Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Upcoming SlideShare
Loading in …5
×

# StrataGEM: A Generic Petri Net Verification Framework

837 views

Published on

Presentation given at the International Conference on
Application and Theory of Petri Nets and Concurrency 2014, in Tunis, Tunisia. You can find the paper manuscript at http://edmundo.lopezbobeda.net/publications .

Published in: Software, Technology
• Full Name
Comment goes here.

Are you sure you want to Yes No
Your message goes here
• Be the first to comment

### StrataGEM: A Generic Petri Net Verification Framework

1. 1. StrataGEM: A Generic Petri Net Veriﬁcation Framework Edmundo López Bóbeda, Maximilien Colange, Didier Buchs Wednesday, June 25th 2014 - Tunis, Tunisia Petri nets 2014
2. 2. Stratagem Model checker Photo: FastJack/Flickr  " http://www.ﬂickr.com/photos/fastjack/282707058/ Prototyping lab
3. 3. Goal Your formalism Your Model checker
4. 4. Creating your model checker: A Checklist • Semantics • Description of the computation • Optimizations
5. 5. How Terms Strategies Rewrite rules
6. 6. Semantics A running example R Y G t3 t1 t2
7. 7. R(suc(0), Y(0, G(0, empty))) " " " " Representing a state R Y G t3 t1 t2 Term = State
8. 8. R(suc(0), Y(0, G(0, empty))) iArc = R(suc(x), p) ↝ R(x, p) oArc = G(x, p) ↝ G(suc(x), p) " " Representing arcs R Y G t3 t1 t2 Rewrite rules
9. 9. Representing transitions R Y G t3 t1 t2 R(suc(0), Y(0, G(0, empty))) iArc = R(suc(x), p) ↝ R(x, p) oArc = G(x, p) ↝ G(suc(x), p) t1 = ??? "
10. 10. Strategies in a nutshell Strategies Rewrite rules Terms
11. 11. Strategies in a nutshell Strategies Rewrite rules
12. 12. Basic strategy semantics • Basic strategy (A list of rewrite rules) • Application to root term only • The ﬁrst applicable rule is applied • Otherwise, fail
13. 13. Other useful strategies • Identity[t] = t • Fail[t], always fails • (S1 orElse S2)[t] = S1[t] or S2[t], if S1[t] fails • Conditional application of strategies • (S1 andThen S2)[t] = S2[S1[t]] • Sequential composition of strategies • Subtermk(S)[f(t1, …, tn)] = f(t1, …, S(tk), …, tn) • Apply strategy to subterm
14. 14. Representing transitions R(suc(0), Y(0, G(0, empty))) iArc = R(suc(x), p) ↝ R(x, p) oArc = G(x, p) ↝ G(suc(x), p) t1 = Once(iArc) andThen Once(oArc) Once(S) = S orElse Subterm2(Once(S) R Y G t3 t1 t2
15. 15. Creating your model checker: A Checklist • Semantics • Description of the computation • Optimizations
16. 16. t1 = Once(iArc) andThen Once(oArc) t2 = … ; t3 = … CalcSS = ??? " " Description of the computation R Y G t3 t1 t2
17. 17. Strategies extended • Natural extension • S[{t1, …, tn}] = {S[t1], …, S[tn]} • Set strategies • Union(S1, S2)[T] = S1[T] U S2[T], if both succeed • Fixpoint(S)[T] = μT.S[T]
18. 18. t1 = Once(iArc) andThen Once(oArc) t2 = … ; t3 = … CalcSS = Fixpoint( Union( Try(t1), Try(t2), Try(t3), Identity)) Try(S) = S orElse Identity Description of the computation R Y G t3 t1 t2
19. 19. Creating your model checker: A Checklist • Semantics • Description of the computation • Optimizations
20. 20. Decision Diagram Operations Trans. Trans. State Space Veriﬁcation Optim 1 Your formalism Othermodelcheckers
21. 21. Decision Diagram Operations Trans. Trans. Trans. State Space Veriﬁcation Optim 1 Optim 2 Your formalism Othermodelcheckers
22. 22. Decision Diagram Operations Trans. Trans. Trans. State Space Veriﬁcation Optim 1 Optim 2 Your formalism Othermodelcheckers
23. 23. Engine Decision Diagram Operations Translation Stratagem Semantics, State Space, Optimization State Space Veriﬁcation Optim 1 Optim 2 Your formalism =
24. 24. Engine Decision Diagram Operations Translation Stratagem Semantics, State Space, Optimization Your formalism Translation
25. 25. Saturation: for connaisseurs • Well known DD optimization technique • Apply local ﬁxpoint in order to reduce peak effect R Y G t3 t1 t2 Satn(S) =   (Subtermn(Satn(S)) orElse FixPoint(S))  andThen  Fixpoint(S)
26. 26. Saturation: for connaisseurs R Y G t3 t1 t2 Satn(S) =   (Subtermn(Satn(S)) orElse FixPoint(S))  andThen  Fixpoint(S) R(1, Y(0, G(0, empty )))
27. 27. Creating your model checker: A Checklist • Semantics • Description of the computation • Optimizations
28. 28. Practical results • Stratagem has been used to implement: • Optimizations: Saturation, Clustering, Anonymization, etc. • Other formalisms: Divine formalism
29. 29. Practical results • Comparison with PNXDD • Symbolic model checking • Similar techniques (topological, decision diagrams) • Common model database (model checking contest) • 2nd best tool for state space calculation last year
30. 30. Practical resultsRatiotimePNXDD/timeStratagem 0 0.35 0.7 1.05 1.4 Model size (scale parameter) 5 10 20 50 100 200 Erathostenes Railroad Shared Mem
31. 31. Implementation • 3700 lines of Scala • Available for download http://sourceforge.net/ projects/stratagem-mc/ • Source code available on Github • Platform independent
32. 32. Future work • Implement CTL veriﬁcation • Implement other translations (Algebraic Petri nets) • Implement other optimization techniques
33. 33. Thank you! Any questions?
34. 34. The paper for this presentation can be found at: http:// edmundo.lopezbobeda.net/ publications