ebook img

On the Upward/Downward Closures of Petri Nets PDF

0.54 MB·
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview On the Upward/Downward Closures of Petri Nets

On the Upward/Downward Closures of Petri Nets Mohamed Faouzi Atig Roland Meyer, Sebastian Muskalla, and Prakash Saivasan Uppsala University TU Braunschweig [email protected] {roland.meyer,s.muskalla,p.saivasan}@tu-bs.de Abstract—We study the size and the complexity of computing also optimal since we present a family of Petri net languages finite state automata (FSA) representing and approximating for which the minimal finite state automata representing their the downward and the upward closure of Petri net languages upward closure are of doubly-exponential size. with coverability as the acceptance condition. We show how to OursecondcontributionisafamilyofPetrinetlanguagesfor 7 construct an FSA recognizing the upward closure of a Petri net 1 language in doubly-exponential time, and therefore the size is at whichthesizeoftheminimalfinitestateautomatarepresenting 0 most doubly exponential. For downward closures, we prove that the downward closure is non-primitive recursive. To prove this, 2 thesizeoftheminimalautomatacanbenon-primitiverecursive. we provide a family of Petri nets whose language, albeit finite, In the case of BPP nets, a well-known subclass of Petri nets, we n is astronomically large: It contains Ackermann many words. show that an FSA accepting the downward/upward closure can a The downward closure of Petri net languages has been shown be constructed in exponential time. Furthermore, we consider J the problem of checking whether a simple regular language is to be effectively computable in [20]. The algorithm is based 1 includedinthedownward/upwardclosureofaPetrinet/BPPnet on the Karp-Miller tree [25], which also has a non-primitive 1 language. We show that this problem is EXPSPACE-complete recursive complexity. ] (Friensapl.lyN,wPe-csohmopwletthea)tiintitshdeecciadsaebolefwPheetrthienreatsP(ertersipn.eBtlPaPngnueatgse). Furthermore, we consider the SRE inclusion problem which L is upward/downward closed. asks whether the language of a simple regular expression F is included in the downward/upward closure of a Petri net s. I. INTRODUCTION language. The idea behind SRE inclusion is to stratify the c Petri nets are a popular model of concurrent systems [17]. problem of computing the downward/upward closure: Rather [ Petri net languages (with different acceptance conditions) than having an algorithm compute all information about the 1 have been extensively studied during the last years, including language, we imagine to have an oracle (e.g. an enumeration) v decidingtheiremptiness(whichcanbereducedtoreachability) making proposals for SREs that could be included in the 7 [33], [26], [28], [29], their regularity [41], [13], their context- downward/upward closure. The task of the algorithm is merely 2 freeness [40], [30], and many other decision problems (e.g. tocheckwhetheraproposedinclusionholds.Weshowthatthis 9 2 [20], [2], [18]). In this paper, we consider the class of Petri net problem is EXPSPACE-complete in both cases. In the case of 0 languageswithcoverabilityastheacceptancecondition(i.e.the upward closures, we prove that SRE inclusion boils down to 1. setofsequencesoftransitionlabelsoccurringinacomputation checking whether the set of minimal words of the given SRE 0 reaching a marking greater than a given final marking). is included in the upward closure of the Petri net language. In 7 We address the problem of computing the downward and the case of downward closures, we reduce the problem to the 1 the upward closure of Petri net languages. The downward simultaneous unboundedness problem for Petri nets, which is : v closure of a language L, denoted by L↓, is the set of all EXPSPACE-complete [13]. i subwords, all words that can be obtained from words in L by We also study the problem of checking whether a Petri X deleting letters. The upward closure of L, denoted by L↑, net language actually is upward or downward closed. This r a is the set of all superwords, all words that can be obtained is interesting as it means that an automaton for the closure, from words in L by inserting letters. It is well-known that, for which we can compute with the aforementioned methods, is a any language, the downward and upward closure are regular precise representation of the system’s behavior. We show that and can be described by a simple regular expression (SRE). the problem of being upward/downward closed is decidable However, such an expression is in general not computable. For for Petri nets. The result is a consequence of a more general example, it is not possible to compute the downward closure decidabilitythatwebelieveisofindependentinterest.Weshow of languages recognized by lossy channel systems [35]. that checking whether a regular language is included in a Petri In this paper, we first consider the problem of constructing a net language (with coverability as the acceptance condition) finite state automaton (FSA) accepting the upward/downward is decidable. Here, we rely on a decision procedure for trace closure of a Petri net language. We give an algorithm that inclusion due to Esparza et. al [24]. computesanFSAfortheupwardclosureindoubly-exponential Finally, we consider BPP1 nets [14], a subclass of Petri nets time.ThesizeoftheconstructedFSAisalsodoublyexponential defined by a syntactic restriction: Every transition is allowed in the size of the input. This is done by showing that every to consume at most one token in total. We show that we minimal word results from a computation of length at most doubly exponential in the size of the input. Our algorithm is 1BPPstandsforbasicparallelprocesses,anotionfromprocessalgebra. can compute finite state automata accepting the upward and (resp.[i..j[for{k ∈N | i≤k <j}).LetΣbeafinitealphabet. the downward closure of a BPP net language in exponential We use Σ∗ (resp. Σ+) to denote the set of all finite words time. The size of the FSA is also exponential. Our algorithms (resp. non-empty words) over Σ and ε to denote the empty are optimal as we present a family of BPP net languages for word. We use Σ to denote Σ∪{ε}. Let u be a word over Σ. ε which the minimal FSA representing their upward/downward The length of u is denoted by |u|, where |ε|=0. Let k ∈N closure have exponential size. Furthermore, we consider the be a natural number, we use Σk (resp. Σ≤k) to denote the set SRE inclusion problem. We show that, in the case of BPP nets, of all words of length equal (resp. smaller or equal) to k. A it is NP-complete for both, inclusion in the upward and in the language L over Σ is a (possibly infinite) set of finite words. downward closure. To prove the upper bound, we reduce to Let Γ be a subset of Σ. Given a word u∈Σ∗, we denote the satisfiability problem for existential Presburger arithmetic by π (u) the projection of u over Γ, i.e. the word obtained Γ (which is known to be NP-complete [39]). The hardness is by from u by erasing all the letters that are not in Γ. a reduction from SAT to the emptiness of BPP net languages, The Parikh image of a word [36] counts the number of which in turn reduces to SRE inclusion. occurrences of all letters while forgetting about their relative The following table summarizes our results: positioning. Formally, the function Ψ:Σ∗ (cid:55)→NΣ takes a word w ∈ Σ∗ and gives the function Ψ(w) : Σ → N defined by (cid:12) (cid:12) Problem\Nettype Petrinet BPPnet (Ψ(w))(a)=(cid:12)π{a}(w)(cid:12) for all a∈Σ. DoublyExponential Exponential The subword relation(cid:22) ⊆Σ∗×Σ∗ [23] between words is Upwardclosure (Size&Time,Optimal) (Size&Time,Optimal) defined as follows: A word u=a ...a is a subword of v, 1 n Non-primitiverecursive Exponential denotedu(cid:22)v,ifucanbeobtainedbydeletinglettersfromvor, Downwardclosure (Size&Time,Optimal) (Size&Time,Optimal) equivalently,ifv =v a v ...a v forsomev ,...,v ∈Σ∗. 0 1 1 n n 0 n SREinupwardclosure EXPSPACE-complete NP-complete Let L be a language over Σ. The upward closure of L SREindownwardclosure EXPSPACE-complete NP-complete consists of all words that have a subword in the language, Beingupward/downward Decidable Decidable L↑ ={v ∈Σ∗ | ∃u∈L:u(cid:22)v}. The downward closure of closed L contains all words that are dominated by a word in the Related work: Several constructions have been proposed in language, L↓ ={u∈Σ∗ | ∃v ∈L:u(cid:22)v}. Higman showed the literature to compute finite state automata recognizing the that the subword relation is a well-quasi ordering [23], which downward/upward closure. In the case of Petri net languages means that every set of words S ⊆Σ∗ has a finite basis — a (with various acceptance conditions including reachability), finite set of minimal elements v ∈S such that (cid:64)u∈S :u(cid:22)v. it has been shown that the downward closure is effectively Withfinitebases,L↑ andL↓ areguaranteedtoberegularfor computable[20].Withtheresultsinthispaper,thecomputation every language L ⊆ Σ∗ [22]. Indeed, they can be expressed andthestatecomplexityhavetobenon-primitiverecursive.For using the subclass of simple regular languages defined by so- the languages generated by context-free grammars, effective called simple regular expressions [1]. These SREs are choices computabilityofthedownwardclosureisdueto[42],[19],[10], among products p, which in turn interleave single letters a or [8]. For the languages recognized by one-counter automata, a (a+ε) with iterations over letters from subsets Γ⊆Σ of the strict subclass of the context-free languages, it has been shown alphabet: how to compute in polynomial time a finite state automaton sre ::=p (cid:112) sre+sre p ::=a (cid:112) (a+ε) (cid:112) Γ∗ (cid:112) p.p . accepting the downward/upward closure of the language [7]. The effective computability of the downward closure has also The syntactic size of an SRE sre is denoted by |sre|. The beenshownforstackedcounterautomata[44].In[43],Zetzsche definition is as expected, every piece of syntax contributes to provides a characterization for a class of languages to have it. an effective downward closure. It has been used to prove the Afinitestateautomaton(FSA)Aisatuple(Q,→,q ,Q ,Σ) 0 f effective computability of downward closures of higher-order whereQisafinitenon-emptysetofstates,Σisthefiniteinput pushdown automata and higher-order recursion schemes [21], alphabet, → ⊆Q×Σ ×Q is the transition relation, q ∈Q ε 0 [9]. The downward closure of the languages of lossy channel is the initial state, and Q ⊆Q is the set of final states. We f systems is not computable [35]. represent a transition (q,a,q(cid:48))∈→ by q →a q(cid:48) and generalize A Thecomputabilityresultsdiscussedabovehavebeenusedto the relation to words in the expected way. The language of prove the decidability of verification problems and to develop finite words accepted by A is denoted by L(A). Finally, the approximation-based program analysis methods (see e.g. [6], size of A, denoted |A|, is defined by |Q|+|Σ|. [5], [4], [27], [32], [45]). Throughout the paper, we will give III. PETRINETS hints to applications in verification. In the following, we recall the basic notions concerning II. PRELIMINARIES Petri nets following standard textbooks [38]. A (labeled) In this section, we fix some basic definitions and notations Petri net is a tuple N =(Σ,P,T,F,λ). Here, Σ is a fi- that will be used throughout the paper. nite alphabet, P a finite set of places, T a finite set of Let N denote the set of natural numbers. For every i,j ∈N transitions, F :(P ×T)∪(T ×P)→N a flow function, and withi≤j,weuse[i..j]todenotetheset{k ∈N | i≤k ≤j} λ : T (cid:55)→ Σ∪{ε} is a labelling function with ε being the empty word. When convenient, we will assume that the places A. Petri Nets are ordered, i.e. P = [1..(cid:96)] for some (cid:96) ∈ N. For any place We prove a doubly-exponential upper bound on the size of or transition x ∈ P ∪T, we define the preset to consist of the finite state automaton representing the upward closure of the elements that have an arc to the corresponding place or a Petri net language. Then, we present a family of Petri net transition, •x = {y ∈P ∪T | F(y,x)>0}. The postset is languages for which the minimal finite state automata repre- defined similarly, x• ={y ∈P ∪T | F(x,y)>0}. senting their upward closure have a size doubly exponential in To define the semantics of Petri nets, we use markings the size of the input. M :P →N, runtime configurations, that assign to each place a number of tokens. A marking M enables a transition t, Upper Bound: Fix the Petri net N = (Σ,P,T,F,λ) and denoted M[t(cid:105), if M(p)≥F(p,t) for all p∈P. A transition let M0 and Mf be the initial and the final marking of interest. t that is enabled may be fired, leading to the new marking Define n=|N|+|M0|+|Mf|. M(cid:48) defined by M(cid:48)(p) = M(p) − F(p,t) + F(t,p) for all Theorem 1. One can construct a finite state automaton of size p ∈ P, i.e. t consumes F(p,t) many tokens and produces O(22poly(n)) for L(N,M ,M )↑ . 0 f F(t,p) many tokens in p. We write the firing relation as M[t(cid:105)M(cid:48). A computation π =M [t (cid:105)M ···[t (cid:105)M consists The remainder of the section is devoted to proving the 0 1 1 m m of markings and transitions. We extend the firing relation to theorem. We will show that every minimal word results from transition sequences σ ∈ T∗ in the straightforward manner a computation of length at most O(22poly(n)). Let us call such and also write π = M [σ(cid:105)M . A marking M is reachable computations the minimal ones. Let k be a bound on the 0 m from an initial marking M if M [σ(cid:105)M for some σ ∈T∗. A length of the minimal computations. This means the language 0 0 marking M covers another marking Mf, denoted M ≥ Mf, Lk(N,M0,Mf)containsallminimalwordsofL(N,M0,Mf). if M(p)≥Mf(p) for all p∈P. A marking Mf is coverable Furthermore, Lk(N,M0,Mf)⊆L(N,M0,Mf) and therefore from M0 if there is a marking M reachable from M0 that theequalityLk(N,M0,Mf)↑=L(N,M0,Mf)↑ holds.Now covers M , M [σ(cid:105)M ≥M for some σ ∈T∗. wecanusethefollowinglemmatoconstructafiniteautomaton f 0 f Given a Petri net N, an initial marking M0, and a final whose size is O(22poly(|n|)) and that accepts Lk(N,M0,Mf). marking M , the associated covering language is Without an increase in size, this automaton can be modified to f accept L (N,M ,M )↑ . k 0 f L(N,M ,M )={λ(σ) | σ ∈T∗, M [σ(cid:105)M ≥M } . 0 f 0 f Lemma 2. Consider N, M , and M . For every k ∈N, we 0 f where the labeling function λ is extended to sequences of canconstructafinitestateautomatonofsizeO((k+2)poly(n)) transitions in the straightforward manner. Given a natural that accepts Lk(N,M0,Mf), where n=|N|+|M0|+|Mf|. number k ∈N, we define It remains to show that every minimal word results from a Lk(N,M0,Mf)=(cid:8)λ(σ) (cid:12)(cid:12) σ ∈T≤k, M0[σ(cid:105)M ≥Mf(cid:9) computation of length at most doubly exponential in the size of the input. This is the following proposition. to be the set of words accepted by computations of length at Proposition 3. For every computation M [σ(cid:105)M ≥M , there most k. 0 f is M [σ(cid:48)(cid:105)M(cid:48) ≥ M with λ(σ(cid:48))(cid:22) λ(σ) and |σ(cid:48)| ≤ 22cnlogn, Let max(F) denote the maximum of the range of the flow 0 f where c is a constant. function F. We define the size of the Petri net N to be Our proof is an adaptation of Rackoff’s technique to |N|=|Σ|+(2·|P|·|T|·(1+(cid:100)log (1+max(F))(cid:101))) . 2 show that coverability can be solved in EXPSPACE [37]. For a marking M, we define its size as Rackoff derives a bound (similar to ours) on the length of the shortest computations that cover a given marking. In our |M|=(|P|·(1+(cid:100)log (1+max(M))(cid:101))) , setting where we deal with labeled Petri nets, his proof needs 2 two amendments. First, it is not sufficient to consider the where max(M) denotes the maximum of the range of M. shortest covering computations. Instead, we have to consider We define the token count tc(M) of a marking M to be the computations long enough to generate all minimal words. sum of all tokens assigned by M, tc(M)=Σ M(p). p∈P Second, Rackoff’s proof splits a firing sequence into two parts, A Petri net N is said to be a BPP net if every transition and then replaces the second part by a shorter one. In our case, consumes at most one from one place (i.e. Σ F(p,t)≤1 p∈P we need that the shorter word is a subword of the original for every t∈T). one. We now elaborate on Rackoff’s proof strategy and give the required definitions, then we explain in more detail our IV. UPWARDCLOSURES adaptation, and finally give the technical details. We consider the problem of constructing a finite state We assume that the places are ordered, i.e. P = [1..(cid:96)]. automaton accepting the upward closure of a Petri net and a Rackoff’s idea is to relax the definition of the firing relation BPP net language, respectively. The upward closure offers an and allow for negative token counts on the last i+1 to (cid:96) over-approximation of the system behavior that is useful for places. With a recurrence over the number of places, he then verification purposes [32]. obtains a bound on the length of the computations that keep the first i places positive. Formally, an unrestricted marking we comment on this in a moment. A bound on f((cid:96)) will give of N is a function M : P → Z. An unrestricted marking usaboundonthemaximumlengthofacomputationaccepting M i-enables a transition t ∈ T if M(j) ≥ F(j,t) for all a minimal word from L(N,M ,M ). To derive the bound, 0 f j ∈ [1..i]. Firing t yields a new unrestricted marking M(cid:48), we prove that f(i+1) ≤ (2nf(i))i+1+f(i). Together with denoted M[t(cid:105) M(cid:48), with M(cid:48)(p) = M(p)−F(p,t)+F(t,p) f(0)=1, this also shows that f(i) is well-defined. The proof i for all p ∈ P. A computation π = M [t (cid:105) M ...[t (cid:105) M is by Rackoff’s famous case distinction [37]. 0 1 i 1 m i m is i-bounded with i ∈ [1..(cid:96)] if for each marking M with k Lemma 4. f(0) = 1 and f(i+1) ≤ (2nf(i))i+1+f(i) for k ∈[0..m] and each place j ∈[1..i], we have M (j)≥0. We k all i∈[0..(cid:96)[. assume a fixed marking M to be covered. The computation π f is i-covering (wrt. M ) if M (j)≥M (j) for all j ∈[1..i]. f m f Lower Bound: We present a family of Petri net languages Given two computations π =M [t (cid:105) ···[t (cid:105) M and π = 1 0 1 i k i k 2 for which the minimal finite state automata representing the M(cid:48)[t(cid:48)(cid:105) ···[t(cid:48)(cid:105) M(cid:48) suchthatM (j)=M(cid:48)(j)forallj ∈[1..i], 0 1 i s i s k 0 upward closure are of size doubly exponential in the size of we define their i-concatenation π · π to be the computation 1 i 2 the input. We rely on a construction due to Lipton [31] that M [t (cid:105) ···[t (cid:105) M [t(cid:48)(cid:105) M(cid:48)(cid:48) ···[t(cid:48)(cid:105) M(cid:48)(cid:48) . Note that M(cid:48)(cid:48) 0 1 i k i k 1 i k+1 s i k+s k+1 shows how to calculuate in a precise way (including zero tests) coincideswithM1(cid:48) onthefirstiplacesbutmayhaveadifferent with values up to 22n in Petri nets. token count on the remaining places, and similar for the other new markings. Lemma 5. For every number n∈N, we can construct a Petri Rackoff’s result provides a bound on the length of the net N(n)=({a},P,T,F,λ) and markings M ,M of size 0 f shortesti-coveringcomputations.Sincewehavetogenerateall polynomial in n such that the language is minimal words, we will specify precisely which computations L(N(n),M ,M )=(cid:8)a22n(cid:9) . to consider (not only the shortest ones). Moreover, Rackoff’s 0 f bound holds independent of the initial marking. This is needed, TheupwardclosureL(N(n),M0,Mf)↑ is(cid:8)ak (cid:12)(cid:12) k ≥22n(cid:9) because the proof of the main lemma splits a firing sequence and needs at least 22n states. into two parts and then consider the starting marking of the second part as the new initial marking. The sets we define in B. BPP Nets the following will depend on some unrestricted initial marking We establish an exponential upper bound on the size of the M, but we then quantify over all possible markings to get rid finite automata representing the upward closure of BPP net of the dependency. languages. Then, we present a family of BPP net languages for Let Paths(M,i) be the set of all paths associated with which the minimal finite automata representing their upward i-covering and i-bounded computations starting at M, i.e. closure are of size at least exponential in the size of the input. Paths(M,i)=(cid:26)σ ∈T∗ (cid:12)(cid:12)(cid:12) π =M[σ(cid:105)iM(cid:48), (cid:27). Upper Bound: Fix the BPP net N = (Σ,P,T,F,λ) and (cid:12) π is i-bounded and i-covering assume M and M to be the initial and the final marking of 0 f Let interest. Let n=|N|+|M |+|M |. 0 f Words(M,i)={λ(σ) | σ ∈Paths(M,i)} Theorem 6. One can construct a finite state automaton of size be the corresponding set of words, and let O(2poly(n)) for L(N,M ,M )↑ . 0 f Basis(M,i)={w ∈Words(M,i) | w is(cid:22)-minimal} Wewillshow(Proposition7)thateveryminimalwordresults from a computation whose length is polynomially dependent betheminimalelementsinthisset.Thefollowingisthecentral on the number of transitions and on the number of tokens in definition. It gives the set of shortest paths that yield (via their the final marking (which may be exponential in the size of labelings) the minimal words in Basis(M,i): the input). Let k be a bound on the length of the minimal SPath(M,i)={σ ∈Paths(M,i)| λ(σ)∈Basis(M,i) and computations. With the same argument as before and using (cid:64)σ(cid:48) ∈Paths(M,i):|σ(cid:48)|<|σ| and λ(σ(cid:48))=λ(σ)}. Lemma 2, we can construct a finite state automaton of size O(2poly(n)) that accepts L (N,M ,M )↑ . k 0 f Define m(M,i) = max{|σ|+1 | σ ∈SPath(M,i)} to Proposition 7. Consider a BPP net N. For every computation be the length (+1) of the longest path in SPath(M,i), or M [σ(cid:105)M ≥M there is M [σ(cid:48)(cid:105)M(cid:48) ≥M with λ(σ(cid:48))(cid:22)λ(σ) m(M,i)=0 if SPath(M,i) is empty. Note that Basis(M,i) 0 f 0 f and |σ(cid:48)|≤tc(M )2|T|. is finite and therefore only finitely many different lengths f occur for sequences in SPath, i.e. m(M,i) is well-defined. To The key to proving the lemma is to consider a structure remove the dependency on M, define that makes the concurrency among transitions in the BPP f(i)=max(cid:8)m(M,i) (cid:12)(cid:12) M ∈Z(cid:96)(cid:9) computation of interest explicit. Phrased differently, we give a true concurrency semantics (also called partial order semantics to be the maximal length of an i-covering computation, where andsimilartoMazurkiewicztraces)toBPPcomputations.Since the maximum is taken over all unrestricted initial markings. BPPsdonotsynchronize,thecomputationyieldsaforestwhere The well-definedness of f(i) is not clear from the definition, different branches represent causally independent transitions. To obtain a subcomputation that covers the final marking, we The computation τ induces a forest in O that consists of all selectfromtheforestasetofleavesthatcorrespondsexactlyto places that contain a token after firing τ and their predecessors. the final marking. We then show that the number of transitions We now construct a subcomputation by restricting τ to the in the minimal forest that generates the selected set of leaves transitions leading to the places in X. Note that the transitions is polynomial in the number of tokens in the final marking leadingtoX arecontainedin(cid:98)X(cid:99),whichmeanswecandefine and in the number of transitions. the subcomputation as τ = π (τ), i.e. the projection of 1 (cid:98)X(cid:99) To make this proof sketch precise, we use (and adapt τ onto (cid:98)X(cid:99). In τ1, we mark all (cid:22)-maximum transitions t(cid:48) to our purposes) unfoldings, a true concurrency semantics that lead to two different places in X. Formally, if there are for Petri nets [16]. The unfolding of a Petri net is the true x,y ∈ X with t(cid:48) ∈ (cid:98)x(cid:99)∩(cid:98)y(cid:99) and there is no t(cid:48)(cid:48) (cid:23) t(cid:48) with concurrency analogue of the computation tree — a structure t(cid:48)(cid:48) ∈ (cid:98)x(cid:99)∩(cid:98)y(cid:99), then we mark t(cid:48). We call the marked t(cid:48) the that represents all computations. Rather than having a node for join transitions. each marking, there is a node for each token in the marking. Assume that t(cid:48) (cid:54)=t(cid:48)(cid:48) are two join transitions that occur on To make the idea of unfoldings formal, we need the notion the same branch of the forest. Note that for two places in X, of an occurrence net, an unlabelled BPP net O =(P(cid:48),T(cid:48),F(cid:48)) thereeitherisnojointransitionorauniqueoneleadingtothese that is acyclic and where each place has at most one incoming two places, so t(cid:48) and t(cid:48)(cid:48) have to lead to different places of X. transition and each transition creates at most one token per Let t(cid:48)t1...tmt(cid:48)(cid:48) be the transitions on the branch in between t(cid:48) place: (cid:80) F(t(cid:48),p(cid:48))≤1 for every p(cid:48) ∈P(cid:48). Two elements and t(cid:48)(cid:48). We assume that t(cid:48) and t(cid:48)(cid:48) are adjacent join transitions, t(cid:48)∈T(cid:48) x,y ∈ P(cid:48) ∪ T(cid:48) are causally related, x (cid:22) y, if there is a i.e. none of the ti is a join transition. path from x to y. We use (cid:98)x(cid:99) = {y ∈P(cid:48)∪T(cid:48) | y (cid:22)x} to Since t(cid:48),t(cid:48)(cid:48) occur in τ1, all ti also have to occur in τ1. If denote the predecessors of x ∈ P(cid:48) ∪ T(cid:48). The (cid:22)-minimal there are indices j < k such that tj = tk, we may delete places are denoted by Min(O). The initial marking of O is tj+1...tk from τ1 while keeping a transition sequence that fixed to having one token in each place of Min(O) and no covers X. It will cover X as none of the deleted transitions tokens elsewhere. So occurrence nets are 1-safe and we can was a join transition, i.e. we will only lose leaves of the forest identify markings with sets of places P(cid:48),P(cid:48) ⊆P(cid:48) and write thatarenotinX.Werepeatthisdeletionprocessuntilthereare 1 2 P(cid:48)[t(cid:48)(cid:105)P(cid:48). To formalize that O captures the behavior of a BPP no more repeating transitions between adjacent join transitions. 1 2 netN =(Σ,P,T,F,λ)frommarkingM0,wedefineafolding Let the resulting transition sequence be τ2. First, note that for homomorphism h:P(cid:48)∪T(cid:48) →P ∪T satisfying any x ∈ X, there are at most tc(Mf) many join transitions on the branch from the corresponding minimal element to x. (1) Initiation: h(Min(O))=M . 0 (In the worst case, for each place in X\{x}, there is a join (2) Consecution: For all t(cid:48) ∈T(cid:48), h(•t(cid:48))=•h(t(cid:48)), and for all transition on the branch, and |X| = tc(M ).) Between any p∈P, (h(t(cid:48)•))(p)=F(h(t(cid:48)),p). f two adjacent join transitions along such a path, there are at (3) No redundancy: For all t(cid:48),t(cid:48) ∈ T(cid:48), with •t(cid:48) = •t(cid:48) and 1 2 1 2 most |T| transitions (after deletion). Hence, the number of h(t(cid:48))=h(t(cid:48)), we have t(cid:48) =t(cid:48). 1 2 1 2 transitionsinsuchapathisboundedbytc(M )·|T|.Sincewe f Here, h(P1(cid:48)) with P1(cid:48) ⊆ P(cid:48) is a function from P to N havetc(Mf)manyplacesinX,thetotalnumberoftransitions with (h(P1(cid:48)))(p)=|{p(cid:48) ∈P1(cid:48) | h(p(cid:48))=p}|. The pair (O,h) is in τ2 is bounded by tc(Mf)2·|T|. calledabranchingprocessof(N,M0).Branchingprocessesare Lower Bound: We present a family of BPP net languages partially ordered by the prefix relation which, intuitively, states for which the minimal finite state automata representing the how far they unwind the BPP. The limit of the unwinding upward closure are exponential in the size of the input. The process is the unfolding Unf(N,M0), the unique (up to key idea is to rely on the final marking, which is encoded in isomorphism) maximal branching process. It is not difficult binary and hence can require 2n tokens. to see that there is a one to one correspondence between the Lemma 8. For all numbers n∈N, we can construct a BPP firing sequences in the BPP net and the firing sequences in the net N(n)=({a},P,T,F,λ) and markings M ,M of size unfolding. Note that Unf(N,M ) will usually have infinitely 0 f 0 polynomial in n such that the language is many places and transitions, but every computation will only use places up to a bounded distance from Min(O). With this, L(N(n),M ,M )={a2n} . 0 f we are prepared to prove the above statement. ProofofProposition7: ConsideracomputationM [σ(cid:105)M Proof: The BPP net N(n) consists of places p to p 0 1 n with M ≥M in the given BPP net N =(Σ,P,T,F,λ). Let connected by a series of transitions that double the tokens f (O,h) with O = (P(cid:48),T(cid:48),F(cid:48)) be the unfolding Unf(N,M ). from place to place. As a result, on the last place 2n many 0 Due to the correspondence in the firing behavior, there is tokens can be produced. These tokens will be used to create a sequence of transitions τ in O with h(τ) = σ and 2n letters a, and the occurrence of the letters is checked by Min(O)[τ(cid:105)P(cid:48) with h(P(cid:48)) = M. Since M ≥ M , we know the final marking. 1 1 f that for each place p∈P, the set P(cid:48) contains at least M (p) Formally, the places are P = {p | i∈[1..n]}∪{p }. 1 f i final many places p(cid:48) with h(p(cid:48))=p. We arbitrarily select a set X The transitions are T = {t | i∈[1..n−1]}∪{t } with p i final of size M (p) of such places p(cid:48) from P(cid:48). Let X =(cid:83) X F(p ,t ) = 1, F(t ,p ) = 2 for all i ∈ [1..n − 1], f 1 p∈P p i i i i+1 be the union for all p∈P. F(p ,t ) = 1, F(t ,p ) = 1, and F is 0 for all n final final final other arguments. The label of all t is ε, the label of t is Upper Bound: Fix the BPP net N = (Σ,P,T,F,λ) and i final a. The initial marking places one token on p and no tokens let M and M be the initial and the final marking of interest. 1 0 f elsewhere, the final marking requires 2n tokens on p and Let n=|N|+|M |+|M |. final 0 f no tokens elsewhere. Note that 2n in binary is polynomial. Theorem 11. We can construct a finite automaton of size O(2poly(n)) for L(N,M ,M )↓ . 0 f V. DOWNWARDCLOSURES The key insight for simulating N by a finite automaton is We consider the problem of constructing a finite state the following: If during a firing sequence a marking occurs automaton accepting the downward closure of a Petri net and that has more than c tokens (where c is specified below) in a BPP net language, respectively. Different from the upward some place p, then there has to be a pump, a subsequence of closure, the downward closure often has the property of being the firing sequence that can be repeated to produce arbitrarily a precise description of the system behavior, namely as soon many tokens in p. The precise statement is this, where we use as asynchronous communication comes into play. Indeed, if m to refer to the maximal multiplicity of an edge. the components are not tightly coupled, they may overlook Lemma 12. Let M [σ(cid:105)M such that for some place p∈P we commands of the partner and see precisely the downward 0 have M(p)>c with closure of the other’s computation. As a result, having a representation of the downward closure gives the possibility c=tc(M )(|P|·m)(|T|+1) to design exact or under-approximate verification algorithms. 0 Then for each j ∈N there is M [σ (cid:105)M such that (1) σ(cid:22)σ , A. Petri Nets 0 j j j (2) M ≤M , and (3) M (p)>j. j j ThedownwardclosureofPetrinetlanguageshasbeenshown The idea is that if more than c tokens are created in some to be effectively computable in [20]. The algorithm is based place p during a firing sequence σ, then there has to be a on the Karp-Miller tree [25], which can be of non-primitive subsequenceσ(cid:48)(cid:22)σsothat(1)thefirstandthelasttransitionof recursive size. We now present a family of Petri net languages σ(cid:48)coincide,(2)eachtransitioninσ(cid:48)(butthefirstone)consumes that are already downward closed and for which the minimal the token produced by its predecessor, and (3) at least one of finiteautomataareofnon-primitiverecursivesizeinthesizeof thetransitionsproducesatokenonplacepthatisnotconsumed the input. Our result relies on a construction due to Mayr and by any of the other transitions in σ(cid:48). In this case, σ(cid:48) can be Meyer [34]. It gives a family of Petri nets whose computations repeatedly inserted after its first occurrence to create arbitrarily allterminatebut,uponhalting,mayhaveproducedAckermann many tokens in p. As in Proposition 7, this subsequence is many tokens on a distinguished place. identified via join transitions in the unfolding. The bound c is Lemma 9. Forallnumbersn,x∈N,wecanconstructaPetri chosen such that there exists a branch (Condition (2)) of the net N(n)=({a},P,T,F,λ) and markings M(x),M of size computation in the unfolding, in which there have to be two 0 f occurrences of the same transition (Condition (1)), between polynomial in n+x such that which another branch spawns that creates a token in p that is L(N(n),M(x),M )=(cid:8)ak |k ≤Acker (x)(cid:9). not consumed later (Condition (3)). 0 f n Lemma 12 allows us to set place p to ω, meaning that it may receive arbitrarily many tokens. We let ω >k for every Ourlowerboundisanimmediateconsequenceofthislemma. k ∈N and define ⊕ and (cid:9) as variants of + and − that treat ω Theorem 10. There is a family of Petri net languages for as infinity: x⊕y =x+y if x+y <c, x⊕y =ω otherwise. which the minimal finite automata representing the downward Similarly, x(cid:9)y =x−y if x(cid:54)=ω, and x(cid:9)y =ω otherwise. closure are of non-primitive recursive size. The automaton for L(N,M ,M )↓ is the state space of N 0 f with token values beyond c set to ω. For every transition, we This hardness result relies on a weak computation mech- alsohaveanε-varianttoobtainthedownwardclosure.Formally, anism of very large numbers that is unlikely to show up in the functions that assign to each place a number of tokens practical examples. The SRE inclusion problem studied in the up to c or ω form the set of states, S = P → ([0..c]∪·{ω}). following section can be understood as a refined analysis of For each transition t labeled by x ∈ Σ and from all states the computation problem for downward closures. ε q where t is enabled in the sense that q(p) ≥ F(p,t) for all p ∈ P, we add the transitions q −x→ q(cid:48) and q −→ε q(cid:48). Here, B. BPP Nets q(cid:48)(p)=q(p)(cid:9)F(p,t)⊕F(t,p) for all p∈P. We prove an exponential upper bound on the size of the The initial state of the automaton is given by q , where 0 finite automata representing the downward closure of BPP q (p)=M (p) for all p∈P. The set of final states is given 0 0 languages. Then, we present a family of BPP languages for by F ={q |∀p∈P,q (p)≥M (p)}. It is easy to see that f f f whichtheminimalfiniteautomatarepresentingtheirdownward the language of this automaton is the downward closure of the closure are exponential in the size of the input BPP nets. language of the given BPP net. Lower Bound: Consider the family of BPP net languages Lemma 15. L(sre)⊆L(N,M ,M )↓ if and only if for all 0 f from Lemma 8: L(N(n),M ,M ) = {a2n}, for all n ∈ N. products p in sre we have L(lin(p))⊆L(N,M ,M )↓ . 0 f 0 f ThedownwardclosureisL(N(n),M ,M )↓={ai |i≤2n}. 0 f We will reduce L(lin(p)) ⊆ L(N,M ,M )↓ to SUPPN. The minimal finite state automata recognising the downward 0 f To this end, we first understand lin(p) as a Petri net N . closure have at least 2n states. lin(p) ThePetrinetisessentiallythefiniteautomatonforthelanguage VI. SREINCLUSIONINDOWNWARDCLOSURE with states turned into places and transitions of the automaton The downward closure of a Petri net language is hard to turnedintotransitionsofthePetrinet.WemodifythisPetrinet compute. We therefore propose to under-approximate it by an by adding one place pΓ for each block (πΓ(wΣ))∗ =ai...aj. SRE as follows. Assume we have a heuristic coming up with a Eachtransitionthatrepeatsorleavestheblock(theoneslabeled candidate SRE that is supposed to be an under-approximation by aj) is modified to generate a token in pΓ. As a result, pΓ in the sense that its language is included in the downward counts how often the word πΓ(wΣ) has been executed. closure of interest. The problem we study is the algorithmic The second step is to define an appropriate product of task of checking whether the inclusion indeed holds. If so, the Nlin(p) with the Petri net of interest. Intuitively, the product SRE provides reliable (must) information about the system’s synchronizes with the downward closure of N. behavior,behaviorthatisguaranteedtooccur.Thisinformation Definition 16. Consider two Petri nets N =(Σ,P ,T ,F ,λ), i i i i is useful for finding bugs. i = 1,2, with P ∩P = ∅ and T ∩T = ∅. Their right- 1 2 1 2 synchronizedproductN (cid:46)N isthelabeledPetrinetN (cid:46)N = SRE Inclusion in Downward Closure (SRED) 1 2 1 2 (Σ,P ∪· P ,T ∪· T,F,λ), where for the transitions t ∈T , λ Given: APetrinet(N,M ,M )andanSREsre. 1 2 1 1 1 0 f and F remain unchanged. The new transitions are Question: L(sre)⊆L(N,M ,M )↓? 0 f T ={merge(t ,t ) | t ∈T ,t ∈T ,λ (t )=λ (t )} A. Petri Nets 1 2 1 1 2 2 1 1 2 2 Theorem 13. SRED is EXPSPACE-complete for Petri nets. with λ(merge(t1,t2))=λ1(t1)=λ2(t2) and similarly Hardness is due to the hardness of coverability [31]. Indeed, F(pi,merge(t1,t2))=Fi(pi,ti), markingMf iscoverablefromM0inN iffL(N,M0,Mf)(cid:54)=∅ F(merge(t1,t2),pi)=Fi(ti,pi) iff {ε} ⊆ L(N,M ,M ) ↓ . Note that {ε} = L(∅∗) and 0 f for p ∈P , i=1,2. therefore is a simple regular language. i i For the upper bound, we take inspiration from a recent As indicated by the name right-synchronized, the transitions result of Zetzsche [43]. He has shown that, for a large class ofN canbefiredwithoutsynchronization,whilethetransitions 1 of models, computing the downward closure is equivalent of N can only be fired if a transition of N with the same 2 1 to deciding an unboundedness problem. We use a variant of label is fired simultaneously. the unboundedness problem which comes with a complexity ConsideraPetrinetN withinitialmarkingM .Wecompute 0 result. The simultaneous unboundedness problem for Petri nets the right-synchronized product N(cid:48) = N (cid:46)N , take the lin(p) (sSuUbsPePt XN)⊆is,PgiovefnplaacPeest,ridneceitdNe w, ahnetihneirtiafolrmeaarckhinng∈MN0,,atnhderea ionnititahleminaritkiianlgpMlac0(cid:48)ethoaftNcoincid,esanwditfhocMus0 obunttphuetscoautnotkinegn lin(p) is a computation σn such that M0[σn(cid:105)Mσ with Mσn(p)≥n places X ={pΓ | (πΓ(wΣ))∗ is a block in p}. The following for all places p ∈ X. In [13], Demri has shown that this correspondence holds. problem is EXPSPACE-complete. Lemma 17. L(lin(p))⊆L(N,M ,M )↓ if and only if the 0 ∅ Theorem 14 ([13]). SUPPN is EXPSPACE-complete. places in X are simultaneously unbounded in N(cid:48) from M(cid:48). 0 We turn to the reduction of the inclusion problem SRED to The lemma does not yet involve the final marking M . We f the unboundedness problem SUPPN. Since SREs are choices modify N(cid:48) and X such that simultaneous unboundedness even among products, an inclusion L(sre)⊆L(N,M0,Mf)↓ impliesL(lin(p))⊆L(N,M ,M )↓.Theideaistointroduce 0 f holds iff L(p) ⊆ L(N,M0,Mf) ↓ holds for all products anewplacethatcanbecomeunboundedonlyafterM hasbeen f p in sre. Since the Petri net language is downward closed, covered. We add a place p and a transition t that consumes f f we can further simplify the products by removing choices. M (p) tokens from each place p of N and produces one token f Fix a total ordering on the alphabet Σ. Such an ordering can in p . We add another transition t that consumes one f pump be represented by a word wΣ. We define the linearization token in p and creates two tokens in p . Call the resulting f f operation that takes a product and returns a regular expression: net N(cid:48)(cid:48). The new initial marking M(cid:48)(cid:48) coincides with M(cid:48) and 0 0 lin(a+ε)=a lin(a)=a assigns no token to pf. Note that we do not enforce that t is only fired after all lin(Γ∗)=(π (w ))∗ lin(p p )=lin(p )lin(p ) . f Γ Σ 1 2 1 2 the rest of the computation has taken place. We can rearrange For example, if Σ={a,b,c} and we take w =abc, then the transitions in any valid firing sequence of N(cid:48)(cid:48) to obtain a Σ p =(a+c)∗(a+ε)(b+c)∗ isturnedintolin(p)=(ac)∗a(bc)∗. sequence of the shape σ.t k.t k(cid:48), where σ contains neither f pump The discussion justifies the following lemma. t nor t . f pump Lemma 18. L(lin(p)) ⊆ L(N,M ,M )↓ iff the places in existential Presburger formula Ψ(P) so that for all markings 0 f X∪{p } are simultaneously unbounded in N(cid:48)(cid:48) from M(cid:48)(cid:48). M: M |=Ψ(P) if and only if M [σ(cid:105)M for some σ ∈T∗. f 0 0 ToconcludetheproofofTheorem13,itremainstoarguethat Key to the construction of N(cid:48) is a characterization of the the generated instance for SUPPN is polynomial in the input, computations that need to be present in the BPP net for the i.e. in N, M , M and p. The expression lin(p) is certainly inclusion L(p) ⊆ L(N,M ,M )↓ to hold. Wlog., in the 0 f 0 f linear in p, and the net N is polynomial in lin(p). The following we will assume that the product takes the shape lin(p) blow-up caused by the right-synchronized product is at most (a +ε)Σ∗(a +ε)...Σ∗ (a +ε), quadratic, and adding the transitions and the places to deal 1 1 2 n−1 n with Mf is polynomial. The size of M0(cid:48)(cid:48) is polynomial in the where Σ1,...,Σn−1 ⊆ Σ and a1,...,an ∈ Σ. For this size of M0 and p. Altogether, the size of N(cid:48)(cid:48), X∪{pf} and language to be included in L(N,M0,Mf)↓ , the BPP should M0(cid:48)(cid:48) (which together form the generated instance for SUPPN) have a computation with parts σi containing ai and parts ρi are polynomial in the size of the original input. between the σ that contain all letters in Σ and that can be i i repeated. To formalize the requirement, recall that we use w B. BPP Nets Σ foratotalorderonthealphabetandπ (w )fortheprojection We show that the problem of deciding whether the language Σi Σ to Σ ⊆Σ. i of an SRE is included in the downward closure of a BPP net Moreover, we define M ≤c M(cid:48), with c the constant defined language is in NP-complete. in Lemma 12, if for all places p ∈ P we have M(cid:48)(p) < c Theorem 19. SRED for BPP nets is NP-complete. implies M(p)≤M(cid:48)(p). Hardness is by a reduction from SAT to BPP coverability, Definition22. Letpbeaproduct.TheBPPnetN togetherwith which in turn reduces to deciding whether the language of an themarkingsM0,Mf admitsap-witnessiftherearemarkings SRE is included in the downward closure of a BPP language. M1,M1(cid:48),...,Mn,Mn(cid:48) and computations σi, ρi that satisfy Forthereversedirection,wegiveareductiontosatisfiabilityof Mi[σi(cid:105)Mi(cid:48) for all i ∈ [1..n], Mi(cid:48)[ρi(cid:105)Mi+1 for all i ∈ [1..n[, an existential formula in Presburger arithmetic, the first-order and moreover: theory of the natural numbers with addition, subtraction, and (1) a (cid:22)λ(σ ), for all i∈[1..n]. i i order. Let V be a set of variables with elements x,y. The set (2) π (w )(cid:22)λ(ρ )andM(cid:48) ≤c M ,foralli∈[1..n−1]. Σi Σ i i i+1 of terms in Presburger arithmetic is defined as follows: (3) M =M and M ≤c M(cid:48). 1 0 f n t::=0 (cid:112) 1 (cid:112) x (cid:112) t−t (cid:112) t+t . In a p-witness, (1) enforces that the a occur in the desired i order, and the first part of (2) requires that π (w ) occur The set of formulas is defined by Σi Σ in between. The second part of (2) means that each ρ (and i ϕ::=t≤t (cid:112) ¬ϕ (cid:112) ϕ∨ϕ (cid:112) ∃x.ϕ . thus π (w )) can be repeated. Property (3) enforces that Σi Σ the computation still starts in the initial marking and can be AnexistentialPresburgerformulatakestheform∃x ...∃x .ϕ 1 n extended to cover the final marking. where ϕ is a quantifier-free formula. We shall also write The following proposition reduces the problem SRED for positive Boolean combinations of existential formulas. By BPP nets to checking whether the BPP admits a p-witness. an appropriate renaming of the quantified variables, any such formula can be converted into an equivalent existential Proposition 23. L(p)⊆L(N,M0,Mf)↓ holds if and only if Presburger formula. We write ϕ((cid:126)x) to indicate that (at most) (N,M0,Mf) admits a p-witness. the variables (cid:126)x=x ...x occur free in ϕ. Given a function 1 k We now reduce the problem of finding such a p-witness M from (cid:126)x to N, the meaning of M satisfies ϕ is as usual and to finding in another BPP net N(cid:48) = ({ε},P(cid:48),T(cid:48),F(cid:48),λ(cid:48)) a we write M |= ϕ to denote this. We rely on the following reachable marking that satisfies a Presburger formula Ψ(P(cid:48)). complexity result: The task is to identify 2n markings that are related by 2n−1 Theorem 20 ([39]). Satisfiability in existential Presburger computations as required by a p-witness. The idea is to create arithmetic is NP-complete. 2n−1 replicas of the BPP net and run them independently to guess the corresponding computations σ resp. ρ . The Note that L(sre)⊆L(N,M ,M )↓ iff the inclusion holds i i 0 f Presburger formula will check that the target marking reached for every product p in sre. Given such a product, we construct with σ coincides with the initial marking for ρ , and the target anewBPPnetN(cid:48) andanexistentialPresburgerformulaψ(P(cid:48)) i i marking reached with ρ is the initial marking of σ . To such that L(p) ⊆ L(N,M ,M ) ↓ iff there is a marking i i+1 0 f this end, the net N(cid:48) remembers the initial marking that each M(cid:48) reachable in N(cid:48) from a modified initial marking M(cid:48) 0 replica started from in a full copy (per replica) of the set of with M(cid:48) |= ψ. This concludes the proof with the help of places of the BPP net. the following characterization of reachability in BPP nets in Formally,theplacesofN(cid:48)areP(cid:48) =(cid:83) B ∪E ∪L . terms of existential Presburger arithmetic. i∈[1..2n−1] i i i Here, E ={ep | p∈P} and B ={bp | p∈P} are 2n−1 i i i i Theorem21([14]). GivenaBPPnetN =(Σ,P,T,F,λ)and copies of the places of the given BPP net. The computation aninitialmarkingM ,onecancomputeinpolynomialtimean σ or ρ is executed on the places E , which will hold 0 i i i the target marking M(cid:48) or M reached after the execution. a given SRE under-approximates it. Formally, the problem is i i+1 The places B remember the initial marking of the replica defined as follows. i and there are no transitions that take tokens from them. SRE Inclusion in Upward Closure (SREU) The places L record occurrences of a and of symbols i i Given: APetrinet(N,M ,M )andanSREsre. from Σ , depending on whether i is odd or even. For all 0 f i Question: L(sre)⊆L(N,M ,M )↑? i ∈ [1..n], we have L = {l }. For all i ∈ [1..n[, 0 f 2i−1 2i−1 we set L = {la | a∈Σ } otherwise. The transitions are A. Petri Nets 2i 2i i T(cid:48) = (cid:83) TC ∪ TE . The TC = {tcp | p∈P} i∈[1..2n−1] i i i i Theorem 25. SREU is EXPSPACE-complete for Petri nets. populate E and B . The transitions in TE = {tet | t∈T} i i i i together with E form a replica of the BPP net. The flow The EXPSPACE lower bound is immediate by hardness of i relation F(cid:48) is defined as follows (numbers omitted are zero): coverability for Petri nets [31]. The upper bound is due to the following fact: We only need to check whether the set of (1) For all i∈[1..2n−1], p∈P, F(cid:48)(tcp,ep)=F(cid:48)(tcp,bp)=1. i i i i minimalwordsinthelanguageofthegivenSREisincludedin (2) For all i∈[1..2n−1], p∈P, t∈T, F(cid:48)(tet,ep)=F(t,p) and i i the upward closure of the Petri net language. Since the number F(cid:48)(ep,tet)=F(p,t). i i of minimal words in the SRE language is less than the size (3) For all i∈[1..n], t∈T with λ(t)=ai, F(cid:48)(tet2i−1,l2i−1)=1. of the SRE, and since checking whether a word is included (4) For all i∈[1..n[, t∈T with λ(t)=a∈Σi, F(cid:48)(tet2i,l2ai)=1. in the upward closure of the language of the Petri net N can The Presburger formula wrt. initial and final markings I and be reduced in polynomial time to coverability in Petri nets F of N has the places in P(cid:48) as variables. It takes the shape (which is well-known to be in EXPSPACE [37]), we obtain ΨI (P(cid:48))=Ψ (P(cid:48))∧Ψ (P(cid:48))∧Ψ (P(cid:48)) our EXPSPACE upper bound. F 1 2 3 ∧Ψ (P(cid:48))∧ΨI(P(cid:48))∧ΨF(P(cid:48)) , B. BPP Nets 4 5 6 Theorem 26. SREU is NP-complete for BPP nets. where The hardness is by a reduction of the coverability problem (cid:94) (cid:94) Ψ1(P(cid:48))= epi =bpi+1 for BPP nets. For the upper bound, the algorithm is similar i∈[1..2n−2]p∈P to the one for checking the inclusion of an SRE in the (cid:94) (cid:94) Ψ (P(cid:48))= (ep <c → bp ≤ep ) downward closure of a BPP language. Consider a product 2 2i 2i 2i p of the given SRE. The inclusion L(p) ⊆ L(N,M ,M ) ↑ i∈[1..n[p∈P 0 f Ψ (P(cid:48))= (cid:94) l >0 holds iff the minimal subwords min(p) = a1...an belong 3 2i−1 to L(N,M ,M ) ↑. Word a ...a belongs to the upward 0 f 1 n i∈[1..n] closureiffoneofitssubwordsisinL(N,M ,M ).Wereduce (cid:94) (cid:94) 0 f Ψ (P(cid:48))= la >0 this check for an accepted subword to checking whether a 4 2i i∈[1..n[a∈Σi reachablemarkingM inadifferentnetN(cid:48)satisfiesaPresburger ΨI(P(cid:48))= (cid:94) bp =I(p) formula Ψ. The construction of N(cid:48) and ψ is as follows. 5 1 As in the case of downward closures, we have two copies p∈P ΨF6(P(cid:48))= (cid:94)(ep2n−1 <c → ep2n−1 ≥F(p)) . ooff tthhee pgluaecsessedformeaarkchingi ∈an[d1..Eni],pthroevpidlaecseas Bcoiphyoledpi aofcotphye p∈P BPP net places p. Additionally for each i we have a place Formula Ψ states that σ ends in the marking M(cid:48) that ρ Li ={li}. The transitions TCi again populate the copy of the 1 i i i started from, and similarly ρ ends in M that σ started BPP net and store the same marking in Bi. The transitions i i+1 i+1 from. Formula Ψ2 states the required ≤c relation. To make TEi contain a copy teti of each BPP net transition t. To check sure we found letter a , we use Ψ . With Ψ , we express that for a subword of a1...an, in each stage i we only enable i 3 4 all letters from Σ have been seen. Conjunct ΨI says that transitionstthatareeitherlabeledbyεorai,i.e.forallp∈P, the places bp haveibeen initialized to the value gi5ven by the t∈T, if λ(t)=ε or λ(t)=ai we have F(cid:48)(teti,epi)=F(t,p) initialmarkin1gI.FormulaΨF6 statestheconditiononcovering and F(cid:48)(epi,teti)=F(p,t). We also count the number of times a transition labeled a is executed using place l , i.e. for all the final marking. The correctness of the construction is the i i t ∈ T such that λ(t) = a , we let F(cid:48)(tet,l ) = 1. Now the next lemma. Note that the transitions TCi are always enabled. i i i Therefore, we can start in N(cid:48) from the initial marking M that required Presburger formula Ψ — apart from checking that ∅ (1) the net starts with the initial marking, (2) covers the final assigns zero to every place. marking, (3) the guessed marking in each stage is the same Lemma24. Thereareσ(cid:48) andM(cid:48) sothatM [σ(cid:48)(cid:105)M(cid:48) inN(cid:48) and ∅ as the marking reached in the previous stage — also checks M(cid:48) |=ΨMM0f if and only if (N,M0,Mf) admits a p-witness. wheth(cid:86)er in each stage at most one non-epsilon transition is used, l ≤1. This guarantees we have seen a subword VII. SREINCLUSIONINUPWARDCLOSURE of a ..i.∈a1...nTihe initial marking M is one that assigns zero 1 n ∅ Like in the previous section, rather than computing the to all places. It is easy to see that L(p)⊆L(N,M ,M )↑ iff 0 f upward closure of a Petri net language we now check whether there is a computation M [σ(cid:105)M in N(cid:48) such that M |=Ψ. ∅ VIII. BEINGUPWARD/DOWNWARDCLOSED inclusion holds. The latter is guaranteed to happen due to the well-quasi ordering (wqo) of sets of markings. At the same We now study the problem to decide whether a Petri net time, this dependence on wqos does not allow us to derive a language actually is upward or downward closed, respectively. complexity result. Thisisinterestingasitmeansthatanautomatonfortheclosure, We split the proof of the decidability of regular inclusion whichwecancomputewiththepreviouslyintroducedmethods, into two parts. Firstly, we show how to reduce checking the is actually a precise representation of the system’s behavior. Formally, problem BUC is defined as follows: inclusion L(A) ⊆ L(N,M0,Mf) to deciding an inclusion among prefix-closed languages. Secondly, we explain how Being upward closed (BUC) to apply Theorem 28 to decide this inclusion. Here, we use Given: A Petri net (N,M ,M ). PfC(L) to denote the prefix closure of a language L, the set 0 f Question: L(N,M ,M )=L(N,M ,M )↑? of all words that can be prolonged to a word in the language: 0 f 0 f The problem of being downward closed (BDC) replaces↑ PfC(L)={w ∈Σ | ∃v ∈Σ∗: wv ∈L} . by↓ in the above definition. From now on, let N,M ,M be the Petri net of interest 0 f Theorem 27. BUC and BDC are decidable for Petri nets. togetherwithitsinitialandfinalmarking,andletAbethegiven FSA.NotethatthelanguageL(N,M ,M )isnotprefix-closed 0 f Note that L(N,M ,M )⊆L(N,M ,M )↑ trivially holds. 0 f 0 f in general. To obtain a prefix-closed language, we consider the It remains to decide the converse. zero marking M (with M (p)=0 for all p) as the new final ∅ ∅ First, we show how to decide L(A) ⊆ L(N,M ,M ) for 0 f marking. This yields a prefix-closed language, since now all any given FSA A. Then, we can use the automaton for the validfiringsequencesgiveawordinthelanguage,andprefixes upward closure constructed given by Theorem 1 (resp. the of valid firing sequences are again valid firing sequences. We automaton for the downward closure that can be constructed still need to take the original final marking M into account. f by [20]) to decide BUC (resp. BDC). To do so, we modify the net by adding a new transition that The regular inclusion problem, i.e. given a regular language, can only be fired after M has been covered. f is it included in the coverability language of a Petri net, is a Let a (cid:54)∈ Σ be a fresh letter and define Σ(cid:48) =Σ∪·{a}. problem of independent interest. We will show its decidability Let N.a be the Petri net that is obtained from N and the in the following. To this end, we rely on a result of Esparza et. given final marking M by adding a new transition t f final al [24]. To state it, we define the traces of a finite automaton that consumes M (p) many tokens from every place p of N f (resp. Petri net) as the computations that start from the initial and that is labeled by a. Formally, N.a = (Σ(cid:48),P,T(cid:48),F(cid:48),λ(cid:48)) state (resp. initial marking), regardless of whether they end in with T(cid:48) = T ∪·{t }, λ(cid:48)(t ) = a, F(cid:48)(p,t ) = M (p), final final final f a final state (resp. in a marking that covers the final marking). F(cid:48)(t ,p) = 0 for all p ∈ P. On the existing transitions, final Formally, the set of traces are the words that occur as the λ(cid:48) and F(cid:48) behave as λ resp. F do. With this definition, the labelings of such computations. For a finite automaton A = reductionofupwardclosednesstocheckinganinclusionamong (Q,→,q ,Q ,Σ), we define init f prefix-closed languages is this. (cid:110) (cid:12) (cid:111) T(A)= w ∈Σ∗ (cid:12)(cid:12) qinit →w q for some q ∈Q . Lemma 29. L(A) ⊆ L(N,M0,Mf) holds if and only if PfC(L(A).a)⊆PfC(L(N.a,M ,M )) . Similarly, the traces of a Petri net are all words that occur as 0 ∅ labelings of valid firing sequences from the initial marking: Proof: Assume the first inclusion holds and consider T(N,M0)=(cid:26)w ∈Σ∗ (cid:12)(cid:12)(cid:12)(cid:12) σfo∈r Tso∗m,λe(mσ)ar=kinwg,MM0[σ(cid:105)M (cid:27) . ashiwporodf vv frinomPfPCfC(L((LN(A.a),.Ma).0,WMe∅)h)a.vBeytodsehfionwitiomn,emvbeirs- a prefix of some word in the language L(A).a, say wa, Using this notation, the result from [24] shows that it is where w stems from L(A). The assumed first inclusion now decidable whether the traces of a given FSA A are included yields w ∈ L(N,M ,M ). From this, we can conclude 0 f in the traces of a given Petri net N with initial marking M . wa∈L(N.a,M ,M ) as follows. Since w ∈L(N,M ,M ), 0 0 ∅ 0 f there is a computation M [σ(cid:105)M of N with M ≥ M for Theorem 28 ([24]). The inclusion T(A) ⊆ T(N,M ) is 0 f 0 some σ ∈ T∗ with λ(σ) = w. We now append t to σ, decidable. final which means we consider the computation M [σ(cid:105)M[t (cid:105)M(cid:48) 0 final The result is surprising, given that the complements of of N.a. We can indeed fire t since M ≥ M and t final f final covering languages are not known to belong to any class that consumes M (p) many tokens from every place p. We have f affords closure under regular intersection and effective empti- λ(cid:48)(σ.t ) = wa, which proves wa ∈ L(N.a,M ,M ) and final 0 ∅ ness checking. Instead, the algorithm constructs a computation thus v ∈PfC(L(N.a,M ,M )). 0 ∅ treeofAandN.ThistreedeterminizesN inthatittrackssets Assume the second inclusion holds and consider a word of incomparable markings reachable with the same trace. The w from L(A). The task is to prove membership of w in construction terminates if either the set of markings becomes L(N,M ,M ). To do so, note that wa ∈ L(A).a and 0 f empty and the inclusion fails or (the automaton deadlocks or) thus also wa ∈ PfC(L(A).a). By the second inclusion, we find a set of markings that covers a predecessor and the we have wa ∈ PfC(L(N.a,M ,M )). This means wa is 0 ∅

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.