Toward Efficient Reachability Analysis of
Algebraic Petri-NetsSteve Hostettler
Geneva University
SummaryMotivationState Space RepresentationAPN Firing homomorphismsBenchmarksWhy it does not perform.Future Work & Open issuesConclusion
MotivationAPN
Petri Net (Concurrency, atomicity)Algebraic Data Types (Data Types with User Defined Semantic)
Reachability AnalysisCompute the exhaustive set of reachable states.Check if a property always/never holds.Check whether a specific state exists.
State space blows up quicklyDomains are not limited to black token as in P/T nets.
Example : The Dining Philosophersp0, p1
goEat
<fk> <fk>
f0, f1
<fk> <fk>
goThink
takeL takeR
Think
WaitL WaitR
Forks
HasRHasL
p
l
l
r
r
ff
l, r
rl
l
rightF(p)leftF(p)
f = rf = l
next(l) = r
ADT Philossort phuse fkOps
p0 : -> php1 : -> phphilo : fk ->
phrightF : ph ->
fkleftF : ph ->
fkAxioms
rightF(p0) = f1
rightF(p1) = f0
leftF(p0) = f0leftF(p1) = f1philo(f0) = p0philo(f1) = p1
ADT Forkssort fkOps
f0 : -> fkf1 : -> fknext : fk -> fk
Axioms next(f0) = f1next(f1) = f0
State Space Representation (1)Decisions Diagrams
Limit the combinatorial explosion.Have a Canonicity of the representation.Powerful set operatorsUser Defined Operators : inductive homomorphisms.
Data Decisions Diagrams (DDD) – Couvreur02Values on arcs, reachability P/T nets : 100 philosophers.
Set Decisions Diagrams (SDD) – Mieg05Sets on arcs , reachability P/T nets : 10’000 philosophers.
State Space Representation (2)
Does not work with SDD!Breaks the one path = one state” paradigm!
T WL
M
1
1
WR FK HL HR
{p0, p1}M 1
{f0, f1}
Multiset of tokens
Cardinality
Place Empty multiset
Set of token with cardinality = 1
APN Firing homomorphism (1)
p0
t
q0 qm
pn
ci0’a0 cin’an
co0’b0 com’bm
…
…
H-(place, card, variable)1. For each pi, check whether there is
sufficient token on it.2. Create a new assignment
Check(left, right)3. Check whether ∧lk = rk holds
H+(place, card, term)4. For each qj, add coj’bj to it.
RemoveVars()5. Remove the assignments created in 2.
…
…
qj
coj’bj
pi
cii’ai
ai are variables
∧lk = rk
goEat = H-(T, 1, p) H+(WL, 1, leftF(p)) H+ (WR, rightF(p))
APN Firing homomorphism (2)
H-(T, 1, p)
T {p0}
P
T {p1}
{p0}
{p1}
T WL 1WR FK HL HR{p0, p1} {p0, p1}
APN Firing homomorphism (3)
T
P
T
WL 1WR FK HL HR{p0, p1}
{p1}{p0}
{p1}
H+(WL, 1, leftF(p))H+(WL, 1, leftF(p1))
H+(WL, 1, leftF(p0))
{p0}
P
{p0}
{p1} T
T
WL
{p1}
H+(WL, 1, p1)
H+(WL, 1, p0)
{p0}
WL
WL
WL
{p0}
{p1}
APN Firing homomorphism (4)Complex homomorphism are built from simple one.H+ : Term may be still open when we get to the place to
update.Structural clustering : substitutions may come from
other clusters.Need something to carry substitutions from one cluster to
another.Same problem as for local H+ .
Benchmarks
Poor performances (linear to #states)Due to Bad management of the concurrency.
#Philo #States #DD %Cache Mem (MB) Time (ms)2 18 1122 31.01 1 223 76 3539 32.4 3 544 322 14201 40.05 7 1495 1364 61809 48.40 25 6976 5778 270820 56.19 113 29527 24476 1206461 62.97 531 150458 103682 / / / /
State of the ArtSoftware URL #Philo
Helena http://helena.cnam.fr 15
Maria http://www.tcs.hut.fi/Software/maria/ 12
CNAM Has started a new project 2007 to tackle this problem
/
PetriNetMC http://smv.unige.ch 7
Why Poor performances?Bad performances
Symptom : #DD grows as fast as #states.Power set effect is not handle efficiently
We don’t use the Cartesian product effect of DD.Concurrency induced by token multiplicity in not efficiently
managed.Several instances of the same net.
The P/T implementation is (far) more efficient We need to reproduce the P/T effect.
Cartesian product effect• Data Decision Diagrams• Represents 6 states• 9 arcs and 7 places• Unfolded : 30 arcs, 30 places
• Set Decision Diagrams• Represents 6*6 = 36 states• 11 arcs and 10 nodes are required (canonicity)• Unfolded : 360 arcs, 360 places
C1 C2
A
1
11
B C E F
F
2
5
2 2 2
33
5
A 1B C E F
F5 33
5
2222 2A 1B C E F
F 35
2222 2
3
Cluster (1)Clustering
If subnet x is not modified by transition t on subnet y we don’t touch it.
Structural clusteringEfficient to modularize the behaviorNot efficient to handle concurrency due to many instances of
the same token.Algebraical clustering
To tackle the problem of the concurrency induced by the token multiplicity.
Cluster (2)All input arcs and output arcs of a transition in the
same clusterLocal transitionAllow saturation : apply all local transitions till fixpoint and
then propagate.Else we try to synchronize only the clusters involved in
the transition.
Algebraic Cluster (1)The Clustering function Cl associates all pairs <Place, token>
to a cluster. Here token represents all the possible values of the domain.
Split the DD in clusters according to Cl.Transitions take and put token according to Cl.Enable a static analysis to build cluster application in advanceExample
∀pi {p∈ 0, ..., pn − 1} With n # of philosophers : CL(T, pi) = ci CL(F, fi) = ci CL(WL, fi) = ci CL(WR , fi) = succ(ci) CL(HL, fi) = ci CL(HR , fi) = succ (ci)
Algebraic Cluster (2)Express Cluster as an ADTCluster function may be tedious to defineRemain as symbolic as possiblePatterns (identity)
Algebraic Cluster (3)Example:
Pi = p0
CL(T, p0) = c0 CL(WL, leftF(p0)) = CL(WL , f0) = c0
CL(WR , rightF(p0)) = CL(WR , f1) = succ(c1) = c0 Pi = p1
CL(T, p1) = c1 CL(WL, leftF(p1)) = CL(WL , f1) = c1
CL(WR , rightF(p1)) = CL(WR , f0) = succ(cO) = c1 GoEat is Local
Benchmarks
General Homs but static Cluster application Still not a proof of conceptTime for static analysis not included.
#Philo #States #DD %Cache Mem (MB) Time (ms)2 18 401 13.83 2 254 322 1555 22.94 2 728 103682 13395 35.97 7 23116 1.075 E10 130731 47.85 50 165232 1.156 E20 1184692 56.13 410 13896
Future Work & Open issuesMore examples.Cost of the static analysis.How to build a dynamic homomorphism to avoid static
analysis.Example with both structural and algebraic saturation.Clustering and Homomorphism formalization.Complete eclipse integration, Complete software
platform (doc, web, …)
ConclusionWe (will) have a complete suite of tools from model
design to model validation.Good performances (vs. competition).User friendly.
RoadmapToward Efficient Reachability Analysis of Algebraic
Petri Nets -> ICATPN09Deadline : January 5, 2009ExperimentsFormalization
Set of Terms Rewriting -> TermGraph09Deadline : December 15, 2008Formalization1 Case study (Chemical Abstract Machine)
Top Related