Petri Nets and Their Extensions - Part 2

Petri Nets: Expressibility and Ease of Modeling
Part 2 - Formal Analysis
Irina A. Lomazova
[email protected]
National Research University Higher School of Economics,
Laboratory of Process-Aware Information Systems (PAIS Lab)
Moscow, Russia
International Conference on Software Testing, Machine Learning
and Complex Process Analysis (TMPA 2019)
Tbilisi, Georgia (7-9 November 2019)

View Slide

Petri Nets - Agenda
Part 1 - Introduction and Extensions
on Thursday 07.11
Introduction and Initial Examples
Notion of Runs
Petri Net Extensions
Part 2 - Formal Analysis
on Saturday 09.11
Behavioral Properties
Structural Analysis
Irina A. Lomazova Petri Nets - Part 2: Formal Analysis 1 / 21

View Slide

Petri Nets - Short Recap
Formal Definition
A Petri net is a tuple PN = (P, T, F, W , M0) where:
P = {p1, p2, ..., pn} is a finite set of places.
T = {t1, t2, ..., tn} is a finite set of transitions. P ∩ T = ∅.
F ⊆ (P × T) ∪ (T × P) is a set of directed arcs (flow
relation).
W : F → {1, 2, 3, ...} is a weight function.
M0 : P → {0, 1, 2, 3, ...} is the initial marking.
A state of a Petri net is defined by a marking M : P → {0, 1, 2, 3, ...}

View Slide

Petri Nets - Short Recap
Transition Firing Rule - An Example
A Petri net N in a marking M with transition t enabled.
H
2
t
O
2
2
2 H
2
O
N with a new marking M after ﬁring transition t.
H
2
t
O
2
2
2 H
2
O

View Slide

Formal Analysis of Petri Nets

View Slide

Properties of Petri Nets
What can we do with the models?
A major advantage of Petri nets is their support for
a formal analysis of many properties associated with
concurrent systems.
Two types of properties can be studied:
1 Behavioral properties: Depending on the initial marking.
2 Structural properties: Free from the initial marking.

View Slide

Some decidable Behavioral Properties
1 Reachability
2 Boundedness
3 Coverability
4 Deadlock freeness
5 Liveness
6 Fairness
7 ...

View Slide

Reachability Graph
The reachability graph R(N, M0
) of a Petri net N is a rooted directed graph
where:
The root node is the initial marking M0
of N.
Each node in R(N, M0
) is a reachable marking from M0
.
Each edge in R(N, M0
) denotes the ﬁring of a transition t leading from
marking M to M .
t
2
p
2
p
4
t
1
p
1
p
3
t
3
p
5
(1, 1, 0, 0, 0)
M
0
=
(0, 1, 1, 0, 0) (1, 0, 0, 1, 0)
t
1
t
2
(0, 0, 0, 0, 1)
t
3
(0, 0, 1, 1, 0)
t
2
t
1

View Slide

Reachability Problem
Find if a marking M is reachable in a Petri net (N, M0
).
M ∈ R(N, M0
) ?
t
2
p
2
p
4
t
1
p
1
p
3
t
3
p
5
(1, 1, 0, 0, 0)
M
0
=
(0, 1, 1, 0, 0) (1, 0, 0, 1, 0)
t
1
t
2
(0, 0, 0, 0, 1)
t
3
(0, 0, 1, 1, 0)
t
2
t
1

View Slide

Boundedness
Check whether the number of tokens in each place
does not exceed an integer k, for any reachable marking.
produce
t
1
p
2
p
1
p
3
t
2
dispatch
storage
ready
buffer
reception
p
6
p
4
t
4
t
3
consume
t
5
p
5
request
Producer Consumer
Producer-Consumer model

View Slide

Safety
Two processes cannot be within the critical section at the same time.
t
1
local
Shared Key
t
2
t
3
waiting
critical t
5
t
6
t
4
waiting
critical
local
Process 1 Process 2
Mutex - Mutual Exclusion

View Slide

Liveness and Fairness
Liveness: It is always possible to fire any transition by progressing
through some firing sequence.
Fairness: Each transition is fired infinitely often (no starvation).
l
1
thinking
b
1
eating
r
1
b
2
thinking
r
2
eating
l
2
fork
r
4
eating
b
4
thinking
l
4
fork
b
3
eating
l
3
thinking
r
3
fork fork
Philosopher 4
Philosopher 1
Philosopher 3
Philosopher 2
The Dining Philosophers problem

View Slide

Structural Analysis

View Slide

Structural Analysis
Properties of Petri nets can be indeed proved by constructing
and analyzing the reachability graph.
However, the reachability graph may be huge (exponential
in the number of places) or inﬁnite.
Structural analysis → Prove properties without constructing
the reachability graph.

View Slide

Structural Analysis
Incidence Matrix of a Petri net N = (P, T, F, W , M0
)
Matrix C : P × T → Z
Rows correspond to places, and Columns to transitions.
Column t ∈ T denotes how the ﬁring of t aﬀects the net marking.
C(t, p) = W (t, p) − W (p, t)
t
2
p
2
t
1
p
1
p
3
t
3
critical
p
5
t
6
p
7
t
5
critical t
4
p
6
p
4
key
-1 0 1 0 0 0
1 -1 0 0 0 0
0 1 -1 0 0 0
0 -1 1 0 -1 1
0 0 0 -1 0 1
0 0 0 1 -1 0
0 0 0 0 1 -1
t
1
t
2
t
3
t
4
t
5
t
6
p
1
p
2
p
3
p
4
p
5
p
6
p
7

View Slide

Structural Analysis
Firing Equation
M = M + C · u
M is a marking written as a column vector,
i.e, M = (1 0 0 1 1 0 0)T
u is a column vector denoting a finite sequence of firings,
i.e, u = (1 1 0 1 0 0)T for the firing of t1
, t2
, and t4
(each once).
-1 0 1 0 0 0
1 -1 0 0 0 0
0 1 -1 0 0 0
0 -1 1 0 -1 1
0 0 0 -1 0 1
0 0 0 1 -1 0
0 0 0 0 1 -1
1
0
0
1
1
0
0
M
+
C
1
1
0
1
0
0
u
⋅
0
0
1
0
0
1
0
M '
=

View Slide

Structural Analysis
Proving Unreachability using the Incidence Matrix
Given a Petri net N with incidence matrix C, and M, M two
markings of N.
If M ∈ R(N, M), then it exists a vector u, such that
M = M + C · u, such that all entries of u are natural numbers.
Corollary
If M = M + C · u has no natural solution for u, then
M /
∈ R(N, M)

View Slide

Structural Analysis
Proving Unreachability using the Incidence Matrix
Corollary
If M = M + C · u has no natural solution for u, then
M /
∈ R(N, M)
Consider the following Petri net N, and a target marking
M = (1 1)T
t
1
p
1
t
2
p
2
-1 1
1 -1
1
0
M
0
+
C
⋅ =
u
u
1
u
2
1
1
M '
M = M0 + C · u has no natural
solution. M is not reachable.

View Slide

Structural Analysis
Place Invariants (P-invariants)
Given a Petri net N and its incidence matrix C,
a place invariant is a natural solution for CT · x = 0.
x is a vector with one entry for each place.
t
2
p
2
t
1
p
1
p
3
t
3
critical
p
5
t
6
p
7
t
5
critical t
4
p
6
p
4
key
Some P-invariants for N
x1
= (1 1 1 0 0 0 0)T
x2
= (0 0 1 1 0 0 1)T
x3
= (0 0 0 0 1 1 1)T
P-invariants indicate that the number of tokens in all markings satisﬁes
some linear invariant.

View Slide

Structural Analysis
Place Invariants - Properties
Let M be a reachable marking by some transition ﬁrings expressed
by u.
M = M0 + C · u.
Let x be a P-invariant. Then, the following holds:
MT x = (M0 +Cu)T x = MT
0
x +(Cu)T x = MT
0
x +uT CT x = MT
0
x
Therefore,
MT x = MT
0
x

View Slide

Structural Analysis
Place Invariants - Examples
Proving Mutual Exclusion
CT · x = 0 with C the incidence matrix of Petri net N.
x = (0 0 1 1 0 0 1)T , MT x = MT
0
x
t
2
p
2
t
1
p
1
p
3
t
3
critical
p
5
t
6
p
7
t
5
critical t
4
p
6
p
4
key
Process 1 Process 2
M(p3
) + M(p4
) + M(p7
) = M0
(p3
) + M0
(p4
) + M0
(p7
) = 1

View Slide

Structural Analysis
The weighted token sum 1 ∗ M(man) + 1 ∗ M(woman) + 2 ∗ M(couple)
for the Petri net below is an invariant, i.e, no transition can change it.
t
1
man
marriage t
2
divorce
couple
woman
1 ∗ M(man) + 1 ∗ M(woman) + 2 ∗ M(couple) = 7
M0
: 2 + 3 + 2 ∗ 1 = 7

View Slide

Structural Analysis
t
1
man
marriage t
2
divorce
couple
woman
M0
: 2 + 3 + 2 ∗ 1 = 7
M : 3 + 4 + 2 ∗ 0 = 7 (Firing of transition divorce)

View Slide

Structural Analysis
t
1
man
marriage t
2
divorce
couple
woman
M0
: 2 + 3 + 2 ∗ 1 = 7
M : 1 + 2 + 2 ∗ 2 = 7 (ﬁring of transition marriage)

View Slide

Structural Analysis
Traps
A set of places S ⊆ P such that S• ⊆ •S.
Each transition which removes tokens from a trap put also at least one
token back in the trap.
Trap S = {nc1, nc2}
t
2
p
2
t
1
p
1
p
3
t
3
critical
p
5
t
6
p
7
t
5
critical t
4
p
6
nc
2
nc
1
Transitions t2
and t5
remove and put back tokens in the trap S.

View Slide

Structural Analysis
Traps - A support for proving mutual exclusion
Prove: M(p3
) + M(p7
) ≤ 1.
Places p3
and p7
(critical sections) must not be marked at the same time.
t
2
p
2
t
1
p
1
p
3
t
3
critical
p
5
t
6
p
7
t
5
critical t
4
p
6
nc
2
nc
1

View Slide

Structural Analysis
Traps - A support for proving mutual exclusion
Prove: M(p3
) + M(p7
) ≤ 1.
Places p3
and p7
(critical sections) must not be marked at the same time.
Calculating P-invariants we obtain:
(1) M(p3
) + M(nc1
) = 1
(2) M(p7
) + M(nc2
) = 1
The trap S = {nc1, nc2} is marked at M0
, and therefore in all reachable
markings. Thus,
(3) M(nc1
) + M(nc2
) ≥ 1
Adding (1) and (2) and substracting (3) yields: M(p3
) + M(p7
) ≤ 1

View Slide

Formal Analysis
A Short Remark - On the Analysis of Petri net models with
extensions
The properties and analysis techniques explained so far are
considered for the class of ordinary Petri nets.
For extensions of Petri nets, to increase the expressibility
comes at the price of making less tractable (and in some cases
undecidable) the formal analysis of properties.
However, several techniques have been proposed for the
further analysis of properties on models with such extensions,
i.e, compositional approaches.

View Slide

Petri Nets and Their Extensions - Part 2

Petri Nets and Their Extensions - Part 2

Exactpro
PRO

More Decks by Exactpro

Other Decks in Technology

Featured

Transcript

Petri Nets and Their Extensions - Part 2

Petri Nets and Their Extensions - Part 2

Exactpro PRO

More Decks by Exactpro

Other Decks in Technology

Featured

Transcript

Exactpro
PRO