*Department of Computing Science

University of Newcastle upon Tyne

**Institut für Informatik, Universität Augsburg

Canonical Prefixes of Petri Net Unfoldings

V.Khomenko*, M.Koutny*, and W.Vogler**

2

investigate fundamental properties of unfoldings

and their prefixes

extend the applicability of the existing techniques

Motivation

3

all reachable states are represented

all instances of a state have the same future

infinite unfoldings are of little use for MC

unfoldingFSM

s

r

r

a

cb

d

ps

cb

r

a

cb

d c

ab

r

p

s – initial state

Unfolding finite state machines

4

cut if there is a preceding instance of the same state

the prefix still contains all reachable states

Complete prefix

d c

ab

r

p

s – initial state s

r

r

a

cb

d

ps

prefix

5

the prefix has no infinite paths, and we can apply …

d c

ab

r

p

s – initial state s

r

r

a

cb

d

ps

prefix

The prefix is finite

6

A finitely branching, rooted, directed acyclic graph with infinitely many nodes reachable from the root has an infinite path from the root

D.König: Über eine Schlußweise aus dem Endlichen ins Unendliche.

Acta Litt. ac. sci. Szeged 3 (1927) 121-130

NB: branching is finite but may be unbounded!

König’s lemma

7

unfolding

Unfolding more complicated machines

Problem 1: can x ever have a value other than 0 at s?

x is an integer variablewith the initial value 0

a: x=x+1 b: x=x-1 c: x=x+1 d: x=x

s

r

r

a

cb

d

ps

cb

r

a

cb

d c

ab

r

p

s – initial state

8

x is always 0 at s in the prefix

a clear mistake, e.g. a c d b

what is behind this error ?

d c

ab

r

p

s – initial stateX=0

s

r

r

a

cb

d

ps

X=0

x is an integer variablewith the initial value 0

a: x=x+1 b: x=x-1 c: x=x+1 d: x=x

prefix

Prefix – first attempt

9

not every execution is represented

correction: cut if there is a preceding instance of the same state with the same value of x

no complete and finite prefix in this case

d c

ab

r

p

s – initial state

x is an integer variablewith the initial value 0

a: x=x+1 b: x=x-1 c: x=x+1 d: x=x

prefix

s: x=0

a

cb

d

s: x=0

r: x=1

p: x=2

r: x=2

Prefix is not complete!

10

now the prefix is complete and finite

is it crucial that the previous machine had an infinite state space while this one has not ?

d c

ab

r

p

s – initial state

x is an integer variablewith the initial value 0

a: x=x+1 b: x=x-1 c: x=x+1 d: x=x-1

prefix

s: x=0

a

cb

d

s: x=0

r: x=1

p: x=2

r: x=1

Prefix is complete

correction

11

a: x=x+1 b: x=if (x<2) then (x-1) else x c: x=x+2 d: x=x

Problem 2: can x ever

be equal to 1 at s?

s: x=0

r: x=3

r: x=1

a

cb

d

s: x=0 p: x=3

b c

a d

s: x=3

r: x=4

p: x=5

r: x=5

this prefix is complete for Problem 2

x>1 cannot decrease, so no need to look below the leaves !

d c

ab

r

p

s

Another machine with infinite state space

12

M is a machine with execution tree ET

Prop is a property specified on executions of M

~ is an equivalence relation on executions

if E1~E2 then:

E1 satisfies Prop iff E2 satisfies Prop

for every extension E1’ of E1 there is an extension E2’ of E2 such that E1’~E2’

PREF is the prefix obtained thus: an execution is terminated as soon as there is a ‘smaller’ equivalent execution

A generalization

13

Canonicity: PREF is unique

Completeness: All executions in ET satisfy Prop iff all executions in PREF satisfy Prop

Finiteness: PREF is finite iff the number of equivalence classes of ~ is finite Proof: Follows from König’s Lemma

Properties

14

Prop = “there is an execution leading to a given state”

E1~E2 iff both executions lead to the same state of M (variable is not present)

PREF is finite as ~ has finitely many equivalence classes

Application 1

15

Prop = “there is an execution leading to a given state of M and setting x to a given value”

E1~E2 iff both executions lead to the same state of M and set x to the same value

PREF is finite iff x can be set to finitely many values

Note: the latter may be difficult to establish (globalreasoning)

Application 2

16

Prop = “there is an execution leading to a given state of M and setting x to a given value k”

M is a machine such that if x>m>k, then no transition can set x to a value <mNote: this may be easy to establish (local reasoning)

E1~E2 iff both executions lead to the same state of M AND they set x EITHER to the same value <m OR to (possibly different) values >m

PREF is always finite

Application 3

17

Unfolding based techniques can be execution-oriented rather than state-oriented

By choosing suitable ~ we may finely tune the construction of the prefix to match the verification problem

König’s lemma plays a key role in dealing with the finiteness of the prefix

Some conclusions

We may try to generalize these ideas to branching processes of Petri nets

18

A branching process

19

1

2

k

A condition with infinite branching

The branching process can potentially be infinite even when all the paths are finite

König's Lemma cannot be directly applied to branching processes, since branching on conditions can be infinite

König’s lemma for branching processes?

But we may try to prove a net-specific result !

20

Theorem: An infinite branching process of a P/T-net always contains an infinite chain of causally related events starting at the initial event

The result holds also for unbounded nets!

König’s lemma for branching processes

21

Unf the (full) unfolding of a fixed P/T-net

E the set of events of Unf

Conf the set of finite configurations of Unf

Loc the set of local configurations of Unf

Some notation

Note that configurations are in fact (partial-order) executions

22

A cutting context is a triple Θ = ( ~ , < , {Ce}e E )

where: ~ is an equivalence relation on Conf

< is a strict and well-founded partial order on Conf refining set inclusion [ERV]

Ce is a subset of Conf

Cutting context

~ and < must be preserved by finite extensions, i.e. if C1~C2 and C1<C2 then for every finite extension C1’ of C1 there is a finite extension C2’ of C2 such that C1’~C2’ and C1’<C2’

23

Ce Conf – [Hel]Ce Loc – standard [ERV, McM …]

C1~C2 if the same markings are produced – standard [ERV, McM …]

C1~C2 if symmetric markings are produced – [CGP]

C1~C2 if the same markings are produced andCode(C1)=Code(C2), where Code is thesignal coding function – [KKY]

Cutting contexts – examples

24

A branching process π is complete w.r.t. a set E’ of events if:

for every CConf there is a finite configuration C’ in π such that C~C’ and C’E’=

if C is a finite configuration of π such thatCE’=, C{e} is an extension of C in Unf,then C{e} is an extension of C in π

π is complete if it is complete w.r.t. some E’

Note: this notion of completeness is strictly stronger than the standard one (e.g. in [ERV])

Completeness

25

Sets of events feasible and cut-off are defined by induction:

e is feasible if it has no cut-off predecessors

e is a cut-off event if it is feasible and there is

a configuration CCe consisting of feasible non-cut-off events such that C~[e] and C<[e]

Static cut-off events

No algorithm is needed to define cut-offs and the prefix!

The canonical prefix CAN is the branching process comprising the feasible events

26

Completeness: CAN is complete w.r.t. the set of cut-off events

Finiteness: CAN is infinite iff Unf contains an infinite chain of feasible events

Proof: Follows from König's Lemma for branching processes

Properties of CAN

Canonicity: CAN is unique

27

Finiteness 2: If ~ has finitely many equivalence classes and each Ce contains Loc, then CAN is finite If ~ has infinitely many equivalence classes, then CAN is infinite

More about finiteness

Note: upper bounds on the size of CAN can also be obtained in certain cases

28

Theorem: The standard (non-deterministic!) unfolding algorithms always generate CAN!!!

Generating CAN

The result holds for the algorithm proposed in [ERV] and for the parallel algorithm in [HKK]

29

General flexible framework for constructing complete prefixes of net unfoldings

Canonicity of the prefix given a fixed cutting context

Stronger notion of completeness

New / improved proofs of correctness of the existing algorithms for constructing finite prefixes

König’s Lemma for branching processes of P/T-nets (also unbounded ones)

What has been achieved?