Embed Size (px)
Citation preview
A Calculus of Petri Net Components
Semantics for Petri nets with hierarchy
N.Sidorova, M. Voorhoeve, J.v.d.Woude (TUE)
Dedication
Gordon PlotkinA Structural Approach to Operational Semantics
Aarhus Univ Tech Report DAIMI FN-19
plm. 650 citations (citeseer.nj.nec.com)
tech. report world record?
Contents
• Introductionnets with hierarchy
• Challengefrom hierarchy to components
• Solutionstates as events, nets as terms,bisimilarity, Structured Operational Semantics
• Example
• Conclusions
Introduction
• Research motivated by CPN and ExSpect: Petri Nets with hierarchy.
• Correctness (e.g. verification) issues handicapped by semantics problems.
• What is a hierarchical net?.
Hierarchical Petri netsHierarchical Petri nets
transition place subnet
fire
enabled
unfold
produce
token
Hierarchical Petri netsHierarchical Petri nets
disabled
unfold
Hierarchical Petri netsHierarchical Petri nets
enabled disabled
fire
consume
consume
produce
fire
Hierarchical Petri netsHierarchical Petri nets
consume
produce
produce
Hierarchical Petri netsHierarchical Petri nets
fire
enabled
enabled
Challenge
• From hierarchy to components• Interface (external) vs. realization (internal)• Compositional semantics• Equivalence of hierarchical nets and their
unfoldings• Respecting state/event duality of nets
1-server queue component
enter
external free
busy
leave
start finish
internal
environment of a componentcannot access internal parts
Compositionality
• Semantics of component determines its behavior in any context
• Semantics maps component to mathematical object
• Semantics defined only on interface
Example
subnets with context
C.N
C.M
Different components
N
M
Xsemanticssame math. object
semantics
different objects
Y
Z
Process Algebra
• Components are terms
• Terms define transition systems by SOS (structured operational semantics) production rules
• Bisimilarity equivalence allows rewriting of terms (calculus)
Transition systems (TS)
Directed graphNodes (states)
Labeled arcs (events)
a bc
c d
e
d
f
SOS production rules
terms TS a.b+c
a
b
b
c
X X’
X+Y X’aX X’
premise
conclusion
Bisimilarity
a a
b b b b
c cd
d
a
b b
c
d
relationbetweenstateswith
samefuture
behavior
Component semantics:Equivalence classes of TS modulo bisimilarity
Temporal predicates, e.g.:S |- A B State S satisfies A and not B
S |- aC In S an a-step can occurto a state satisfying C
S |- a:a T S is a deadlock state
Bisimilar states = satisfying same predicates
Calculus of terms
x+y = y+x
(x+y)+z = x+(y+z)
x+x = x
proven by constructing bisimulations
Roadmap net components
• Net component is term describing its subcomponents and the way they’re connected
• Graphical representation (colored) net
• Rewrite rules, e.g. unfolding or consistent relabeling of subcomponent
Net Component Semantics
3 event types:- external consumption- firing- external productionexternal prod/cons added to cons/prod due to firing!
X c, f, p
X'
In X, consuming c, firing f and producing p results in X'
addition of events:simultaneous occurrence
X X0, 0, 0
empty event always possible
busyenter
free
leave
start finish
X X 0, s, 0
Y
Y0, f, 0
Z
Z l, 0, e
X
Z l, s, e
Y
busyenter
free
leave
start finish
Y
busyenter
free
leave
start finish
ZX Z
Z e, s, 0
?
not:
0, s+f, 0
enter leave
start finish
X
X |- 2e,0,0 (0,s,0 T):In X , removal of twoe-tokens will cause a state where s cannot fire.
At the same time, a token can be removed from e and s can fire in X.
X |- e,s,0 T
X |- 0,s,0 (l,0,0 T):After firing s in X , nol-token is available.
In X, s then f can fire, after which both e and l contain at least 1 token.
X |- 0,s,0 (0,f,0 (e+l,0,0 T))
Component predicates
Formal DefinitionComponent: Algebraic term
built from constants & operators
Term X defines TS: SOS rulesStructured Operational Semantics
X X'c, f, p
c,p: bag(B); f: bag(A)
A: actions, B: place labels
SOS rules (constants/merge)
Transition Ta
a in A
Ta 0, k.a, 0
Ta
k in Nat
Marked place Pb,k
b in B, k in Nat
Pb,k l.b, 0, m.b
Pb,m+k-l
l k, m in Nat
merge:X
c+d, f+g, p+q
X', Y d, g, q
Y'
X ||Y X' ||Y'
c, f, p
SOS rules (connect)Consumption t
t in A bag.Bt in bag.A bag.Bt.0 = 0, t.[a] = [t.a],
t(x+y)=t.x+t.y
t (X)
X t.f+c, f, p
X '
t (X')c, f, p
Production s
s in A bag.Bs in bag.A bag.B
s (X)
X c, f, p+s.f
X '
s (X')c, f, p
firing + consumption/production = connected firing
ExampleNet:
a p b
Term:X = s(t(Pa,1||Tp||Pb,0))
s = {(p,b)}, t = {(p,a)}
SOS derivation:
Pa,1a, 0, 0
Pa,0 , Tp0, p, 0
Tp , Pb,00, 0, b
Pb,1
Pa,1||Tp||Pb,0a, p, b Pa,0||Tp||Pb,1
t(Pa,1||Tp||Pb,0) 0, p, b t(Pa,1||Tp||Pb,0)
s(t(Pa,1||Tp||Pb,0)) 0, p, 0 s(t(Pa,0||Tp||Pb,1))
Hiding
a p b
C
a
p
b
D
Hidden actions invisible Hidden places inaccessible
C |- 0,0,0 (b,0,0 T)
C |- a,0,3b T
C b,0,0 T D |- 0,p,0 T
D 0,0,2a T
SOS rules (hiding)
L (X)
X c, f, p
X '
L (X ')c, fL, p
L A, hidden actions
M (X)
X c, f, p X ' , cM=c, pM=p
M (X')c, f, p
Similar for hiddenplace labels M
If xbag(A), then xL defined by0L = 0, [a]L = 0 if aA
[a]L = [a] if aA(x+y)L = xL + yL
Component structure
Net:Internal/externalplaces/transitionswith connections
p
a
b
q
Term:hiding (partially)of connected mergeof places/transitions
Z = Tp || Tq || Pa,1 || Pb,1
X = {(a,q),(b,p)}(Y)Y = {(q,b),(p,a)}(Z)
N = q(b(X))
Problem Solution
• Net component:representable as both graph and term
• TS of term defined by SOS rules
• Compositionality realized by bisimulation equivalence
• Both state-based and event-based approaches are supported
Extensions
Relabeling with loss of informationFusion/liberation of external place labelsMore actions per transitionSynchronization/encapsulation of external actionsRewrite rules flat net normal form
Colored nets: tokens and actions with valuesStandard language for functions and relationsASCII format of operators
Example
Purch: Purchase of supplies
The inventory interface signals a shortage (place needed).A database query (action sqry) reveals the supplier of theneeded item, which is ordered (action order).After some time, the order is delivered (action delivery)and the information is transferred (via place rdy) forpayment to the Finance deptThe orders waiting for delivery are kept in an internalplace wo.
needed[i:It,n:Nat]
wo:[s:Sup,i:It,n:Nat]
rdy[s:Sup,i:It,n:Nat]
order[s:Sup,i:It,n:Nat]
delivery[s:Sup,i:It,n:Nat]
sqry[s:Sup,i:It]
Net Model
Purch
Tentative script
Purch :=extern place needed[i:It,n:Nat],
rdy[s:Sup,i:It,n:Nat] action sqry[s:Sup,i:It],
order[s:Sup,i:It,n:Nat], delivery[s:Sup,i:It,n:Nat]
intern place wo[s:Sup,i:It,n:Nat]with sync order(s,i,n) and sqry(s,i) consume order(s,i,n) from needed(i,n) produce order(s,i,n) to wo(s,i,n) consume delivery(s,i,n) from wo(s,i,n) produce delivery(s,i,n) to rdy(s,i,n)
Component connections
neededrdy
ord
delivery
sqry Purch
need sqry
Inv
recv
topay
DB
Fin
pay
topay : place label
delivery: action
: action synchronization: production/consumption: place fusion
ProdFact
order
Script
ProdFact :=extern action ord[s:Sup,i:It,n:Nat] = Purch.order,
recv[s:Sup,i:It,n:Nat] = Inv.recv, pay[s:Sup,m:Money] = Fin.pay
intern Purch (needed, rdy, sqry, order, delivery), DB (sqry, ... ), Inv (recv, need , ... ), Fin (topay, pay, ...)with sync recv(s,i,n) and Purch.delivery(s,i,n) sync Purch.sqry(s,i) and DB.sqry(s,i) produce Inv.need(i,n) to Purch.needed(i,n) fuse Purch.rdy(s,i,n) to Fin.topay(s,i,n)
Conclusions
• Semantics for net components• Temporal predicates for requirements• Verification possible• Good practice rules (pragmatics) can be
added• Foundation of component-based
modeling
Research issues
• Stronger semantics e.g. allowing transition refinement
• Language and toolsspecification, modeling, verification
• Relation to CPN/ExSpect
• Teaching
• ....
