expand this
figure
1. Familiarity with an important modeling tool
* areas Petri nets can model well
* limitations of Petri nets
* variety of representations
* common properties
2. Capabilities with the tool
* understand complex models
* develop simple models
3. Further information:
look for simulators under «Tools and Software» link
* complex processes
* concurrent activities
* flow of data or other things
may be transformed on the way
* multiple coordinated flows
hence abstraction of Data Flow Diagrams
focusing on synchronization
Some visual similarity between FSA and Petri Nets diagrams
both have circle and arrows
FSA are special cases of Petri nets
In general, Petri nets
* emphasize locality of condition
verses global state
* have multiple conditions active at once
hence non-
determinacy more global
* express complex transitions succinctly
* allow multiple instances in one condition
without bound
+ explicit coordination / synchronization
- no identity of «packets»
Can imagine each Petri net as
* a unique gameboard
but
* using the same kind of pieces and
* following the same general rules
Each Petri net looks like a gameboard with
* circles called conditions or places
* bars called events or transitions
* arrows, called input arcs , from conditions to events
* condition is input to the event
* arrows, called output arcs , from events to conditions
* condition is output from the event
* multiple parallel edges possible
Notation:
* formally, a «bipartite directed multigraph»
A token on a condition
* means that condition currently is true
* is drawn by a black dot on that condition
* may share that condition with other tokens, indicating multiple objects sharing that condition
* during a given turn, may stay on a condition or move to an event
A marking of a Petri net
* is a function from the conditions to the non-negative integers
* indicates the number of tokens currently at that condition
An event is enabled when it is possible to place
on each input arc
a token from the corresponding input condition
An event fires
* only if it is enabled
* by consuming a token along each input arc
* and producing a token along each output arc
Indeterminate firing:
* If more than one event is enabled at a given time, any of the enabled events may fire
Concurrency:
* Formally, two events may not fire at the same time
* However, this is often not relevant, so it is common to think of event firings as being concurrent
expand this
figure
expand this
figure
expand this
figure
PARBEGIN
S1, S2, ... Sk
PAREND
The simplest switch:
Use this to en/dis-able other transition(s)
What is wrong with the above?
Objective: prevent two programs from accessing the same data structure simultaneously
Code where a program accesses the shared structure is called the critical section
Issue is lock on buffer to prevent simultaneous access
A machine shop has resources:
* machines M0, M1, and M2
* operators O1 and O2
Subject to the constraints:
* O1 can operate M0 and M1
* O2 can operate M0 and M2
* an order is processed first by M0 and then either M1 or M2
Significant events:
* order arrives
* Oi [ begins | ends ] operating Mj
* product is shipped
Significant conditions:
* order waiting for Mj
* Oi or Mj is idle (5 cases)
* Oi is operating Mj (4 cases)
* order partially done
* product awaiting shipment
* PERT networks
* example: building a house
* Many complex processes in society
* example: civil legal action
A Petri net graph consists of
P a finite set of conditions (Places)
T a finite set of events (Transitions)
I a finite multiset of arcs from P to T
(Inputs)
O a finite multiset of arcs from T to P
(Outputs)
A marked Petri net consists of
G a Petri net graph <P,T,I,O>
m a function, m : P -> Z
Formally define:
* event enabled
* firing
* firing sequence
An (almost) equivalent formalism:
* an n place Petri net written as a vector of conditions <
p1, p2, . . .,
pn >
* a marking of that net is written as a vector of non-negative integers
< m1, m2, . . .,
mn >
* an event is written as a vector of integers
* di < 0 for input arcs from condition
pi
* di > 0 for output arcs to condition
pi
* one event cannot have same condition as both input and output
A Petri net in VAS notation
The same Petri net in graphical notation
Given
* a Petri net with
* an initial marking
determine
* behavior patterns
* over all possible firing sequences
Two events are said to be in conflict if there is a marking
in which both events are enabled, but the firing of one event disables the
other
A conflict:
A condition t is bounded by b if there is no
firing sequence that marks t with a value greater than b
A condition bounded by 1 is called safe .
An event t is dead live-1 live-2 live-3 live-4
* dead
* live-1 but not live-2
* live-2 but not live-3, for t3
* live-3 but not live-4, for t1 in same net
* live-4, non-trivially
* live-4, but trivial
Reachability question: Given
* a Petri net with an initial marking and
* a target marking M
does there exist
* a firing sequence that produces M ?
A marking < m1, m2, . . .,
mn > covers a marking
Coverability question: Given
* a Petri net with an initial marking and
* a target marking M
does there exist
* a firing sequence that produces a marking covering M ?
Coverability tree formed by
1. initial marking is root
2. successive markings form branches except
3. if identical marking on path to root, stop branch
4. if covers a marking on path to root, mark increased conditions with o
A condition typically is
* a queue of processes
* where many tokens may be in one condition
* an active process
* where one token may occupy a condition
Tokens model
* processes
* controls (semaphores, etc.)
Z = non-negative integers
Firings
Vector Addition Systems
<
d1, d2, . . ., dn >
|
| conditions
---+---------------------
e |
v |
e |
n |
t |
s |
Example VAS
p1 p2 p3 p4
Analysis of Behavior
Conflict
Boundedness
Liveness
if it is never enabled
if there is some firing sequence after which t is enabled
if, for every integer n, there is a firing
sequence in which t fires n times
if
there is an infinite firing sequence in which t fires n
times, for any integer n
if every finite firing
sequence can be extended to one that enables t
Liveness Examples
Reachability & Coverability
<
k1, k2, . . ., kn
> if ki <= mi for all i, 1
<= i <= n
Coverability Tree Example
Two-Phase Commit
OS Model Correspondences
Deadlocked Programs
expand this
figure
expand this
figure
expand this
figure
expand this
figure
expand this
figure
expand this
figure
expand this
figure
expand this
figure
expand this
figure
expand this
figure
expand this
figure
expand this
figure
expand this
figure
expand this
figure
expand this
figure
expand this
figure loop loop
acquire R1; acquire R2;
acquire R2; acquire R1;
critical critical
section; section;
release R1 release R1
and R2; and R2; end
end
* allow tokens of various colors
* events specify colors of tokens input and output
Example:
* t1 takes a Yellow token and outputs a Green one
* t2 consumes a Green token as long as a Red is present, outputing a Red token
* t3 takes either a Green or Red token as input
© Copyright Edward Robertson, 2109-3-26
expand this
figure
expand this
figure
expand this
figure
expand this
figure
expand this
figure