Equivalence-Checking on Infinite-State Systems: Techniques and Results

The paper presents a selection of recently developed and/or used techniques for equivalence-checking on infinite-state systems, and an up-to-date overview of existing results (as of September 2004)

Characterizing Behavioural Congruences for Petri Nets

We exploit a notion of interface for Petri nets in order to design a set of net combinators. For such a calculus of nets, we focus on the behavioural congruences arising from four simple notions of behaviour, viz., traces, maximal traces, step, and maximal step traces, and from the corresponding four notions of bisimulation, viz., weak and weak step bisimulation and their maximal versions. We characterize such congruences via universal contexts and via games, providing in such a way an understanding of their discerning powers

Analysis of Petri Net Models through Stochastic Differential Equations

It is well known, mainly because of the work of Kurtz, that density dependent Markov chains can be approximated by sets of ordinary differential equations (ODEs) when their indexing parameter grows very large. This approximation cannot capture the stochastic nature of the process and, consequently, it can provide an erroneous view of the behavior of the Markov chain if the indexing parameter is not sufficiently high. Important phenomena that cannot be revealed include non-negligible variance and bi-modal population distributions. A less-known approximation proposed by Kurtz applies stochastic differential equations (SDEs) and provides information about the stochastic nature of the process. In this paper we apply and extend this diffusion approximation to study stochastic Petri nets. We identify a class of nets whose underlying stochastic process is a density dependent Markov chain whose indexing parameter is a multiplicative constant which identifies the population level expressed by the initial marking and we provide means to automatically construct the associated set of SDEs. Since the diffusion approximation of Kurtz considers the process only up to the time when it first exits an open interval, we extend the approximation by a machinery that mimics the behavior of the Markov chain at the boundary and allows thus to apply the approach to a wider set of problems. The resulting process is of the jump-diffusion type. We illustrate by examples that the jump-diffusion approximation which extends to bounded domains can be much more informative than that based on ODEs as it can provide accurate quantity distributions even when they are multi-modal and even for relatively small population levels. Moreover, we show that the method is faster than simulating the original Markov chain

SPDL Model Checking via Property-Driven State Space Generation

In this report we describe how both, memory and time requirements for stochastic model checking of SPDL (stochastic propositional dynamic logic) formulae can significantly be reduced. SPDL is the stochastic extension of the multi-modal program logic PDL.\ud SPDL provides means to specify path-based properties with or without timing restrictions. Paths can be characterised by so-called programs, essentially regular expressions, where the executability can be made dependent on the validity of test formulae. For model-checking SPDL path formulae it is necessary to build a product transition system (PTS)\ud between the system model and the program automaton belonging to the path formula that is to be verified.\ud In many cases, this PTS can be drastically reduced during the model checking procedure, as the program restricts the number of potentially satisfying paths. Therefore, we propose an approach that directly generates the reduced PTS from a given SPA specification and an SPDL path formula.\ud The feasibility of this approach is shown through a selection of case studies, which show enormous state space reductions, at no increase in generation time.\u

Logics for Petri nets with propagating failures

Petri nets play a central role in the formal modelling of a wide range of complex systems and scenarios. Their ability to handle with both concurrency and resource awareness justifies their spread in the current formal development practices. On the logic side, Dynamic Logics are widely accepted as the de facto formalisms to reason about computational systems. However, as usual, the application to new situations raises new challenges and issues. The ubiquity of failures in the execution of current systems, interpreted in these models as triggered events that are not followed by the corresponding transition, entails not only the adjustment of these structures to deal with this reality, but also the introduction of new logics adequate to this emerging phenomenon. This paper contributes to this challenge by exploring a combination of two previous works of the authors, namely the Propositional Dynamic Logic for Petri Nets [1] and a parametric construction of multi-valued dynamic logics presented in [13]. This exercise results in a new family of Dynamic Logics for Petri Nets suitable to deal with firing failures.publishe

Calculus for decision systems

The conceptualization of the term system has become highly dependent on the application domain. What a physicist means by the term system might be different than what a sociologist means by the same term. In 1956, Bertalanffy [1] defined a system as a set of units with relationships among them . This and many other definitions of system share the idea of a system as a black box that has parts or elements interacting between each other. This means that at some level of abstraction all systems are similar, what eventually differentiates one system from another is the set of underlining equations which describe how these parts interact within the system. ^ In this dissertation we develop a framework that allows us to characterize systems from an interaction level, i.e., a framework that gives us the capability to capture how/when the elements of the system interact. This framework is a process algebra called Calculus for Decision Systems (CDS). This calculus provides means to create mathematical expressions that capture how the systems interact and react to different stimuli. It also provides the ability to formulate procedures to analyze these interactions and to further derive other interesting insights of the system. ^ After defining the syntax and reduction rules of the CDS, we develop a notion of behavioral equivalence for decision systems. This equivalence, called bisimulation, allows us to compare decision systems from the behavioral standpoint. We apply our results to games in extensive form, some physical systems, and cyber-physical systems. ^ Using the CDS for the study of games in extensive form we were able to define the concept of subgame perfect equilibrium for a two-person game with perfect information. Then, we investigate the behavior of two games played in parallel by one of the players. We also explore different couplings between games, and compare - using bisimulation - the behavior of two games that are the result of two different couplings. The results showed that, with some probability, the behavior of playing a game as first player, or second player, could be irrelevant. ^ Decision systems can be comprised by multiple decision makers. We show that in the case where two decision makers interact, we can use extensive games to represent the conflict resolution. For the case where there are more than two decision makers, we presented how to characterize the interactions between elements within an organizational structure. Organizational structures can be perceived as multiple players interacting in a game. In the context of organizational structures, we use the CDS as an information sharing mechanism to transfer the inputs and outputs from one extensive game to another. We show the suitability of our calculus for the analysis of organizational structures, and point out some potential research extensions for the analysis of organizational structures. ^ The other general area we investigate using the CDS is cyber-physical systems. Cyber-physical systems or CPS is a class of systems that are characterized by a tight relationship between systems (or processes) in the areas of computing, communication and physics. We use the CDS to describe the interaction between elements in some simple mechanical system, as well as a particular case of the generalized railroad crossing (GRC) problem, which is a typical case of CPS. We show two approaches to the solution of the GRC problem. ^ This dissertation does not intend to develop new methods to solve game theoretical problems or equations of motion of a physical system, it aims to be a seminal work towards the creation of a general framework to study systems and equivalence of systems from a formal standpoint, and to increase the applications of formal methods to real-world problems

Feature Nets: behavioural modelling of software product lines

Software product lines (SPL) are diverse systems that are developed using a dual engineering process: (a)family engineering defines the commonality and variability among all members of the SPL, and (b) application engineering derives specific products based on the common foundation combined with a variable selection of features. The number of derivable products in an SPL can thus be exponential in the number of features. This inherent complexity poses two main challenges when it comes to modelling: Firstly, the formalism used for modelling SPLs needs to be modular and scalable. Secondly, it should ensure that all products behave correctly by providing the ability to analyse and verify complex models efficiently. In this paper we propose to integrate an established modelling formalism (Petri nets) with the domain of software product line engineering. To this end we extend Petri nets to Feature Nets. While Petri nets provide a framework for formally modelling and verifying single software systems, Feature Nets offer the same sort of benefits for software product lines. We show how SPLs can be modelled in an incremental, modular fashion using Feature Nets, provide a Feature Nets variant that supports modelling dynamic SPLs, and propose an analysis method for SPL modelled as Feature Nets. By facilitating the construction of a single model that includes the various behaviours exhibited by the products in an SPL, we make a significant step towards efficient and practical quality assurance methods for software product lines