An algebra of high level petri nets

PhD ThesisPetri nets were introduced by C.A. Petri as a theoretical model of concurrency in which the causal relationship between actions, rather than just their temporal ordering, can be represented. As a theoretical model of concurrency, Petri nets have been widely successful. Moreover, Petri nets are popular with practitioners, providing practical tools for the designer and developer of real concurrent and distributed systems. However, it is from this second context that perhaps the most widely voiced criticism of Petri nets comes. It is that Petri nets lack any algebraic structure or modularity, and this results in large, unstructured models of real systems, which are consequently often intractable. Although this is not a criticism of Petri nets per se, but rather of the uses to which Petri nets are put, the criticism is well taken. We attempt to answer this criticism in this work. To do this we return to the view of Petri nets as a model of concurrency and consider how other models of concurrency counter this objection. The foremost examples are then the synchronisation trees of Milner, and the traces of Hoare, (against which such criticism is rarely, if ever, levelled). The difference between the models is clear, and is to be found in the richness of the algebraic characterisations which have been made for synchronisation trees in Milner's Calculus of Communicating Systems (CCS), and for traces in Hoare's Communicating Sequential Processes (CSP). With this in mind we define, in this thesis, a class of high level Petri nets, High Level Petri Boxes, and provide for them a very general algebraic description language, the High Level Petri Box Algebra, with novel ideas for synchronisation, and including both refinement and recursion among its operators. We also begin on the (probably open-ended task of the) algebraic characterisation of High Level Petri Boxes. The major contribution of this thesis is a full behavioural characterisation of the High Level Petri Boxes which form the semantic domain of the algebra. Other contributions are: a very general method of describing communication protocols which extend the synchronisation algebras of Winskel; a recursive operator that preserves finiteness of state (the best possible, given the generality of the algebra); a refinement operator that is syntactic in nature, and for which the recursive construct is a behavioural fix-point; and a notion of behavioural equivalence which is a congruence with respect to a major part of the High Level Petri Box Algebra

A Petri net view of covalent bonds

In nature and chemistry the interactions among elements often form bonds and among them covalent bonds are relevant, involving the sharing of electrons. Another relevant and compelling facet of calculi modelling covalent bonds is that certain steps in reactions are the result of concerting different activities, possibly reversing some of them. Starting from a calculus for covalent bonds, we investigate on how it can be done in a compositional fashion and how it can be encoded in suitable Petri nets. The outcome gives us a compositional covalent bond calculus and a truly distributed implementation. On these results it is possible to build a behavioural equivalence among terms.Fil: Melgratti, Hernan Claudio. Consejo Nacional de Investigaciones Científicas y Técnicas. Oficina de Coordinación Administrativa Ciudad Universitaria. Instituto de Investigación en Ciencias de la Computación. Universidad de Buenos Aires. Facultad de Ciencias Exactas y Naturales. Instituto de Investigación en Ciencias de la Computación; ArgentinaFil: Mezzina, Claudio Antares. Università Degli Studi Di Urbino Carlo Bo; ItaliaFil: Pinna, G. Michele. Università degli Studi di Cagliari; Itali

Petri net modules in the transformation-based component framework

AbstractComponent-based software engineering needs to be backed by thorough formal concepts and modeling techniques. This paper combines two concepts introduced independently by the two authors in previous papers. On one hand, the concept of Petri net modules introduced at IDPT 2002 in Padberg [J. Padberg, Petri net modules, Journal on Integrated Design and Process Technology 6 (4) (2002) 105–120], and on the other hand a generic component framework for system modeling introduced at FASE 2002 in Ehrig et al. [H. Ehrig, F. Orejas, B. Braatz, M. Klein, M. Piirainen, A generic component concept for system modeling, in: Proceedings of FASE ’02, Lecture Notes in Computer Science, vol. 2306, Springer, 2002]. First we develop a categorical formalization of the transformation based approach to components that is based on pushouts. This is the frame in which we show that Petri net modules can be considered as an instantiation of the generic component framework. This allows applying the transformation based semantics and compositionality result of the generic framework to Petri net modules. In addition to general Petri net modules we introduce Petri net modules preserving safety properties which can be considered as another instantiation of pushout based formalization of the generic framework

Verification of timed circuits with failure-directed abstractions

Journal ArticleAbstract-This paper presents a method to address state explosion in timed-circuit verification by using abstraction directed by the failure model. This method allows us to decompose the verification problem into a set of subproblems, each of which proves that a specific failure condition does not occur. To each subproblem, abstraction is applied using safe transformations to reduce the complexity of verification. The abstraction preserves all essential behaviors conservatively for the specific failure model in the concrete description. Therefore, no violations of the given failure model are missed when only the abstract description is analyzed. An algorithm is also shown to examine the abstract error trace to either find a concrete error trace or report that it is a false negative. This paper presents results using the proposed failure-directed abstractions as applied to several large timed circuit designs

Proceedings of SUMo and CompoNet 2011

International audienc

Extending the Petri box calculus with time

PBC (Petri Box Calculus) is a process algebra where real parallelism of concurrent systems can be naturally expressed. One of its main features is the definition of a denotational semantics based on Petri nets, which emphasizes the structural aspects of the modelled systems. However, this formal model does not include temporal aspects of processes, which are necessary when considering real-time systems. The aim of this paper is to extend the existing calculus with those temporal aspects. We consider that actions are not instantaneous, that is, their execution takes time. We present an operational semantics and a denotational semantics based on timed Petri nets. Finally, we discuss the introduction of other new features such as time-outs and delays. Throughout the paper we assume that the reader is familiar with both Petri nets and PBC

Verifying temporal properties of systems with applications to petri nets

This thesis provides a powerful general-purpose proof technique for the verification of systems, whether finite or infinite. It extends the idea of finite local model-checking, which was introduced by Stirling and Walker: rather than traversing the entire state space of a model, as is done for model-checking in the sense of Emerson, Clarke et al. (checking whether a (finite) model satisfies a formula), local model-checking asks whether a particular state satisfies a formula, and only explores the nearby states far enough to answer that question. The technique used was a tableau method, constructing a tableau according to the formula and the local structure of the model. This tableau technique is here generalized to the infinite case by considering sets of states, rather than single states; because the logic used, the propositional modal mu-calculus, separates simple modal and boolean connectives from powerful fix-point operators (which make the logic more expressive than many other temporal logics), it is possible to give a relatively straightforward set of rules for constructing a tableau. Much of the subtlety is removed from the tableau itself, and put into a relation on the state space defined by the tableau-the success of the tableau then depends on the well-foundedness of this relation. This development occupies the second and third chapters: the second considers the modal mu-calculus, and explains its power, while the third develops the tableau technique itself The generalized tableau technique is exhibited on Petri nets, and various standard notions from net theory are shown to play a part in the use of the technique on nets-in particular, the invariant calculus has a major role. The requirement for a finite presentation of tableaux for infinite systems raises the question of the expressive power of the mu-calculus. This is studied in some detail, and it is shown that on reasonably powerful models of computation, such as Petri nets, the mu-calculus can express properties that are not merely undecidable, but not even arithmetical. The concluding chapter discusses some of the many questions still to be answered, such as the incorporation of formal reasoning within the tableau system, and the power required of such reasoning

Verification of soundness and other properties of business processes

In this thesis we focus on improving current modeling and verification techniques for complex business processes. The objective of the thesis is to consider several aspects of real-life business processes and give specific solutions to cope with their complexity. In particular, we address verification of a proper termination property for workflows, called generalized soundness. We give a new decision procedure for generalized soundness that improves the original decision procedure. The new decision procedure reports on the decidability status of generalized soundness and returns a counterexample in case the workflow net is not generalized sound. We report on experimental results obtained with the prototype implementation we made and describe how to verify large workflows compositionally, using reduction rules. Next, we concentrate on modeling and verification of adaptive workflows — workflows that are able to change their structure at runtime, for instance when some exceptional events occur. In order to model the exception handling properly and allow structural changes of the system in a modular way, we introduce a new class of nets, called adaptive workflow nets. Adaptive workflow nets are a special type of Nets in Nets and they allow for creation, deletion and transformation of net tokens at runtime and for two types of synchronizations: synchronization on proper termination and synchronization on exception. We define some behavioral properties of adaptive workflow nets: soundness and circumspectness and employ an abstraction to reduce the verification of these properties to the verification of behavioral properties of a finite state abstraction. Further, we study how formal methods can help in understanding and designing business processes. We investigate this for the extended event-driven process chains (eEPCs), a popular industrial business process language used in the ARIS Toolset. Several semantics have been proposed for EPCs. However, most of them concentrated solely on the control flow. We argue that other aspects of business processes must also be taken into account in order to analyze eEPCs and propose a semantics that takes data and time information from eEPCs into account. Moreover, we provide a translation of eEPCs to Timed Colored Petri nets in order to facilitate verification of eEPCs. Finally, we discuss modeling issues for business processes whose behavior may depend on the previous behavior of the process, history which is recorded by workflow management systems as a log. To increase the precision of models with respect to modeling choices depending on the process history, we introduce history-dependent guards. The obtained business processes are called historydependent processes.We introduce a logic, called LogLogics for the specification of guards based on a log of a current running process and give an evaluation algorithm for such guards. Moreover, we show how these guards can be used in practice and define LogLogics patterns for properties that occur most commonly in practice