Loading…

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

Like this presentation? Why not share!

Reachability Analysis via Net Structure

on

  • 866 views

AWPN 2010

AWPN 2010

Statistics

Views

Total Views
866
Views on SlideShare
493
Embed Views
373

Actions

Likes
0
Downloads
1
Comments
0

7 Embeds 373

http://www.informatik.uni-rostock.de 362
http://wwwteo.informatik.uni-rostock.de 4
http://www.slideshare.net 2
http://esla.informatik.uni-rostock.de 2
http://webcache.googleusercontent.com 1
https://www.informatik.uni-rostock.de 1
http://ikaria.informatik.uni-rostock.de 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Reachability Analysis via Net Structure Reachability Analysis via Net Structure Presentation Transcript

  • Reachability Analysis via Net Structure H ARRO W IMMEL , K ARSTEN W OLF Universität Rostock, Institut für Informatik 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 1 / 13
  • Overview Basic Definitions Reachability Problem State Equation & Constraints Solving the Reachability Problem using CEGAR The Search Space Example Looking for Constraints Finding Partial Solutions The Algorithm Experimental Results 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 2 / 13
  • Basic Definitions Reachability Problem Petri nets should be well-known. • (N, m, m ) is a reachability problem; answer “yes” if m[σ Nm for some firing sequence σ ∈ T ∗ • N = (S, T , F ) Petri net, m, m ∈ NS markings • m = m + Cx is the state equation • C incidence matrix, x ∈ NT transition vector (solution) • from m[σ m follows m = m + C ℘(σ), i.e. the Parikh image ℘(σ) solves the state equation • necessary condition for reachability • ℘(σ) = x is T -invariant if Cx = 0, i.e. m[σ m 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 3 / 13
  • Basic Definitions Reachability Problem Petri nets should be well-known. • (N, m, m ) is a reachability problem; answer “yes” if m[σ Nm for some firing sequence σ ∈ T ∗ • N = (S, T , F ) Petri net, m, m ∈ NS markings • m = m + Cx is the state equation • C incidence matrix, x ∈ NT transition vector (solution) • from m[σ m follows m = m + C ℘(σ), i.e. the Parikh image ℘(σ) solves the state equation • necessary condition for reachability • ℘(σ) = x is T -invariant if Cx = 0, i.e. m[σ m 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 3 / 13
  • Basic Definitions Reachability Problem Petri nets should be well-known. • (N, m, m ) is a reachability problem; answer “yes” if m[σ Nm for some firing sequence σ ∈ T ∗ • N = (S, T , F ) Petri net, m, m ∈ NS markings • m = m + Cx is the state equation • C incidence matrix, x ∈ NT transition vector (solution) • from m[σ m follows m = m + C ℘(σ), i.e. the Parikh image ℘(σ) solves the state equation • necessary condition for reachability • ℘(σ) = x is T -invariant if Cx = 0, i.e. m[σ m 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 3 / 13
  • Basic Definitions State Equation & Constraints • The solution space of the state equation m = m + Cx is semilinear • ∃ finite B, P ⊆ NT : m = m + Cx ⇐⇒ x = b + i ni pi for some b ∈ B, pi ∈ P, ni ∈ N • IP solver, e.g. lp_solve, yields “minimal” solution • Discrimination of solutions by adding constraints (CEGAR) • “jump”: t < n with t ∈ T , n ∈ N k • ”increment”: i =1 ni ti ≥ n with ti ∈ T , ni , n ∈ N • jumps for other minimal solutions, increments for addition of T-invariants 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 4 / 13
  • Basic Definitions State Equation & Constraints • The solution space of the state equation m = m + Cx is semilinear • ∃ finite B, P ⊆ NT : m = m + Cx ⇐⇒ x = b + i ni pi for some b ∈ B, pi ∈ P, ni ∈ N • IP solver, e.g. lp_solve, yields “minimal” solution • Discrimination of solutions by adding constraints (CEGAR) • “jump”: t < n with t ∈ T , n ∈ N k • ”increment”: i =1 ni ti ≥ n with ti ∈ T , ni , n ∈ N • jumps for other minimal solutions, increments for addition of T-invariants 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 4 / 13
  • Basic Definitions State Equation & Constraints • The solution space of the state equation m = m + Cx is semilinear • ∃ finite B, P ⊆ NT : m = m + Cx ⇐⇒ x = b + i ni pi for some b ∈ B, pi ∈ P, ni ∈ N • IP solver, e.g. lp_solve, yields “minimal” solution • Discrimination of solutions by adding constraints (CEGAR) • “jump”: t < n with t ∈ T , n ∈ N k • ”increment”: i =1 ni ti ≥ n with ti ∈ T , ni , n ∈ N • jumps for other minimal solutions, increments for addition of T-invariants 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 4 / 13
  • The Search Space b 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 5 / 13
  • An Example Final marking: s + 3f State Equation’s Solutions: z 3a1 +3a2 +3 c1 c2 b1 y2 b 3 y1 b2 s f a1 x1 a2 x2 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  • An Example Final marking: s + 3f State Equation’s Solutions: z 3a1 +3a2 +3 c1 c2 b1 y2 b 3 y1 b2 s 3× f 3× 3× a1 x1 a2 x2 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  • An Example Final marking: s + 3f State Equation’s Solutions: z 3a1 +3a2 +3 c1 c2 b1 y2 b 3 y1 b2 s 3× f 3× 3× a1 x1 a2 x2 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  • An Example Final marking: s + 3f State Equation’s Solutions: z 3a1 +3a2 +3 c1 c2 b1 y2 b 3 y1 b2 s f Constraints: a1 x1 a2 x2 b2 ≥ 1 (oder a1 < 3) 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  • An Example Final marking: s + 3f State Equation’s Solutions: z 3a1 +3a2 +3 2a1 +2a2 +b1 +b2 +b3 +3 c1 c2 b1 y2 b 3 1× 1× 1× y1 b2 s 3× f 2× 2× Constraints: a1 x1 a2 x2 b2 ≥ 1 (oder a1 < 3) 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  • An Example Final marking: s + 3f State Equation’s Solutions: z 3a1 +3a2 +3 2a1 +2a2 +b1 +b2 +b3 +3 c1 c2 b1 y2 b 3 y1 b2 s f Constraints: a1 x1 a2 x2 b2 ≥ 1 (oder a1 < 3), c1 ≥ 1 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  • An Example Final marking: s + 3f State Equation’s Solutions: z 3a1 +3a2 +3 2a1 +2a2 +b1 +b2 +b3 +3 c1 1× 1× c2 2a1+2a2+b1+b2+b3+c1+c2+3 b1 y2 b 3 1× 1× 1× y1 b2 s 3× f 2× 2× Constraints: a1 x1 a2 x2 b2 ≥ 1 (oder a1 < 3), c1 ≥ 1 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  • An Example Final marking: s + 3f State Equation’s Solutions: z 3a1 +3a2 +3 2a1 +2a2 +b1 +b2 +b3 +3 c1 c2 2a1+2a2+b1+b2+b3+c1+c2+3 b1 y2 b 3 y1 b2 s f Constraints: a1 x1 a2 x2 b2 ≥ 1 (oder a1 < 3), c1 ≥ 1, b2 ≥ 2 (oder a1 < 2) 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  • An Example Final marking: s + 3f State Equation’s Solutions: z 3a1 +3a2 +3 2a1 +2a2 +b1 +b2 +b3 +3 c1 1× 1× c2 2a1+2a2+b1+b2+b3+c1+c2+3 b1 y2 b 3 a1+a2+2b1+2b2+2b3+c1+c2+3 2× 2× 2× y1 b2 s 3× f 1× 1× Constraints: a1 x1 a2 x2 b2 ≥ 1 (oder a1 < 3), c1 ≥ 1, b2 ≥ 2 (oder a1 < 2) 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  • An Example Final marking: s + 3f State Equation’s Solutions: z 3a1 +3a2 +3 2a1 +2a2 +b1 +b2 +b3 +3 c1 c2 2a1+2a2+b1+b2+b3+c1+c2+3 b1 y2 b 3 a1+a2+2b1+2b2+2b3+c1+c2+3 y1 b2 s f Constraints: a1 x1 a2 x2 b2 ≥ 1 (oder a1 < 3), c1 ≥ 1, b2 ≥ 2 (oder a1 < 2), b2 ≥ 3 (oder a1 < 1) 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  • An Example Final marking: s + 3f State Equation’s Solutions: z 3a1 +3a2 +3 2a1 +2a2 +b1 +b2 +b3 +3 c1 1× 1× c2 2a1+2a2+b1+b2+b3+c1+c2+3 b1 y2 b 3 a1+a2+2b1+2b2+2b3+c1+c2+3 3× 3× 3× 3b1 +3b2 +3b3 +c1 +c2 +3 y1 b2 s 3× f Constraints: a1 x1 a2 x2 b2 ≥ 1 (oder a1 < 3), c1 ≥ 1, b2 ≥ 2 (oder a1 < 2), b2 ≥ 3 (oder a1 < 1) 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  • Looking for Constraints Building a graph Take a firing sequence σ and a solution x of the state equation m = m + Cx with • ℘(σ) ≤ x, • ∀t ∈ T : x(t) > ℘(σ)(t) =⇒ ¬m[σt We call σ a partial solution. Now build a graph G of: • transitions t with x(t) > ℘(σ)(t) • places s inhibiting the firing of such a t (after σ) • an edge from s to t if s inhibits t • an edge from t to s if t increases token count on s 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 7 / 13
  • Looking for Constraints Finding Components Get all strongly connected components (SCC) of G which have no incoming edges (source SCCs). Places in such SCCs cannot be marked from “inside” the graph, so tokens must come from the outside. =⇒ Constraint use transitions that can put tokens onto a source SCC (left side of the constraint). How many tokens to produce? (right side of the constraint) • a complex problem (esp. if x(t) − ℘(σ)(t) > 1 and nets have multiarcs) • approximation necessary • repeated increase of the constraints by 1 token is possible 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 8 / 13
  • Finding Partial Solutions • Tree of all potential firing sequences for x from m = m + Cx • tree is finite, brute-force search possible • depth-first-search • enumerate partial solutions and build constraints • Optimisations • stubborn-set method (partial order reduction) • additional confluence tests for x(t) − ℘(σ)(t) > n • backtracking at repeated markings on a path • ineffective constraints (σ is partial solution for x + y with σ = σ or ℘(σ ) = ℘(σ) + y with y a T -invariant) 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 9 / 13
  • Finding Partial Solutions • Tree of all potential firing sequences for x from m = m + Cx • tree is finite, brute-force search possible • depth-first-search • enumerate partial solutions and build constraints • Optimisations • stubborn-set method (partial order reduction) • additional confluence tests for x(t) − ℘(σ)(t) > n • backtracking at repeated markings on a path • ineffective constraints (σ is partial solution for x + y with σ = σ or ℘(σ ) = ℘(σ) + y with y a T -invariant) 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 9 / 13
  • The Algorithm / Conclusion • Get solution of the state equation using an IP solver • Get partial solutions (maximal firing sequences), stop if full solution • Find constraints for partial solutions • (Multiple) calls to algorithm with state equation + constraints Conclusion: • Positive answer is found (use “jumps” for a complete search), except in case of insufficient memory; witness path is found • Negative answer can be found if state equation is infeasible or if backtracking for ineffective constraints makes search space finite; diagnosis possible • Extensions possible, e.g. state inequations 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 10 / 13
  • Experimental Results Implementation in a tool named “Sara”. • Garavel’s challenge (LOTOS specification): 485 places, 776 transitions, test for dead transitions • (Cygwin/Linux) 26/41 sec. (LoLA: 71/29 sec. + separation by hand) • path length (medium/max) 15/28 (LoLA: 53/6232) • SAP reference nets (business processes): 590 nets, test for relaxed soundness • (Cygwin/Linux) 198/110 sec. (LoLA: 24 min. + 17 unsolved) • Boolean programs: a few nets, coverability test • <1 second (LoLA: 1 problem with memory overflow (>32GB)) • Spezialized nets with increasing edge weights (self-constructed) • Sara loses time exponentially compared to LoLA (always <3 sec.) 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 11 / 13
  • M. Berkelaar, K. Eikland, P. Notebaert: Lp solve Reference Guide, http://lpsolve.sourceforge.net/5.5/, 2010. H. Garavel: Efficient Petri Net tool for computing quasi-liveness, http://www.informatik.uni-hamburg.de/cgi-bin/TGI/pnml/getpost ?id=2003/07/2709, 2003. L.M. Kristensen, K. Schmidt, A. Valmari: Question-guided Stubborn Set Methods for State Properties, Formal Methods in System Design 29:3, pp.215–251, Springer, 2006. E. Mayr: An algorithm for the general Petri net reachability problem, SIAM Journal of Computing 13:3, pp.441–460, 1984. H. Wimmel: Sara – Structures for Automated Reachability Analysis, http://www.informatik.uni-rostock.de/∼nl/wiki/tools/download, 2010. K. Wolf: LoLA – A low level analyzer, http://www.informatik.uni- rostock.de/∼nl/wiki/tools/lola, 2010. 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 12 / 13
  • Thanks for Your Attention! 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 13 / 13