Results 1  10
of
64
An Improvement of McMillan's Unfolding Algorithm
 Formal Methods in System Design
, 1996
"... McMillan has recently proposed a new technique to avoid the state explosion problem in the verification of systems modelled with finitestate Petri nets. The technique requires to construct a finite initial part of the unfolding of the net. McMillan's algorithm for this task may yield initial parts ..."
Abstract

Cited by 180 (9 self)
 Add to MetaCart
McMillan has recently proposed a new technique to avoid the state explosion problem in the verification of systems modelled with finitestate Petri nets. The technique requires to construct a finite initial part of the unfolding of the net. McMillan's algorithm for this task may yield initial parts that are larger than necessary (exponentially larger in the worst case). We present a refinement of the algorithm which overcomes this problem. 1 Introduction In a seminal paper [10], McMillan has proposed a new technique to avoid the state explosion problem in the verification of systems modelled with finitestate Petri nets. The technique is based on the concept of net unfolding, a well known partial order semantics of Petri nets introduced in [12], and later described in more detail in [4] under the name of branching processes. The unfolding of a net is another net, usually infinite but with a simpler structure. McMillan proposes an algorithm for the construction of a finite initial part...
Deriving Petri Nets from Finite Transition Systems
 IEEE Transactions on Computers
, 1998
"... This paper presents a novel method to derive a Petri net from any specification model that can be mapped into a statebased representation with arcs labeled with symbols from an alphabet of events (a Transition System, TS). The method is based on the theory of regions for Elementary Transition Syst ..."
Abstract

Cited by 61 (7 self)
 Add to MetaCart
This paper presents a novel method to derive a Petri net from any specification model that can be mapped into a statebased representation with arcs labeled with symbols from an alphabet of events (a Transition System, TS). The method is based on the theory of regions for Elementary Transition Systems (ETS). Previous work has shown that for any ETS there exists a Petri net with minimum transition count (one transition for each label) with a reachability graph isomorphic to the original Transition System. The method makes use of the following three mechanisms, providing a framework for synthesis of safe Petri nets from arbitrary TSs. Firstly, the requirement of isomorphism is relaxed to a "more behavioural" form of equivalence, bisimulation of TSs, thus extending the class of synthesizable TSs to a new class called ExcitationClosed Transition Systems(ECTS). Secondly, previous work required an oracle (usually the designer) to identify sets of events labeling the TS that were mapped to...
Saturation: an efficient iteration strategy for symbolic state space generation
 PROC. TOOLS AND ALGORITHMS FOR THE CONSTRUCTION AND ANALYSIS OF SYSTEMS (TACAS), LNCS 2031
, 2001
"... We present a novel algorithm for generating state spaces of asynchronous systems using Multi–valued Decision Diagrams. In contrast to related work, we encode the next–state function of a system not as a single Boolean function, but as cross–products of integer functions. This permits the applicati ..."
Abstract

Cited by 56 (30 self)
 Add to MetaCart
We present a novel algorithm for generating state spaces of asynchronous systems using Multi–valued Decision Diagrams. In contrast to related work, we encode the next–state function of a system not as a single Boolean function, but as cross–products of integer functions. This permits the application of various iteration strategies to build a system’s state space. In particular, we introduce a new elegant strategy, called saturation, and implement it in the tool SMART. On top of usually performing several orders of magnitude faster than existing BDD–based state–space generators, our algorithm’s required peak memory is often close to the final memory needed for storing the overall state space.
Efficient symbolic statespace construction for asynchronous systems
 Application and Theory of Petri Nets 2000 (Proc. 21th Int. Conf. on Applications and Theory of Petri Nets, Aarhus, Denmark), Lecture Notes in Computer Science 1825
, 2000
"... ..."
SMART: Simulation and Markovian Analyzer for Reliability and Timing
, 1996
"... SMART is a new tool designed to allow various highlevel stochastic modeling formalisms (such as stochastic Petri nets and queueing networks) to be described in a uniform environment and solved using a variety of solution techniques, including numerical methods and simulation. Since SMART is intende ..."
Abstract

Cited by 35 (12 self)
 Add to MetaCart
SMART is a new tool designed to allow various highlevel stochastic modeling formalisms (such as stochastic Petri nets and queueing networks) to be described in a uniform environment and solved using a variety of solution techniques, including numerical methods and simulation. Since SMART is intended as a research tool, it is written in a modular way that permits the easy integration of new solution algorithms. I. SMART Language Models are described to SMART using a stronglytyped, declarative language. The three basic predefined types for the objects defined in SMART are: ffl bool: true or false. ffl int: integer values. ffl real: real values (machinedependent precision). Composite types can be defined using the concepts of: ffl sets: collection of homogeneous objects. ffl arrays: multidimensional data structures of homogeneous objects indexed by the elements of a set. ffl aggregates: analogous to the Pascal "record". A type can be further modified by the following natures, w...
Synthesizing Petri nets from statebased models
, 1995
"... This paper presentsa method to synthesize labeled Petri nets from statebased models. Although statebased models (such as Finite State Machines) are a powerful formalism to describe the behavior of sequential systems,they cannot explicitly express the notions of concurrency, causality and conflict. ..."
Abstract

Cited by 35 (16 self)
 Add to MetaCart
This paper presentsa method to synthesize labeled Petri nets from statebased models. Although statebased models (such as Finite State Machines) are a powerful formalism to describe the behavior of sequential systems,they cannot explicitly express the notions of concurrency, causality and conflict. Petri nets can naturally capture these notions. The proposed method in based on deriving an Elementary Transition System (ETS) from a specification model. Previous work has shown that for any ETS there exists a Petri net with minimum transition count (one transition for each label) with a reachability graph isomorphic to the original ETS. This paper presents the first known approach to obtain an ETS from a nonelementary TS and derive a placeirredundant Petri net. Furthermore, by imposing constraints on the synthesis method, different classes of Petri nets can be derived from the same reachability graph (pure, free choice, unique choice). This method has been implemented and efficiently applied in different frameworks: Petri net composition, synthesis of Petri nets from asynchronous circuits, and resynthesis of Petri nets. 1
Verification of Embedded Systems using a Petri Net based Representation
 in Proc. ISSS, 2000
, 2000
"... The ever increasing complexity of embedded systems consisting of hardware and software components poses a challenge in verifying their correctness. New verification methods that overcome the limitations of traditional techniques and, at the same time, are suitable for hardware/ software systems are ..."
Abstract

Cited by 32 (12 self)
 Add to MetaCart
The ever increasing complexity of embedded systems consisting of hardware and software components poses a challenge in verifying their correctness. New verification methods that overcome the limitations of traditional techniques and, at the same time, are suitable for hardware/ software systems are needed. In this work we formally define the semantics of PRES+, a Petri net based computational model aimed to represent embedded systems. We introduce an approach to formal verification of such systems: we make use of model checking to prove the correctness of embedded systems by determining the truth of CTL and TCTL formulas that specify required properties with respect to a PRES+ model. An ATM server illustrates the feasibility of our approach on practical applications. 1. Introduction Modern electronic systems are typically constituted of applicationspecific hardware components and software running on programmable platforms. The inherent heterogeneity of this kind of systems makes the...
Logical and stochastic modeling with SMART
, 2003
"... We describe the main features of SmArT, a software package providing a seamless environment for the logic and probabilistic analysis of complex systems. SmArT can combine dierent formalisms in the same modeling study. For the analysis of logical behavior, both explicit and symbolic statespace g ..."
Abstract

Cited by 23 (13 self)
 Add to MetaCart
We describe the main features of SmArT, a software package providing a seamless environment for the logic and probabilistic analysis of complex systems. SmArT can combine dierent formalisms in the same modeling study. For the analysis of logical behavior, both explicit and symbolic statespace generation techniques, as well as symbolic CTL modelchecking algorithms, are available. For the study of stochastic and timing behavior, both sparsestorage and Kronecker numerical solution approaches are available when the underlying process is a Markov chain. In addition,
Checking Signal Transition Graph Implementability by Symbolic BDD Traversal
, 1995
"... This paper defines conditions for a Signal Transition Graph to be implemented by an asynchronous circuit. A hierarchy of the implementability classes is presented. Our main concern is the implementability of the specification under the restricted inputoutput interface between the design and the env ..."
Abstract

Cited by 21 (13 self)
 Add to MetaCart
This paper defines conditions for a Signal Transition Graph to be implemented by an asynchronous circuit. A hierarchy of the implementability classes is presented. Our main concern is the implementability of the specification under the restricted inputoutput interface between the design and the environment, i.e., when no additional interface signals are allowed to be added to the design. We develop algorithms and present experimental results of using BDDtraversal for checking STG implementability. These results demonstrate efficiency of the symbolic approach and show a way of improving existing tools for STGbased asynchronous circuit design.
Verification of Asynchronous Circuits by BDDbased Model Checking of Petri Nets
 In 16th Int. Conf. on Application and Theory of Petri Nets, volume 935 of LNCS
, 1996
"... . This paper presents a methodology for the verification of speedindependent asynchronous circuits against a Petri net specification. The technique is based on symbolic reachability analysis, modeling both the specification and the gatelevel network behavior by means of boolean functions. These fu ..."
Abstract

Cited by 21 (3 self)
 Add to MetaCart
. This paper presents a methodology for the verification of speedindependent asynchronous circuits against a Petri net specification. The technique is based on symbolic reachability analysis, modeling both the specification and the gatelevel network behavior by means of boolean functions. These functions are efficiently handled by using Binary Decision Diagrams. Algorithms for verifying the correctness of designs, as well as several circuit properties are proposed. Finally, the applicability of our verification method has been proven by checking the correctness of different benchmarks. 1 Introduction During these last few years, asynchronous circuits have gained interest due to their promising advantages, such as local synchronization, elimination of the clock skew problem, faster and less powerconsuming circuits, and high degree of modularity. However, the concurrent nature of asynchronous circuits makes them difficult to design because all transitions must be taken into account ...