part 3: complexity analysis of petri net problems
TRANSCRIPT
PART 3:
Complexity Analysis
of
Petri Net Problems
Def: A Petri Net is bounded w.r.t. an initial marking if the set of markings reachable from the initial marking is finite.
Bounded Unbounded
Boundedness of Petri Nets
In general, boundedness is a “good thing”.
It is essential if the system is to be realized with finite memory.
It allows the system to be analyzed as a finite-state machine.
Boundedness
There is an algorithm for deciding whether any given place in a Petri net is unbounded.
Theorem (Karp & Miller, 1966)
100 M0=(100)
M1=(001)“dead end”
t1 t3
M3=(10)
t1
M4=(01)
t3
t2
M5=(01) “old”
t1 t3
t1
10001
01
t3
t2
coverability graph coverability tree
Decidability of boundedness Using Higman’s Lemma, coverability graph is
always finite.Unbounded iff a finite computation
0 -* 1 -* 2 s.t. 2 > 1 (i.e., in the coverability graph)
Decidable, although not revealing any complexity bound
( 2, 5, 3 )
( 2, 6, 4 )
Positive loop
Why?
Idea:
Rackoff used Induction (on dimension) to bound the length of the shortest witness
22cn log n , yielding NSPACE(2cn log n )
( 2, 5, 3 )
( 2, 6, 4 )
Positive loop
Rackoff’s EXPSPACE Result for Boundedness
Proof Strategy
Let (v, A) be a VAS.
w Zk is called
i-bounded if w(j) 0 1 j i
i-r bounded if 0 w(j) r
Let p=w1, w2, … , wm be a seq. s.t. wi Nk i-bounded (i-r bounded ) if every
member of p is i-bounded (i-r bounded ) self-covering if j, wm > wj
i-loop if wm(j)= w1(j), 1 j i
Proof (Cont’d)
m’(i, v): the length of the shortest i-bounded self-covering path in (v, A); =0 if no such path exists.
g(i) = max { m’(i,v): v Nk }
Lemma [Borosh, Treybis’76]: Matrices B and b are of dim. d1 d2 and d1 1, resp.
If Equation B v b has an integer solution, then a small witness with v(i) dcd1,
d d2, absolute values of integers in B and b.
vw
Proof (Cont’d)
Lemma: i-r bounded self-covering path in (v,A) a `short one’ of length , c -- constant independent of n, v, r (n is the size of (v,A))
(proof) Let v1, v2, … , vm0 w1, w2, … , wm1 be a minimal
length i-r bounded self-covering path.
Claim 1: m0 r k ; otherwise, can cut it short by removing repetitions.
Now consider self-covering path w1, w2, … , wm1
cnr
…l1 l2lp
s
e.g. (3,1,-2,2) -*-> (3,1,4,-3)
Proof (Cont’d)
l1, l2, …, lp – i-loops, each of which is of absolute value 2nrk (rk : max. length; 2n : max. + or – on a coordinate)
At most (2(2nrk)+1)k distinct loop values The length of s is (rk+1)2
The bound stated in the lemma is then obtained by setting up an equation B v b such that v(i) represents the number of times loop li is used (Matrix B: loop values; b: the value of s)
Complexity of Boundedness
Theorem [Rackoff’78] The boundedness problem for VAS can be decided in NSPACE(2cn log n ).
(Proof) g(0) 2 (trivial) ; g(i+1) (2ng(i))
Case 1: (i+1)- (2ng(i)) bounded s.c. path. By the previous lemma, the bound holds
Case 2: otherwise.
cn cn
v1 vh vmFirst time (i+1)-th place not (2ng(i)) bounded
s.c. path length g(i)
always 0; hence,
i+1 bounded
lengh (2ng(i))i+1
Proof Cont’d
By solving g(i+1) (2ng(i)) ,the length of the
shortest witness 22cn log n , yielding
NSPACE(2cn log n ) complexity bound using a
nondeterministic search procedure.
cn
Multiparameter Analysis of Boundedness
[Rosier and Yen, JCSS’86] applies a multi-parameter analysis, yielding
NSPACE(2ck ( l + log n) ) for k-dim n-state VASS with largest integer rep. in l bits.
( 2, 5, 3 )
( 2, 6, 4 )
Positive loop
(1,6,4)
(1,7,9)
( 2, 6, 8 )
( 2, 7, 9 )
The set of initial markings from which a PN is unbounded is upward-closed
Boundedness vs. Upward-closed sets
If y S and x y => x S,then S is upward-closed.
Minimal elements:x is minimal if no z Sz < x.
Fact: the set of minimal elements is finite
y
x
Upward-closed Sets
Question: Knowing S to be upward-closed, can its minimal elements be computed?
(Valk & Jantzen, Acta’85)min(S) is effectively computable iff every z (N {∞})k, the problem ‘reg(v) ∩ S = ?’ is decidable.
However, size of min(S) not available
Upward-closed Sets
S
z=(100, ∞, 0, ∞)
Region(z) = {x | x Nk, x z }
zS
reg(z)=?
Decidability Criteria
Applications to Petri Nets
NOTBLOCKED(T’) ={ | ( ’R(, P) s.t. all transitions in T’ are disabled at ’}
NOTDEAD= { | an infinite path from }UNBOUNDED = { | R(, P) is infinite}
CONTINUAL(T’) = { | infinite path from along which tT’ t occurs infinitely often }
All of the above are upward-closed sets
z=(100, ∞, 0, ∞)
SWitness w
|w| f (|z|)for
S reg(z)
Algorithm
Key to Complexity Analysis
(Wang &Yen’04, TCS)
If w, |w| f(|z|) witnessing S reg(z) can be computed, then
|min(S)| ( f 。… f 。 f )(1)
k
Size of Min(S)
S
(5, 6, 3)
(∞, ∞, ∞)(4, ∞, ∞)
(2, 9, 8)
. . .
Proof Idea
Backward Reachability
X`Bad‘
(upward-closed)
`Initail‘
Upward-closedTermination is guaranteed under certain conditions
Parametric systems Petri nets Automated verification (backward
reachability analysis) Controllability analysis Data mining (correlation property) …
Applications of Upward-closed Sets
Equivalence is Undecidable(Hack, TCS’75)
Hilbert’s 10th Problem: Deciding whether an integer solution exists for a Diophantine equation
(e.g., 3x2y5-4xyz+2x6y3z2t=0) is undecidable. Hilbert’s 10th problem Polynomial graph inclusion problem Subset problem for PN reachability
sets PN Equivalence problem
Key: PN can weakly compute polynomial in the sense that value computed by PN polynomial value
Bisimulation equivalence is also undecidable (Jancar, TCS’95)
Undecidability of Containment (and Equivalence)
Reduce from Hilbert’s 10th problem:
Given a Diophantine equation P(x1, …, xn), deciding whether P(x1, …, xn)=0 has integer solutions – undecidable (Matijasevic, 1970)
Def: G(P)={ (x1, …, xn, y) | y P(x1, …, xn) with 0 x1, …, xn, y}
The polynomial inclusion problem (G(A) G(B)?) is undecidable, given two Diophantine polynomials A and B.
Hack’s Proof (Figures from [Peterson’81] )
1. t1 first fires, moving one token from px to p2
2. t3 copies y tokens from py to p3 and y tokens into output
3. t2 fires, putting the token in p2 back to p1
4. t4 copies y from p3 back into py
Key: Petri nets can weakly compute polynomials.
Multiplier subnet:Output x y
Proof (Cont’d)
Ri = aixs1xs2…xsh P = R1 + R2 + … + Rk
Proof (Cont’d)
To adjust tokens in internal places
G(A) G(B) R(C’A, ’A) R(C’B,’B)
Undecidability of Equivalence
PN C
PN D
PN E
CLAIM:R(D)=R(E)
iff R(A) R(B)
Bisimulation vs. Trace Equivalences
Trace set = {ab, ac}
The above two are trace-equivalent but not bisimulation-equivalent
aa
cb b c
a
Equivalence for various concurrent models
Model Bisimulation Trace
FSM P PSPACE
BPADecidable (in P, if
normed)Undecidable
PDA Decidable Undecidable
BPPDecidable (in P, if
normed)Undecidable
PPDAUndecidable (even for Normed PPDA)
UNdecidable
Petri Net Undecidable Undecidable
dim 3
van Leeuwen 74
dim 5, Hopcroft/Pansiot
79
Persistent, Grabowski/Mayr
/Muller 80
Sacerdote/Tenney 77
Mayr 81, 84
(see also Kosaraju 82)
In EXPSPACE FOCS 98
Upper bound ?
Milestone in Reachability Analysis
Semilinearity
1
A set is if it is of the form
where , , , bel
Pre
ong to .
A set is if it is a finite union of linear sets.
Semilinear sets(i.e
sburg., The
er Arithm ict
et
p
i i ii 1
np
se
u n v n
u
milin
line
ear
u
h
ar
v
e
N
N
.
( 0 1); e.g., (3 4 9))
Reachability, containment and equivalence are decidable for semilinear sets
ory of integers with additionsZ, , , , , x y y x
1 2 3 4 5 6 7 8 9 10
12345
10
L1
L2
L3
L1 = L ( (3,8); (0,3) )
L2 = L ( (5,6); (3,1), (1,2) )
L3 = L ( (6,3); (4,0), (4,1), (2,6) )
Example of a semilinear set
Equality, containment problems
p2 –complete
(Huynh’82)
Complexity of Semilinear Sets
Presburger arithmetic is the first-order theory of the natural numbers with addition alone (N,+, =, <, 0, 1).
∀ x ∀ y : ( ( ∃ z : x + z = y + 1) ( ⇒ ∀ z : ¬ (((1 + y) + 1) + z = x) ) )
x>y can be expressed as R(x,y)= ( ∃ z : x = y + z + 1)
There is an algorithm which decides for any given statement in Presburger arithmetic whether it is true or not (Presburger 1929).
Presburger Arithmatic(Presburger’ 29)
Lower bound is proven to be O(22n)
(Fischer and Rabin 1974) , where n is the length of the Presburger statement.
In fact, PA is NTIME(22c*n) -complete,
for some constant c.
Complexity
dim 3
van Leeuwen 74
dim 5, Hopcroft/Pansiot
79
Persistent, Grabowski/Mayr/
Muller 80
Decidability proof depends on the reachability sets being
semilinear
For dim > 5, reachability sets are NOT semilinear in general [HP79].
Semilinear Reachability Set
Non-semilinearity of 3-dim VASS (or 6-dim VAS)
Example [HP’79] : Initially at (p, (0,0,1))
t1: p (p, (0, 1, -1)); t2: p (q, (0, 0, 0))
t3: q (q, (0, -1, 2)); t4: q (p, (1, 0, 0))
Claim:
Reaching (p, (x1, x2, x3)) iff 0 < x2+x3 2x1
Reaching (q, (x1, x2, x3)) iff 0 < 2x2+x3 2x1+1
BPP
Esparza 95
Conflict-Free
Landweber/Robertson 78
Yamasaki 84
Trap-circuit
Normal
Sinkless
Persistent
Grabowski/Mayr/Muller 80
Some Subclasses of Petri Nets with Semilinear Reachability Sets
Conflict-Free
w/o conflict transitions Trap-circuit
Normal
no transition can remove tokens from a minimal circuit w/o putting tokens back
BPP
each transition has one input place
Sinkless
token free
Persistent
reachable markings m, m’, ( m [t > m’ [t’> ) m [t t’ >
Structural/Behavioral Constraints
2-dim VASSs (or 5-dim Petri Nets): (Hopcroft&Pansiot, TCS 79)
Conflict-Free/Persistent Petri Nets (Landweber & Robertson, JACM’78)
Normal/Sinkless Petri Nets (Yamasaki, TCS’84)
For each of the above classes, reachability sets are always semilinear; however, no complexity analysis was given in the respective articles.
Petri nets with semilinear reachability sets
Complexity Analysis
What are the
sizes
of the semilinear set representations?
Conflict-Free Petri Nets
t1t2
t1,t2: Conflict transitions
Conflict-free Petri nets:
Petri nets without conflict transitions.
Conflict-free Petri Nets
• A PN is conflict-free if every place which is an input of more than one transition is in a self-loop with each such transition.
Example of Conflict
t2
t1
p1
p2
p3t2
t1
p1
p2
p3
t1p1 p2
• The only way to disable an enabled transition is to fire itself.
Conflict-free PNs
p1
s2
s1
p2
A producer-consumer system
r c
Producer 1
Producer 2
Consumer
Initially…
Properties of Conflict-Free PNs
LEMMA:(Howell, Rosier and Yen, IPL’87) Given a conflict-free Petri net P =(P,T, φ,μ0), we can construct in polynomial time a sequence τ in which no transition in P is used more than once, such that if some transition t is not used in τ, then there is no path in which t is used.
Properties of Conflict-Free PNs
1 2
0
0 1 2
1 2
0
2 1
1
:
(Yen, IPL'91) Let be a path in a conflict-free
PN (P,T, , ). Then there exits and such that
1. ,
2. ,
3. ( ) ( ), and
4. transition , # ( ) 1.
σ σ
σ σ
#σ #σ σ
μ μ
S σ S σ
t σ t
LEMMA
P
1 2
1 1 2 2
1 2 1 2
: If , then can be rearranged into
, for some sequences
, ,..., and integers , ,..., ,1 ,
such that
1. 1 transition , # ( ) 1, and
2.
k
σ
ll l
k k
k k
i
μ μ σ
σ σ σ σ σ σ σ
σ σ σ l l l k n
i k t T σ t
LEMMA
11 1, ( ) ( ).i ii k S σ S σ
σ1 σ1…
…
σ2 σ2
…
σ3
Properties of Conflict-Free PNs
Minimal Circuit:A circuit that does not properly include any other circuit.
Sink:
Circuit:
μ0μ μ’
Circuits in PN Structures
Normal and Sinkless Petri nets
(P, μ0) is normal iff no transition can decrease the token count of a minimal circuit.
(P, μ0) is sinkless iff it does not have a sink.
t
Not Normal
Normal+BPP[Yen, Yu, 2003]
Conflict-Free
w/o conflict transitions Trap-circuit
Normal
no transition can remove tokens from a minimal circuit w/o putting tokens back
BPP
each transition has one input place
Sinkless
token free
Integer Linear Programming for Reachability Analysis
xi-1 + Mi yi = xi
Fi(P,Ti ,i )
sufficient & necessary for reachability
polynomial number of stages
0
0 + M x =
Not sufficient
Decompositional Approach
0
iff
there exists a computation of the form
0 0 … … nn nnwhere … nare of some canonical form,
andn is polynomial
Canonical Computation
Characteristic System of Inequalities for Normal & Sinkless PNs
0
m0
(from Yamasaki, TCS'84) Consider a Petri net
(P,T, , ) which has no token-free circuits in every
reachable marking. If A x 0 for some x N ,
where is the number of transitions in T, then m
Lemma
P
0
there
exists a sequence , # and .x
(Exercise)
Characteristic System of Inequalities for Normal & Sinkless PNs
(Howell, Rosier, & Yen, JCSS’93)Given a PN P and τ=tj1,…,tjh,…,tjn, the characteristic system of inequalities L(P,τ)=L0 … L∪ ∪ n, where
0 0 0
1 1
1
{ }, and
{ ( ) ( , ), 1 }
( ,..., )
h h i jh h h h h
h j jh
L x
L x i p t x x A y i k
A a a
μ0 μn-1μ1
μn μn+1 μ
tjn is enabled at μn-1
This set of markings is modeled byLn = {xn-1(i) ψ(p≧ i,tjn), xn= xn-1+Anyn | 1 i k}≦ ≦
Reachability Set of a Normal/Sinkless PN
Canonical Computation of Normal/Sinkless PNs
t1 t2 t3 ti ti+1 tn
0 1 2 i-1 i n-1
1 n2 i
ti marks the 1st occurrence in i.
Construct P1,…,Pn, where
(1) Pi =((P,Ti , |Ti), i-1)), and
(2) T0=0, Ti=Ti-1{ti}, tiTi-1 enabled at i-1 and iT*
i.
[Howell, Rosier, Yen, JCSS 93]
Reachability in Pi can be captured by ILP(Pi, i-1, i-1)!
Reachability Set of a Normal/Sinkless PN
Nondeterminism comes from– (N1) guessing a sequence of distinct
transitions (i.e., τ=tj1…tjn), and
– (N2) solving the integer version of linear programming.
The reachability problem for conflict-free, normal, sinkless, BPP, (BPP+trap-circuit) Petri nets can be solved in the framework of ILP. ([Howell, Rosier, JCSS 88]; [Howell, Rosier, Yen, JCSS 93], [Yen, I&C 96],[Yen, TCS 97])
NP-complete
Characterizing Reachability via Integer Linear Programming
Small Semilinear Set Representations
Boundedness is co-NP-complete Reachability is NP-complete Sinkless detection is NP-complete Deciding normality is co-NP-complete
Containment and Equivalence are p2 -
complete
([Howell, Rosier, Yen, JCSS 1993])
Some Complexities for Normal and Sinkless Petri Nets
BPP-nets A BPP-net (also known as communication-free PN) is
a Petri net in which each transition has exactly one input place, and the firing of a transition removes exactly one token from its input place.
An example:
BPP-nets are computationally equivalent to commutative context-free grammars and Basic Parallel Processes.
a
b
c
d
e
p1 p2
p3
p4
5
10
Previous work on reachability and equivalence for BPP-nets
Huynh(I&C’83) showed the uniform word problem for commutative context-free grammars to be solvable in NP. (The proof is rather involved.)
Esparza(FCT’95) showed the reachability problem for BPP-nets to be solvable in NP, using the concept of siphon. (This work provides a simpler proof for Huynh’s result.)
Esparza(FCT’95) derived a decidability result for the equivalence problem for BPP-nets; however, no complexity analysis was given.
Previous work on reachability and equivalence for BPP-nets
In (Yen, TCS’97), yet another NP algorithm, based on integer linear programming, for the reachability problem for BPP-nets is given. The new approach allows us to analyze the size of the semilinear set representation of a BPP-net, yielding a complexity bound for the equivalence problem.
1 2
1 2
Let { , ,..., } be a set of connected circiuts in a BPP-net and
be a marking with ( ) 0, for some . For arbitrary integers
, ,..., 0, there exists a sequence such
n
i
n
c c c
c i
a a a σ
Lemma (Yen, TCS'97)
C P
j 1
that
and # (# ). (In words, from there exists a firable
sequence utilizing circuit exactly times, for every .)
nσ
σ j cj
j j
μ a μ
σ c a j
Cj
C1
C2
p1
p2pj
t1t r
t2
0 reachable from 0
A short sequence
Canonical Computation
0 reachable from 0
A collection of circuits
Canonical Computation
Original μ
σ
μ
σ‧abdefxyz
Cfzde
a b x
yC’
μ Cfzde
a b x
yC’
a f z d b x e y
μ’
C’’
Circuit-Free
Figure Rearranging a path in a BPP-net into a canonical one.
Example
=‘acdedecdeba’ can be rearranged into ‘(ab)a(cde)(cde)de’.
connected circuits
00
{
For each BPP-net P (with initial marking 0 ) of size s,
R(0 , P)= vB L(v, v )
whose size is bounded by O(2cs ) ([Yen, TCS 97])
Small Semilinear Set Representations
0
set of periods
a short prefix
’
Proof Idea
Canonical computations in BPP-nets
0
*1 1 2 2 0
Let be a reachable marking in a BPP-net (( , , ), ). Then there exits a sequence
(1 , , ) which witmesses and satisfies the following conditions:
1.h h i i
P T
h m T
Lemma (Yen, TCS'97)
P
1
1 21
,1 ,
(a) there exists a set { ,..., }( ) of connected circiuts such that
( ) ( ) for some integers , ,..., 0,
(b) the remaining sequence does not
i
i
i
i ii r i
ri i i i i
i j j rj
i h h
i i h
c c r m
a c a a a
C
1
cover any circiut which shares some place with circiuts in , and
(c) , i.e., the total number of distinct circiuts considered above
is bounded by the number of transitions of the P
i
h
ii
m
C
C
N.
2. ,1 1
(a) # ( ) 1, (in words, all transitions in are distinct),
(b) ( )( ) 1, (in words, removes at most one token from any place), and
(c) is circuit-free (i.e., it d
ia i
i i
i
i i h
t t T
p p P
oes not cover any circiut).
3. is circuit-free. Notice that may contain multiple copies of a transition.h h
1 2 1 2
1 2
1
Consider a path . Let { , ,..., } be a set of
connected circuits and , ,..., be positive integers such that
(a) ( ,1 )( ( ) 0) (i.e., is not token-free in
z
z
i i
c c c
a a a
i i z c c
Proof sketch :
Claim : C
1
1
2 1
1
1
1
1 2
1
marking )
(b) ( ,..., ) does not cover any circuit that shares some place with circuits in , and
(c) (# ) # .
Then there exist and such that
(1) # (# ),
(2) # #
z
j
j
a az
z
j cj
z
δ j cj
δ δ
σ c c
a
δ δ
a
C
1 2
1 3 2 3
1 2 1
1
, and
(3) , for some .
(In words, can be rearranged into such that consists of the largest
collection of connected circuits with at least one of them marked in .)
δ δ
σ δ δ δ
The reachability problemTheorem: (Yen, TCS’97)
The reachability problem for BPP-nets can be solved in NP
Proof sketch:
Set up the following linear inequalities to capture PN computation
: ...... ''
22'110
2211
hh
hh
i
1 0
'
,j 1
'1 ,
'h
1
1 h
1 h - 1
j
i ii i j j
i i i
l
j hj
c i
i
b t
The equivalence problemLemma:( Yen, TCS’97)
Let be a BPP-net of size s.
For some fixed constants c1,c2,d1,d2,d3 independent of s, we can construct in DTIME a semilinear reachability set
(whose size is bounded by ,where
1. B is the set of all reachable markings with no component larger than
2. is the set of all such that
(a) has no component larger than , and
(b) marking ,
0, T, , P
322c s v
B
R(P) , L
3
1c sO 23
12d s
v k N 3
22d s
1 2 , , T , 11 2
23
0 1
0 1
d1 2
. ,
. ,
. , 2 s
i
ii
iii
Lemma: (Huynh, EIK’82) The equivalence problem for semi-linear sets is in (Note: is the class of languages whose complements are in the second level of the polynomial time hierarchy.)
Theorem: (Yen, TCS’97) The equivalence problem for BPP-nets is solvable in DTIME ,where s is the size of the PN, and d is some fixed constant
2
p 2
p
322 d s
Lower boundTheorem: (Yen, TCS’97)
The equivalence problem for BPP-nets is hard2
p
Proof sketch:
We reduce the following known complete problem to the equivalence problem
2
p
• Let
The problem of deciding whether
where
is -complete
•R(P2) = R(P1) iff
1 21 1 n x , ..., and Y y , ...,ynX x
1 21 1 n 1 m ... ... y ... C 0nx x y C
1,j 2,j 3,j , , ,j i jC X Y 2
p 1 2 1 2 1 2 1 1 1 2, , 0x x y y x x y x y y
, 0X YF X Y
a1 a2 b1 b2 q
wt1 t’1 t2 t’2 r1 r’1 r2 r’2
d1 d2
c1 c2
s1 v1s2 v2 h
P1
P2 = P1∪ {h}
Even for Petri nets known to have finite reachability sets, the size of the reachability set could be
huge. Mayr & Meyer (JACM’81) McAloon (TCS’84) Clote (TCS’84) – use Ramsey Theory (Howell,Rosier,Yen,TCS’86) – provides optimal
bound in the hierarchy of the following primitive recursive functions
f1(x)=2x, fi (x)=f(x)i-1(1), i>1
dim of PN
Bounded Petri nets
Lower Bound
Let f1(x)=2x; fn(x)=f(x)n-1(1), where f(x)
n-1 is x-th fold composition of fn-1
We construct a finite n-dim VASS such that (0,…,0) -* (0, …, fn(n)
(0, n,0,…0) (0,…,0, fi-1(n) ,0,…0)(0,…,0, n,0, …,0)
n - i(0,f1(n),0,…0)
(0,…,1, n-1,0, …,0)(0,…, fi-2(1), n-1,0, …,0)
(0,…, fi-2(1), n-2,0, …,0)(0,…, f(2)
i-2(1), n-2,0, …,0)
(Howell,Rosier,Yen, TCS’86) Semilinear sets are shown to be of size O(22cn ) – yielding complexity results for reachability, containment and equivalence
2-dim VASSs (or 5-dim PNs)
Arbitrary Petri net
always semilinear
(E. Mayr et. al, 89)
Projection on one dimention
What is the size of the semilinear set
?
M |= φ
(Howell, Rosier, Yen, TCS’91) A Taxonomy of Fairness & Temporal Logic Problems for Petri Nets
(Esparza, ACTA’97) Decidability of Model Checking for Infinite-State Concurrent Systems
(Haberhehl, Petri Net Conf’97) On the Complexity of Linear-Time μ-Calculus for Petri Nets
(Mayr, TCS’01) Decidability of model checking with the temporal logic EF
…
Petri netTemporal formula (LTL, CTL, …)
Model Checking Petri Nets
p does not hold p holds
On this path: F p holds, G p does not hold, p does not hold, X p does not hold, X (X p) holds, X (X (X p)) does not hold
On this path: F p holds, G p holds, p holds,X p holds, X (X p) holds, X (X (X p))) holds
. . .
. . .
Xp: next-time p; Fp: eventually p, Gp: always p
Linear-time Temporal Logic
Syntax of LTL
ψ ::= true | p | ψ |ψ1ψ2 | Xψ |ψ1Uψ2
Abbreviation:false true
ψ1 ψ2 ((ψ1) (ψ2))
ψ1ψ2 (ψ1)ψ2
Fψ true Uψ
Gψ Fψ
.
.
.
.
.
.
.
.
.
.
.
.
EF p a path along which p eventually holds
s
.
.
.
.
.
.
.
.
.
s
AF p
paths along each p eventually holds
.
.
.
.
.
.
.
.
.
s
AG p
paths along each p always holds
.
.
.
.
.
.
Branching-time Temporal Logic (Computation Tree Logic)
Syntax of CTL
φ::= true | p | φ | φ1φ2 | EXφ | AXφ
| E(φ1Uφ2 )| G(φ1Uφ2 )
abbreviation:false trueφ1 φ2 ((φ1) (φ2))φ1φ2 (φ1)φ2
EXφ E(true U φ)AGφ EFφAFφ A(true Uφ)EGφ AFφ
2-counter Machines
Turing machines ≡ 2-counter Machines
Finite-StateControl
Counters
(1) Add one to a counter(2) Subtract one from a counter(3) Test a counter for zero
Model Checking Petri Nets Model-checking problems – State based
LTL and CTL -- undecidable!!
Reduction from the halting problem:Given a 2-counter machine C with counters initialized to 0, does C halt?
p: if x=0 goto q else goto r
Cheat: (q x) (r x)
LTL-Halt: F(cheat halt)
CTL-Halt: AF(cheat halt)
p
rq
Counter x
Model Checking
The model-checking problems for Petri nets and all branching-time, action-based logics are undecidable.
The model-checking problems for Petri nets and all linear-time, action-based logics are decidable.
CTL Model Checking
Undecidability: Given an unlabelled Petri net N and a
formula of state-based CTL there is a labelled net N’ and a formula ’ of action-based CTL such that N satisfies if and only if N’ satisfies ’.
As in the 1-safe case, the model-checking algorithm is based on automata theory:
An Alternative Proof of Undecidability
a
b
b N1
N2
R(N1) R(N2) iff (a (a b))
LTL Model Checking
Idea:
To check M |= φ (LTL formula), it suffices to consider
Buchi automaton
M φ
Existence of infinite runs in VASS?
Decidability/Complexity of Model Checking (action-based)
Richard Mayr 1998
Fairness
In general, the system may run forever
It will eventually terminate if the computation is required to be, in some sense, ‘fair’
1
x
X:=0
if x =1
if x =0
Fair Nontermination Problem
Given a Petri net, does there exist an infinite computation which is also ‘fair’ (w.r.t some fairness criteria).
Fair nontermination problems:
(Howell, Rosier and Yen, TCS) Let A be a finite set of nonempty subsets of
transitions. Given an infinite sequence of transitions σ=t1,t2,…, let infT(σ) be the set of transitions occurring infinitely often in σ.
T1-fair iff A 1, A.
T1'-fair iff A 1, A.
T2-fair iff A inf ( ) A 0.
T2'-fair iff A inf ( ) A.
T3-fair iff A inf ( ) A.
T3'-fair iff A A inf ( ).
i
i
T
T
T
T
i t
i t
A,
A,
A,
A,
A,
A,
Fair Nontermination Problem
The fair nontermination problem with respect to T1(T1’, T2, T2’, T3, T3’, respectively) fairness is the problem of determining whether a given Petri net has an infinite type T1(T1’, T2, T2’, T3, T3’, respectively) fair computation.
T1-fair
T1’-fair
T2-fair
T2’-fair
T3-fair
T3’-fair
FNTP Results, Howell, Rosier, Yen(TCS 91)
See more in (Howell, Rosier, Yen, TCS’91) A Taxonomy of Fairness & Temporal Logic Problems for Petri Nets
The fair nontermination problem with respect to T1 (T1’, T2, T2’, T3, T3’ )are equivalent to the boundedness problem.
Liveness
p
s1
s2
s3 r2
r1
NOTE:
Place p=0
s1 is not live
PN
Hence, 0-place reachability liveness
Liveness (Cont’d)
Liveness sub-marking reachability[Hack’74] Transition t is live iff there is a finite set
of markings (extended with ) Dt such that no marking in Dt is reachable.
(Proof Idea) Marking is t-dead if t does not appear in the reachability tree rooted at
Dt: the set of t-dead markings, is a downward-closed set which has a finite number of maximum elements.
Theorem:
The following problems are equivalent:
(1) Reachability
(2) Liveness
(3) Single-transition liveness
Self-Stabilization Dijkstra (1974): Regardless of a system’s starting
configuration, always returns to a legitimate configuration eventually.
Self-Stabilizing systems tend to be Fault-Tolerant in some sense.
Legitimate states
All states
fault
convergence
Self-Stabilization in PNs
R(S,c0): the set of reachable configurations from initial configuration c0 in system S
A computation σ from configuration c1 is non-self-stabilizing (non-ss) if
1.σ is finite (σ : ,for some m) such that
– Cm is a dead configuration and
– or
2.σ is infinite (σ: ) such that
11 2
1 1 1...mtt t
m mc c c c
1 2
1 1 1...itt t
i ic c c c
01, ( , )ii c R c S
0( , ),mc R c S
× …Dead configuration
The set of reachable configurations
R(S,c0)
Computation leading to a ‘legitimate’ configuration
Initial configuration
Infinite non-ss computation
c0
Self-Stabilizing Systems S is self-stabilizing if for each configuration
c, none of the computations emanating from c is non-ss.
The self-stabilization problem:
Given a system S, is S self-stabilizing? In our work, we are concerned with
infinite-state systems
i.e., systems with an infinite number of configurations.
Self-stabilization for Petri Nets
Self-stabilization for bounded Petri nets [Cherkasova, Howell, Rosier, 1995] – PTIME-complete for bounded ordinary
Petri nets – PSPACE-complete for bounded general
Petri nets.
Decidability/complexity of self-stabilization for
general Petri nets remains open.
Subclasses of Petri Nets (1) Ordinary PNs
– all arc weights are 1’s– same modeling power as general PN, more
convenient for analysis but less efficient State machine
– each transition has exactly one input place and exactly one output place
Marked graph– each place has exactly one input transition and
exactly one output transition
Subclasses of Petri Nets (2) Free-choice
– every outgoing arc from a place is either unique or is a unique incoming arc to a transition
Extended free-choice– if two places have some common output
transition, then they have all their output transitions in common
Asymmetric choice (or simple)– if two places have some common output
transition, then one of them has all the output transitions of the other (and possibly more)
Subclasses of Petri Nets (3)
PN
PN
AC EFC FC SM MG
Decidability and Complexity of Petri Net Problems
Rule of thumb 1: All questions about the behaviour of 1-safe Petri nets are PSPACE-hard.
Rule of thumb 2: Nearly all questions about the behaviour of 1-safe Petri nets can be solved in polynomial space.
Rule of thumb 3: Equivalence problems for 1-safe Petri nets are harder to solve than model checking problems. They need at most exponential space.
Rule of thumb 4: Most questions about the behaviour of acyclic 1-safe Petri nets are NP-hard.
(summarized by Esparza)
Decidability and Complexity of Petri Net problems
Rule of thumb 5: Many questions about 1-safe conflict free Petri nets are solvable in polynomial time. Some questions about live 1-safe free-choice Petri nets are solvable in polynomial time (and liveness of 1-safe free-choice Petri nets is decidable in polynomial time too).Almost no questions for 1-safe net classes substantially larger than free-choice Petri nets are solvable in polynomial time.
Rule of thumb 6: All questions about the behaviour of Petri nets are EXPSPACE-hard. They require at least space.2 nO
Decidability and Complexity of Petri Net problems
Rule of thumb 7: The model-checking problems for Petri nets and all state-based logics are undecidable.
Rule of thumb 8: The model-checking problems for Petri nets and all branching-time, action-based logics are undecidable. The model-checking problems for Petri nets and all linear-time, action-based logics are decidable.
Rule of thumb 9: All equivalence problems for Petri nets are undecidable.
Rule of thumb 10: Many questions about marked graphs are solvable in polynomial time. Almost no questions about Petri nets classes substantially larger than marked graphs are solvable in polynomial time.