2,308 research outputs found
Bisimilarity and Behaviour-Preserving Reconfigurations of Open Petri Nets
We propose a framework for the specification of behaviour-preserving
reconfigurations of systems modelled as Petri nets. The framework is based on
open nets, a mild generalisation of ordinary Place/Transition nets suited to
model open systems which might interact with the surrounding environment and
endowed with a colimit-based composition operation. We show that natural
notions of bisimilarity over open nets are congruences with respect to the
composition operation. The considered behavioural equivalences differ for the
choice of the observations, which can be single firings or parallel steps.
Additionally, we consider weak forms of such equivalences, arising in the
presence of unobservable actions. We also provide an up-to technique for
facilitating bisimilarity proofs. The theory is used to identify suitable
classes of reconfiguration rules (in the double-pushout approach to rewriting)
whose application preserves the observational semantics of the net.Comment: To appear in "Logical Methods in Computer Science", 41 page
From RT-LOTOS to Time Petri Nets new foundations for a verification platform
The formal description technique RT-LOTOS has been selected as intermediate language to add formality to a real-time UML profile named TURTLE. For this sake, an RT-LOTOS verification platform has been developed for early detection of design errors in real-time system models. The paper discusses an extension of the platform by inclusion of verification tools developed for Time Petri Nets. The starting point is the definition of RT-LOTOS to TPN translation patterns. In particular, we introduce the concept of components embedding Time Petri Nets. The translation patterns are implemented in a prototype tool which takes as input an RT-LOTOS specification and outputs a TPN in the format admitted by the TINA tool. The efficiency of the proposed solution has been demonstrated on various case studies
Translating UML State Machines to Coloured Petri Nets Using Acceleo: A Report
UML state machines are widely used to specify dynamic systems behaviours.
However its semantics is described informally, thus preventing the application
of model checking techniques that could guarantee the system safety. In a
former work, we proposed a formalisation of non-concurrent UML state machines
using coloured Petri nets, so as to allow for formal verification. In this
paper, we report our experience to implement this translation in an automated
manner using the model-to-text transformation tool Acceleo. Whereas Acceleo
provides interesting features that facilitated our translation process, it also
suffers from limitations uneasy to overcome.Comment: In Proceedings ESSS 2014, arXiv:1405.055
On the Decidability of Non Interference over Unbounded Petri Nets
Non-interference, in transitive or intransitive form, is defined here over
unbounded (Place/Transition) Petri nets. The definitions are adaptations of
similar, well-accepted definitions introduced earlier in the framework of
labelled transition systems. The interpretation of intransitive
non-interference which we propose for Petri nets is as follows. A Petri net
represents the composition of a controlled and a controller systems, possibly
sharing places and transitions. Low transitions represent local actions of the
controlled system, high transitions represent local decisions of the
controller, and downgrading transitions represent synchronized actions of both
components. Intransitive non-interference means the impossibility for the
controlled system to follow any local strategy that would force or dodge
synchronized actions depending upon the decisions taken by the controller after
the last synchronized action. The fact that both language equivalence and
bisimulation equivalence are undecidable for unbounded labelled Petri nets
might be seen as an indication that non-interference properties based on these
equivalences cannot be decided. We prove the opposite, providing results of
decidability of non-interference over a representative class of infinite state
systems.Comment: In Proceedings SecCo 2010, arXiv:1102.516
Analysis and Verification of Service Interaction Protocols - A Brief Survey
Modeling and analysis of interactions among services is a crucial issue in
Service-Oriented Computing. Composing Web services is a complicated task which
requires techniques and tools to verify that the new system will behave
correctly. In this paper, we first overview some formal models proposed in the
literature to describe services. Second, we give a brief survey of verification
techniques that can be used to analyse services and their interaction. Last, we
focus on the realizability and conformance of choreographies.Comment: In Proceedings TAV-WEB 2010, arXiv:1009.330
Tau Be or not Tau Be? - A Perspective on Service Compatibility and Substitutability
One of the main open research issues in Service Oriented Computing is to
propose automated techniques to analyse service interfaces. A first problem,
called compatibility, aims at determining whether a set of services (two in
this paper) can be composed together and interact with each other as expected.
Another related problem is to check the substitutability of one service with
another. These problems are especially difficult when behavioural descriptions
(i.e., message calls and their ordering) are taken into account in service
interfaces. Interfaces should capture as faithfully as possible the service
behaviour to make their automated analysis possible while not exhibiting
implementation details. In this position paper, we choose Labelled Transition
Systems to specify the behavioural part of service interfaces. In particular,
we show that internal behaviours (tau transitions) are necessary in these
transition systems in order to detect subtle errors that may occur when
composing a set of services together. We also show that tau transitions should
be handled differently in the compatibility and substitutability problem: the
former problem requires to check if the compatibility is preserved every time a
tau transition is traversed in one interface, whereas the latter requires a
precise analysis of tau branchings in order to make the substitution preserve
the properties (e.g., a compatibility notion) which were ensured before
replacement.Comment: In Proceedings WCSI 2010, arXiv:1010.233
Analysis of Petri Nets and Transition Systems
This paper describes a stand-alone, no-frills tool supporting the analysis of
(labelled) place/transition Petri nets and the synthesis of labelled transition
systems into Petri nets. It is implemented as a collection of independent,
dedicated algorithms which have been designed to operate modularly, portably,
extensibly, and efficiently.Comment: In Proceedings ICE 2015, arXiv:1508.0459
Independence and concurrent separation logic
A compositional Petri net-based semantics is given to a simple language
allowing pointer manipulation and parallelism. The model is then applied to
give a notion of validity to the judgements made by concurrent separation logic
that emphasizes the process-environment duality inherent in such rely-guarantee
reasoning. Soundness of the rules of concurrent separation logic with respect
to this definition of validity is shown. The independence information retained
by the Petri net model is then exploited to characterize the independence of
parallel processes enforced by the logic. This is shown to permit a refinement
operation capable of changing the granularity of atomic actions
Conflict vs causality in event structures
Event structures are one of the best known models for concurrency. Many variants of the basic model and many possible notions of equivalence for them have been devised in the literature. In this paper, we study how the spectrum of equivalences for Labelled Prime Event Structures built by Van Glabbeek and Goltz changes if we consider two simplified notions of event structures: the first is obtained by removing the causality relation (Coherence Spaces) and the second by removing the conflict relation (Elementary Event Structures). As expected, in both cases the spectrum turns out to be simplified, since some notions of equivalence coincide in the simplified settings; actually, we prove that removing causality simplifies the spectrum considerably more than removing conflict. Furthermore, while the labeling of events and their cardinality play no role when removing causality, both the labeling function and the cardinality of the event set dramatically influence the spectrum of equivalences in the conflict-free setting
- …