Construction and Verification of Unfoldings for Petri Nets with Read - - PowerPoint PPT Presentation

Construction and Verification of Unfoldings for Petri Nets with Read Arcs

C´ esar Rodr´ ıguez joint work with Stefan Schwoon, Paolo Baldan

Laboratorire Sp´ ecification et V´ erification (LSV) ENS Cachan & CNRS, France

MOVEP, Marseille, 6 December 2012

Introduction

The problem

Verification of concurrent systems by means of the unfolding technique, when the system is modelled as a Petri net with read arcs.

◮ Unfolding up to exponentially more compact ◮ Unfolding algorithm more involved, but has better efficiency ◮ Reachability and deadlock-checking

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 2 / 13

Contextual Petri nets

◮ Contextual nets are Petri nets + read arcs ◮ Natural representation of notion checking without consuming

p t p t t′ t′

Notation

◮ A c-net is a tuple P, T, F, C, m0 ◮ •x for preset, x• for postset ◮ t = {p ∈ P | (t, p) ∈ C} for context

Example

p = {t, t′} t = {p}

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 3 / 13

Contextual net unfoldings

p2 p3 t3 t2 t1 p4 p5 p1

N

t4

Remarks

◮ Labeling f : UN → N ◮ UN is marking-complete

c3 e3 e′

1

c′

3

. . . e′

2

c′

4

c2 e1 c′

2

e4 c5 c1 e2 c4

UN

(t1) (p3) (p3) (p2) (p1) (p5) (p4) (t3) (t1) (t2) (t4) (p4) (t2) (p2)

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 4 / 13

Contextual unfoldings exploit concurrent read access

B C A

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 5 / 13

Asynchronous circuits

a c a0 c0 b a1 b1 c1 b0

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 6 / 13

Asynchronous circuits

100 101 102 103 104 105 106 200 400 600 Gates Events plain contextual

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 6 / 13

Computing prefix extensions

The problem

Given PN and t, decide if we can extend PN with e where f (e) = t (NP-complete)

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 7 / 13

Computing prefix extensions

The problem

Given PN and t, decide if we can extend PN with e where f (e) = t (NP-complete)

◮ Enumerate sets of conditions S s.t. f (S) = •t ∪ t

(exponential)

◮ If S is coverable, return YES; otherwise continue

(linear)

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 7 / 13

Computing prefix extensions

The problem

Given PN and t, decide if we can extend PN with e where f (e) = t (NP-complete)

◮ Enumerate sets of conditions S s.t. f (S) = •t ∪ t

(exponential)

◮ If S is coverable, return YES; otherwise continue

(linear) How this is done for Petri nets?

Definition

Conditions c, c′ are concurrent, c c′, iff some run marks them both

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 7 / 13

Computing prefix extensions

The problem

Given PN and t, decide if we can extend PN with e where f (e) = t (NP-complete)

◮ Enumerate sets of conditions S s.t. f (S) = •t ∪ t

(exponential)

◮ If S is coverable, return YES; otherwise continue

(linear) How this is done for Petri nets?

Definition

Conditions c, c′ are concurrent, c c′, iff some run marks them both

Proposition

Conditions c1, . . . , cn are coverable iff ci cj holds for all i, j ∈ {1, . . . , n}

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 7 / 13

However, for contextual unfolding. . .

. . . the same approach doesn’t work:

e2 c5 c2 e3 c6 c3 e1 c4 c1

We have c4 c5, and c4 c6 and c5 c6 but {c4, c5, c6} is not coverable.

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 8 / 13

Histories for events and conditions

Definition

A history of e is a set of events H such that:

• 1. e ∈ H,
• 2. Events in H can be arranged to form a run,
• 3. Any run of the events of H fires e last.

c4 c3 c2 e1 e3 e′

1

e2 c′

3

c′

2

c1

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 9 / 13

Histories for events and conditions

Definition

A history of e is a set of events H such that:

• 1. e ∈ H,
• 2. Events in H can be arranged to form a run,
• 3. Any run of the events of H fires e last.

Remarks

◮ Enriched prefix: events and conditions

annotated with histories

◮ A pair (c, H) is called enriched condition ◮ This is the working data structure

c4 c3 c2 e1 e3 e′

1

e2

{e1} {e1, e2} {e1, e2} {e1, e2} {e1, e3, e′

1}

{e1, e2, e3, e′

1}

{e1, e3, e′

1}

{e1, e2, e3, e′

1}

c′

3

{e1}

c′

2

c1

{e1, e3} {e1, e2, e3} {e1, e3} {e1, e2, e3}

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 9 / 13

A concurrency relation for contextual nets

Definition

Two enriched conditions ρ = (c, H) and ρ′ = (c′, H′) are concurrent, written ρ ρ′, iff: ¬(H # H′) and c, c′ ∈ (H ∪ H′)•

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 10 / 13

A concurrency relation for contextual nets

Definition

Two enriched conditions ρ = (c, H) and ρ′ = (c′, H′) are concurrent, written ρ ρ′, iff: ¬(H # H′) and c, c′ ∈ (H ∪ H′)•

Proposition

Conditions c1, . . . , cn coverable iff there exist histories H1, . . . , Hn verifying (ci, Hi) (cj, Hj) for all i, j ∈ {1, . . . , n}

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 10 / 13

A concurrency relation for contextual nets

Definition

Two enriched conditions ρ = (c, H) and ρ′ = (c′, H′) are concurrent, written ρ ρ′, iff: ¬(H # H′) and c, c′ ∈ (H ∪ H′)•

Proposition

Conditions c1, . . . , cn coverable iff there exist histories H1, . . . , Hn verifying (ci, Hi) (cj, Hj) for all i, j ∈ {1, . . . , n}

Proposition

Let ρ = (c, H) and e be the last enriched condition and event appended to the prefix, let ρ′ = (c′, H′) be an arbitrary enriched condition. Then,

ρ ρ′ ⇐ ⇒ (c′ ∈ e• ∧ H = H′) ∨

• c′ /

∈ •e ∧

n

• i=1

(ρi ρ′) ∧ •e ∩ H′ ⊆ H

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 10 / 13

Experiments with Cunf

Contextual Ordinary Ratios Net Events tC Events tP tC/tP tC/tR bds 1.sync 1866 0.14 12900 0.51 0.27 0.54 byzagr4 1b 8044 2.90 14724 3.40 0.85 0.55 ftp 1.sync 50928 34.21 83889 76.74 0.45 0.30 furnace 4 95335 18.34 146606 40.39 0.45 0.42 key 4.fsa 4754 6.33 67954 2.21 2.86 1.47 rw 1w3r 14490 0.45 15401 0.38 1.18 0.65 q 1.sync 10722 1.13 10722 1.21 0.93 0.52 dpd 7.sync 10457 0.91 10457 0.88 1.03 0.92 elevator 4 16856 1.26 16856 2.01 0.63 >0.01 rw 12.sync 98361 3.10 98361 3.95 0.78 0.41 rw 2w1r 9241 0.40 9241 0.30 1.33 0.04

◮ Contextual unfolding smaller or equal than ordinary unfolding ◮ And in general faster than unfolding the plain encoding

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 11 / 13

Encoding deadlock and reachability into SAT

From a marking-complete unfolding prefix P, we construct

◮ φdead P

, satisfiable iff N contains a deadlock

◮ φreach, M P

, satisfiable iff places M are coverable in N

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 12 / 13

Encoding deadlock and reachability into SAT

From a marking-complete unfolding prefix P, we construct

◮ φdead P

, satisfiable iff N contains a deadlock

◮ φreach, M P

, satisfiable iff places M are coverable in N Both formulas characterize configurations and reachable markings: φdead

P

:= φconf

P

∧ φdisable

P

φreach, M

P

:= φconf

P

∧ φmark, M

P

where φconf

P

is defined as φcausal

P

∧ φsym

P

∧ φasym

P ◮ Implementation runs twice faster than the best tool we found

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 12 / 13

Summary

◮ Contextual unfoldings are up to exponentially more compact ◮ In our benchmark, verification based on contextual unfoldings

performs better than existing methods

◮ Unfolder and unfolding-based analysis tool available at:

www.lsv.ens-cachan.fr/~rodriguez/tools/cunf/

Current and future work

◮ Contextual merged processes ◮ Application in diagnosis ◮ We are searching for concurrent systems to evaluate our algorithms !!

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 13 / 13

Summary

◮ Contextual unfoldings are up to exponentially more compact ◮ In our benchmark, verification based on contextual unfoldings

performs better than existing methods

◮ Unfolder and unfolding-based analysis tool available at:

www.lsv.ens-cachan.fr/~rodriguez/tools/cunf/

Current and future work

◮ Contextual merged processes ◮ Application in diagnosis ◮ We are searching for concurrent systems to evaluate our algorithms !!

Thank you for your attention

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 13 / 13

References

Paolo Baldan, Andrea Corradini, Barbara K¨

• nig, and Stefan Schwoon.

McMillan’s complete prefix for contextual nets. ToPNoC, 1:199–220, 2008. C´ esar Rodr´ ıguez. Cunf. http://www.lsv.ens-cachan.fr/~rodriguez/tools/cunf/. C´ esar Rodr´ ıguez and Stefan Schwoon. Verification of Petri Nets with Read Arcs. In Proc. of CONCUR’12, volume 7454 of LNCS, September 2012. C´ esar Rodr´ ıguez, Stefan Schwoon, and Paolo Baldan. Efficient contextual unfolding. In Proc. of CONCUR’11, volume 6901 of LNCS, pages 342–357, September 2011.

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 14 / 13

Computing possible extensions

t p p′

Net Unfolding

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 15 / 13

Computing possible extensions

t p p′ f f c′ c

Net Unfolding

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 15 / 13

Computing possible extensions

t p p′ f f c′ (c′, K) c K

Net Unfolding

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 15 / 13

Computing possible extensions

t p p′ f f c′ (c′, K) J c K (c, J)

Net Unfolding

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 15 / 13

Computing possible extensions

t p p′ f f c′ (c′, K) J . . . L1 Ln c K (c, J) (c, Li)

Net Unfolding

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 15 / 13

Computing possible extensions

t p p′ f f c′ (c′, K) J . . . L1 Ln c K (c, Li1 ∪ . . . ∪ Lim) (c, J) (c, Li)

Net Unfolding

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 15 / 13

Computing possible extensions

t p p′ f f c′ (c′, K) J . . . L1 Ln c K (c, Li1 ∪ . . . ∪ Lim) (c, J) (c, Li)

Net Unfolding

(c, J) (c′, K)

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 15 / 13

Computing possible extensions

t p p′ f f c′ (c′, K) J . . . L1 Ln c K (c, Li1 ∪ . . . ∪ Lim) (c, J) (c, Li) e

Net Unfolding

(c, J) (c′, K)

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 15 / 13

Computing possible extensions

t p p′ f f c′ (c′, K) J . . . L1 Ln c K (c, Li1 ∪ . . . ∪ Lim) (c, J) (c, Li) H1 e

Net Unfolding

(c, J) (c′, K) H1 = J ∪ K

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 15 / 13

Computing possible extensions

t p p′ f f c′ (c′, K) J . . . L1 Ln c K (c, Li1 ∪ . . . ∪ Lim) (c, J) (c, Li) H1 e

Net Unfolding

H1 = J ∪ K (c, J) (c′, K) (c, Li) (c′, K)

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 15 / 13

Computing possible extensions

t p p′ f f c′ (c′, K) J . . . L1 Ln c K H2 (c, Li1 ∪ . . . ∪ Lim) (c, J) (c, Li) H1 e

Net Unfolding

H1 = J ∪ K H2 = Li ∪ K (c, J) (c′, K) (c, Li) (c′, K)

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 15 / 13

Computing possible extensions

(c, J) (c′, K) (c, Li) (c′, K) (c, Li1 ∪ . . . ∪ Lim) (c′, K)

t p p′ f f c′ (c′, K) J . . . L1 Ln c K H2 (c, Li1 ∪ . . . ∪ Lim) (c, J) (c, Li) H1 e

Net Unfolding

H1 = J ∪ K H2 = Li ∪ K

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 15 / 13

Computing possible extensions

(c, J) (c′, K) (c, Li) (c′, K) (c, Li1 ∪ . . . ∪ Lim) (c′, K) H1 = J ∪ K H2 = Li ∪ K H3 = Li1 ∪ . . . ∪ Lim ∪ K

t p p′ f f c′ (c′, K) J . . . L1 Ln c K H2 (c, Li1 ∪ . . . ∪ Lim) (c, J) (c, Li) H1 e H3

Net Unfolding

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 15 / 13

Contextual unfolding — inductive definition

For a 1-safe contextual net N = P, T, F, C, m0, the full unfolding UN = P′, T ′, F ′, C ′, m′

0 is the 1-safe acyclic contextual net defined by

the next inductive rules: Mapping f : UN → N labels every event A, B, t with t and every condition e, p with p.

• C. Rodr´

ıguez (LSV) Verification of Contextual Nets Marseille, Dec. 2012 16 / 13