A Process Calculus for Expressing Finite Place/Transition Petri Nets

We introduce the process calculus Multi-CCS, which extends conservatively CCS with an operator of strong prefixing able to model atomic sequences of actions as well as multiparty synchronization. Multi-CCS is equipped with a labeled transition system semantics, which makes use of a minimal structural congruence. Multi-CCS is also equipped with an unsafe P/T Petri net semantics by means of a novel technique. This is the first rich process calculus, including CCS as a subcalculus, which receives a semantics in terms of unsafe, labeled P/T nets. The main result of the paper is that a class of Multi-CCS processes, called finite-net processes, is able to represent all finite (reduced) P/T nets.Comment: In Proceedings EXPRESS'10, arXiv:1011.601

Compositional Semantics of Finite Petri Nets

Structure-preserving bisimilarity is a truly concurrent behavioral equivalence for finite Petri nets, which relates markings (of the same size only) generating the same causal nets, hence also the same partial orders of events. The process algebra FNM truly represents all (and only) the finite Petri nets, up to isomorphism. We prove that structure-preserving bisimilarity is a congruence w.r.t. the FMN operators, In this way, we have defined a compositional semantics, fully respecting causality and the branching structure of systems, for the class of all the finite Petri nets. Moreover, we study some algebraic properties of structure-preserving bisimilarity, that are at the base of a sound (but incomplete) axiomatization over FNM process terms.Comment: arXiv admin note: substantial text overlap with arXiv:2301.0448

Branching Place Bisimilarity

Place bisimilarity is a behavioral equivalence for finite Petri nets, proposed in \cite{ABS91} and proved decidable in \cite{Gor21}. In this paper we propose an extension to finite Petri nets with silent moves of the place bisimulation idea, yielding {\em branching} place bisimilarity $\approx_p$, following the intuition of branching bisimilarity \cite{vGW96} on labeled transition systems. We also propose a slightly coarser variant, called branching {\em d-place} bisimilarity $\approx_d$, following the intuition of d-place bisimilarity in \cite{Gor21}. We prove that $\approx_p$ and $\approx_d$ are decidable equivalence relations. Moreover, we prove that $\approx_d$ is strictly finer than branching fully-concurrent bisimilarity \cite{Pin93,Gor20c}, essentially because $\approx_d$ does not consider as unobservable those $\tau$-labeled net transitions with pre-set size larger than one, i.e., those resulting from (multi-party) interaction.Comment: arXiv admin note: text overlap with arXiv:2104.01392, arXiv:2104.1485

Place Bisimilarity is Decidable, Indeed!

Place bisimilarity is a behavioral equivalence for finite Petri nets, proposed by Schnoebelen and co-workers in 1991. Differently from all the other behavioral relations proposed so far, a place bisimulation is not defined over the markings of a finite net, rather over its places, which are finitely many. However, place bisimilarity is not coinductive, as the union of place bisimulations may be not a place bisimulation. Place bisimilarity was claimed decidable in [1], even if the algorithm used to this aim [2] does not characterize this equivalence, rather the unique maximal place bisimulation which is also an equivalence relation; hence, its decidability was not proved. Here we show that it is possible to decide place bisimilarity with a simple, yet inefficient, algorithm, which essentially scans all the place relations (which are finitely many) to check whether they are place bisimulations. Moreover, we propose a slightly coarser variant, we call d-place bisimilarity, that we conjecture to be the coarsest equivalence, fully respecting causality and branching time, to be decidable on finite Petri nets

True Concurrency Can Be Easy

Net bisimilarity is a behavioral equivalence for finite Petri nets, which is equivalent to structure-preserving bisimilarity and causal-net bisimilarity, but with a much simpler definition, which is a smooth generalization of the definition of standard bisimilarity on Labeled Transition Systems. We show that it can be characterized logically by means of a suitable modal logic, called NML (acronym of net modal logic): two markings are net bisimilar if and only if they satisfy the same NML formulae

Distributed Non-Interference

Information flow security properties were defined some years ago (see, e.g., the surveys \cite{FG01,Ry01}) in terms of suitable equivalence checking problems. These definitions were provided by using sequential models of computations (e.g., labeled transition systems \cite{GV15}), and interleaving behavioral equivalences (e.g., bisimulation equivalence \cite{Mil89}). More recently, the distributed model of Petri nets has been used to study non-interference in \cite{BG03,BG09,BC15}, but also in these papers an interleaving semantics was used. We argue that in order to capture all the relevant information flows, truly-concurrent behavioral equivalences must be used. In particular, we propose for Petri nets the distributed non-interference property, called DNI, based on {\em branching place bisimilarity} \cite{Gor21b}, which is a sensible, decidable equivalence for finite Petri nets with silent moves. Then we focus our attention on the subclass of Petri nets called {\em finite-state machines}, which can be represented (up to isomorphism) by the simple process algebra CFM \cite{Gor17}. DNI is very easily checkable on CFM processes, as it is compositional, so that it does does not suffer from the state-space explosion problem. Moreover, we show that DNI can be characterized syntactically on CFM by means of a type system

On the Decidability of Non Interference over Unbounded Petri Nets

Non-interference, in transitive or intransitive form, is defined here over unbounded (Place/Transition) Petri nets. The definitions are adaptations of similar, well-accepted definitions introduced earlier in the framework of labelled transition systems. The interpretation of intransitive non-interference which we propose for Petri nets is as follows. A Petri net represents the composition of a controlled and a controller systems, possibly sharing places and transitions. Low transitions represent local actions of the controlled system, high transitions represent local decisions of the controller, and downgrading transitions represent synchronized actions of both components. Intransitive non-interference means the impossibility for the controlled system to follow any local strategy that would force or dodge synchronized actions depending upon the decisions taken by the controller after the last synchronized action. The fact that both language equivalence and bisimulation equivalence are undecidable for unbounded labelled Petri nets might be seen as an indication that non-interference properties based on these equivalences cannot be decided. We prove the opposite, providing results of decidability of non-interference over a representative class of infinite state systems.Comment: In Proceedings SecCo 2010, arXiv:1102.516

A Decidable Equivalence for a Turing-Complete, Distributed Model of Computation

Place/Transition Petri nets with inhibitor arcs (PTI nets for short), which are a well-known Turing-complete, distributed model of computation, are equipped with a decidable, behavioral equivalence, called pti-place bisimilarity, that conservatively extends place bisimilarity defined over Place/Transition nets (without inhibitor arcs). We prove that pti-place bisimilarity is sensible, as it respects the causal semantics of PTI nets

Axiomatizing ST Bisimulation for a Process Algebra with Recursion and Action Refinement (Extended Abstract)

AbstractDue to the complex nature of bisimulation equivalences which express some form of history dependence, it turned out to be problematic to axiomatize them for non trivial classes of systems. Here we introduce the idea of "compositional level-wise renaming" which gives rise to the new possibility of axiomatizing the class of history dependent bisimulations with slight modifications to the machinery for standard bisimulation. We propose two techniques, which are based on this idea, in the special case of the ST semantics, defined for terms of a process algebra with recursion. The first technique, which is more intuitive, is based on dynamic names, allowing weak ST bisimulation to be decided and axiomatized for all processes that possess a finite state interleaving semantics. The second technique, which is based on pointers, preserves the possibility of deciding and axiomatizing weak ST bisimulation also when an action refinement operator P[a Q] is considered

Vertical Implementation

We investigate criteria to relate specifications and implementations belonging to conceptually different levels of abstraction. For this purpose, we introduce the generic concept of a vertical implementation relation, which is a family of binary relations indexed by a refinement function that maps abstract actions onto concrete processes and thus determines the basic connection between the abstraction levels. If the refinement function is the identity, the vertical implementation relation collapses to a standard (horizontal) implementation relation. As desiderata for vertical implementation relations we formulate a number of congruence-like proof rules (notably a structural rule for recursion) that offer a powerful, compositional proof technique for vertical implementation. As a candidate vertical implementation relation we propose vertical bisimulation. Vertical bisimulation is compatible with the standard interleaving semantics of process algebra; in fact, the corresponding horizontal relation is rooted weak bisimulation. We prove that vertical bisimulation satisfies the proof rules for vertical implementation, thus establishing the consistency of the rules. Moreover, we define a corresponding notion of abstraction that strengthens the intuition behind vertical bisimulation and also provides a decision algorithm for finite-state systems. Finally, we give a number of small examples to demonstrate the advantages of vertical implementation in general and vertical bisimulation in particular.\u