hardware and petri nets
DESCRIPTION
Hardware and Petri nets. Symbolic methods for analysis and verification. Outline. Representing Boolean functions with BDDs Symbolic traversal for reachability set calculation State encoding Structural methods for efficient encoding. 1. 0. 0. 1. 1. 0. 0. 1. - PowerPoint PPT PresentationTRANSCRIPT
Hardwareand Petri nets
Symbolic methods foranalysis and verification
Outline
• Representing Boolean functions with BDDs
• Symbolic traversal for reachability set calculation
• State encoding
• Structural methods for efficient encoding
Representing Boolean functions
a
b
c
b
c c c
1 0 0 1 1 0 1 0
1
1
1 1 1 1
1
0
0
0 0 0 0
0
Representing Boolean functions
a
b b
c c
0 1 1 0
1
1
1 1
1
0
0
0 0
0
Representing Boolean functions
a
b
c c
0 1 1 0
1
1
1 1
0
0
0 0
Representing Boolean functions
a
b
c c
0 1
1
1
1 1
0
0
0 0
Binary Decision Diagrams
a
b
c c
0 1
1
1
1 1
0
0
0 0
Reduced OrderedBinary Decision Diagram
• All variables appear in the same order
• No isomorphic subgraphs
• Canonical form• Efficient form for many
functions• [Bryant,
ACM Comp. Surveys,September 1992]
Reachable markings
p1
p6 p7
p5p3
t2
t5 t6
t1
t4t3
t7
p2 p3
t1
p4 p5
t2
t3 t5t6
p1
t5
p6 p5
t6
p4 p7
t4
p6 p7
t3
p6 p3
t4
p2 p7
p2 p4 t7
Boolean encoding
p1
p6 p7
p5p3
t2
t5 t6
t1
t4t3
t7
p2 p4
0110000
t1
0001100
t2
t3 t5t6
1000000
t5
0000110
t6
0001001
t4
0000011
t3
0010010
t4
0100001
t7
Seven variables:p1 p2 p3 p4 p5 p6 p7
Boolean encoding
0110000
t1
0001100
t2
t3 t5t6
1000000
t5
0000110
t6
0001001
t4
0000011
t3
0010010
t4
0100001
t7
Seven variables:p1 p2 p3 p4 p5 p6 p7
p1 p2 p3 (p4 p6) (p5 p7)
Enabled(t7) = p6 p7
p1 p2 p3 p4 p5 p6 p7
(toggle p1, p6 , p7)
p1 p2 p3 p4 p5 p6 p7
Symbolic Traversal (BFS algorithm)
Reached = From = {m0 }; repeat From [ T To; New = To \ Reached; From = New; Reached = Reached New; until New = Ø;
# iterations: sequential depth of the net
Reachability Set computation
• Based on BFS Image computation
S0 = M0
Si+1 = Si Image (Si)
S0
S1
S2
S3
Monotonic increase until fix point Si+1 = Si
#iteration
Newmarkings
0110000 0001100
1000000
0000110 0001001
0000011
0010010 0100001
001 100
000
110 010
111
011 101
Boolean encoding
t1 t2
t3 t5t6
t5 t6
t4
t3 t4 t7
Seven variables: p1 p2 p3 p4 p5 p6 p7
Sparse encoding:
Optimal encoding:
Three variables log2 |RG| : v1 v2 v3But the reachability graphshould be known a priori ...
Very easy to derive and useLess efficient in terms of BDDs
Encoding for safe PNs
• Not all combinations of tokens are possible.
• Find relations among places to reduce the number of variables!!!
p4p2p1 p3 p3 p4
p1 p2
Ø
Encoding for safe PNs
PN structure: Place Invariant• Set of places with a constant weighted sum of tokens
• Specially efficient for safe PNs (State Machines)
k1p1+ k2p2+…..+ knpn = B
p1+ p2+…..+ pn = 1
• Computed by linear programming techniques
p1
p6 p7
p5p3
t2
t5 t6
t1
t4t3
t7
p2 p4
p1
p6 p7
p5p3
t2
t5 t6
t1
t4t3
t7
p2 p4
State Machine Components
p1
p6 p7
p5p3
t2
t5 t6
t1
t4t3
t7
p2 p4
p1
p6
t2
t5
t1
t3
t7
p2 p4
p1
p7
p5p3
t2
t6
t1
t4
t7
Encoding for safe PNs
p1
p6
t2
t5
t1
t3
t7
p2 p4
p1
p7
p5p3
t2
t6
t1
t4
t7
Two additional variables: v3 v4Two variables: v1 v2
00
0110
11
00
11
0110
Encoding for safe PNs
p1
p6 p7
p5p3
t2
t5 t6
t1
t4t3
t7
p2 p4
Four variables: v1 v2 v3 v4
10 - - - - 10
01 - -
0000
- - 01
- - 1111 - -
1010 0101
0000
1101 0111
1111
1110 1011
t1 t2
t3 t5t6
t5 t6
t4
t3 t4 t7
2010 3002
120611120120 0214
2104
Sparse encoding: 10 variablesDense encoding: 3 variables
010 000
011100111 110
001
Encoding for bounded PNs
p1
p3
t2 t1
p4 t3
p2
2
2
2
max(p2)=3max(p1)=3
max(p4)=8 max(p3)=2
t2t1t1t1 t3t3
t3
t3
t3t2
t2
Invariants of the PN:
I1: 2p1 + 4p2 - p4 = 4
I2: p1 + p2 + p3 = 3
2010 3002
120611120120 0214
2104
Dense encoding: 3 variables
Encoding for bounded PNs
Invariants of the PN:
I1: 2p1 + 4p2 - p4 = 4
I2: p1 + p2 + p3 = 3
Dense encoding: 3 variables
t2t1t1t1 t3t3
t3
t3
t3t2
t20308
t2
Invariants characterizethe set of allpotentially reachablemarkings(an overestimationof the reachablemarkings)
Encoding for bounded PNs
2p1 + 4p2 - p4 = 4
p1
p2 p2p2p2
p4 p4 p4 p4 p4p4p4p4
0 1 3 5 6 7
p4 p4
2 984
01 2 3
212 31 0210 1
0 464 28 0 28 6
p1 + p2 + p3 = 3
p1
p2
p3p3
5 6
2
10
01
p2
7
p3
0
3
0
3 variables4 variables
(8 vars)
Encoding for bounded PNs
p1 + p2 + p3 = 3
p1
p2 p2p2
p3 p3 p3 p3 p3
0 1 3
p3
2 74
0 1 2 3
212 31 0
2 01 10 0
p2
p3 p3
3 4
10
01
M(p1)+M(p2)
p3 p3 p3
0 1 2
2 31
2 1 0
Encoding for bounded PNs
x1
x2x2
x3 x3x3x3
0
T F
FT FT
T
0
F
0
T
1
F
1
T
2
F
2
T
3
F
1 2 3 1 2 0 1 0
p1
p2
2p1 + 4p2 - p4 = 4 p3 = 3 - p1 - p2
x1
x2x2
x3 x3x3x3
2
T F
FT FT
T
1
F
0
T
1
F
0
T
1
F
0
T
0
F
p3
Upper bounds for the state space
F F F F F F
x2
x3x3
x4 x4x4x4
T
T F
FT FT
T
T
F
T
T
T
F
T
T
T
F
T
T
T
F
x2
x3x3
x4 x4x4x4
T
T F
FT FT
T
T
F T F T F T F
x1
T F
2p1 + 4p2 - p4 = 4x1
x2
x3
T
F
FT
T
T
F
F
Characteristic function for potentially reachable states
Experimental results
PN States Vars |BDD| Ni Nnmuller10 4,2 x 102 40 / 20 770 / 189 10 40 1 1
muller20 2,5 x 105 80 / 40 3188 / 668 20 80 9 3
muller30 6,0 x 107 120 / 60 6694 / 1390 30 120 51 13
phil5 8,5 x 104 65 / 25 639 / 158 15 125 2 2
phil10 7,4 x 109 130 / 50 7805 / 433 30 250 40 24
phil15 6,4 x 1014 195 / 75 87419 / 708 45 375 700 124
slot5 1,7 x 106 50 / 25 673 / 129 10 50 14 5
slot10 3,8 x 1011 100 / 50 2516 / 460 20 100 1006 309
CPU
Conclusions
• Formal verification and synthesis oftensuffer from the state explosion problem
• Symbolic techniques can be used to efficientlyrepresent the state space
• Structural techniques are crucial to overestimateand encode the state space
• Try to resist the temptation of using BDDs fromthe very beginning. Use them rationally and onlyif desperate.