-
Sleptsov Nets are Turing-complete
Authors:
Bernard Berthomieu,
Dmitry A. Zaitsev
Abstract:
The present paper proves that a Sleptsov net (SN) is Turing-complete, that considerably improves, with a brief construct, the previous result that a strong SN is Turing-complete. Remind that, unlike Petri nets, an SN always fires enabled transitions at their maximal firing multiplicity, as a single step, leaving for a nondeterministic choice of which fireable transitions to fire. A strong SN restr…
▽ More
The present paper proves that a Sleptsov net (SN) is Turing-complete, that considerably improves, with a brief construct, the previous result that a strong SN is Turing-complete. Remind that, unlike Petri nets, an SN always fires enabled transitions at their maximal firing multiplicity, as a single step, leaving for a nondeterministic choice of which fireable transitions to fire. A strong SN restricts nondeterministic choice to firing only the transitions having the highest firing multiplicity.
△ Less
Submitted 14 December, 2023; v1 submitted 17 June, 2023;
originally announced June 2023.
-
A Polyhedral Abstraction for Petri nets and its Application to SMT-Based Model Checking
Authors:
Nicolas Amat,
Bernard Berthomieu,
Silvano Dal Zilio
Abstract:
We define a new method for taking advantage of net reductions in combination with a SMT-based model checker. Our approach consists in transforming a reachability problem about some Petri net, into the verification of an updated reachability property on a reduced version of this net. This method relies on a new state space abstraction based on systems of constraints, called polyhedral abstraction.…
▽ More
We define a new method for taking advantage of net reductions in combination with a SMT-based model checker. Our approach consists in transforming a reachability problem about some Petri net, into the verification of an updated reachability property on a reduced version of this net. This method relies on a new state space abstraction based on systems of constraints, called polyhedral abstraction. We prove the correctness of this method using a new notion of equivalence between nets. We provide a complete framework to define and check the correctness of equivalence judgements; prove that this relation is a congruence; and give examples of basic equivalence relations that derive from structural reductions. Our approach has been implemented in a tool, named SMPT, that provides two main procedures: Bounded Model Checking (BMC) and Property Directed Reachability (PDR). Each procedure has been adapted in order to use reductions and to work with arbitrary Petri nets. We tested SMPT on a large collection of queries used in the Model Checking Contest. Our experimental results show that our approach works well, even when we only have a moderate amount of reductions.
△ Less
Submitted 11 October, 2022; v1 submitted 20 April, 2021;
originally announced April 2021.
-
Checking marking reachability with the state equation in Petri net subclasses
Authors:
Thomas Hujsa,
Bernard Berthomieu,
Silvano Dal Zilio,
Didier Le Botlan
Abstract:
Although decidable, the marking reachability problem for Petri nets is well-known to be intractable in general, and a non-elementary lower bound has been recently uncovered. In order to alleviate this difficulty, various structural and behavioral restrictions have been considered, allowing to relate reachability to properties that are easier to check. For a given initial marking, the set of potent…
▽ More
Although decidable, the marking reachability problem for Petri nets is well-known to be intractable in general, and a non-elementary lower bound has been recently uncovered. In order to alleviate this difficulty, various structural and behavioral restrictions have been considered, allowing to relate reachability to properties that are easier to check. For a given initial marking, the set of potentially reachable markings is described by the state equation solutions and over-approximates the set of reachable markings.
In this paper, we delineate several subclasses of weighted Petri nets in which the set of reachable markings equals the set of potentially reachable ones, a property we call the PR-R equality. When fulfilled, this property allows to use linear algebra to answer the reachability questions, avoiding a brute-force analysis of the state space. Notably, we provide conditions under which this equality holds in classes much more expressive than marked graphs, adding places with several ingoing and outgoing transitions, which allows to model real applications with shared buffers. To achieve it, we investigate the relationship between liveness, reversibility, boundedness and potential reachability in Petri nets. We also show that this equality does not hold in classes with close modeling capability when the conditions are relaxed.
△ Less
Submitted 9 June, 2020;
originally announced June 2020.
-
On the Petri Nets with a Single Shared Place and Beyond
Authors:
Thomas Hujsa,
Bernard Berthomieu,
Silvano Dal Zilio,
Didier Le Botlan
Abstract:
Petri nets proved useful to describe various real-world systems, but many of their properties are very hard to check. To alleviate this difficulty, subclasses are often considered. The class of weighted marked graphs with relaxed place constraint (WMG=< for short), in which each place has at most one input and one output, and the larger class of choice-free (CF) nets, in which each place has at mo…
▽ More
Petri nets proved useful to describe various real-world systems, but many of their properties are very hard to check. To alleviate this difficulty, subclasses are often considered. The class of weighted marked graphs with relaxed place constraint (WMG=< for short), in which each place has at most one input and one output, and the larger class of choice-free (CF) nets, in which each place has at most one output, have been extensively studied to this end, with various applications.
In this work, we develop new properties related to the fundamental and intractable problems of reachability, liveness and reversibility in weighted Petri nets. We focus mainly on the homogeneous Petri nets with a single shared place (H1S nets for short), which extend the expressiveness of CF nets by allowing one shared place (i.e. a place with at least two outputs and possibly several inputs) under the homogeneity constraint (i.e. all the output weights of the shared place are equal). Indeed, this simple generalization already yields new challenging problems and is expressive enough for modeling existing use-cases, justifying a dedicated study.
One of our central results is the first characterization of liveness in a subclass of H1S nets more expressive than WMG=< that is expressed by the infeasibility of an integer linear program (ILP) of polynomial size. This trims down the complexity to co-NP, contrasting with the known EXPSPACE-hardness of liveness in the more general case of weighted Petri nets. In the same subclass, we obtain a new reachability property related to the live markings, which is a variant of the well-known Keller's theorem. Another central result is a new reversibility characterization for the live H1S class, simplifying its checking. Finally, we apply our results to use-cases, highlight their scalability and discuss their extensibility to more expressive classes.
△ Less
Submitted 10 May, 2020;
originally announced May 2020.
-
Petri Net Reductions for Counting Markings
Authors:
Bernard Berthomieu,
Didier Le Botlan,
Silvano Dal Zilio
Abstract:
We propose a method to count the number of reachable markings of a Petri net without having to enumerate these rst. The method relies on a structural reduction system that reduces the number of places and transitions of the net in such a way that we can faithfully compute the number of reachable markings of the original net from the reduced net and the reduction history. The method has been implem…
▽ More
We propose a method to count the number of reachable markings of a Petri net without having to enumerate these rst. The method relies on a structural reduction system that reduces the number of places and transitions of the net in such a way that we can faithfully compute the number of reachable markings of the original net from the reduced net and the reduction history. The method has been implemented and computing experiments show that reductions are eective on a large benchmark of models.
△ Less
Submitted 9 July, 2018;
originally announced July 2018.
-
Automating the Verification of Realtime Observers using Probes and the Modal mu-calculus
Authors:
Silvano Dal Zilio,
Bernard Berthomieu
Abstract:
A classical method for model-checking timed properties-such as those expressed using timed extensions of temporal logic-is to rely on the use of observers. In this context, a major problem is to prove the correctness of observers. Essentially, this boils down to proving that: (1) every trace that contradicts a property can be detected by the observer; but also that (2) the observer is innocuous, m…
▽ More
A classical method for model-checking timed properties-such as those expressed using timed extensions of temporal logic-is to rely on the use of observers. In this context, a major problem is to prove the correctness of observers. Essentially, this boils down to proving that: (1) every trace that contradicts a property can be detected by the observer; but also that (2) the observer is innocuous, meaning that it cannot interfere with the system under observation. In this paper, we describe a method for automatically testing the correctness of realtime observers. This method is obtained by automating an approach often referred to as visual verification, in which the correctness of a system is performed by inspecting a graphical representation of its state space. Our approach has been implemented on the tool Tina, a model-checking toolbox for Time Petri Net.
△ Less
Submitted 22 September, 2015;
originally announced September 2015.
-
Latency Analysis of an Aerial Video Tracking System Using Fiacre and Tina
Authors:
Silvano Dal Zilio,
Bernard Berthomieu,
Didier Le Botlan
Abstract:
We describe our experience with modeling a video tracking system used to detect and follow moving targets from an airplane. We provide a formal model that takes into account the real-time properties of the system and use it to compute the worst and best-case end to end latency. We also compute a lower bound on the delay between the loss of two frames. Our approach is based on the model-checking to…
▽ More
We describe our experience with modeling a video tracking system used to detect and follow moving targets from an airplane. We provide a formal model that takes into account the real-time properties of the system and use it to compute the worst and best-case end to end latency. We also compute a lower bound on the delay between the loss of two frames. Our approach is based on the model-checking tool Tina, that provides state-space generation and model-checking algorithms for an extension of Time Petri Nets with data and priorities. We propose several models divided in two main categories: first Time Petri Net models, which are used to study the behavior of the system in the most basic way; then models based on the Fiacre specification language, where we take benefit of richer data structures to directly model the buffering of video information and the use of an unbounded number of frame identifiers.
△ Less
Submitted 22 September, 2015;
originally announced September 2015.
-
Real-Time Model Checking Support for AADL
Authors:
B Berthomieu,
J. -P Bodeveix,
S Dal Zilio,
M Filali,
D Le Botlan,
G Verdier,
F Vernadat
Abstract:
We describe a model-checking toolchain for the behavioral verification of AADL models that takes into account the realtime semantics of the language and that is compatible with the AADL Behavioral Annex. We give a high-level view of the tools and transformations involved in the verification process and focus on the support offered by our framework for checking user-defined properties. We also desc…
▽ More
We describe a model-checking toolchain for the behavioral verification of AADL models that takes into account the realtime semantics of the language and that is compatible with the AADL Behavioral Annex. We give a high-level view of the tools and transformations involved in the verification process and focus on the support offered by our framework for checking user-defined properties. We also describe the experimental results obtained on a significant avionic demonstrator, that models a network protocol in charge of data communications between an airplane and ground stations.
△ Less
Submitted 2 March, 2015;
originally announced March 2015.
-
Time Petri Nets with Dynamic Firing Dates: Semantics and Applications
Authors:
Silvano Dal Zilio,
Lukasz Fronc,
Bernard Berthomieu,
François Vernadat
Abstract:
We define an extension of time Petri nets such that the time at which a transition can fire, also called its firing date, may be dynamically updated. Our extension provides two mechanisms for updating the timing constraints of a net. First, we propose to change the static time interval of a transition each time it is newly enabled; in this case the new time interval is given as a function of the c…
▽ More
We define an extension of time Petri nets such that the time at which a transition can fire, also called its firing date, may be dynamically updated. Our extension provides two mechanisms for updating the timing constraints of a net. First, we propose to change the static time interval of a transition each time it is newly enabled; in this case the new time interval is given as a function of the current marking. Next, we allow to update the firing date of a transition when it is persistent, that is when a concurrent transition fires. We show how to carry the widely used state class abstraction to this new kind of time Petri nets and define a class of nets for which the abstraction is exact. We show the usefulness of our approach with two applications: first for scheduling preemptive task, as a poor man's substitute for stopwatch, then to model hybrid systems with non trivial continuous behavior.
△ Less
Submitted 28 April, 2014;
originally announced April 2014.
-
An Experiment on Parallel Model Checking of a CTL Fragment
Authors:
Rodrigo Tacla Saad,
Silvano Dal Zilio,
Bernard Berthomieu
Abstract:
We propose a parallel algorithm for local, on the fly, model checking of a fragment of CTL that is well-suited for modern, multi-core architectures. This model-checking algorithm takes bene t from a parallel state space construction algorithm, which we described in a previous work, and shares the same basic set of principles: there are no assumptions on the models that can be analyzed; no restrict…
▽ More
We propose a parallel algorithm for local, on the fly, model checking of a fragment of CTL that is well-suited for modern, multi-core architectures. This model-checking algorithm takes bene t from a parallel state space construction algorithm, which we described in a previous work, and shares the same basic set of principles: there are no assumptions on the models that can be analyzed; no restrictions on the way states are distributed; and no restrictions on the way work is shared among processors. We evaluate the performance of diff erent versions of our algorithm and compare our results with those obtained using other parallel model checking tools. One of the most novel contributions of this work is to study a space-e fficient variant for CTL model-checking that does not require to store the whole transition graph but that operates on a reverse spanning tree.
△ Less
Submitted 31 January, 2013;
originally announced January 2013.
