Petri Nets for Systems Engineering

Springer-Verlag Berlin Heidelberg GmbH

Claude Girault Rudiger Valk

Petri Nets for Systems Engineering

A Guide to Modeling, Verification, and Applications

With 190 Figures and 9 Tables

Springer

Claude Girault

University of Paris VI Lab. LIP6 (CNRS-UMR 7606) 4 Place Jussieu 75252 Paris Cedex 05 France

Claude.Girault@lip6.fr

Rudiger Valk

University of Hamburg Department of Computer Science Vogt-K611n-Str.30 22527 Hamburg Germany

valk@informatik.uni-hamburg.de

Library of Congress Cataloging-in-Publication Data applied for

Die Deutsche Bibliothek - CIP-Einheitsaufnahme Girault, Claude; Valk, Riidiger: Petri Nets for Systems Engineering. A Guide to Modeling, Verification, and Applications - Berlin; Heidelberg; New York; Hong Kong; London; Milan; Paris; Tokyo: Springer, 2003 ISBN 3-540-41217-4

ACM Computing Classification (1998): D.l.5, D.2.2-6, El.2, E3.1-2, FA.l, D.3.1, DA, B.l.2, B.6, C.l, C.2A, 1.2.11, J.l, JA

ISBN 978-3-642-07447-9 ISBN 978-3-662-05324-9 (eBook)

DOI 10.1007/978-3-662-05324-9

This work is subject to copyright. All rights are reserved, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilm or in any other way, and storage in data banks. Duplication of this publication or parts thereof is permitted only under the provisions of the German Copyright Law of September 9, 1965, in its current version, and permission for use must always be obtained from Springer-Verlag. Violations are liable for prosecution under the German Copyright Law.

© Springer-Verlag Berlin Heidelberg 2003

Originally published by Springer-Verlag Berlin Heidelberg New York in 2003.

Softcover reprint of the hardcover I st edition 2003

The use of designations, trademarks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use.

Cover Design: KiinkelLopka, Heidelberg Typesetting: Camera-ready by authors

Printed on acid-free paper SPIN 10773906 45/3142XT 543210

Preface

Nowadays, computer-based systems are indispensable for almost all areas of modern life. As has been frequently stated, they suffer, however, from be­ing insufficiently correct or reliable. Software development projects fail their completion deadlines and financial frames. Though computer systems sur­pass in size all traditional complex systems ever produced, the discrepancy in quality standards seems to be unbridgeable. It has been argued frequently that traditional engineering methods and standards should be adapted to software development needs and so the field of software engineering was cre­ated. Though some progress is observable in this area, modelling, analysis, and implementation techniques lack a powerful modelling method connecting all these areas. Moreover, though graphic-based modelling techniques are of increasing interest, there are very few that are founded on formal methods.

This book intends to bridge the gap between Petri nets, which fulfil many desirable requirements, and the systems modelling and implementation pro­cess. Petri nets are introduced from its basics and their use for modelling and verification of systems is discussed. Several application domains are selected to illustrate the method.

The book has been written in the context of the MATCH project. We wish to thank all participants for their contributions to the concept and de­sign of the book. It took several meetings and numerous sessions to decide on its structure and contents. In particular, we gratefully acknowledge the contribution of portions of text, mutual proof reading, the supplying of use­ful comments and suggestions, and - last but not least - the perseverance in maintaining the complex process of communication which led to this re­sult. To the European Community we are deeply indebted for providing the financial base to organize all these meetings.

Rainer Mackenthun put a lot of effort into organizing a common bibliog­raphy. The completion of the book would have been unthinkable without the hard and careful work of Berndt Farwer who solved the problem of compiling the chapters and sections and removed many inconsistencies. It is a pleasure for us to acknowledge these efforts.

VI Preface

We are grateful for the numerous suggestions and the encouragement which came from the participants of the summer school in Jaca, Spain, and students in our universities, who worked with early versions of the text. Our thanks are also due to Hans Wossner of Springer-Verlag for his unique edi­torial help and suggestions.

Paris and Hamburg, September 2002 Claude Girault and Rudiger Valk

Contents

List of Authors and Affiliations ............................... XV

Introduction: Purpose of the Book. . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Part I. Petri Nets - Basic Concepts

1. Introduction.............................................. 7

2. Essential Features of Petri Nets .......................... 9 2.1 Locality and Concurrency. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 10 2.2 Graphical and Algebraic Representation. . . . . . . . . . . . . . . . . .. 12 2.3 Concurrency, Conflict, and Confusion. . . . . . . . . . . . . . . . . . . .. 15 2.4 Refinement and Composition. . . . . . . . . . . . . . . . . . . . . . . . . . . .. 18 2.5 Net Morphisms. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 23

3. Intuitive Models. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 29 3.1 Arc-Constant Nets. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 29 3.2 Place/Transition Nets. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 32 3.3 Coloured Nets ......................................... 34 3.4 Foldings............................................... 38

4. Basic Definitions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 41 4.1 Formal Definition of Place/Transition Nets. . . . . . . . . . . . . . .. 41 4.2 Formal Definition of Arc-Constant Nets. . . . . . . . . . . . . . . . . .. 43 4.3 Formal Definition of Coloured Nets . . . . . . . . . . . . . . . . . . . . . .. 45

5. Properties................................................ 53 5.1 Basic Properties. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 54 5.2 An Introduction to the Analysis. . . . . . . . . . . . . . . . . . . . . . . . .. 58

5.2.1 Verification Based on the Reachability Graph. . . . . . .. 60 5.2.2 Verification Based on Linear Invariants. . . . . . . . . . . . .. 68

6. Overview of the Book .................................... 73

VIII Contents

Part II. Modelling

7. Introduction.............................................. 81

8. Modelling and Analysis Techniques by Example .......... 85 8.1 Nets, Refinement, and Abstraction. . . . . . . . . . . . . . . . . . . . . . .. 85 8.2 Place/Transition Nets and Resource Management .......... 92 8.3 Coloured Nets, Abstraction, and Unfolding. . . . . . . . . . . . . . .. 97

9. Techniques ............................................... 105 9.1 Building Blocks ........................................ 105 9.2 Combining Nets ........................................ 108

9.2.1 Place Fusion ..................................... 108 9.2.2 Arc Addition .................................... 110 9.2.3 Transition Fusion ................................. 111

9.3 High-Level Nets ........................................ 112 9.3.1 Coloured Nets ................................... 112 9.3.2 Fairness, Priority, and Time ....................... 115

9.4 Decomposing Nets ...................................... 116 9.5 Conclusion ............................................ 117

10. Methods .................................................. 119 10.1 State-Oriented Modelling ................................ 120

10.1.1 Specification ..................................... 123 10.1.2 Design .......................................... 124 10.1.3 Implementation .................................. 133 10.1.4 Conclusion ...................................... 134

10.2 Event-Oriented Modelling ............................... 135 10.2.1 High-Level Modelling ............................. 135 10.2.2 Protocol Modelling ............................... 137 10.2.3 Verification ...................................... 142 10.2.4 Conclusion ...................................... 145

10.3 Object-Oriented Modelling .............................. 146 10.3.1 Objects vs. Petri Nets ............................ 146 10.3.2 Integration Approaches ........................... 148 10.3.3 A Multi-Formalism Approach Including Nets ......... 152 10.3.4 Conclusion ...................................... 157

11. Case Studies .............................................. 159 11.1 State-Oriented Approach ................................ 162

11.1.1 Specification ..................................... 162 11.1.2 Design .......................................... 162 11.1.3 Implementation .................................. 166

11.2 Event-Oriented Approach ................................ 166

Contents IX

11.2.1 Modelling a Node ................................ 166 11.2.2 Verification ...................................... 170 11.2.3 Adding Colour ................................... 172

11.3 Object-Oriented Approach ............................... 173 11.3.1 Structure of the NodeCoordinator .................. 173 11.3.2 The NodeCoordinator in OF-Class Formalism ........ 175 11.3.3 Net Synthesis from the NodeCoordinator Specification 176 11.3.4 Verification of Protocol Correctness ................. 176

12. Conclusion ............................................... 179

Part III. Verification

13. Introduction: Issues in Verification ....................... 183 13.1 Classification of Nets .................................... 184

13.1.1 Restriction of Nets ............................... 184 13.1.2 Extension of Nets ................................ 184 13.1.3 Abbreviation of Nets .............................. 185 13.1.4 Parametrisation of Nets ........................... 187

13.2 Properties ............................................. 188 13.3 Classification of Methods ................................ 190 13.4 Verification Process ..................................... 197 13.5 Overview .............................................. 199

14. State-Space-Based Methods and Model Checking . ........ 201 14.1 Properties, Temporal Logic, and Fairness .................. 202

14.1.1 The Temporal Logic CTL* ........................ 204 14.2 On-the-Fly Approaches .................................. 215 14.3 Partial-Order-Based Approaches .......................... 218

14.3.1 Traces and Verification Issues ...................... 219 14.3.2 Persistent Set Searches ............................ 223 14.3.3 Sleep Set Searches ................................ 227 14.3.4 Covering Step Graphs ............................. 229 14.3.5 Branching Process Techniques ..................... 231 14.3.6 Conclusion ...................................... 239

14.4 Symbolic and Parametrised Approaches ................... 241 14.4.1 Symbolic Reachability Graph ...................... 241 14.4.2 Symmetries in Nets ............................... 259 14.4.3 Parametrised Reachability Graph ................... 260

14.5 Implementation Issues .................................. 266 14.5.1 State-Space Caching .............................. 267 14.5.2 Hashing Compaction .............................. 267 14.5.3 Boolean Manipulation ............................ 268 14.5.4 Symbolic Model Checking ......................... 273

X Contents

14.5.5 Concluding Remarks on Implementation Issues ....... 273 14.6 Synthesis and General Concluding Remarks ................ 274

15. Structural Methods . ...................................... 277 15.1 Net System Reductions .................................. 278

15.1.1 A Basic Kit of Reduction Rules .................... 280 15.1.2 Implicit Places ................................... 281

15.2 Linear Algebraic Techniques ............................. 285 15.2.1 Bounds and Boundedness ......................... 287 15.2.2 Deadlock-Freeness and Liveness .................... 288 15.2.3 Structural Liveness and Liveness ................... 292 15.2.4 Reversibility and Liveness ......................... 295

15.3 Siphons and Traps ...................................... 297 15.4 Analysis of Net Subclasses ............................... 299

15.4.1 Some Syntactical Subclasses ....................... 300 15.4.2 Fairness and Monopolies .......................... 303 15.4.3 Confluence and Directedness ....................... 304 15.4.4 Reachability and the State Equation ................ 306 15.4.5 Analysis of Liveness and Boundedness .............. 306

15.5 Invariants and Reductions for Coloured Petri Nets .......... 307 15.5.1 Invariants ....................................... 307 15.5.2 Reductions ...................................... 312

16. Deductive and Process-Algebra-Based Methods . .......... 317 16.1 A Rewriting Semantics for Algebraic Nets ................. 318

16.1.1 Algebraic Specifications ........................... 320 16.1.2 Rewriting Specifications ........................... 324 16.1.3 Algebraic Nets ................................... 328 16.1.4 Rewriting Semantics .............................. 334 16.1.5 Final Remarks ................................... 337

16.2 Assertional Reasoning ................................... 338 16.2.1 State Predicates and Functions ..................... 341 16.2.2 Basic Assertions .................................. 341 16.2.3 Safety Assertions ................................. 342 16.2.4 Liveness Assertions ............................... 347 16.2.5 Elementary Compositionality ...................... 351 16.2.6 A Simple Example ................................ 353 16.2.7 Extensions of the Logic ........................... 359 16.2.8 Combination with Other Methods .................. 360 16.2.9 Final Remarks ................................... 361

16.3 A Logic of Enablement .................................. 361 16.3.1 Morphisms, Reductions, and Simulation ............. 362 16.3.2 A Temporal Logic for Nets ........................ 364 16.3.3 The Concept of a Test Net ........................ 367 16.3.4 Example: Mutex ................................. 368

Contents XI

16.4 Linear Logic and Petri Nets .............................. 370 16.4.1 Basic Relationship ................................ 371 16.4.2 Specification of Net Properties ..................... 374 16.4.3 Linear Logic for Representation of Coloured Nets ..... 375 16.4.4 The Principle of Backward Reasoning ............... 377 16.4.5 Nondeterministic Transitions ....................... 377 16.4.6 Bibliographic Remarks ............................ 381

16.5 Verifying Petri Net Models Using Process Algebra .......... 382 16.5.1 Method ......................................... 382 16.5.2 Hierarchical Place/Transition Nets ................. 384 16.5.3 A Brief Introduction to Process Algebra ............. 385 16.5.4 The Production Unit ............................. 388 16.5.5 Concluding Remarks .............................. 397

17. Conclusion ............................................... 399

Part IV. Validation and Execution

18. Introduction .............................................. 403

19. Systems Engineering and Validation ...................... 405 19.1 Software Life-Cycle and Validation ....................... 405 19.2 Validation ............................................. 406 19.3 Prototyping as an Approach ............................. 408

19.3.1 The Original Problems ............................ 408 19.3.2 Prototyping Taxonomy ............................ 409 19.3.3 Key Issues in Prototyping ......................... 410 19.3.4 Extended Definition of Prototyping ................. 411

19.4 Tools ................................................. 412

20. Net Execution ............................................ 417 20.1 Centralised Control ..................................... 420 20.2 Distribution of Control over Places ....................... 421 20.3 Distribution of Control over Edges ........................ 427 20.4 Multithreading and Synchronisation ...................... 428 20.5 Asynchrony ............................................ 429 20.6 Conclusion ' ............................................ 431

21. Code Generation ......................................... 433 21.1 Petri Net Approaches to Code Generation ................. 435

21.1.1 State of the Art ............................. ; . . . . 435 21.1. 2 Parallel Interpretation of a Petri Net. . . . . . . . . . . . . . . . 437

21.2 A Petri Net Partitioning Algorithm ....................... 440 21.2.1 Transformation into a Structural Model ............. 440 2l.2.2 Computation and Selection of Positive Place Invariants 441

XII Contents

21.2.3 Evaluation of Partitioning Properties ............... 442 21.2.4 Computation of Prototype Objects ................. 443 21.2.5 Speeding Up the Algorithm ........................ 445 21.2.6 Net Transformation When the Algorithm Fails ....... 446

21.3 Some Aspects of Code Generation from Petri Nets .......... 448 21.3.1 On the Implementation of Prototype Objects ........ 448 21.3.2 Prototype and Execution Environment .............. 453 21.3.3 Mapping Processes onto a Given Architecture ........ 454 21.3.4 Place Invariants and Pipeline Detection ............. 459

21.4 Code Generation from a High-Level Net ................... 461 21.4.1 Association with a High-Level Formalism ............ 462 21.4.2 An Example of Work Based on a Pre-Existing

High-Level Formalism. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462 21.4.3 An Example of a High-Level Formalism Dedicated to

Code Generation: H-COSTAM ..................... 463 21.4.4 Implementation of Enhanced Prototype Objects ...... 466

21.5 Conclusion ............................................ 467

22. Conclusion ............................................... 469

Part V. Application Domains

23. Introduction .............................................. 473 23.1 Putting Petri Nets to Work .............................. 473 23.2 Domains of Application ................................. 474

23.2.1 Manufacturing ................................... 474 23.2.2 Workflow Management ............................ 475 23.2.3 Telecommunications .............................. 475 23.2.4 Other Application Domains ........................ 476

24. Flexible Manufacturing Systems .......................... 479 24.1 A Brief Overview of the Domain ......................... 479 24.2 Using Petri Nets in FMS ................................ 484 24.3 A Design Approach ..................................... 490

24.3.1 An Intuitive Introduction to a Class of Nets ......... 490 24.3.2 Automation of the Modelling Process ............... 494 24.3.3 Using Structural Analysis for System Control ........ 497

24.4 Conclusion ............................................ 505

25. Workflow Systems ........................................ 507 25.1 An Overview of the Domain ............................. 507 25.2 Motivation ............................................ 510

25.2.1 Formal Language ................................. 512 25.2.2 Analysis Techniques .............................. 513

Contents XIII

25.3 Design Methodology .................................... 513 25.3.1 Tasks and Transitions ............................. 516 25.3.2 Logistics and Transitions .......................... 517 25.3.3 Case and Tokens ................................. 520 25.3.4 Case Study: Justice Department .................... 520 25.3.5 Business Process Definition ........................ 522

25.4 Workflow Analysis ...................................... 523 25.4.1 Structural Analysis ............................... 524 25.4.2 Dynamic Analysis ................................ 530

25.5 Lessons Learned: The Sagitta-2000 Case ................... 537 25.6 Conclusion ............................................ 539

26. Telecommunications Systems ............................. 541 26.1 Overview of the Domain ................................. 541

26.1.1 The IN Architecture .............................. 542 26.1.2 The IN Service Processing ......................... 543 26.1.3 Conclusion ...................................... 545

26.2 Motivation ............................................ 545 26.3 Design Methodology .................................... 547

26.3.1 The OF-Class Model of a Basic Telecommunications System .......................................... 547

26.3.2 The OF-Class Model of a CFU Telecommunications System .......................................... 553

26.3.3 The OF-Class Model of an IN Telecommunications System .......................................... 557

26.3.4 From OF-Class to OF-CPN: The Principles of the Transformation .................................. 559

26.3.5 From OF-Class to OF-CPN: Illustration of the Transformation .................................. 560

26.4 Analysis ............................................... 561 26.4.1 Overview of Analysis with Petri Nets in the Area of

Telecommunications Systems ...................... 561 26.4.2 Analysis of the IN Model: Detection of

Feature Interaction ............................... 562 26.5 Conclusion ............................................ 566

27. Conclusion ............................................... 567 27.1 Common Modelling Problems ............................ 567 27.2 Shared Analysis Results ................................. 568

References .................................................... 571

Index ......................................................... 601

List of Authors and Affiliations

The authors of the present volume are listed here in alphabetical order together with their current affiliation and e-mail address. An updated list can be found at http://www.informatik.uni-hamburg.de/TGI/service/ MATCHbook/frame.html.

Name Wil van der Aalst b

Patrick Barrilte Twan BastenC

Jose-Manuel Colomf

Alioune Diagnee Claude Dutheillete

William EI Kaimh

Joaquin Ezpeletaf

Berndt Farwerd

Marie Pierre Gervaise Claude Giraulte Mike van de Graaf i

Serge Haddadg

Jean Michel Iliee Fabrice Kordone Rainer Mackenthund

Daniel Moldtd

Denis Poitrenaude Manuel Silvaf

Mark-Oliver Stehrd

Enrique Teruel f

Rudiger Valkd

Isabelle Vernier-Mouniere Marc Voorhoevea

e-mail w.m.p.v.d.aalst@tm.tue.nl

(see footnote on page 3) a.a.basten@tue.nl

jm@posta.unizar.es Alioune.Diagne@lip6.fr

Claude.Dutheillet@lip6.fr william.elkaim@thalesgroup.com

ezpeleta@posta.unizar.es farwer@informatik.uni-hamburg.de

mpg@src.lip6.fr Claude.Girault@lip6.fr mvdgraaf@bakkenist.nl

Serge.Haddad@lamsade.dauphine.fr Jean-Michel.Ilie@lip6.fr

Fabrice.Kordon@lip6.fr Rainer.Mackenthun@isst.fhg.de

moldt@informatik.uni-hamburg.de Denis.Poitrenaud@lip6.fr

silva@posta.unizar.es stehr@informatik.uni-hamburg.de

eteruel@posta.unizar.es valk@informatik.uni-hamburg.de

Isabelle.Vernier-Mounier@lip6.fr wsinmarc@win.tue.nl

a Eindhoven University of Technology Department of Mathematics and Computing Science P.O. Box 513,5600 MB Eindhoven, The Netherlands

b Eindhoven University of Technology Department of Information and Technology P.O. Box 513, 5600 MB Eindhoven, The Netherlands

XVI List of Authors and Affiliations

c Eindhoven University of Technology Department of Electrical Engineering P.O. Box 513, 5600 MB Eindhoven, The Netherlands

d University of Hamburg Department of Computer Science Vogt-Ki:illn-Str. 30, 22527 Hamburg, Germany

e Universite Paris VI Lab. LIP6 4, Place Jussieu, 75252 Paris Cedex 05, France

f University of Zaragoza Departamento de Informatica e Ingenieria de Systemas Maria de Luna 3, 50015 Zaragoza, Spain

g Universite Paris-Dauphine Centre des Ressources Informatiques en Commun Place du Marechal de Lattre de Tassigny, 75775 Paris Cedex 16, France

h THALES Research and Technology Software Architecture Group Domaine de Corbeville, 91404 Orsay Cedex, France

Bakkenist Management Consultants P.O. Box 23103, Wisselwerking 46, 1100 XP Amsterdam Zuidoost/Diemen, The Netherlands