No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
PeCAn: Compositional Verification of Petri Nets Made Easy
Abstract
This paper introduces PeCAn, a tool supporting compositional verification of Petri nets. Beyond classical features (such as on-the-fly analysis and synchronisation between multiple Petri nets), PeCAn generates Symbolic Observation Graphs (SOG), and uses their composition to support modular abstractions of multiple Petri nets for more efficient verification. Furthermore, PeCAn implements an incremental strategy based on counter-examples for model-checking, thus improving significantly the cost of execution time and memory space. PeCAn also provides users with the visualisation of the input Petri nets and their corresponding SOGs. We experimented PeCAn with benchmark datasets from the Petri Nets’ model checking contests, showing promising results.
In various scientific communities dealing with formal analysis, software competitions have emerged and contributed to fostering progress in state of the art and providing insight into the evolution of the involved technologies. The model checking contest (MCC) is one of them; it focuses on asynchronous concurrent systems. This paper reports what the organizers have observed over five editions of the MCC between 2015 and 2019. It shows the evolution of state-of-the-art model checking tools in performing large and difficult verification tasks by improving existing techniques or designing new and innovative (combinations of) techniques. This paper also shows the impact of such an event on the corresponding scientific community.
CosyVerif aims at gathering within a common framework various existing tools for specification and verification. It has been designed in order to 1) support different formalisms with the ability to easily create new ones, 2) provide a graphical user interface for every formalism, 3) include verification tools called via the graphical interface or via an API as a Web service, and 4) offer the possibility for a developer to integrate his/her own tool without much effort, also allowing it to interact with the other tools. Several tools have already been integrated for the formal verification of (extensions of) Petri nets and timed automata.
This document presents the results of the Model Checking Contest held at
Petri Nets 2013 in Milano. This contest aimed at a fair and experimental
evaluation of the performances of model checking techniques applied to Petri
nets. This is the third edition after two successful editions in 2011 and 2012.
The participating tools were compared on several examinations (state space
generation and evaluation of several types of formul{\ae} -- reachability, LTL,
CTL for various classes of atomic propositions) run on a set of common models
(Place/Transition and Symmetric Petri nets).
After a short overview of the contest, this paper provides the raw results
from the contest, model per model and examination per examination. An HTML
version of this report is also provided (http://mcc.lip6.fr).
We sketch the fundamental properties and features of Snoopy, a tool to model and execute (animate, simulate) hierarchical graph-based system descriptions. The tool comes along with several pre-fabricated graph classes, especially some kind of Petri nets and other related graphs, and facilitates a com- fortable integration of further graph classes due to its generic design. To support an aspect-oriented model engineering, dier- ent graph classes may be used simultaneously. Snoopy pro- vides some features (hierarchical nodes, logical nodes), which are particularly useful for larger models, or models with an higher connectivity degree. There are several Petri net classes available, among them the purely qualitative place/transition nets according to the standard denition and a version enhanced by four special arcs as well as three quantitative extensions - time Petri nets, stochastic Petri nets, and continuous Petri nets. Each of these classes enjoys dedicated animation or simulation features. Our tool runs on Windows, Linux, and Mac operating systems. It is available free of charge for non-commercial use.
Verification of complex systems specification often encoun-ters the so-called state space explosion problem, which prevents exhaus-tive model-checking in many practical cases. Many techniques have been developed to counter this problem by reducing the state space, either by retaining a smaller number of relevant states, or by using a smart rep-resentation. Among the latter, modular state spaces [CP00,LP04] have turned out to be an efficient analysis technique in many cases [Pet05]. When the system uses a priority mechanism (e.g. timed systems [LP07]), there is increased coupling between the modules — preemption between modules can occur, thus disabling local events. This paper shows that the approach is still applicable even when considering dynamic priorities, i.e. priorities depending both on the transition and the current marking.
Recent development on distributed systems has shown that a variety of fairness constraints (some of which are only recently defined) play vital roles in designing self-stabilizing population protocols. Current practice of system anal- ysis is, however, deficient under fairness. In this work, we present PAT, a toolkit for flexible and efficient system analysis under fairness. A unified algorithm is proposed to model check systems with a variety of fairness effectively in two dif- ferent settings. Empirical evaluation shows that PAT complements existing model checkers in terms of fairness. We report that previously unknown bugs have been revealed using PAT against systems functioning under strong global fairness.
We sketch the fundamental properties and features of Snoopy, a tool to model and execute (animate, simulate) hierarchical graph-based system de- scriptions. The tool comes along with several pre-fabricated graph classes (in particular some kind of Petri nets and other related graphs), and facilitates a comfortable integration of further graph classes due to its generic design. To support an aspect-oriented model engineering, different graph classes may be used simultaneously. Our tool runs on Windows and Linux operating systems, and is available free of charge for non-commercial use.
LNCS n°3299, http://dx.doi.org/10.1007/978-3-540-30476-0_19 Symbolic model-checking usually includes two steps: the building of a compact representation of a state graph and the evaluation of the properties of the system upon this data structure. In case of properties expressed with a linear time logic, it appears that the second step is often more time consuming than the first one. In this work, we present a mixed solution which builds an observation graph represented in a non symbolic way but where the nodes are essentially symbolic set of states. Due to the small number of events to be observed in a typical formula, this graph has a very moderate size and thus the complexity time of verification is neglectible w.r.t. the time to build the observation graph. Thus we propose different symbolic implementations for the construction of the nodes of this graph. The evaluations we have done on standard examples show that our method outperforms the pure symbolic methods which makes it attractive. oui
CPN Tools is an advanced tool for editing, simulating, and analyzing colored Petri nets. This paper discusses the fourth major release of the tool, which makes it simple to use the tool for ordinary Petri nets, including adding inhibitor and reset arcs, and PNML export. This version also supports declarative modeling using constraints, and adds an extension framework making it easy for third parties to extend CPN Tools using Java.
Model checking is a powerful and widespread technique for the verification of finite state concurrent systems. However, the main hindrance for wider application of this technique is the well-known state explosion problem. In [16], we proposed an incremental and compositional verification approach where the system model is partitioned according to the actions occurring in the property to be verified and where the environment of a component is taken into account. But the verification at each increment might be costly. On the other hand, Symbolic Observation Graphs provide a compact analysis means for LTL∖X properties. We have shown a purely modular construction of these in [15]. Therefore, in this paper, we combine both techniques to benefit from their pros. Also, we propose a novel approach for incrementally checking the validity of the counter-example.
TAPAAL is a new platform independent tool for modelling, simulation and verification of timed-arc Petri nets. TAPAAL provides
a stand-alone editor and simulator, while the verification module translates timed-arc Petri net models into networks of timed
automata and uses the UPPAAL engine for the automatic analysis.
We report on the status of the first release of TAPAAL (available at www.tapaal.net), on its new modelling features and we demonstrate the efficiency and modelling capabilities of the tool on a few examples.
We report work in progress on a distributed version of explicit state space generation in the Petri net verification tool LoLA. We propose a data structure where all available memory of all involved workstations can be fully exploited, and load balancing actions are possible at any time while the verification is running. It is even possible to extend the set of involved workstations while a verification is running.
A tool PNV (Petri net verifier) designed for analysis, modelling and verification of coloured Petri nets (CPN) is presented in the paper. The tool consists of two main components: a translator which generates an internal form of CPN and a C++ program modelling the input CPN, and a model-checking component which is applied to CPN limited by finite state systems when properties are presented in mu-calculus. Moreover, the translator generates a program in Pascal extended by a nondeterministic construct in order to model and verify the input CPN. The model-checking component uses the internal form of CPN and includes a model constructor which generates the reachability graph of CPN, and a model-checker. The paper describes a model-checking experiment with CPN which models the ring communication protocol (Cohen and Segall, 1991). An ineffectiveness of the ring protocol is proven by the experiment, and a modified effective ring protocol is verified too.