Reachability Analysis via Net
Structure
HARRO WIMMEL, KARSTEN WOLF
Universität Rostock, Institut für Informatik
8. Oktober...
Overview
Basic Definitions
Reachability Problem
State Equation & Constraints
Solving the Reachability Problem using CEGAR
T...
Basic Definitions
Reachability Problem
Petri nets should be well-known.
• (N, m, m ) is a reachability problem; answer “yes...
Basic Definitions
Reachability Problem
Petri nets should be well-known.
• (N, m, m ) is a reachability problem; answer “yes...
Basic Definitions
Reachability Problem
Petri nets should be well-known.
• (N, m, m ) is a reachability problem; answer “yes...
Basic Definitions
State Equation & Constraints
• The solution space of the state equation m = m + Cx is semilinear
• ∃ finit...
Basic Definitions
State Equation & Constraints
• The solution space of the state equation m = m + Cx is semilinear
• ∃ finit...
Basic Definitions
State Equation & Constraints
• The solution space of the state equation m = m + Cx is semilinear
• ∃ finit...
The Search Space
b
8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INF...
An Example
s
a1
b1
x1
y1
c1
b2
z
y2
c2
b3
x2a2
f
Final marking: s + 3f
State Equation’s Solutions:
3a1 +3a2 +3
8. Oktober ...
An Example
s
a1
b1
x1
y1
c1
b2
z
y2
c2
b3
x2a2
f
3× 3×
3×
Final marking: s + 3f
State Equation’s Solutions:
3a1 +3a2 +3
8....
An Example
s
a1
b1
x1
y1
c1
b2
z
y2
c2
b3
x2a2
f
3× 3×
3×
Final marking: s + 3f
State Equation’s Solutions:
3a1 +3a2 +3
8....
An Example
s
a1
b1
x1
y1
c1
b2
z
y2
c2
b3
x2a2
f
Final marking: s + 3f
State Equation’s Solutions:
3a1 +3a2 +3
Constraints...
An Example
s
a1
b1
x1
y1
c1
b2
z
y2
c2
b3
x2a2
f
2× 2×
3×
1× 1× 1×
Final marking: s + 3f
State Equation’s Solutions:
3a1 +...
An Example
s
a1
b1
x1
y1
c1
b2
z
y2
c2
b3
x2a2
f
Final marking: s + 3f
State Equation’s Solutions:
3a1 +3a2 +3
2a1 +2a2 +b...
An Example
s
a1
b1
x1
y1
c1
b2
z
y2
c2
b3
x2a2
f
2× 2×
3×
1× 1× 1×
1× 1×
Final marking: s + 3f
State Equation’s Solutions:...
An Example
s
a1
b1
x1
y1
c1
b2
z
y2
c2
b3
x2a2
f
Final marking: s + 3f
State Equation’s Solutions:
3a1 +3a2 +3
2a1 +2a2 +b...
An Example
s
a1
b1
x1
y1
c1
b2
z
y2
c2
b3
x2a2
f
1× 1×
3×
2× 2× 2×
1× 1×
Final marking: s + 3f
State Equation’s Solutions:...
An Example
s
a1
b1
x1
y1
c1
b2
z
y2
c2
b3
x2a2
f
Final marking: s + 3f
State Equation’s Solutions:
3a1 +3a2 +3
2a1 +2a2 +b...
An Example
s
a1
b1
x1
y1
c1
b2
z
y2
c2
b3
x2a2
f3×
3× 3× 3×
1× 1×
Final marking: s + 3f
State Equation’s Solutions:
3a1 +3...
Looking for Constraints
Building a graph
Take a firing sequence σ and a solution x of the state equation m = m +Cx with
• ℘...
Looking for Constraints
Finding Components
Get all strongly connected components (SCC) of G which have no incoming edges
(...
Finding Partial Solutions
• Tree of all potential firing sequences for x from m = m + Cx
• tree is finite, brute-force searc...
Finding Partial Solutions
• Tree of all potential firing sequences for x from m = m + Cx
• tree is finite, brute-force searc...
The Algorithm / Conclusion
• Get solution of the state equation using an IP solver
• Get partial solutions (maximal firing ...
Experimental Results
Implementation in a tool named “Sara”.
• Garavel’s challenge (LOTOS specification): 485 places, 776 tr...
M. Berkelaar, K. Eikland, P. Notebaert: Lp solve Reference Guide,
http://lpsolve.sourceforge.net/5.5/, 2010.
H. Garavel: E...
Thanks for Your Attention!
8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT...
Upcoming SlideShare
Loading in …5
×

Reachability Analysis via Net Structure

1,091 views

Published on

AWPN 2010

Published in: Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,091
On SlideShare
0
From Embeds
0
Number of Embeds
485
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Reachability Analysis via Net Structure

  1. 1. Reachability Analysis via Net Structure HARRO WIMMEL, KARSTEN WOLF Universität Rostock, Institut für Informatik 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 1 / 13
  2. 2. Overview Basic Definitions Reachability Problem State Equation & Constraints Solving the Reachability Problem using CEGAR The Search Space Example Looking for Constraints Finding Partial Solutions The Algorithm Experimental Results 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 2 / 13
  3. 3. Basic Definitions Reachability Problem Petri nets should be well-known. • (N, m, m ) is a reachability problem; answer “yes” if m[σ N m for some firing sequence σ ∈ T∗ • N = (S, T, F) Petri net, m, m ∈ NS markings • m = m + Cx is the state equation • C incidence matrix, x ∈ NT transition vector (solution) • from m[σ m follows m = m + C℘(σ), i.e. the Parikh image ℘(σ) solves the state equation • necessary condition for reachability • ℘(σ) = x is T-invariant if Cx = 0, i.e. m[σ m 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 3 / 13
  4. 4. Basic Definitions Reachability Problem Petri nets should be well-known. • (N, m, m ) is a reachability problem; answer “yes” if m[σ N m for some firing sequence σ ∈ T∗ • N = (S, T, F) Petri net, m, m ∈ NS markings • m = m + Cx is the state equation • C incidence matrix, x ∈ NT transition vector (solution) • from m[σ m follows m = m + C℘(σ), i.e. the Parikh image ℘(σ) solves the state equation • necessary condition for reachability • ℘(σ) = x is T-invariant if Cx = 0, i.e. m[σ m 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 3 / 13
  5. 5. Basic Definitions Reachability Problem Petri nets should be well-known. • (N, m, m ) is a reachability problem; answer “yes” if m[σ N m for some firing sequence σ ∈ T∗ • N = (S, T, F) Petri net, m, m ∈ NS markings • m = m + Cx is the state equation • C incidence matrix, x ∈ NT transition vector (solution) • from m[σ m follows m = m + C℘(σ), i.e. the Parikh image ℘(σ) solves the state equation • necessary condition for reachability • ℘(σ) = x is T-invariant if Cx = 0, i.e. m[σ m 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 3 / 13
  6. 6. Basic Definitions State Equation & Constraints • The solution space of the state equation m = m + Cx is semilinear • ∃ finite B, P ⊆ NT : m = m + Cx ⇐⇒ x = b + i ni pi for some b ∈ B, pi ∈ P, ni ∈ N • IP solver, e.g. lp_solve, yields “minimal” solution • Discrimination of solutions by adding constraints (CEGAR) • “jump”: t < n with t ∈ T, n ∈ N • ”increment”: k i=1 ni ti ≥ n with ti ∈ T, ni , n ∈ N • jumps for other minimal solutions, increments for addition of T-invariants 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 4 / 13
  7. 7. Basic Definitions State Equation & Constraints • The solution space of the state equation m = m + Cx is semilinear • ∃ finite B, P ⊆ NT : m = m + Cx ⇐⇒ x = b + i ni pi for some b ∈ B, pi ∈ P, ni ∈ N • IP solver, e.g. lp_solve, yields “minimal” solution • Discrimination of solutions by adding constraints (CEGAR) • “jump”: t < n with t ∈ T, n ∈ N • ”increment”: k i=1 ni ti ≥ n with ti ∈ T, ni , n ∈ N • jumps for other minimal solutions, increments for addition of T-invariants 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 4 / 13
  8. 8. Basic Definitions State Equation & Constraints • The solution space of the state equation m = m + Cx is semilinear • ∃ finite B, P ⊆ NT : m = m + Cx ⇐⇒ x = b + i ni pi for some b ∈ B, pi ∈ P, ni ∈ N • IP solver, e.g. lp_solve, yields “minimal” solution • Discrimination of solutions by adding constraints (CEGAR) • “jump”: t < n with t ∈ T, n ∈ N • ”increment”: k i=1 ni ti ≥ n with ti ∈ T, ni , n ∈ N • jumps for other minimal solutions, increments for addition of T-invariants 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 4 / 13
  9. 9. The Search Space b 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 5 / 13
  10. 10. An Example s a1 b1 x1 y1 c1 b2 z y2 c2 b3 x2a2 f Final marking: s + 3f State Equation’s Solutions: 3a1 +3a2 +3 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  11. 11. An Example s a1 b1 x1 y1 c1 b2 z y2 c2 b3 x2a2 f 3× 3× 3× Final marking: s + 3f State Equation’s Solutions: 3a1 +3a2 +3 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  12. 12. An Example s a1 b1 x1 y1 c1 b2 z y2 c2 b3 x2a2 f 3× 3× 3× Final marking: s + 3f State Equation’s Solutions: 3a1 +3a2 +3 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  13. 13. An Example s a1 b1 x1 y1 c1 b2 z y2 c2 b3 x2a2 f Final marking: s + 3f State Equation’s Solutions: 3a1 +3a2 +3 Constraints: b2 ≥ 1 (oder a1 < 3) 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  14. 14. An Example s a1 b1 x1 y1 c1 b2 z y2 c2 b3 x2a2 f 2× 2× 3× 1× 1× 1× Final marking: s + 3f State Equation’s Solutions: 3a1 +3a2 +3 2a1 +2a2 +b1 +b2 +b3 +3 Constraints: b2 ≥ 1 (oder a1 < 3) 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  15. 15. An Example s a1 b1 x1 y1 c1 b2 z y2 c2 b3 x2a2 f Final marking: s + 3f State Equation’s Solutions: 3a1 +3a2 +3 2a1 +2a2 +b1 +b2 +b3 +3 Constraints: b2 ≥ 1 (oder a1 < 3), c1 ≥ 1 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  16. 16. An Example s a1 b1 x1 y1 c1 b2 z y2 c2 b3 x2a2 f 2× 2× 3× 1× 1× 1× 1× 1× Final marking: s + 3f State Equation’s Solutions: 3a1 +3a2 +3 2a1 +2a2 +b1 +b2 +b3 +3 2a1+2a2+b1+b2+b3+c1+c2+3 Constraints: b2 ≥ 1 (oder a1 < 3), c1 ≥ 1 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  17. 17. An Example s a1 b1 x1 y1 c1 b2 z y2 c2 b3 x2a2 f Final marking: s + 3f State Equation’s Solutions: 3a1 +3a2 +3 2a1 +2a2 +b1 +b2 +b3 +3 2a1+2a2+b1+b2+b3+c1+c2+3 Constraints: b2 ≥ 1 (oder a1 < 3), c1 ≥ 1, b2 ≥ 2 (oder a1 < 2) 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  18. 18. An Example s a1 b1 x1 y1 c1 b2 z y2 c2 b3 x2a2 f 1× 1× 3× 2× 2× 2× 1× 1× Final marking: s + 3f State Equation’s Solutions: 3a1 +3a2 +3 2a1 +2a2 +b1 +b2 +b3 +3 2a1+2a2+b1+b2+b3+c1+c2+3 a1+a2+2b1+2b2+2b3+c1+c2+3 Constraints: b2 ≥ 1 (oder a1 < 3), c1 ≥ 1, b2 ≥ 2 (oder a1 < 2) 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  19. 19. An Example s a1 b1 x1 y1 c1 b2 z y2 c2 b3 x2a2 f Final marking: s + 3f State Equation’s Solutions: 3a1 +3a2 +3 2a1 +2a2 +b1 +b2 +b3 +3 2a1+2a2+b1+b2+b3+c1+c2+3 a1+a2+2b1+2b2+2b3+c1+c2+3 Constraints: b2 ≥ 1 (oder a1 < 3), c1 ≥ 1, b2 ≥ 2 (oder a1 < 2), b2 ≥ 3 (oder a1 < 1) 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  20. 20. An Example s a1 b1 x1 y1 c1 b2 z y2 c2 b3 x2a2 f3× 3× 3× 3× 1× 1× Final marking: s + 3f State Equation’s Solutions: 3a1 +3a2 +3 2a1 +2a2 +b1 +b2 +b3 +3 2a1+2a2+b1+b2+b3+c1+c2+3 a1+a2+2b1+2b2+2b3+c1+c2+3 3b1 +3b2 +3b3 +c1 +c2 +3 Constraints: b2 ≥ 1 (oder a1 < 3), c1 ≥ 1, b2 ≥ 2 (oder a1 < 2), b2 ≥ 3 (oder a1 < 1) 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 6 / 13
  21. 21. Looking for Constraints Building a graph Take a firing sequence σ and a solution x of the state equation m = m +Cx with • ℘(σ) ≤ x, • ∀t ∈ T: x(t) > ℘(σ)(t) =⇒ ¬m[σt We call σ a partial solution. Now build a graph G of: • transitions t with x(t) > ℘(σ)(t) • places s inhibiting the firing of such a t (after σ) • an edge from s to t if s inhibits t • an edge from t to s if t increases token count on s 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 7 / 13
  22. 22. Looking for Constraints Finding Components Get all strongly connected components (SCC) of G which have no incoming edges (source SCCs). Places in such SCCs cannot be marked from “inside” the graph, so tokens must come from the outside. =⇒ Constraint use transitions that can put tokens onto a source SCC (left side of the constraint). How many tokens to produce? (right side of the constraint) • a complex problem (esp. if x(t) − ℘(σ)(t) > 1 and nets have multiarcs) • approximation necessary • repeated increase of the constraints by 1 token is possible 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 8 / 13
  23. 23. Finding Partial Solutions • Tree of all potential firing sequences for x from m = m + Cx • tree is finite, brute-force search possible • depth-first-search • enumerate partial solutions and build constraints • Optimisations • stubborn-set method (partial order reduction) • additional confluence tests for x(t) − ℘(σ)(t) > n • backtracking at repeated markings on a path • ineffective constraints (σ is partial solution for x + y with σ = σ or ℘(σ ) = ℘(σ) + y with y a T-invariant) 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 9 / 13
  24. 24. Finding Partial Solutions • Tree of all potential firing sequences for x from m = m + Cx • tree is finite, brute-force search possible • depth-first-search • enumerate partial solutions and build constraints • Optimisations • stubborn-set method (partial order reduction) • additional confluence tests for x(t) − ℘(σ)(t) > n • backtracking at repeated markings on a path • ineffective constraints (σ is partial solution for x + y with σ = σ or ℘(σ ) = ℘(σ) + y with y a T-invariant) 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 9 / 13
  25. 25. The Algorithm / Conclusion • Get solution of the state equation using an IP solver • Get partial solutions (maximal firing sequences), stop if full solution • Find constraints for partial solutions • (Multiple) calls to algorithm with state equation + constraints Conclusion: • Positive answer is found (use “jumps” for a complete search), except in case of insufficient memory; witness path is found • Negative answer can be found if state equation is infeasible or if backtracking for ineffective constraints makes search space finite; diagnosis possible • Extensions possible, e.g. state inequations 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 10 / 13
  26. 26. Experimental Results Implementation in a tool named “Sara”. • Garavel’s challenge (LOTOS specification): 485 places, 776 transitions, test for dead transitions • (Cygwin/Linux) 26/41 sec. (LoLA: 71/29 sec. + separation by hand) • path length (medium/max) 15/28 (LoLA: 53/6232) • SAP reference nets (business processes): 590 nets, test for relaxed soundness • (Cygwin/Linux) 198/110 sec. (LoLA: 24 min. + 17 unsolved) • Boolean programs: a few nets, coverability test • <1 second (LoLA: 1 problem with memory overflow (>32GB)) • Spezialized nets with increasing edge weights (self-constructed) • Sara loses time exponentially compared to LoLA (always <3 sec.) 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 11 / 13
  27. 27. M. Berkelaar, K. Eikland, P. Notebaert: Lp solve Reference Guide, http://lpsolve.sourceforge.net/5.5/, 2010. H. Garavel: Efficient Petri Net tool for computing quasi-liveness, http://www.informatik.uni-hamburg.de/cgi-bin/TGI/pnml/getpost ?id=2003/07/2709, 2003. L.M. Kristensen, K. Schmidt, A. Valmari: Question-guided Stubborn Set Methods for State Properties, Formal Methods in System Design 29:3, pp.215–251, Springer, 2006. E. Mayr: An algorithm for the general Petri net reachability problem, SIAM Journal of Computing 13:3, pp.441–460, 1984. H. Wimmel: Sara – Structures for Automated Reachability Analysis, http://www.informatik.uni-rostock.de/∼nl/wiki/tools/download, 2010. K. Wolf: LoLA – A low level analyzer, http://www.informatik.uni- rostock.de/∼nl/wiki/tools/lola, 2010. 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 12 / 13
  28. 28. Thanks for Your Attention! 8. Oktober 2010 c 2010 UNIVERSITÄT ROSTOCK | FAKULTÄT FÜR INFORMATIK & ELEKTROTECHNIK, INSTITUT FÜR INFORMATIK 13 / 13

×