Contributions to the deadlock problem in multithreaded software applications observed as Resource Allocation Systems

Desde el punto de vista de la competencia por recursos compartidos sucesivamente reutilizables, se dice que un sistema concurrente compuesto por procesos secuenciales está en situación de bloqueo si existe en él un conjunto de procesos que están indefinidamente esperando la liberación de ciertos recursos retenidos por miembros del mismo conjunto de procesos. En sistemas razonablemente complejos o distribuidos, establecer una política de asignación de recursos que sea libre de bloqueos puede ser un problema muy difícil de resolver de forma eficiente. En este sentido, los modelos formales, y particularmente las redes de Petri, se han ido afianzando como herramientas fructíferas que permiten abstraer el problema de asignación de recursos en este tipo de sistemas, con el fin de abordarlo analíticamente y proveer métodos eficientes para la correcta construcción o corrección de estos sistemas. En particular, la teoría estructural de redes de Petri se postula como un potente aliado para lidiar con el problema de la explosión de estados inherente a aquéllos. En este fértil contexto han florecido una serie de trabajos que defienden una propuesta metodológica de diseño orientada al estudio estructural y la correspondiente corrección física del problema de asignación de recursos en familias de sistemas muy significativas en determinados contextos de aplicación, como el de los Sistemas de Fabricación Flexible. Las clases de modelos de redes de Petri resultantes asumen ciertas restricciones, con significado físico en el contexto de aplicación para el que están destinadas, que alivian en buena medida la complejidad del problema. En la presente tesis, se intenta acercar ese tipo de aproximación metodológica al diseño de aplicaciones software multihilo libres de bloqueos. A tal efecto, se pone de manifiesto cómo aquellas restricciones procedentes del mundo de los Sistemas de Fabricación Flexible se muestran demasiado severas para aprehender la versatilidad inherente a los sistemas software en lo que respecta a la interacción de los procesos con los recursos compartidos. En particular, se han de resaltar dos necesidades de modelado fundamentales que obstaculizan la mera adopción de antiguas aproximaciones surgidas bajo el prisma de otros dominios: (1) la necesidad de soportar el anidamiento de bucles no desplegables en el interior de los procesos, y (2) la posible compartición de recursos no disponibles en el arranque del sistema pero que son creados o declarados por un proceso en ejecución. A resultas, se identifica una serie de requerimientos básicos para la definición de un tipo de modelos orientado al estudio de sistemas software multihilo y se presenta una clase de redes de Petri, llamada PC2R, que cumple dicha lista de requerimientos, manteniéndose a su vez respetuosa con la filosofía de diseño de anteriores subclases enfocadas a otros contextos de aplicación. Junto con la revisión e integración de anteriores resultados en el nuevo marco conceptual, se aborda el estudio de propiedades inherentes a los sistemas resultantes y su relación profunda con otros tipos de modelos, la confección de resultados y algoritmos eficientes para el análisis estructural de vivacidad en la nueva clase, así como la revisión y propuesta de métodos de resolución de los problemas de bloqueo adaptadas a las particularidades físicas del dominio de aplicación. Asimismo, se estudia la complejidad computacional de ciertas vertientes relacionadas con el problema de asignación de recursos en el nuevo contexto, así como la traslación de los resultados anteriormente mencionados sobre el dominio de la ingeniería de software multihilo, donde la nueva clase de redes permite afrontar problemas inabordables considerando el marco teórico y las herramientas suministradas para subclases anteriormente explotadas

Deadlock Prevention Policy with Behavioral Optimality or Suboptimality Achieved by the Redundancy Identification of Constraints and the Rearrangement of Monitors

This work develops an iterative deadlock prevention method for a special class of Petri nets that can well model a variety of flexible manufacturing systems. A deadlock detection technique, called mixed integer programming (MIP), is used to find a strict minimal siphon (SMS) in a plant model without a complete enumeration of siphons. The policy consists of two phases. At the first phase, SMSs are obtained by MIP technique iteratively and monitors are added to the complementary sets of the SMSs. For the possible existence of new siphons generated after the first phase, we add monitors with their output arcs first pointed to source transitions at the second phase to avoid new siphons generating and then rearrange the output arcs step by step on condition that liveness is preserved. In addition, an algorithm is proposed to remove the redundant constraints of the MIP problem in this paper. The policy improves the behavioral permissiveness of the resulting net and greatly enhances the structural simplicity of the supervisor. Theoretical analysis and experimental results verify the effectiveness of the proposed method

An Efficient Siphon-Based Deadlock Prevention Policy for a Class of Generalized Petri Nets

We propose a new deadlock prevention policy for an important class of resource allocation systems (RASs) that appear in the modeling of flexible manufacturing systems (FMSs). The model of this class in terms of generalized Petri nets is, namely, S 4 PR. On the basis of recent structural analysis results related to the elementary siphons in generalized Petri nets on one hand and an efficient deadlock avoidance policy proposed for the class of conjunctive/disjunctive (C/D) RASs on the other hand, we show how one can generate monitors to be added to a net system such that all its strict minimal siphons are max -controlled and no insufficiently marked siphon is generated. Thereby, a new, simple, and more permissive liveness-enforcing supervisor synthesis method for S 4 PR is established

Siphon-Based Verification of Component Compatibility

In component-based systems, two interacting components are compatible if any sequence of services requested by one component can be provided by the other. This concept of compatibility can easily be extended to a set of interacting components. Checking the compatibility of interacting components is essential for any dependable software system. Recently, an approach to verification of component compatibility has been proposed in which the behavior of individual components (at component interfaces) was modeled by labeled Petri nets. Moreover, the composition of interacting components was designed in such a way that all component incompatibilities were manifested by deadlocks in the composed model. Consequently, the verification of component compatibility is performed by deadlock analysis of the composed model. One of techniques for deadlock analysis is based on net structures called siphons. Siphon-based verification of component compatibility is the subject of this paper

Process Completing Sequences for Resource Allocation Systems with Synchronization

This paper considers the problem of establishing live resource allocation in workflows with synchronization stages. Establishing live resource allocation in this class of systems is challenging since deciding whether a given level of resource capacities is sufficient to complete a single process is NP-complete. In this paper, we develop two necessary conditions and one sufficient condition that provide quickly computable tests for the existence of process completing sequences. The necessary conditions are based on the sequence of completions of � subprocesses that merge together at a synchronization. Although the worst case complexity is O(2�), we expect the number of subprocesses combined at any synchronization will be sufficiently small so that total computation time remains manageable. The sufficient condition uses a reduction scheme that computes a sufficient capacity level of each resource type to complete and merge all � subprocesses. The worst case complexity is O(�⋅�), where � is the number of synchronizations. Finally, the paper develops capacity bounds and polynomial methods for generating feasible resource allocation sequences for merging systems with single unit allocation. This method is based on single step look-ahead for deadly marked siphons and is O(2�). Throughout the paper, we use a class of Petri nets called Generalized Augmented Marked Graphs to represent our resource allocation systems

Petri Nets at Modelling and Control of Discrete-Event Systems with Nondeterminism - Part 2

Discrete-Event Systems (DES) are discrete in nature. Petri Nets (PN) are one of the most widespread tools for DES modelling, analyzing and control. Different kinds of PN can be used for such purposes. Some of them were described in [3], being the first part of this paper. Here, the applicability of Labelled PN (LbPN) and Interpreted PN (IPN) for modelling and control of nondeterministic DES, especially with uncontrollable and/or unobservable transitions in the models, will be pointed out. Moreover, another kinds of nondeterminism in DES (errors, failures) will be modelled, and the possibilities of the error recovery of failed system will be presented

Fluidization of Petri nets to improve the analysis of Discrete Event Systems

Las Redes de Petri (RdP) son un formalismo ampliamente aceptado para el modelado y análisis de Sistemas de Eventos Discretos (SED). Por ejemplo sistemas de manufactura, de logística, de tráfico, redes informáticas, servicios web, redes de comunicación, procesos bioquímicos, etc. Como otros formalismos, las redes de Petri sufren del problema de la ¿explosión de estados¿, en el cual el número de estados crece explosivamente respecto de la carga del sistema, haciendo intratables algunas técnicas de análisis basadas en la enumeración de estados. La fluidificación de las redes de Petri trata de superar este problema, pasando de las RdP discretas (en las que los disparos de las transiciones y los marcados de los lugares son cantidades enteras no negativas) a las RdP continuas (en las que los disparos de las transiciones, y por lo tanto los marcados se definen en los reales). Las RdP continuas disponen de técnicas de análisis más eficientes que las discretas. Sin embargo, como toda relajación, la fluidificación supone el detrimento de la fidelidad, dando lugar a la pérdida de propiedades cualitativas o cuantitativas de la red de Petri original. El objetivo principal de esta tesis es mejorar el proceso de fluidificación de las RdP, obteniendo un formalismo continuo (o al menos parcialmente) que evite el problema de la explosión de estados, mientras aproxime adecuadamente la RdP discreta. Además, esta tesis considera no solo el proceso de fluidificación sino también el formalismo de las RdP continuas en sí mismo, estudiando la complejidad computacional de comprobar algunas propiedades. En primer lugar, se establecen las diferencias que aparecen entre las RdP discretas y continuas, y se proponen algunas transformaciones sobre la red discreta que mejorarán la red continua resultante. En segundo lugar, se examina el proceso de fluidificación de las RdP autónomas (i.e., sin ninguna interpretación temporal), y se establecen ciertas condiciones bajo las cuales la RdP continua preserva determinadas propiedades cualitativas de la RdP discreta: limitación, ausencia de bloqueos, vivacidad, etc. En tercer lugar, se contribuye al estudio de la decidibilidad y la complejidad computacional de algunas propiedades comunes de la RdP continua autónoma. En cuarto lugar, se considera el proceso de fluidificación de las RdP temporizadas. Se proponen algunas técnicas para preservar ciertas propiedades cuantitativas de las RdP discretas estocásticas por las RdP continuas temporizadas. Por último, se propone un nuevo formalismo, en el cual el disparo de las transiciones se adapta a la carga del sistema, combinando disparos discretos y continuos, dando lugar a las Redes de Petri híbridas adaptativas. Las RdP híbridas adaptativas suponen un marco conceptual para la fluidificación parcial o total de las Redes de Petri, que engloba a las redes de Petri discretas, continuas e híbridas. En general, permite preservar propiedades de la RdP original, evitando el problema de la explosión de estados

Process Completing Sequences for Resource Allocation Systems with Synchronization

This paper considers the problem of establishing live resource allocation in workflows with synchronization stages. Establishing live resource allocation in this class of systems is challenging since deciding whether a given level of resource capacities is sufficient to complete a single process is NP-complete. In this paper, we develop two necessary conditions and one sufficient condition that provide quickly computable tests for the existence of process completing sequences. The necessary conditions are based on the sequence of completions of subprocesses that merge together at a synchronization. Although the worst case complexity is O(2), we expect the number of subprocesses combined at any synchronization will be sufficiently small so that total computation time remains manageable. The sufficient condition uses a reduction scheme that computes a sufficient capacity level of each resource type to complete and merge all subprocesses. The worst case complexity is O(⋅), where is the number of synchronizations. Finally, the paper develops capacity bounds and polynomial methods for generating feasible resource allocation sequences for merging systems with single unit allocation. This method is based on single step look-ahead for deadly marked siphons and is O(2). Throughout the paper, we use a class of Petri nets called Generalized Augmented Marked Graphs to represent our resource allocation systems

Methods and Formal Models for Healthcare Systems Management

A healthcare system is an organization of people, institutions, and resources that deliver healthcare services to meet the health needs of target populations. The size of the systems, the huge number of agents involved and their different expectations make the management of healthcare systems a tough task which could be alleviated through the use of technology. In this thesis, new methods and formal models for healthcare system management are presented. Particularly, the thesis is divided in two main parts: the first one has to do with the modeling and analysis in hospitals by the use of clinical pathways while the second one deals with the planning and scheduling of patients in the operation rooms.Regarding the modeling and analysis of healthcare systems, depending on different visions and expectations, the system can be treated from different perspectives called facets. In chapter 2, the formal definition and characterization of two facets are given: (1) facet of resource management and (2) handshake between clinical pathways facet. They are obtained by applying to Stochastic Well-formed Nets (colored Petri Nets) modeling the healthcare system a set of relaxations, abstraction and modifications. In the first facet the subclass of S4PR is obtained which is a characteristic model of the resource allocation systems while in the second facet Deterministically Synchronized Sequential Process (DSSP) are considered. Both nets (S4PR and DSSP) are formal subclasses of Petri Nets where net level techniques can be applied.In chapters 3 and 4, we will focus on the liveness of the DSSP systems resulting from the facet of communication between clinical pathways. These kinds of nets are composed by agents (modeling clinical pathways) cooperating in a distributed way by the asynchronous messaging passing through the buffers (modeling the communication channels). In particular two approaches have been proposed.The idea behind the first approach is to advance the buffer consumption to the first conflict transition in the agents. Considering healthcare systems modeled by a DSSP, this means that before a patient starts a clinical pathway, all required information must be available. Unfortunately, this pre-assignment method only works in some particular DSSP structures which are characterized. A more general approach (than buffer pre-assignment) for liveness enforcing in non-live DSSP is given in Chapter. 4. The approach is formalized on two levels: execution and control. The execution level uses the original DSSP structure while for the control level we compute a new net system called the control PN. This net system is obtained from the original DSSP and has a predefined type of structure. The control PN will evolve synchronously with the non-live DSSP ensuring that the deadlock states will not be reached. The states (marking) of the control PN will enable or disable some transitions in the original DSSP, while some transitions in the control PN should fire synchronously with some transitions of the original DSSP.The second part of the thesis deals with surgery scheduling of patients in a hospital department. The Operating Rooms (ORs) are one of the most expensive material resources in hospitals, being the bottleneck of surgical services. Moreover, the aging population together with the improvement in surgical techniques are producing an increase in the demand for surgeries. So, the optimal use of the ORs time is crucial inhealthcare service management. We focus on the planning and scheduling of patients in Spanish hospital departments considering its organizational structure particularities as well as the concerns and specifications of their doctors.In chapter 5, the scheduling of elective patients under ORs block booking is considered. The first criterion is to optimize the use of the OR, the second criterion is to prevent that the total available time in a block will be exceeded and the third criterion is to respect the preference order of the patient in the waiting list. Three different mathematical programming models for the scheduling of elective patients are proposed. These are combinatorial problems with high computational complexity, so three different heuristic solution methods are proposed and compared. The results show that a Mixed Integer Linear Programming (MILP) problem solved by Receding Horizon Strategy (RHS)obtains better scheduling in lowest time.Doctors using the MILP problem must fix an appropriate occupation rate for optimizing the use of the ORs but without exceeding the available time. This has two main problems: i) inexperienced doctors could find difficult to fix an appropriate occupation rate, and ii) the uncertain in the surgery durations (large standard deviation) could results in scheduling with an over/under utilization. In order to overcome these problems, a New Mixed-Integer Quadratic Constrained Programming (N-MIQCP) model is proposed. Considering some probabilistic concepts, quadratic constraints are included in N-MIQCP model to prevent the scheduling of blocks with a high risk of exceeding the available time. Two heuristic methods for solving the N-MIQCP problem are proposed and compared with other chance-constrained approaches in bibliography. The results conclude that the best schedulings are achieved using our Specific Heuristic Algorithm (SHA) due to similar occupation rates than using other approaches are obtained but our SHA respects much more the order of the patients in the waiting list.In chapter 6, a three steps approach is proposed for the combined scheduling of elective and urgent patients. In the first step, the elective patients are scheduled for a target Elective Surgery Time (EST) in the ORs, trying to respect the order of the patients on the waiting list. In the second one, the urgent patients are scheduled in the remaining time ensuring that an urgent patient does not wait more than 48 hours. Finally, in the third step, the surgeries assigned to each OR (elective and urgent) are sequenced in such a way that the maximum time that an emergency patient should wait is minimized. Considering realistic data, different policies of time reserved in the ORs for elective and urgent patients are evaluated. The results show that all ORs must be used to perform elective and urgent surgeries instead of reserving some ORs exclusively for one type of patient.Finally, in chapter 7 a software solution for surgery service management is given. A Decision Support System for elective surgery scheduling and a software tool called CIPLAN are proposed. The DSS use as core the SHA for the scheduling of elective patients, but it has other features related to the management of a surgery department. A software tool called CIPLAN which is based on the DSS is explained. The software tool has a friendly interface which has been developed in collaboration with doctors in the “Lozano Blesa” Hospital in Zaragoza. A real case study comparing the scheduling using the manual method with the scheduling obtained by using CIPLAN is discussed. The results show that 128.000 euros per year could be saved using CIPLAN in the mentioned hospital. Moreover, the use of the tool allows doctors to reduce the time spent in scheduling to use it medical tasks.<br /