Control of Safe Ordinary Petri Nets Using Unfolding

In this paper we deal with the problem of controlling a safe place/transition net so as to avoid a set of forbidden markings . We say that a given set of markings has property REACH if it is closed under the reachability operator. We assume that all transitions of the net are controllable and that the set of forbidden markings has the property REACH. The technique of unfolding is used to design a maximally permissive supervisor to solve this control problem. The supervisor takes the form of a set of control places to be added to the unfolding of the original net. The approach is also extended to the problem of preventing a larger set of impending forbidden marking. This is a superset of the forbidden markings that also includes all those markings from which—unless the supervisor blocks the plant—a marking in is inevitably reached in a finite number of steps. Finally, we consider the particular case in which the control objective is that of designing a maximally permissive supervisor for deadlock avoidance and we show that in this particular case our procedure can be efficiently implemented by means of linear algebraic techniques. Submitted to Discrete Event Dynamic Systems. A preliminary version of this paper titled “Control of safe ordinary Petri nets with marking specifications using unfolding,” was published in the Proc. IFAC WODES'04: 7th Work. on Discrete Event Systems (Reims, France), September 2004. Contact author is Alessandro Giua.     

Petri网展开图法的分析和应用

Petri网的展开图是一种特殊的并发系统状态空间搜索方法，它不需要重复考虑并发事件的所有可能的交集，从而大大缩减状态空间爆炸给验证分析带来的空间复杂度和时间复杂度。使用展开图分析Petri网的行为属性与传统的Petri网分析方法相比，具有自己的特点。该文首先介绍了Petri网展开图的构造算法，在此基础上使用展开图分析方法对一个典型Petri网的活性，有界性和可逆性等行为属性进行了分析，并与传统的Petri网分析方法作比较。     

Reverse Unfolding of Petri Nets and its Application in Program Data Race Detection

The unfolding technique can partially alleviate the state explosion in Petri nets through branching processes. However, all states of a system are still contained in its unfolding net. To deal with some practical problems, only the coverability determination of a specific state is needed. In view of this, reducing the scale of the unfolding net is feasible. This study proposes a target-oriented reverse unfolding algorithm for the coverability determination of 1-safe Petri nets, which combines a heuristic technique to reduce the scale of unfolding nets, thereby improving the efficiency of coverability determination. Furthermore, the reverse unfolding is applied to the formal verification of concurrent programs, and their data race detection is converted into the coverability determination of a specific state in 1-safe Petri nets. The experiment compares the efficiency between forward nfolding and reverse unfolding in the coverability determination of a Petri net. The results show that when the Petri net has more forward branches than backward branches, reverse unfolding is more efficient than forward unfolding. Finally, the key factors influencing the efficiency of reverse unfolding are analyzed.     

SAT-Solving the Coverability Problem for Petri Nets

Net unfoldings have attracted great attention as a powerful technique for combating state space explosion in model checking, and have been applied to verification of finite state systems including 1-safe (finite) Petri nets and synchronous products of finite transition systems. Given that net unfoldings represent the state space in a distributed, implicit manner the verification algorithm is necessarily a two step process: generation of the unfolding and reasoning about it. In his seminal work McMillan (K.L. McMillan, Symbolic Model Checking. Kluwer Academic Publishers, 1993) showed that deadlock detection on unfoldings of 1-safe Petri nets is NP-complete. Since the deadlock problem on Petri nets is PSPACE-hard it is generally accepted that the two step process will yield savings (in time and space) provided the unfoldings are small.In this paper we show how unfoldings can be extended to the context of infinite-state systems. More precisely, we show how unfoldings can be constructed to represent sets of backward reachable states of unbounded Petri nets in a symbolic fashion. Furthermore, based on unfoldings, we show how to solve the coverability problem for unbounded Petri nets using a SAT-solver. Our experiments show that the use of unfoldings, in spite of the two-step process for solving coverability, has better time and space characteristics compared to a traditional reachability based implementation that considers all interleavings for solving the coverability problem.     

时间Petri网弱语义模型的形式化分析

时间Petri网存在强语义和弱语义两种模型,弱语义模型更适合建模和分析外部环境触发的冲突选择问题,但其形式语义和可达性分析方面的研究,却很少有人问津。利用带标号的变迁系统定义时间Petri网弱语义模型的形式语义,采用时间戳状态类方法分析它的可达性,并证明了可达性问题的可判性和状态类时间戳的全局时间性质。     

Tutorial and Survey Articles: An introduction to Petri Nets

This paper describes the fundamental concepts and characteristics of Petri nets (PNs) that make them a significant tool for modeling and analyzing asynchronous systems with concurrent and parallel activities and follows the extensions that improved the implementation capabilities of the original PNs.

Their first and most relevant extension was time modeling, a vital aspect of system performances not considered in the original version. There are several possibilities for introducing time in PNs. Among them, a technique that associates time with places is presented in some detail. As PNs tend to become cumbersome and time consuming when large and complex systems are involved, a method for decomposing timed PNs of open queuing networks is reviewed here.

Though initially developed as an information/computer-based technique, PNs were immediately adopted in a variety of application areas, such as manufacturing, design, planning and control. Viewed through a more recently developed programming perspective, the ordinary PNs became “high level” PNs suitable for defining different data types and for applying hierarchical approaches.

It is expected that the robust theoretical basis of this tool coupled with its visual and flexibility features will continue to appeal to researchers and practitioners alike in a variety of domains and as a result will continue to evolve and expand.     

时间约束Petri网的状态可达及可调度分析算法

时间约束Petri网是具有广义时间约束的一类Petri网。时间约束的引入使TCPN’s的演化与系统每一时刻的状态密切相关,导致网的动态复杂性。目前有关TCPN’s状态可达性的研究仅局限于一些较简单的网,该文通过对TCPN’s的进一步研究,给出了更一般的可达性分析方法及变迁可调度决策算法,并讨论了含冲突结构的TCPN’s的可调度分析。     

基于Petri网展开的多线程程序数据竞争检测与重演

数据竞争是多线程程序的常见漏洞之一,传统的数据竞争分析方法在查全率和准确率方面难以两全,而且所生成检测报告难以定位漏洞的根源.鉴于Petri网在并发系统建模和分析方面具有行为描述精确、分析工具丰富的优点,提出一种基于Petri网展开的新型数据竞争检测方法.首先,对程序的某一运行轨迹进行分析和挖掘,构建程序的一个Petri网模型,它由单一轨迹挖掘得到,却可隐含程序的多个不同运行轨迹,由此可在保证效率的同时降低传统动态分析方法的漏报率;其次,提出基于Petri网展开的潜在数据竞争检测方法,相比静态分析方法在有效性上有较大提升,而且能明确给出数据竞争的产生路径;最后,对上一阶段检测到的潜在数据竞争,给出基于CalFuzzer平台的潜在死锁重演调度方法,可剔除误报,保证数据竞争检测结果的真实性.开发相应的原型系统,结合公开的程序实例验证了所提方法的有效性.     

A component framework for system modeling based on high-level replacement systems

The aim of this paper is to present a generic component framework for system modeling that satisfies main requirements for component-based development in software engineering. In this sense, we have defined a framework that can be used, by providing an adequate instantiation, in connection with a large class of semi-formal and formal modeling techniques. Moreover, the framework is also flexible with respect to the connection of components, providing a compositional semantics of components. This means more precisely that the semantics of a system can be inferred from the semantics of its components. In contrast to other component concepts for data type specification techniques, our component framework is based on a generic notion of transformations. In particular, refinements and transformations are used to express intradependencies, between the export interface and the body of a component, and interdependencies, between the import and the export interfaces of different components. The generic component framework generalizes module concepts for different kinds of Petri nets and graph transformation systems proposed in the literature, and seems to be also suitable for visual modeling techniques, including parts of the UML, if these techniques provide a suitable refinement or transformation concept. In this paper the generic approach is instantiated in two steps. First to high-level replacement systems generalizing the transformation concept of graph transformations. In a second step it is further instantiated to low-level and high-level Petri nets. To show applicability we present sample components from a case study in the domain of production automation as proposed in a priority program of the German Research Council (DFG).     

A congruence relation for sPBC

In this paper we define a congruence relation for regular terms of sPBC (stochastic Petri Box Calculus), by means of which we identify those processes that have the same behaviour, not only in terms of the multiactions that they can perform, but also taking into account the stochastic information that they have associated. In order to define this equivalence relation we have to define an adequate semantics for the synchronization operator, as well as a new labelled transition system for regular terms of sPBC.     

一种基于线性逻辑的Petri网分析方法

1 引言 Petri网是一种用网状图形表示系统模型的方法,能够从组织结构、控制和管理的角度,精确描述系统中事件(变迁)之间的依赖(顺序)和不依赖(并发)关系。Petri网理论提供了强大的分析方法,如不变量分析、系统性能分析(如活性)等以证明系统的正确性。近年来Petri网也被用来表示知识推理,例如用于诊断和监控,这就需要发展一种关于Petri网行为的推理主题。有些学者把经典逻辑和Petri网相结合,用Petri网表示产生式规则系统,网的框架代表基于产生式规则     

Petri网的反向展开及其在程序数据竞争检测的应用

展开技术借助分支进程可在一定程度上缓解Petri网性质分析中的状态爆炸问题.但展开网中仍然包含了系统的所有状态信息.某些应用问题仅需对系统特定状态的可覆盖性进行判定,以此为目标,有望缩减网系统展开的规模.为此,针对安全Petri网的可覆盖性判定问题提出了一种目标导向的反向展开算法,结合启发式技术缩减展开的规模,以此提高...     

Discrete event diagnosis using labeled Petri nets. An application to manufacturing systems

In this paper an approach to on-line diagnosis of discrete event systems based on labeled Petri nets is presented. The approach is based on the notion of basis markings and justifications and it can be applied both to bounded and unbounded Petri nets whose unobservable subnet is acyclic. Moreover it is shown that, in the case of bounded Petri nets, the most burdensome part of the procedure may be moved off-line, computing a particular graph called Basis Reachability Graph.Finally, the effectiveness of the proposed procedure is analyzed applying a MATLAB diagnosis toolbox we developed to a manufacturing example taken from the literature.     

基于随机对象Petri网的柔性制造系统性能分析

为了增强传统对象Petri网的定量分析能力,提出随机对象Petri网模型。该模型具备随机性和层次特性,获得与随机Petri网的等价关系,从宏观和微观2个层面对系统进行性能分析,并将该模型应用到柔性制造系统中。实验结果表明,该系统保留了面向对象的建模能力,具有较强的定量分析能力。     

基于Petri网下哲学家就餐问题模型的改进与推广

哲学家就餐问题是描述在共享资源下同步与并发的经典案例，活性与无饥饿性是求解此问题的前提，效率是基本要求。基于两个许可卡的传递策略，已经给出了无饥饿解的Petri网模型，并且在该模型基础上的改进解决了许可卡的传递问题同时也解决了拥有许可卡且准备就餐的两位相邻哲学家之间共享资源的冲突问题。然而以上改进并没有真正实现效率上的高效且不易推广到哲学家人数大于5位的情形。     

Petri Nets as Semantic Domain for Diagram Notations

This paper summarizes the work carried out by the authors during the last years. It proposes an approach for defining extensible and flexible formal interpreters for diagram notations based on high-level timed Petri nets.The approach defines interpreters by means of two sets of rules. The first set specifies the correspondences between the elements of the diagram notation and those of the semantic domain (Petri nets); the second set transforms events and states of the semantic domain into visual annotations on the elements of the diagram notation. The feasibility of the approach is demonstrated through MetaEnv, a prototype tool that allows users to implement special-purpose interpreters.     

混合语义时间Petri网的特征条件及时间性质

针对时间Petri网现有强、弱语义模型在调度分析上存在的缺陷以及凝练调度一致性问题和调度时限性问题,提出混合语义模型解决方案,并给出混合语义模型的特征条件,比较混合语义模型与强、弱语义模型的时间互模拟能力,证明混合语义模型的正确性和时间行为的不可替代性。     

Abstract processes of place/transition systems

A well-known problem in Petri net theory is to formalise an appropriate causality-based concept of process or run for place/transition systems. The so-called individual token interpretation, where tokens are distinguished according to their causal history, giving rise to the processes of Goltz and Reisig, is often considered too detailed. The problem of defining a fully satisfying more abstract concept of process for general place/transition systems has so-far not been solved. In this paper, we recall the proposal of defining an abstract notion of process, here called BD-process, in terms of equivalence classes of Goltz-Reisig processes, using an equivalence proposed by Best and Devillers. It yields a fully satisfying solution for at least all one-safe nets. However, for certain nets which intuitively have different conflicting behaviours, it yields only one maximal abstract process. Here we identify a class of place/transition systems, called structural conflict nets, where conflict and concurrency due to token multiplicity are clearly separated. We show that, in the case of structural conflict nets, the equivalence proposed by Best and Devillers yields a unique maximal abstract process only for conflict-free nets. Thereby BD-processes constitute a simple and fully satisfying solution in the class of structural conflict nets.     

基于对象Petri网的信息系统建模技术

针对复杂管理信息系统分析与建模的困难性,提出了一种基于Petri网和面向对象的建模技术,给出了对象Petri网系统OPN的形式化定义,具体介绍了用OPN进行信息系统建模分析的基本思路与方法,并通过一个典型的租赁管理系统建模对该方法进行了应用。