Behaviour-Preserving Transition Insertions in Unfolding Prefixes Victor Khomenko University of...
-
date post
21-Dec-2015 -
Category
Documents
-
view
218 -
download
1
Transcript of Behaviour-Preserving Transition Insertions in Unfolding Prefixes Victor Khomenko University of...
Behaviour-Preserving
Transition Insertions in
Unfolding Prefixes
Victor Khomenko
University of Newcastle upon Tyne
2
Motivation
• Some design methods based on Petri nets repeatedly execute the following steps: Analyze the original PN spec Modify the PN by behaviour-preserving
transition insertion
3
Example: VME Bus Controller
lds-d- ldtack- ldtack+
dsr- dtack+ d+
dtack- dsr+ lds+
DeviceVME Bus
Controller
lds
ldtack
d
Data Transceiver
Bus
dsrdtack
4
Example: Encoding Conflict
dtack- dsr+
dtack- dsr+
dtack- dsr+
00100
ldtack- ldtack- ldtack-
0000010000
lds- lds- lds-
01100 01000 11000
lds+
ldtack+
d+
dtack+dsr-d-
01110 01010 11010
01111 11111 11011
11010
10010
M’’ M’
5
State Graphs:
Relatively easy theory Many efficient algorithms
Not visual State space explosion problem
State Graphs vs. Unfoldings
6
State Graphs vs. UnfoldingsUnfoldings:
Alleviate the state space explosion problem More visual than state graphs Proven efficient for model checking
Quite complicated theory Not sufficiently investigated Relatively few algorithms
7
Example: Encoding Conflict
lds-
d-
ldtack-
ldtack+ dsr- dtack+d+
dtack-
dsr+ lds+ lds+
dsr+e1 e2 e3 e4 e5 e6 e7
e9 e11
e12
e10e8
Code(conf’)=10110 Code(conf’’)=10110
9
Example: Resolving the conflict
dtack- dsr+
dtack- dsr+
dtack- dsr+
001000
ldtack- ldtack- ldtack-
000000 100000
lds- lds- lds-
011000 010000 110000
lds+
ldtack+
d+
dtack+dsr-
d-
011100 010100 110100
011111 111111 110111
110101
100101
011110
csc+
csc-
100001
M’’ M’
11
Motivation: validity
• Need to check the validity of the transformation safeness bisimulation
• The validity should be checked before the transformation is performed, i.e. on the original prefix (to avoid backtracking)
12
Motivation: avoid re-unfolding
• Perform the transformation directly on the prefix to avoid re-unfolding Re-unfolding is time-consuming Good for visualization (re-unfolding can
dramatically change the look of the prefix)
Can transfer information (e.g. encoding conflicts) between the iterations of the algorithm
14
Sequential pre-insertion
Preserves safeness Preserves traces Can introduce deadlocks: need to check
that the new transition never ‘steals’ tokens from any other enabled transition simple state property can be checked on the original prefix
17
Place insertion: token
If the place insertion is valid and t’ or t’’ is not dead then p contains token iff there is a t’’-labelled event in the prefix which does not have t’-labelled predecessor
p
t’ t’’
18
Place insertion: validity
• Tokens(C)=n + #t’C – #t’’C
• The transformation is valid if:
for all instances e of t’ and t’’ of the prefix, Tokens([e]){0,1}, and
for all cut-offs e with a corresponding configuration C, Tokens([e])=Tokens(C)
• If a valid transformation is rejected by this criterion then t’ and t’’ are not live
p
t’ t’’n
20
Pre-insertion in the prefix
Naïve splitting can yield an object which is not a branching process!
21
Pre-insertion in the prefix
• Find all possible extensions of the prefix by the new transition
• Amend the instances of the split transitions
• Amend the cut-off corresponding configurations
23
Post-insertion in the prefixDefinition: a configuration is extendible if in the modified prefix it can be extended by an instance of the new transition
• If there is a cut-off event e with a corresponding configuration C such that [e] is extendible and C is not extendible then terminate unsuccessfully
• Amend the instances of the split transition• Amend the cut-off corresponding
configurations
24
Place insertion in the prefix
• Assumption: the place insertion has passed the validity check
• If n = 1 then create a new (causally minimal) instance cmin of p
• For each instance e of t′ (including cut-offs), create a new instance of p and connect it to e
• For each instance e of t′′ (including cut-offs): connect e to cmin if e has no t′-labelled predecessor and to the instance of p in the postset of the (unique) maximal t′-labelled predecessor of e otherwise
p
t’ t’’n
25
Concurrent insertion in the prefix
• Perform the corresponding place insertion
• Perform the sequential pre-insertion
• This two steps can easily be combined
p
t’ t’’n
26
Equivalent insertions
Equivalence is easy to check Fewer transformations to consider Can convert to ‘canonical form’, e.g. pre-
insertions – good for unfolding No need to check validity – post-
insertions are always valid
27
Commutative insertions
Definition: two transition insertions commute if they can be performed in any order concurrent insertions commute with any
other insertions pre-insertions commute with post-
insertions two pre/post-insertions commute iff they
split different transitions or the sets of split off places do not overlap
A valid insertion remains valid if another valid commutative insertion is applied first, i.e. the validity needs to be checked only once
28
Summary
• Rigorous validity criteria developed can be checked on the original prefix – no
backtracking
• Algorithms for performing transformations directly on the prefix avoids re-unfolding, good for performance
and visualization proofs of correctness
• Optimisation equivalent transformations commutative transformations