observation graphs

This paper addresses the problem of diagnosability for dynamic discrete event systems modeled with bounded or unbounded Petri nets that are deadlock-free and monitored with sensor configurations with marking and event measurements. The proposed method gives necessary and sufficient conditions for diagnosability. It is based on the transformation of the coverability graph into an observation graph that encodes all observation sequences of measured markings and events with respect to the sensor configuration. This graph also encodes all sequences of transitions that may fire from any reachable marking of the Petri net. Diagnosability is determined by analyzing the paths and circuits in the observation graph. The method is illustrated with several examples of bounded or unbounded Petri nets.     

Verification of bounded Petri nets using integer programming

Model checking based on the causal partial order semantics of Petri nets is an approach widely applied to cope with the state space explosion problem. One of the ways to exploit such a semantics is to consider (finite prefixes of) net unfoldings—themselves a class of acyclic Petri nets—which contain enough information, albeit implicit, to reason about the reachable markings of the original Petri nets. In [19], a verification technique for net unfoldings was proposed, in which deadlock detection was reduced to a mixed integer linear programming problem. In this paper, we present a further development of this approach. The essence of the proposed modifications is to transfer the information about causality and conflicts between the events involved in an unfolding, into a relationship between the corresponding integer variables in the system of linear constraints. Moreover, we present some problem-specific optimisation rules, reducing the search space. To solve other verification problems, such as mutual exclusion or marking reachability and coverability, we adopt Contejean and Devie's algorithm for solving systems of linear constraints over the natural numbers domain and refine it, by taking advantage of the specific properties of systems of linear constraints to be solved. Another contribution of this paper is a method of re-formulating some problems specified in terms of Petri nets as problems defined for their unfoldings. Using this method, we obtain a memory efficient translation of a deadlock detection problem for a safe Petri net into an LP problem. We also propose an on-the-fly deadlock detection method. Experimental results demonstrate that the resulting algorithms can achieve significant speedups.

Observability of place/transition nets

We discuss the problem of estimating the marking of a place/transition (P/T) net based on event observation. We assume that the net structure is known while the initial marking is totally or partially unknown. We give algorithms to compute a marking estimate that is a lower bound of the actual marking. The special structure of Petri nets allows us to use a simple linear algebraic formalism for estimate and error computation. The error between actual marking and estimate is a monotonically nonincreasing function of the observed word length, and words that lead to error are said to be complete. We define several observability properties related to the existence of complete words, and show how they can be proved. To prove some of them, we also introduce a useful tool, the observer coverability graph, i.e., the usual coverability graph of a P/T net augmented with a vector that keeps track of the estimation error on each place of the net. Finally, we show how the estimate generated by the observer may be used to design a state feedback controller for forbidden marking specifications.     

Net structure and control logic synthesis of controlled Petri nets

Control logic synthesis of discrete-event systems is considered in the setting of controlled Petri nets. The problem is to find a control policy that restricts the behavior of a controlled Petri net so that a collection of forbidden state conditions is satisfied. S-decreases are introduced as a tool for the control synthesis. The S-decreases are weight vectors defined on the places of a net such that the weighted sum of tokens in the net never increases with any transition firing. On the basis of S-decreases, the authors propose an efficient method for the synthesis of the maximally permissive state feedback control polity for a class of controlled Petri nets whose uncontrolled subnets are forward and backward conflict-free nets. This method upgrades all integer linear programming-based methods for which one only requires to solve the much simpler linear programming problems to determine maximally permissive controls     

An Improvement of McMillan's Unfolding Algorithm

McMillan has recently proposed a new technique to avoid the state explosion problem in the verification of systems modelled with finite-state Petri nets. The technique requires to construct a finite initial part of the unfolding of the net. McMillan's algorithm for this task may yield initial parts that are larger than necessary (exponentially larger in the worst case). We present a refinement of the algorithm which overcomes this problem.     

Software modeling and analysis using a hierarchical object-oriented Petri net

Petri net is used widely to analyze and model various systems formally. Recently, many Petri nets mania devote their efforts to enhancing and extending the expressive power of Petri nets. One such effort is to extend Petri nets with object-oriented concepts. An object-oriented paradigm provides excellent concepts to model real-world problems. Object-oriented concepts allow us to build software systems easily, intuitively, and naturally. Although several high-level Petri nets with the concept of objects are suggested, these nets do not fully support the object-oriented concepts. In this paper, we propose a hierarchical object-oriented Petri net (HOONet). The formal syntax and semantics of HOONet are explained in detail. HOONet supports a wide range of object-oriented features including abstract, encapsulated and modularized objects, object interaction by message passing, inheritance, and ploymorphism. HOONet also supports a variety of modeling and analysis mechanisms such as incremental modeling of evolving systems, unfolding the HOONet to lower level Petri net, and incremental reachability analysis for HOONet models. We demonstrate the usefulness of HOONet by applying it to modeling and analysis with an example.     

Automating the Conversion of Colored Petri Nets with Qualitative Tokens Into Colored Petri Nets with Quantitative Tokens

The authors describe an algorithm for conversion of colored Petri nets with qualitative tokens into a colored Petri net with quantitative tokens preserving boundedness, mutual exclusion, and liveness properties. This conversion allows the invariance method to be applied to colored Petri nets, which uses the Truncated Set of Solutions finding algorithm for Petri net state equations expressed through systems of linear homogenous Diophantine equations. To show the algorithm’s efficiency, it is applied to the colored Petri net that models the operation of a grid system. Equivalence of net models is tested by constructing and analyzing equal finite-state machine.     

A technique of state space search based on unfolding

Unfoldings of Petri nets provide a method of searching the state space of concurrent systems without considering all possible interleavings of concurrent events. A procedure is given for constructing the unfolding of a Petri net, terminating the construction when it is sufficient to represent all reachable markings. This procedure is applied to hazard and deadlock detection in asynchronous circuits. Examples are given of scalable systems with exponential size state spaces, but polynomial size unfoldings, including a distributed mutual exclusion ring circuit.School of Computer Science, Carnegie Mellon University     

Petri net based formal analysis for multimedia conferencing services orchestration

Development of services that span over the Internet and Telecom networks is driving significant efforts towards the integrated of services offered by Telecom operators. Service-oriented communication (SOC) is a new trend in the industry to enable communication through a service-oriented architecture (SOA) and thereby package communications as services. In this paper, we firstly introduce the design and implementation for business process execution language (BPEL) based multimedia conferencing communication services orchestration, and mainly focus on the issue of guaranteeing the correctness of such applications, we presents a Petri net-based approach to analyzing the BPEL based multimedian conferencing communication services orchestration correctness and also a set of translation rules is proposed to transform BPEL processes into Petri nets. Especially, we define the correctness of multimedia conferencing services orchestration and address the verification method based on Petri nets. The algorithms and corresponding reliable issues have been proposed, such as the coverability tree for detecting flow safeness, the incidence matrix & state equation for finding reachable issues, and a transitive matrix for detecting a deadlock problem. With the Petri Net Markup Language (PNML) are introduced to transform a orchestrated services into a Petri net model, and providing an automated support for the formal analysis of their behavior. Finally, we give the conclusions.     

随机时间Petri网综述

随机时间Petri网作为一种灵活有力的建模机制,被广泛应用于计算机和通信系统的性能与可靠性评价。综述了随机时间Petri网各主要予类的发展历程与研究现状。首先介绍了随机时间Petrl网的一些基本概念,然后回顾了广义随机Petri网,简要总结了处理状态空间爆炸问题的主要途径,讨论了非马尔科夫随机Petri网及其分析技术,最后详细分析了流体随机Petri网。     

无冲突Petri网的结构活性判定研究

结构活性作为Petri网的重要结构性质,在Petri网活性判定领域具有较高的研究价值。从Petri网有向回路对结构活性的影响入手,分析与判定无冲突Petri网的结构活性,讨论库所元素及其后置变迁之间是否存在有向回路对Petri网结构活性的影响,研究该类Petri网结构活性判定方法的相关条件与结论,得到无冲突Petri网是满足结构活性的充分必要条件。分析结果表明,该判定方法可在多项式时间内判定无冲突Petri网的结构活性。     

Small Vertex Cover makes Petri Net Coverability and Boundedness Easier

The coverability and boundedness problems for Petri nets are known to be Expspace-complete. Given a Petri net, we associate a graph with it. With the vertex cover number k of this graph and the maximum arc weight W as parameters, we show that coverability and boundedness are in ParaPspace. This means that these problems can be solved in space $\mathcal{O} ({\mathit{ef}}(k, W){\mathit{poly}}(n) )$ , where ef(k,W) is some super-polynomial function and poly(n) is some polynomial in the size of the input n. We then extend the ParaPspace result to model checking a logic that can express some generalizations of coverability and boundedness.