Maximality Semantic For Recursive Petri Nets

Abstract

This paper is in the framework of the specification and the verification of concurrent dynamic systems. We are interested by recursive Petri net specification model for which we define a maximality semantics. The underlying semantic model is a maximality-based labeled transition system. For this purpose, we propose a maximality operational semantic for recursive Petri nets. As an illustration, a system of filling medical bottles is specified in terms of recursive Petri net and translated to a maximality-based labeled transition system. This later is used to check the system properties. The properties are expressed using the CTL logic and verified by means of the FOCOVE tool. INTRODUCTION A Petri net is both a graphical and mathematical representation, used to formally specify the behaviors of concurrent systems. The marking graph associated with a given Petri net is used for checking the expected properties of the system. Indeed this marking graph is seen as a labeled transition system. However labeled transition systems are based on interleaving semantics. This later represents parallel executions as their interleaved sequential executions. To clarify the idea, we consider the example of two Petri nets (Figures 1.(a) and 1.(b)). Figure 1: Petri nets. Figure 1.(a) represents a system which can execute transitions t1 and t2 in parallel, whereas Figure 1.(b) represents a system that execute sequentially, either the transitions t1 and t3, or the transitions t2 and t4. The marking graphs of the two Petri nets are given respectively by the labeled transition systems (LTS) of Figures 2.(a) and 2.(b). If both transitions t1 and t4 are labeled by the action a and t2 and t3 by b, then the two marking graphs are isomorphic. Therefore, the concurrent execution of the actions a and b is interpreted as their interleaved execution in time. Figure 2: interleaving Semantics This result is acceptable under the assumption that the firing of each transition corresponds to the execution of an indivisible action with null duration (structural and temporal atomicity of actions). Nevertheless, this assumption is often not realistic in practice. Taking into account non atomicity of actions in a system has been deeply studied in the literature through the definition of several semantics supporting the concept of action refinement, e.g. L. Aceto and M. Hennessy 1991) (E. Best and al. 1991) (G. Boudol and I. Castellani 1988) (J.P.Courtiat and D.E. Saidouni 1994) (J.P. Courtiat and D.E. Saidouni 1995) (P. Darondeau and P. Degano 1989) ( P. Darondeau and P. Degano 1991) (P. Darondeau and P. Degano 1993) (P. Degano and R. Gorrieri 1991) ( R. Devillers 1992a) (R. Devillers 1992b) (R. Devillers 1993)( E.W. Dijkstra 1971) (W. Janssen and al. 1991) (D.E. Saidouni 1996) (J.R. van Glabbeek 1990). As a first advantage, action refinement allows a hierarchical design of systems. A second interest is the ability to semantically characterize concurrent executions of non-instantaneous actions. In this context, the maximality semantic was exploited to specify concurrent systems, through the model of the maximality labeled transition systems. This semantic (a) p1