# S-invariant S-invariant

Methods for the specification andverification of business processesMPB (6 cfu, 295AA)Roberto Brunihttp://www.di.unipi.it/~bruni10 - Invariants1sabato 9 aprile 2011

ObjectWe introduce two relevant kinds of invariants forPetri nets2sabato 9 aprile 2011

Puzzle time: tiling achessboard with dominoes31 dominoes64-2 = 62cellssabato 9 aprile 20113

Puzzle time: tiling achessboard with dominoes31 dominoes64-2 = 62cellssabato 9 aprile 20114

Puzzle time: tiling achessboard with dominoes31 dominoes64-2 = 62cellssabato 9 aprile 20115

InvariantAn invariant of a dynamic system is an assertionthat holds at every reachable stateExamples:liveness of a transition tdeadlock freedomboundedness6sabato 9 aprile 2011

Why invariants?Can be calculated efficiently(polynomial time for a basis)Independent of initial markingHowever, the main reason is didactical!You only truly understand a model if you thinkabout it in terms of invariants!7sabato 9 aprile 2011

Structural invariantsIn the case of Petri nets, it is possible to computecertain vectors of rational numbers (*)(directly from the structure of the net)(independently from the initial marking)which induces nice invariants, calledS-invariantT-invariant(*) it is not necessary to consider real-valued solutions, because incidence matrices only have integer entriessabato 9 aprile 20118

S-invariants9sabato 9 aprile 2011

S-invariant(aka place-invariant)Definition: An S-invariant of a net N=(P,T,F) is arational-valued solution x of the equationx · N = 010sabato 9 aprile 2011

Fundamental propertyof S-invariantsProposition: Let I be an invariant of N.For any M ∈ [ M 0 〉 we have I · M = I · M 0σSince M ∈ [ M 0 〉, there is σ s.t. M 0 −→ MBy the marking equation: M = M 0 + N · ⃗σTherefore: I · M = I · (M 0 + N · ⃗σ )= I · M 0 + I · N · ⃗σ= I · M 0 + 0 · ⃗σ11= I · M 0sabato 9 aprile 2011

Place-invariant,intuitivelyA place-invariant assigns a weight to each placesuch that the weighted token sum remainsconstant during any computation12sabato 9 aprile 2011

Traffic-lights example1red + 1red' - 1mutex = 1g+r'r+m+r'r+g'1mutex + 1green + 1green' + 1yellow + 1yellow' = 11red' + 1green' + 1yellow' = 1 +-+sabato 9 aprile 2011y+r'r+y'1red + 1green + 1yellow = 113

Alternative definitionof S-invariantProposition:A mapping I : P → Q is an S-invariant of N iff for any t ∈ T :∑p∈•tI(p) = ∑ p∈t•I(p)14sabato 9 aprile 2011

ExerciseProve the proposition about the alternativecharacterization of S-invariants15sabato 9 aprile 2011

Consequence ofalternative definitionVery useful in proving S-invariance!The check is possible without constructingthe incidence matrix16sabato 9 aprile 2011

ExercisesWhich of the following are S-invariants?[ 1 0 1 ][ 0 1 1 ][ 1 1 1 ]∀t ∈ T,∑p∈•tI(p) ? = ∑ p∈t•17I(p)[ 1 1 2 ][ 1 2 1 ]sabato 9 aprile 2011

ExercisesWhich of the following are S-invariants?m w c ][ 1 1 -1 ][ 1 0 1 ][ 0 1 1 ][ 1 1 1 ][ 1 -1 0 ][ 1 1 2 ][ 1 2 2 ]∑∀t ∈ T,18p∈•tI(p) ? = ∑ p∈t•I(p)sabato 9 aprile 2011

ExercisesDo S-invariants depend on the initial marking?Can the two nets below have different S-invariants?sabato 9 aprile 201119

ExercisesDefine two (linearly independent) S-invariants foreach of the nets below20sabato 9 aprile 2011

S-invariants and systempropertiessabato 9 aprile 201121

Semi-positiveS-invariantsThe S-invariant I is semi-positive if I > 0(i.e. I ≥ 0 and I ≠ 0)The support of I is: 〈I〉 = { p | I(p) > 0 }The S-invariant I is positive if I ≻ 0(i.e. I(p) > 0 for any place p ∈ P )(i.e. 〈I〉 = P )A (semi-positive) S-invariant whose coefficientsare all 0 and 1 is called uniform22sabato 9 aprile 2011

A sufficient conditionfor boundednessTheorem:If (P, T, F, M 0 ) has a positive S-invariant then it is boundedLet M ∈ [ M 0 〉 and let I be a positive S-invariant.Let p ∈ P . Then I(p)M(p) ≤ I · M = I · M 0Since I is positive, we can divide by I(p):M(p) ≤ (I · M 0 )/I(p)sabato 9 aprile 201123

Consequence ofprevious theoremBy exhibiting a positive S-invariant we can provethat the system is bounded for any initial markingsabato 9 aprile 201124

ExampleTo prove that the system is bounded we canjust exhibit a positive S-invariantI = [ 1 1 2 ]25sabato 9 aprile 2011

ExercisesFind a positive S-invariant for the net below26sabato 9 aprile 2011

A necessary conditionfor livenessTheorem:If (P, T, F, M 0 ) is live then for every semi-positive invariant I:Let p ∈〈I〉 and take any t ∈ •p ∪ p•.I · M 0 > 0By liveness, there are M, M ′ ∈ [ M 0 〉 with Mt−→ M ′Then, M(p) > 0 (if t ∈ p•) or M ′ (p) > 0 (if t ∈ •p)If M(p) > 0, then I · M ≥ I(p)M(p) > 0If M ′ (p) > 0, then I · M ′ ≥ I(p)M ′ (p) > 0In any case, I · M 0 = I · M = I · M ′ > 0sabato 9 aprile 201127

Consequence ofprevious theoremIf we find a semi-positive invariant such thatI · M 0 =0Then we can conclude that the system is not livesabato 9 aprile 201128

ExampleIt is immediate to check the counter-exampleI = [ 1 0 1 ]0 ] = 0[ 1 0 1 ] 1 = 00 ] = 029sabato 9 aprile 2011

Markings that agree onall S-invariantDefinition: M and M’ agree on all S-invariants iffor every S-invariant I we have I⋅M = I⋅M’Note: by properties of linear algebra, thiscorresponds to require that the equation on yM + N⋅y = M’ has some rational-valued solutionRemark: In general, there exist M and M’ that agreean all S-invariants but such that none of them isreachable from the othersabato 9 aprile 201130

A necessary conditionfor reachabilityReachability is decidable, but EXPSPACE-hardS-invariants provide a preliminary check that can becomputed efficientlyLet (P, T, F, M 0 ) be a system.If there is an S-invariant I s.t. I · M ≠ I · M 0 then M ∉ [ M 0 〉If the equation N·x = M −M 0 has no rational-valued solution, then M ∉ [ M 0 〉sabato 9 aprile 201131

S-invariants: recapPositive S-invariantUnboundedness=> boundedness=> no positive S-invariantSemi-positive S-invariant I and liveness => I⋅M0 > 0Semi-positive S-invariant I and I⋅M0 = 0=> non-liveS-invariant I and M reachableS-invariant I and I⋅M ≠ I⋅M0=> I⋅M = I⋅M0=> M not reachable32sabato 9 aprile 2011

ExercisesCan you find a positive S-invariant?33sabato 9 aprile 2011

ExercisesProve that the system is not live by exhibiting asuitable S-invariant34sabato 9 aprile 2011

T-invariants35sabato 9 aprile 2011

Dual reasoningThe S-invariants of a net N are vectors satisfyingthe equationx · N = 0It seems natural to ask if we can find someinteresting properties also for the vectorssatisfying the equationN · y = 036sabato 9 aprile 2011

T-invariant(aka transition-invariant)Definition: A T-invariant of a net N=(P,T,F) is arational-valued solution y of the equationN · y = 0sabato 9 aprile 201137

Fundamental propertyof T-invariantsProposition: Let Mσ−→ M ′ .The Parikh vector ⃗σ is a T-invariant iff M ′ = M⇒) By the marking equation lemma M ′ = M + N · ⃗σSince ⃗σ is a T-invariant N · ⃗σ = 0, thus M ′ = M.⇐) If M σ−→ M, by the marking equation lemma M = M + N · ⃗σThus N · ⃗σ = M − M = 0 and ⃗σ is a T-invariantsabato 9 aprile 201138

ExampleAn easy-to-be-found T-invariantm d ][ 1 1 ]39sabato 9 aprile 2011

Transition-invariant,intuitivelyA transition-invariant assigns a number ofoccurrences to each transition such that anyoccurrence sequence comprising exactly thosetransitions leads to the same marking where it started(independently from the order of execution)sabato 9 aprile 201140

Alternative definitionof T-invariantProposition:A mapping J : T → Q is a T-invariant of N iff for any p ∈ P :∑t∈•pJ(t) = ∑ t∈p•J(t)41sabato 9 aprile 2011

ExerciseWhich of the following are T-invariants?t1 t2 t3 t4 t5 ][ 1 0 0 1 1 ][ 1 1 2 1 2 ][ 1 1 2 0 2 ][ 1 1 1 1 2 ][ 0 1 1 0 1 ]∀p ∈ P,∑t∈•pJ(t) ? = ∑ t∈p•J(t)42sabato 9 aprile 2011

T-invariants and systempropertiessabato 9 aprile 201143

Reproduction lemmaLemma: Let (P, T, F, M 0 ) be a bounded system.σIf M 0 −→ for some infinite sequence σ, thenthere is a semi-positive T-invariant J such that 〈 J 〉⊆{ t | t ∈ σ }.tAssume σ = t 1 t 2 t 3 ... and M1 t0 −→2 tM1 −→3M2 −→ ...By boundedness: [ M 0 〉 is finite.sabato 9 aprile 2011By the pigeonhole principle, there are 0 ≤ i

Boundedness, livenessand positive T-invariantTheorem: If a bounded system is live,then it has a positive T-invariantBy boundedness: [ M 0 〉 is finite and we let k = |[ M 0 〉|.σBy liveness: M10 −→ M1 with ⃗σ 1 (t) > 0 for any t ∈ TσSimilarly: M21 −→ M2 with ⃗σ 2 (t) > 0 for any t ∈ TσSimilarly: M1 σ0 −→2σM1 −→ M2 ... −→kMksabato 9 aprile 2011By the pigeonhole principle, there are 0 ≤ i 0 for any t ∈ T .45

Consequence ofprevious theoremEvery live and bounded system has:a reachable marking M andan occurrence sequence M −→ σMsuch that all transitions of N occur in σ.sabato 9 aprile 201146

ExercisesCan you prove that a system is live and bounded byexhibiting a positive T-invariant?Can you disprove that a system is live and boundedby showing that no positive T-invariant can be found?Can you prove that a live system is bounded byexhibiting a positive T-invariant?sabato 9 aprile 201147

ExerciseNotation: •S = ⋃ s∈S •sProve that every semi-positive invariantsatisfies the equation•〈I〉 = 〈I〉•(the result holds for both S-invariant and T-invariant)sabato 9 aprile 2011(pre-sets of support equal post-sets of support)48

More magazines by this user
Similar magazines