Branching Processes of High-Level Petri Nets and Model Checking of Mobile Systems Maciej Koutny School of Computing Science Newcastle University with:

Slides:



Advertisements
Similar presentations
Process Algebra Book: Chapter 8. The Main Issue Q: When are two models equivalent? A: When they satisfy different properties. Q: Does this mean that the.
Advertisements

Tintu David Joy. Agenda Motivation Better Verification Through Symmetry-basic idea Structural Symmetry and Multiprocessor Systems Mur ϕ verification system.
1 Verification of Parameterized Systems Reducing Model Checking of the Few to the One. E. Allen Emerson, Richard J. Trefler and Thomas Wahl Junaid Surve.
A Polynomial Translation of  -Calculus (FCP) to Safe Petri Nets Roland Meyer 1, Victor Khomenko 2, and Reiner Hüchting 1 1 Department of Computing Science,
Hardware and Petri nets Symbolic methods for analysis and verification.
Introduction to Petri Nets Hugo Andrés López
1 Model checking. 2 And now... the system How do we model a reactive system with an automaton ? It is convenient to model systems with Transition systems.
Based on: Petri Nets and Industrial Applications: A Tutorial
Applying Petri Net Unfoldings for Verification of Mobile Systems Apostolos Niaouris Joint work with V. Khomenko, M. Koutny MOCA ‘06.
Formal Modelling of Reactive Agents as an aggregation of Simple Behaviours P.Kefalas Dept. of Computer Science 13 Tsimiski Str Thessaloniki Greece.
Diagnosability Verification with Parallel LTL-X Model Checking Based on Petri Net Unfoldings Agnes Madalinski 1, and Victor Khomenko 2 1 Faculty of Engineering.
Efficient Reachability Analysis for Verification of Asynchronous Systems Nishant Sinha.
Merged Processes of Petri nets Victor Khomenko Joint work with Alex Kondratyev, Maciej Koutny and Walter Vogler.
SYMBOLIC MODEL CHECKING: STATES AND BEYOND J.R. Burch E.M. Clarke K.L. McMillan D. L. Dill L. J. Hwang Presented by Rehana Begam.
Background information Formal verification methods based on theorem proving techniques and model­checking –to prove the absence of errors (in the formal.
Process Algebra (2IF45) Probabilistic Process Algebra Suzana Andova.
Anna Philippou Department of Computer Science University of Cyprus Joint work with Mauricio Toro Department of Comp. Sc. EAFIT University Christina Kassara.
1 Towards formal manipulations of scenarios represented by High-level Message Sequence Charts Loïc Hélouet Claude Jard Benoît Caillaud IRISA/PAMPA (INRIA/CNRS/Univ.
The design and implementation of a workflow analysis tool Vasa Curcin Department of Computing Imperial College London.
Simulation of Spiking Neural P Systems Using Pnet Lab Authors Padmavati Metta Kamala Krithivasan Deepak Garg.
1 Flexible Subtyping Relations for Component- Oriented Formalisms and their Verification David Hurzeler PhD Examination, 9/11/2004.
Banker’s Algorithm Implementation in CPN Tools Michal Žarnay Department of Transportation Networks University of Žilina, Slovakia.
1 Ivan Lanese Computer Science Department University of Bologna Roberto Bruni Computer Science Department University of Pisa A mobile calculus with parametric.
1 Formal Models for Distributed Negotiations Description Roberto Bruni Dipartimento di Informatica Università di Pisa XVII Escuela de Ciencias Informaticas.
Hardware and Petri nets Partial order methods for analysis and verification of asynchronous circuits.
A 14← department of mathematics and computer science PROSE Checking Properties of Adaptive Workflow Nets K. van Hee, I. Lomazova, O. Oanea,
Resolution of Encoding Conflicts by Signal Insertion and Concurrency Reduction based on STG Unfoldings V. Khomenko, A. Madalinski and A. Yakovlev University.
Behaviour-Preserving Transition Insertions in Unfolding Prefixes
Programming Language Semantics Mooly SagivEran Yahav Schrirber 317Open space html://
1 IFM 2005 – November 30, 2005 EXP.OPEN 2.0 A flexible tool integrating partial order, compositional, and on-the-fly verification methods Frédéric Lang.
Branching Processes of High-Level Petri Nets Victor Khomenko and Maciej Koutny University of Newcastle upon Tyne.
Parallel LTL-X Model Checking of High- Level Petri Nets Based on Unfoldings Claus Schröter* and Victor Khomenko** *University of Stuttgart, Germany **University.
1 Ivan Lanese Computer Science Department University of Bologna Italy Concurrent and located synchronizations in π-calculus.
Embedded Systems Laboratory Department of Computer and Information Science Linköping University Sweden Formal Verification and Model Checking Traian Pop.
1 Combining verification and analysis. 2 CONCLUSIONS ON VERIFICATION  denotational abstract interpreters have the extra-value of being easily transformed.
Semantics with Applications Mooly Sagiv Schrirber html:// Textbooks:Winskel The.
*Department of Computing Science University of Newcastle upon Tyne **Institut für Informatik, Universität Augsburg Canonical Prefixes of Petri Net Unfoldings.
Merged processes – a new condensed representation of Petri net behaviour V.Khomenko 1, A.Kondratyev 2, M.Koutny 1 and W.Vogler 3 1 University of Newcastle.
1 Formal Engineering of Reliable Software LASER 2004 school Tutorial, Lecture1 Natasha Sharygina Carnegie Mellon University.
End-to-End Design of Embedded Real-Time Systems Kang G. Shin Real-Time Computing Laboratory EECS Department The University of Michigan Ann Arbor, MI
HELSINKI UNIVERSITY OF TECHNOLOGY *Laboratory for Theoretical Computer Science Helsinki University of Technology **Department of Computing Science University.
Lecture 6 Template Semantics CS6133 Fall 2011 Software Specification and Verification.
02/06/05 “Investigating a Finite–State Machine Notation for Discrete–Event Systems” Nikolay Stoimenov.
Formal Verification of fFSM Model Sachoun Park, Gihwon Kwon Department of Computer Science Kyonggi University, Korea IWFST, Shanghai, China,
Speaking Bluntly about SharpHDL: Some Old Stuff and Some Other Proposed Future Extensions Gordon J. Pace & Christine Vella Synchron’05 Malta, November.
Benjamin Gamble. What is Time?  Can mean many different things to a computer Dynamic Equation Variable System State 2.
Formalizing the Asynchronous Evolution of Architecture Patterns Workshop on Self-Organizing Software Architectures (SOAR’09) September 14 th 2009 – Cambrige.
SDS Foil no 1 Process Algebra Process Algebra – calculating with behaviours.
WSMX Execution Semantics Executable Software Specification Eyal Oren DERI
Ivan Lanese Computer Science Department University of Bologna/INRIA Italy Amending Choreographies Joint work with Fabrizio Montesi and Gianluigi Zavattaro.
Towards a High-Level Petri Net Type DefinitionWorkshop on Interchange Formats for Petri Nets 1/18 June 26, 2004 Towards a High-Level Petri Net Type Definition.
Dynamic software reconfiguration using control supervisors Ugo Buy 13 June 2005.
BY OKAY ASLAN CMPE 516 FAULT TOLERANT COMPUTING A Formal Object-Oriented Analysis for Software Reliability: Design for Verification.
Petri Nets Lecturer: Roohollah Abdipour. Agenda Introduction Petri Net Modelling with Petri Net Analysis of Petri net 2.
Xiaosong Lu Togashi Laboratory Department of Computer Science Shizuoka University April 1999 Specification and Verification of Hierarchical Reactive Systems.
School of Computer Science, The University of Adelaide© The University of Adelaide, Control Data Flow Graphs An experiment using Design/CPN Sue Tyerman.
Lecture 5 1 CSP tools for verification of Sec Prot Overview of the lecture The Casper interface Refinement checking and FDR Model checking Theorem proving.
Behavioral Comparison of Process Models Based on Canonically Reduced Event Structures Paolo Baldan Marlon Dumas Luciano García Abel Armas.
School of Computer Science & Software Engineering
Properties as Processes : FORTE slide Properties as Processes: their Specification and Verification Joel Kelso and George Milne School of Computer.
Formal Verification. Background Information Formal verification methods based on theorem proving techniques and model­checking –To prove the absence of.
Model Checking Lecture 1. Model checking, narrowly interpreted: Decision procedures for checking if a given Kripke structure is a model for a given formula.
Model Checking Lecture 1: Specification Tom Henzinger.
A SUPPORT TOOL FOR THE REACHABILITY AND OTHER PETRI NETS- RELATED PROBLEMS AND FORMAL DESIGN AND ANALYSIS OF DISCRETE SYSTEMS Department of Computers and.
Interacting Discrete Event Systems: Modelling, Verification, and Supervisory Control Sherif S. Abdelwahed February 4, 2002.
Laurea Triennale in Informatica – Corso di Ingegneria del Software I – A.A. 2006/2007 Andrea Polini VII. System Specification (I)
Laurea Triennale in Informatica – Corso di Ingegneria del Software I – A.A. 2006/2007 Andrea Polini VIII. Specifications (II)
Knowledge Representation
Victor Khomenko and Andrey Mokhov
Program correctness Model-checking CTL
Presentation transcript:

Branching Processes of High-Level Petri Nets and Model Checking of Mobile Systems Maciej Koutny School of Computing Science Newcastle University with: R.Devillers, V.Khomenko, H.Klaudel, A.Niaouris UFO'07, Siedlce, Poland 2007

2 Outline Motivation Coloured Petri nets Expansion and unfolding Relationship diagram Experimental results Application: mobile systems π-calculus to Petri nets Implementation issues Experimental results Further work

3 Motivation Low-level PNs: Can be efficiently verified Not convenient for modelling High-level descriptions: Convenient for modelling Verification is hard Gap Coloured PNs: a good intermediate formalism

4 Coloured PNs 1 2 w<u+v vu w {1,2} {1..4}

5 Expansion 1 2 w<u+v v u w {1,2} {1..4} The expansion faithfully models the original net Blow up in size

6 Unfolding 1 2 w<u+v v u w {1,2} {1..4} 1 2 u=1 v=2 w=1 1 u=1 v=2 w=2 2

7 Example: computing GCD u=3, v=2 u=2, v=1 u=1 v0v0 m n v u%v u v 0 u u {0..100}

8 Relationship diagram Coloured PNs unfolding Low-level prefix Coloured prefix unfolding Low-level PNs expansion ?

9 ~ Relationship diagram Coloured PNs unfolding Low-level prefix Coloured prefix unfolding Low-level PNs expansion

10 Relationship diagram 1 2 w<u+v v u w {1,2} {1..4} 1 2 u=1 v=2 w=1 12 u=1 v=2 w=2

11 Relationship diagram Coloured PNs unfolding Prefix unfolding Low-level PNs expansion

12 Benefits Avoiding an exponential blow up when building the expansion Definitions are similar to those for LL unfoldings, no new proofs All results and verification techniques for LL unfoldings are still applicable  Model checking algorithms  Canonicity, completeness, finiteness

13 Benefits Existing unfolding algorithms for LL PNs can easily be adapted  Usability of the total adequate order proposed in  All the heuristics improving the efficiency can be employed (e.g. concurrency relation and preset trees)  Parallel unfolding algorithm

14 Extensions: infinite place types v0v0 m n v u%v u v 0 u u {0..100}

15 Extensions: infinite place types v0v0 m n v u%v u v 0 u u N N N u=3, v=2 u=2, v=1 u=1

16 Extensions: infinite place types v0v0 m n v u%v u v 0 u u u=3, v=2 u=2, v=1 u=1 {0..2} {1..3} {1}

17 Refined expansion Coloured PNs unfolding Prefix unfolding Low-level PNs expansion

18 Experimental results Tremendous improvements for colour-intensive PNs (e.g. GCD) Negligible slow-down (<0.5%) for control- intensive PNs (e.g. Lamport’s mutual exclusion algorithm)

19 Application: mobility One of the main features of many crucial modern distributed computing systems Formal analysis and verification using process algebras like π-calculus Our aim: to alleviate the state space explosion problem during reachability analysis of mobile systems Using/adapting model checking algorithms based on unfoldings

20 Syntax (finite) Basic elements are channel (names) like a, b, c,... abinput prefix aboutput prefix τ internal prefix pref.Pfirst execute pref then P P+Qexecute P or Q P | Q execute P and Q in parallel ( ν c) Prestrict c within P A ├ PA is the set of all “known” channels _

21 Operational semantics Operational semantics defined using SOS rules such as: ¬ b є A ______________________________________ A ├ ac.P A {b} ├ {b/c} P One can then consider LTSs generated by π-terms, the associated behavioural properties, etc. ∩ ab

22 p-nets High level Petri nets where tokens can, e.g., be channels τ u vv a b transition is enabled if there is a suitable binding for u and v read arcs (non-directed) only for testing

23 p-nets High level nets where tokens can be, e.g., channels τ u vv a b transition is enabled if there is a suitable binding for u and v for instance u=a v=b

24 p-nets High level nets where tokens can be, e.g., channels τ u vv a b transition is enabled if there is a suitable binding for u and v for instance u=a v=b which leads to b

25 Holder places and read arcs τ u u u vvvv a b snd rcv Blue part (holder places) is related to channels Black part is related to control flow

26 Tag-place Used to maintain information about Known, New and Restricted channels Δ u v a UV _ V.v. K U.u. K v. R V. N e. N a.a. K Δ.RΔ.R

27 Tag-place Used to maintain information about Known, New and Restricted channels Δ u v a UV _ V.v. K U.u. K v. R V. N e. N a.a. K Δ.RΔ.R suitable binding u=U=a v=Δ V=e

28 Tag-place Used to maintain information about Known, New and Restricted channels Δ u v a UV _ V.v. K U.u. K v. R V. N e.Δ. K a.a. K suitable binding u=U=a v=Δ V=e generates ae and then LTS can be defined _

29 p-nets p-nets can be composed to mirror the operators in the process algebra: prefixing parallel composition choice communication

30 Model checking π-calculus Pi-calculus expression Safe High-level PN (p-nets) Automatic translation

31 Example 1 d u v UV V.v. K U.u. K v.v. K v. N e. N b.b. K v v uu U.u. K V.v. K U.u. K d.d. K b Uv {b,d} ├ ba.ad Uv UV _ _

32 Example 1 d u v UV V.v. K U.u. K v.v. K v. N e. N b.b. K v v uu U.u. K V.v. K U.u. K d.d. K b Uv UV _ binding u=U=b v=e

33 Example 1 d u v UV V.v. K U.u. K v.v. K v. N e.e. K b.b. K v v uu U.u. K V.v. K U.u. K d.d. K b Uv UV _ binding u=U=b v=e generates be e

34 Example 1 d u v UV V.v. K U.u. K v.v. K v. N e.e. K b.b. K v v uu U.u. K V.v. K U.u. K d.d. K b Uv UV _ e

35 Example 1 d u v UV V.v. K U.u. K v.v. K v. N e.e. K b.b. K v v uu U.u. K V.v. K U.u. K d.d. K b Uv UV _ binding u=U=e v=V=d e

36 Example 1 d u v UV V.v. K U.u. K v.v. K v. N e.e. K b.b. K v v uu U.u. K V.v. K U.u. K d.d. K b Uv UV _ binding u=U=e v=V=d generates ed e _

37 Example 2 b u v f. N b.b. K v Δ Δ.RΔ.R a.a. K UV a _ _ u V. N v. R U.u. K V.v. K {a,b} ├ (νc)ac.cb __ V.v. K U.u. K

38 Example 2 b u v f. N b.b. K v Δ Δ.RΔ.R a.a. K UV a _ _ u V. N v. R U.u. K V.v. K U.u. K binding u=U=a V=f v= Δ

39 Example 2 b u v b.b. K v Δ f.Δ. K a.a. K UV a _ _ u V. N v. R U.u. K V.v. K U.u. K binding u=U=a V=f v= Δ generates af _

40 Example 2 b u v b.b. K v Δ f.Δ. K a.a. K UV a _ _ u V. N v. R U.u. K V.v. K U.u. K

41 Example 2 b u v b.b. K v Δ f.Δ. K a.a. K UV a _ _ u V. N v. R U.u. K V.v. K U.u. K binding U=f u=Δ V=v=b

42 Example 2 b u v b.b. K v Δ f.Δ. K a.a. K UV a _ _ u V. N v. R U.u. K V.v. K U.u. K binding U=f u=Δ V=v=b generates fb _

43 Example 3 v f. N e.e. K v Δ.RΔ.R a.a. K a u d e Δ d.d. K UV τ v v u u U.u. K v. R V. N V.v. K U.u. K _ _ {a,e,d} ├ (νc)(ac.ec | ab.bd) ___

44 Example 3 v f. N e.e. K v Δ.RΔ.R a.a. K a u d e Δ d.d. K UV τ v v u u U.u. K v. R V. N V.v. K U.u. K _ _

45 Example 3 v f. N e.e. K v Δ.RΔ.R a.a. K a u d e Δ d.d. K UV τ v v u u U.u. K v. R V. N V.v. K U.u. K _ _ Δ

46 Example 3 v f. N e.e. K v Δ.RΔ.R a.a. K a u d e Δ d.d. K UV τ v v u u U.u. K v. R V. N V.v. K U.u. K _ _ Δ

47 Example 3 v e.e. K v f.Δ. K a.a. K a u d e Δ d.d. K UV τ v v u u U.u. K v. R V. N V.v. K U.u. K _ _ Δ

48 Example 3 v e.e. K v f.Δ. K a.a. K a u d e Δ d.d. K UV τ v v u u U.u. K v. R V. N V.v. K U.u. K _ _ Δ

49 Example 3 v e.e. K v f.Δ. K a.a. K a u d e Δ d.d. K UV τ v v u u U.u. K v. R V. N V.v. K U.u. K _ _ Δ

50 Model checking π-calculus pi-calculus expression Safe High-level PN (p-nets) PN unfolding Property Checking PUNF MPSat

51 Implementation issues Infinity of new channels Read arcs Non-safeness Partial-transition expansion Reducing the number of holder places

52 Example T ness NESS a h1 h2 h3 h4 a?ness

53 Example T ness NESS a h1 h2 h3 h4 h1!ness | h2!ness | h3!ness | h4!ness ness

54 Example T ness NESS a h1 h2 h3 h4 h1?addr1 | h2?addr2 | h3?addr3 | h4?addr4 ness

55 Example T ness NESS a h1 h2 h3 h4

56 Example T NESS a h1 h2 h3 h4 h h h!h1. h1!done. STOP + h?another1.addr1!h1. addr1!another1. h1!done.STOP ness

57 Experiments Problem Net Prefix |B| |E| Time Punf MPSat Time MWB |P| |T| Ness(2) <1 Ness(3) <1 Ness(4) <1 7 Ness(5) <1 - Ness(6) Ness(7)

58 Further work We need efficient extensions of the unfolding approach for read arcs Introduce a restricted form of recursion still allowing one to use model-checking Deal with the state space explosion caused by aspects other than high level of concurrency Further performance comparisons of this model with other model checkers

59 Thank you!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.