News on Safety Properties for Timed Petri Nets Patrick Totzke - PowerPoint PPT Presentation

Coverability via Regions t y 3 1.0 1.2 x 2 p r 0 ≤ x ≤ 5 1.0 5.2 1.2 1.2 1 < y ≤ 2 0 ≤ z ≤ 0 q y z s 1.1 5.0 0.0 p,1 q,1 p,5 p,1 q,5 - short time ticks 5 / 15

Coverability via Regions t y 3 1.1 1.2 x 2 p r 0 ≤ x ≤ 5 1.1 5.3 1.2 1.2 1 < y ≤ 2 0 ≤ z ≤ 0 q y z s 1.2 5.1 0.0 p,1 q,1 p,5 p,1 q,5 - short time ticks ε p,1 q,1 p,5 p,1 q,5 5 / 15

Coverability via Regions t y 3 1.1 1.2 x 2 p r 0 ≤ x ≤ 5 1.1 5.3 1.2 1.2 1 < y ≤ 2 0 ≤ z ≤ 0 q y z s 1.2 5.1 0.0 p,1 q,1 p,5 p,1 q,5 - short time ticks ε p,1 q,1 p,5 p,1 q,5 - discrete transition firing 5 / 15

Coverability via Regions t y 3 1.1 1.2 x 2 p r 0 ≤ x ≤ 5 1.1 5.3 1.2 1.2 1 < y ≤ 2 0 ≤ z ≤ 0 q y z s 1.2 5.1 0.0 p,1 q,1 p,5 p,1 q,5 - short time ticks ε p,1 q,1 p,5 p,1 q,5 - discrete transition firing 5 / 15

Coverability via Regions t y 3 1.1 1.2 x 2 p r 0 ≤ x ≤ 5 1.1 5.3 1.2 1.2 1 < y ≤ 2 0 ≤ z ≤ 0 q y z s 1.2 5.1 0.0 p,1 q,1 p,5 p,1 q,5 - short time ticks ε p,1 q,1 p,5 p,1 q,5 - discrete transition firing t r,1 s,0 q,5 p,5 r,1 r,1 5 / 15

Coverability via Regions t y 3 1.1 1.2 x 2 p r 0 ≤ x ≤ 5 1.1 5.3 1.2 1.2 1 < y ≤ 2 0 ≤ z ≤ 0 q y z s 1.2 5.1 0.0 p,1 q,1 p,5 p,1 q,5 - short time ticks ε p,1 q,1 p,5 p,1 q,5 - discrete transition firing t r,1 s,0 q,5 p,5 r,1 r,1 5 / 15

Coverability via Regions t y 3 1.1 1.2 x 2 p r 0 ≤ x ≤ 5 1.1 5.3 1.2 1.2 1 < y ≤ 2 0 ≤ z ≤ 0 q y z s 1.2 5.1 0.0 p,1 q,1 p,5 p,1 q,5 - short time ticks ε p,1 q,1 p,5 p,1 q,5 - discrete transition firing t r,1 s,0 q,5 p,5 r,1 r,1 - long time ticks 5 / 15

Coverability via Regions t y 3 1.1 1.2 x 2 p r 0 ≤ x ≤ 5 1.1 5.3 1.2 1.2 1 < y ≤ 2 0 ≤ z ≤ 0 q y z s 1.2 5.1 0.0 p,1 q,1 p,5 p,1 q,5 - short time ticks ε p,1 q,1 p,5 p,1 q,5 - discrete transition firing t r,1 s,0 q,5 p,5 r,1 r,1 t - long time ticks r,1 p,6 s,0 q,5 r,1 r,1 5 / 15

Coverability via Regions Obs. 1 - region equality is a time-abstract bisimulation - unlike for TA, it has infinite index 6 / 15

Coverability via Regions Obs. 1 - region equality is a time-abstract bisimulation - unlike for TA, it has infinite index Obs. 2 - steps between regions are monotone wrt. region embedding - embedding is a well-quasi-order 6 / 15

Coverability via Regions Obs. 1 - region equality is a time-abstract bisimulation - unlike for TA, it has infinite index Obs. 2 - steps between regions are monotone wrt. region embedding - embedding is a well-quasi-order Together, this yields decidability via the WSTS approach (and completeness for F ω ω ). 6 / 15

Coverability via Regions Obs. 1 - region equality is a time-abstract bisimulation - unlike for TA, it has infinite index Obs. 2 - steps between regions are monotone wrt. region embedding - embedding is a well-quasi-order Together, this yields decidability via the WSTS approach (and completeness for F ω ω ). NB: this fails for d ≥ 2, for several reasons... Indeed we have undecidability in general. 6 / 15

Existential Coverability In: A TPN, a marking M , a transition t t ∗ Question: Does there exist ∃ n ∈ N with M · n − − → − − → ? 7 / 15

Existential Coverability In: A TPN, a marking M , a transition t t ∗ Question: Does there exist ∃ n ∈ N with M · n − − → − − → ? ≈ parametrized safety checking Networks of Timed Automata 7 / 15

Existential Coverability In: A TPN, a marking M , a transition t t ∗ Question: Does there exist ∃ n ∈ N with M · n − − → − − → ? ≈ parametrized safety checking Networks of Timed Automata ≈ Coverability for TPN with continuous firing semantics ´ a la Haddad et al.’17. 7 / 15

Existential Coverability In: A TPN, a marking M , a transition t t ∗ Question: Does there exist ∃ n ∈ N with M · n − − → − − → ? ≈ parametrized safety checking Networks of Timed Automata ≈ Coverability for TPN with continuous firing semantics ´ a la Haddad et al.’17. − (logspace) reduces to Coverability 7 / 15

Existential Coverability In: A TPN, a marking M , a transition t t ∗ Question: Does there exist ∃ n ∈ N with M · n − − → − − → ? ≈ parametrized safety checking Networks of Timed Automata ≈ Coverability for TPN with continuous firing semantics ´ a la Haddad et al.’17. − (logspace) reduces to Coverability − We show PSPACE-completeness 7 / 15

Existential Coverability In: A TPN, a marking M , a transition t t ∗ Question: Does there exist ∃ n ∈ N with M · n − − → − − → ? ≈ parametrized safety checking Networks of Timed Automata ≈ Coverability for TPN with continuous firing semantics ´ a la Haddad et al.’17. − (logspace) reduces to Coverability − We show PSPACE-completeness 7 / 15

Existential Coverability In: A TPN, a marking M , a transition t t ∗ Question: Does there exist ∃ n ∈ N with M · n − − → − − → ? ≈ parametrized safety checking Networks of Timed Automata ≈ Coverability for TPN with continuous firing semantics ´ a la Haddad et al.’17. − (logspace) reduces to Coverability − We show PSPACE-completeness LB: iterated monotone circuits 7 / 15

Existential Coverability In: A TPN, a marking M , a transition t t ∗ Question: Does there exist ∃ n ∈ N with M · n − − → − − → ? ≈ parametrized safety checking Networks of Timed Automata ≈ Coverability for TPN with continuous firing semantics ´ a la Haddad et al.’17. − (logspace) reduces to Coverability − We show PSPACE-completeness LB: iterated monotone circuits UB: Regions + forward acceleration 7 / 15

Existential Coverability Q: What’s different compared to Coverability? 8 / 15

Existential Coverability Q: What’s different compared to Coverability? A: Token multiplicities do not matter. So, 8 / 15

Existential Coverability Q: What’s different compared to Coverability? A: Token multiplicities do not matter. So, def = P × { 0 , . . . , c max } 1. A Region a sequence of multisets over Σ 8 / 15

Existential Coverability Q: What’s different compared to Coverability? A: Token multiplicities do not matter. So, def = P × { 0 , . . . , c max } 1. A Region a sequence of multisets over Σ sets S ⊆ Σ 8 / 15

Existential Coverability Q: What’s different compared to Coverability? A: Token multiplicities do not matter. So, def = P × { 0 , . . . , c max } 1. A Region a sequence of multisets over Σ sets S ⊆ Σ This already improves the upper bound to F ω 8 / 15

Existential Coverability Q: What’s different compared to Coverability? A: Token multiplicities do not matter. So, def = P × { 0 , . . . , c max } 1. A Region a sequence of multisets over Σ sets S ⊆ Σ This already improves the upper bound to F ω 2. Wlog., the net is non-consuming : • t ⊆ t • for all transitions t . 8 / 15

Existential Coverability Q: What’s different compared to Coverability? A: Token multiplicities do not matter. So, def = P × { 0 , . . . , c max } 1. A Region a sequence of multisets over Σ sets S ⊆ Σ This already improves the upper bound to F ω 2. Wlog., the net is non-consuming : • t ⊆ t • for all transitions t . This means that discrete transition firing is non-decreasing and for every region R - there is a unique maximal region R ′ with R disc − − → ∗ R ′ - R ′ is (Ptime) computable 8 / 15

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A ε ∅ A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A ε ∅ A disc B A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A ε ∅ A disc B A ε ∅ B A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A ε ∅ A disc B A ε ∅ B A disc C B A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A ε ∅ A disc B A ε ∅ B A disc C B A ε ∅ C B A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A ε ∅ A disc B A ε ∅ B A disc C B A ε ∅ C B A disc D C B A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A ε ∅ A disc B A ε ∅ B A disc C B A ε ∅ C B A disc D C B A ε ∅ D C B A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A ε ∅ A disc B A ε ∅ B A disc C B A ε ∅ C B A disc D C B A ε ∅ D C B A disc E D C B A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A ε ∅ A disc B A ε ∅ B A disc C B A ε ∅ C B A disc D C B A ε ∅ D C B A disc E D C B A Z Y E D C B A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A ε ∅ A disc B A ε ∅ B A disc C B A ε ∅ C B A disc D C B A ε ∅ D C B A disc E D C B A Z Y E D C B A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A ε ∅ A disc B A ε ∅ B A disc C B A ε ∅ C B A disc D C B A ε ∅ D C B A disc E D C B A Z Y E D C B A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A ε ∅ A disc B A ε ∅ B A disc C B A ε ∅ C B A disc D C B A ε ∅ D C B A disc E D C B A Z Y E D C B A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A ε ∅ A disc B A ε ∅ B A disc C B A ε ∅ C B A disc D C B A ε ∅ D C B A disc E D C B A Z Y E D C B A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A ε ∅ A disc B A ε ∅ B A disc C B A ε ∅ C B A disc D C B A ε ∅ D C B A disc E D C B A Z Y E D C B A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A ε ∅ A disc B A ε ∅ B A disc C B A ε ∅ C B A disc D C B A ε ∅ D C B A disc E D C B A Z Y E D C B A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A ε ∅ A disc B A ε ∅ B A disc C B A ε ∅ C B A disc D C B A ε ∅ D C B A disc E D C B A Z Y E D C B A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A ε ∅ A disc B A ε ∅ B A disc C B A ε ∅ C B A disc D C B A ε ∅ D C B A disc E D C B A Z Y E D C B A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A ε ∅ A disc B A ε ∅ B A disc C B A ε ∅ C B A disc D C B A ε ∅ D C B A disc E D C B A Z Y E D C B A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A disc A ε ∅ A disc B A ε ∅ B A disc C B A ε ∅ C B A disc D C B A ε ∅ D C B A disc E D C B A Z Y E D C B A

Existential Coverability: Key Observation When forward exploring zeno behaviour regions “stabilize” A and the limit is expressible as regular expression. disc A ε In this example as ZY ∗ A . ∅ A disc B A ε ∅ B A disc C B A ε ∅ C B A disc D C B A ε ∅ D C B A disc E D C B A Z Y E D C B A 9 / 15

Existential Coverability: Construction - use regular expressions over 2 Σ to represent (limit) regions - careful forward exploration, using intermediate compression steps that add Kleene *s 10 / 15

Forward Exploration 11 / 15

Forward Exploration x 1 x ∗ start 0

Forward Exploration x 1 x ∗ start 0 x 1 ( x 1 0 ) ∗ saturate 1

Forward Exploration x 1 x ∗ start 0 x 1 ( x 1 0 ) ∗ saturate 1 ( x 1 x 1 ( x 1 0 + 1) 0 ) ∗ rotate 1

Forward Exploration x 1 x ∗ start 0 x 1 ( x 1 0 ) ∗ saturate 1 ( x 1 x 1 ( x 1 0 + 1) 0 ) ∗ rotate 1 x 2 x 2 ( x 2 0 ) ∗ saturate 2 1

Forward Exploration x 1 x ∗ start 0 x 1 ( x 1 0 ) ∗ saturate 1 ( x 1 x 1 ( x 1 0 + 1) 0 ) ∗ rotate 1 x 2 x 2 ( x 2 0 ) ∗ saturate 2 1 ( x 2 x 2 x 2 ( x 2 0 + 1) 0 ) ∗ rotate 2 1

Forward Exploration x 1 x ∗ start 0 x 1 ( x 1 0 ) ∗ saturate 1 ( x 1 x 1 ( x 1 0 + 1) 0 ) ∗ rotate 1 x 2 x 2 ( x 2 0 ) ∗ saturate 2 1 ( x 2 x 2 x 2 ( x 2 0 + 1) 0 ) ∗ rotate 2 1 x 3 x 3 x 3 ( x 3 0 ) ∗ saturate 3 2 1

Forward Exploration x 1 x ∗ start 0 x 1 ( x 1 0 ) ∗ saturate 1 ( x 1 x 1 ( x 1 0 + 1) 0 ) ∗ rotate 1 x 2 x 2 ( x 2 0 ) ∗ saturate 2 1 ( x 2 x 2 x 2 ( x 2 0 + 1) 0 ) ∗ rotate 2 1 x 3 x 3 x 3 ( x 3 0 ) ∗ saturate 3 2 1 ( x 3 x 3 x 3 x 3 ( x 3 0 + 1) 0 ) ∗ rotate 3 2 1

Forward Exploration x 1 x ∗ start 0 x 1 ( x 1 0 ) ∗ saturate 1 ( x 1 x 1 ( x 1 0 + 1) 0 ) ∗ rotate 1 x 2 x 2 ( x 2 0 ) ∗ saturate 2 1 ( x 2 x 2 x 2 ( x 2 0 + 1) 0 ) ∗ rotate 2 1 x 3 x 3 x 3 ( x 3 0 ) ∗ saturate 3 2 1 ( x 3 x 3 x 3 x 3 ( x 3 0 + 1) 0 ) ∗ rotate 3 2 1 x 4 x 4 x 4 x 4 ( x 4 0 ) ∗ saturate 4 3 2 1

Forward Exploration x 1 x ∗ start 0 x 1 ( x 1 0 ) ∗ saturate 1 ( x 1 x 1 ( x 1 0 + 1) 0 ) ∗ rotate 1 x 2 x 2 ( x 2 0 ) ∗ saturate 2 1 ( x 2 x 2 x 2 ( x 2 0 + 1) 0 ) ∗ rotate 2 1 x 3 x 3 x 3 ( x 3 0 ) ∗ saturate 3 2 1 ( x 3 x 3 x 3 x 3 ( x 3 0 + 1) 0 ) ∗ rotate 3 2 1 x 4 x 4 x 4 x 4 ( x 4 0 ) ∗ saturate 4 3 2 1

Forward Exploration x 1 x ∗ start 0 x 1 ( x 1 0 ) ∗ saturate 1 ( x 1 x 1 ( x 1 0 + 1) 0 ) ∗ rotate 1 x 2 x 2 ( x 2 0 ) ∗ saturate 2 1 ( x 2 x 2 x 2 ( x 2 0 + 1) 0 ) ∗ rotate 2 1 x 3 x 3 x 3 ( x 3 0 ) ∗ saturate 3 2 1 ( x 3 x 3 x 3 x 3 ( x 3 0 + 1) 0 ) ∗ rotate 3 2 1 x 4 x 4 x 4 x 4 ( x 4 0 ) ∗ saturate 4 3 2 1

Forward Exploration x 1 x ∗ start 0 x 1 ( x 1 0 ) ∗ saturate 1 ( x 1 x 1 ( x 1 0 + 1) 0 ) ∗ rotate 1 x 2 x 2 ( x 2 0 ) ∗ saturate 2 1 ( x 2 x 2 x 2 ( x 2 0 + 1) 0 ) ∗ rotate 2 1 x 3 x 3 x 3 ( x 3 0 ) ∗ saturate 3 2 1 ( x 3 x 3 x 3 x 3 ( x 3 0 + 1) 0 ) ∗ rotate 3 2 1 x 4 x 4 x 4 x 4 ( x 4 0 ) ∗ saturate 4 3 2 1

Forward Exploration x 1 x ∗ start 0 x 1 ( x 1 0 ) ∗ saturate 1 ( x 1 x 1 ( x 1 0 + 1) 0 ) ∗ rotate 1 x 2 x 2 ( x 2 0 ) ∗ saturate 2 1 ( x 2 x 2 x 2 ( x 2 0 + 1) 0 ) ∗ rotate 2 1 x 3 x 3 x 3 ( x 3 0 ) ∗ saturate 3 2 1 ( x 3 x 3 x 3 x 3 ( x 3 0 + 1) 0 ) ∗ rotate 3 2 1 x 4 x 4 x 4 x 4 ( x 4 0 ) ∗ saturate 4 3 2 1

Forward Exploration x 1 x ∗ start 0 x 1 ( x 1 0 ) ∗ saturate 1 ( x 1 x 1 ( x 1 0 + 1) 0 ) ∗ rotate 1 x 2 x 2 ( x 2 0 ) ∗ saturate 2 1 ( x 2 x 2 x 2 ( x 2 0 + 1) 0 ) ∗ rotate 2 1 x 3 x 3 x 3 ( x 3 0 ) ∗ saturate 3 2 1 ( x 3 x 3 x 3 x 3 ( x 3 0 + 1) 0 ) ∗ rotate 3 2 1 x 4 x 4 x 4 x 4 ( x 4 0 ) ∗ saturate 4 3 2 1

Forward Exploration x 1 x ∗ start 0 x 1 ( x 1 0 ) ∗ saturate 1 ( x 1 x 1 ( x 1 0 + 1) 0 ) ∗ rotate 1 x 2 x 2 ( x 2 0 ) ∗ saturate 2 1 ( x 2 x 2 x 2 ( x 2 0 + 1) 0 ) ∗ rotate 2 1 x 3 x 3 x 3 ( x 3 0 ) ∗ saturate 3 2 1 ( x 3 x 3 x 3 x 3 ( x 3 0 + 1) 0 ) ∗ rotate 3 2 1 x 4 x 4 x 4 x 4 ( x 4 0 ) ∗ saturate 4 3 2 1 x 4 ( x 4 x 4 ( x 4 3 ) ∗ 0 ) ∗ collapse 4 1

Forward Exploration x 1 x ∗ start 0 x 1 ( x 1 0 ) ∗ saturate 1 ( x 1 x 1 ( x 1 0 + 1) 0 ) ∗ rotate 1 x 2 x 2 ( x 2 0 ) ∗ saturate 2 1 ( x 2 x 2 x 2 ( x 2 0 + 1) 0 ) ∗ rotate 2 1 x 3 x 3 x 3 ( x 3 0 ) ∗ saturate 3 2 1 ( x 3 x 3 x 3 x 3 ( x 3 0 + 1) 0 ) ∗ rotate 3 2 1 x 4 x 4 x 4 x 4 ( x 4 0 ) ∗ saturate ∗ 4 3 2 1 x 4 ( x 4 x 4 ( x 4 3 ) ∗ 0 ) ∗ collapse 4 1