Non-hierarchical Coloured Petri Nets

Similar documents
Chapter 2: Non-hierarchical Coloured Petri Nets. 1`(1,"COL")++ 1`(2,"OUR")++ 1`(3,"ED ")++ 1`(4,"PET")++ 1`(5,"RI ")++ 1`(6,"NET") (n,d) AllPackets

. Written in factored form it is easy to see that the roots are 2, 2, i,

Elementary Educational Computer

Lecture 28: Data Link Layer

CSC 220: Computer Organization Unit 11 Basic Computer Organization and Design

Computers and Scientific Thinking

Python Programming: An Introduction to Computer Science

One advantage that SONAR has over any other music-sequencing product I ve worked

DEFINITION OF CELL BEHAVIOUR. Actions and Behaviour. CELL = a CELL CELL = b CELL

Data diverse software fault tolerance techniques

Random Graphs and Complex Networks T

CS 11 C track: lecture 1

Analysis Metrics. Intro to Algorithm Analysis. Slides. 12. Alg Analysis. 12. Alg Analysis

Chapter 4. Procedural Abstraction and Functions That Return a Value. Copyright 2015 Pearson Education, Ltd.. All rights reserved.

Data Structures and Algorithms. Analysis of Algorithms

Ones Assignment Method for Solving Traveling Salesman Problem

1. SWITCHING FUNDAMENTALS

Bezier curves. Figure 2 shows cubic Bezier curves for various control points. In a Bezier curve, only

CHAPTER IV: GRAPH THEORY. Section 1: Introduction to Graphs

n n B. How many subsets of C are there of cardinality n. We are selecting elements for such a

Running Time. Analysis of Algorithms. Experimental Studies. Limitations of Experiments

What are we going to learn? CSC Data Structures Analysis of Algorithms. Overview. Algorithm, and Inputs

CIS 121 Data Structures and Algorithms with Java Spring Stacks and Queues Monday, February 12 / Tuesday, February 13

CIS 121 Data Structures and Algorithms with Java Spring Stacks, Queues, and Heaps Monday, February 18 / Tuesday, February 19

Lecture 1: Introduction and Strassen s Algorithm

Running Time ( 3.1) Analysis of Algorithms. Experimental Studies. Limitations of Experiments

Analysis of Algorithms

Combination Labelings Of Graphs

Bayesian approach to reliability modelling for a probability of failure on demand parameter

The Magma Database file formats

IMP: Superposer Integrated Morphometrics Package Superposition Tool

Lecture 6. Lecturer: Ronitt Rubinfeld Scribes: Chen Ziv, Eliav Buchnik, Ophir Arie, Jonathan Gradstein

Pseudocode ( 1.1) Analysis of Algorithms. Primitive Operations. Pseudocode Details. Running Time ( 1.1) Estimating performance

Reliable Transmission. Spring 2018 CS 438 Staff - University of Illinois 1

On Infinite Groups that are Isomorphic to its Proper Infinite Subgroup. Jaymar Talledo Balihon. Abstract

Chapter 5. Functions for All Subtasks. Copyright 2015 Pearson Education, Ltd.. All rights reserved.

PETRI NETS GENERATING KOLAM PATTERNS

CS : Programming for Non-Majors, Summer 2007 Programming Project #3: Two Little Calculations Due by 12:00pm (noon) Wednesday June

9.1. Sequences and Series. Sequences. What you should learn. Why you should learn it. Definition of Sequence

Chapter 4 The Datapath

Structuring Redundancy for Fault Tolerance. CSE 598D: Fault Tolerant Software

Chapter 1. Introduction to Computers and C++ Programming. Copyright 2015 Pearson Education, Ltd.. All rights reserved.

6.854J / J Advanced Algorithms Fall 2008

1 Graph Sparsfication

Pattern Recognition Systems Lab 1 Least Mean Squares

Security of Bluetooth: An overview of Bluetooth Security

Assignment 5; Due Friday, February 10

Outline and Reading. Analysis of Algorithms. Running Time. Experimental Studies. Limitations of Experiments. Theoretical Analysis

Chapter 11. Friends, Overloaded Operators, and Arrays in Classes. Copyright 2014 Pearson Addison-Wesley. All rights reserved.

Symmetric Class 0 subgraphs of complete graphs

Lecture Notes 6 Introduction to algorithm analysis CSS 501 Data Structures and Object-Oriented Programming

Symbolic Execution with Abstraction

Evaluation scheme for Tracking in AMI

Big-O Analysis. Asymptotics

CIS 121 Data Structures and Algorithms with Java Fall Big-Oh Notation Tuesday, September 5 (Make-up Friday, September 8)

the beginning of the program in order for it to work correctly. Similarly, a Confirm

CSC165H1 Worksheet: Tutorial 8 Algorithm analysis (SOLUTIONS)

K-NET bus. When several turrets are connected to the K-Bus, the structure of the system is as showns

Algorithms for Disk Covering Problems with the Most Points

A New Morphological 3D Shape Decomposition: Grayscale Interframe Interpolation Method

Abstract. Chapter 4 Computation. Overview 8/13/18. Bjarne Stroustrup Note:

Module 8-7: Pascal s Triangle and the Binomial Theorem

5.3 Recursive definitions and structural induction

Workflow Management Systems

BOOLEAN MATHEMATICS: GENERAL THEORY

Copyright 2016 Ramez Elmasri and Shamkant B. Navathe

Task scenarios Outline. Scenarios in Knowledge Extraction. Proposed Framework for Scenario to Design Diagram Transformation

Ch 9.3 Geometric Sequences and Series Lessons

Throughput-Delay Scaling in Wireless Networks with Constant-Size Packets

End Semester Examination CSE, III Yr. (I Sem), 30002: Computer Organization

Recursive Procedures. How can you model the relationship between consecutive terms of a sequence?

Hash Tables. Presentation for use with the textbook Algorithm Design and Applications, by M. T. Goodrich and R. Tamassia, Wiley, 2015.

CS 683: Advanced Design and Analysis of Algorithms

Counting Regions in the Plane and More 1

The number n of subintervals times the length h of subintervals gives length of interval (b-a).

Alpha Individual Solutions MAΘ National Convention 2013

Lecture 2: Spectra of Graphs

Counting II 3, 7 3, 2 3, 9 7, 2 7, 9 2, 9

Chapter 2. C++ Basics. Copyright 2015 Pearson Education, Ltd.. All rights reserved.

Basic allocator mechanisms The course that gives CMU its Zip! Memory Management II: Dynamic Storage Allocation Mar 6, 2000.

Counting the Number of Minimum Roman Dominating Functions of a Graph

Software development of components for complex signal analysis on the example of adaptive recursive estimation methods.

How do we evaluate algorithms?

Copyright 2016 Ramez Elmasri and Shamkant B. Navathe

Chapter 9. Pointers and Dynamic Arrays. Copyright 2015 Pearson Education, Ltd.. All rights reserved.

Improvement of the Orthogonal Code Convolution Capabilities Using FPGA Implementation

3.1 Overview of MySQL Programs. These programs are discussed further in Chapter 4, Database Administration. Client programs that access the server:

Visualization of Gauss-Bonnet Theorem

Review: The ACID properties

Homework 1 Solutions MA 522 Fall 2017

1.2 Binomial Coefficients and Subsets

27 Refraction, Dispersion, Internal Reflection

Lecture 5. Counting Sort / Radix Sort

Massachusetts Institute of Technology Lecture : Theory of Parallel Systems Feb. 25, Lecture 6: List contraction, tree contraction, and

Xiaozhou (Steve) Li, Atri Rudra, Ram Swaminathan. HP Laboratories HPL Keyword(s): graph coloring; hardness of approximation

Copyright 2016 Ramez Elmasri and Shamkant B. Navathe

SERVICE oriented Architecture (SoA) provides a layered

Arithmetic Sequences

Threads and Concurrency in Java: Part 1

MATHEMATICAL METHODS OF ANALYSIS AND EXPERIMENTAL DATA PROCESSING (Or Methods of Curve Fitting)

Transcription:

hapter 2 No-hierarchical oloured Petri Nets This chapter itroduces the cocepts of o-hierarchical oloured Petri Nets. This is doe by meas of a ruig example cosistig of a set of simple commuicatio protocols. Protocols are used because they are easy to explai ad uderstad, ad because they ivolve cocurrecy, o-determiism, commuicatio, ad sychroisatio which are ey characteristics of cocurret systems. No prelimiary owledge of protocols is assumed. Sectio 2. itroduces the protocol used as a ruig example. Sectios 2.2 ad 2.3 itroduce the et structure, iscriptios, ad eablig ad occurrece of trasitios usig a first model of the protocol. Sectios 2.4 2.6 itroduce cocurrecy, coflicts, ad guards usig a more elaborate model of the protocol. Sectio 2.7 discusses iteractive ad automatic simulatio of PN models. 2. Simple Example Protocol We cosider a simple protocol from the trasport layer of the Ope Systems Itercoectio (OSI) referece model [00]. The trasport layer is cocered with protocols esurig reliable trasmissio betwee hosts. The protocol is simple ad usophisticated, yet complex eough to illustrate the basic PN costructs. The simple protocol cosists of a seder trasferrig a umber of data pacets to a receiver. ommuicatio taes place over a ureliable etwor, i.e., pacets may be lost ad overtaig is possible. The protocol uses sequece umbers, acowledgemets, ad retrasmissios to esure that the data pacets are delivered oce ad oly oce ad i the correct order at the receivig ed. The protocol deploys a stop-ad-wait strategy, i.e., the same data pacet is repeatedly retrasmitted util a correspodig acowledgemet is received. data pacet cosists of a sequece umber ad the data payload. acowledgemet cosists of a sequece umber specifyig the umber of the ext data pacet expected by the receiver. We start with a first, very simple model of the protocol where retrasmissios ad the ureliability of the etwor are igored. The model is the gradually refied K. Jese, L.M. Kristese, oloured Petri Nets, OI 0.007/b952 2, 3 c Spriger-Verlag erli Heidelberg 2009

4 2 No-hierarchical oloured Petri Nets to itroduce more ad more aspects, icludig loss of pacets o the etwor. The gradual refiemet of the model is used to illustrate the various facilities i the PN modellig laguage. Whe costructig PN models or formal specificatios i geeral, it is good practice to start by maig a iitial simple model, omittig certai parts of the system or maig simplifyig assumptios. The PN model is the gradually refied ad exteded to lift the assumptios ad add the omitted parts of the system. 2.2 Net Structure ad Iscriptios PN model is always created as a graphical drawig ad Fig. 2. cotais a first model of the simple protocol. The left part models the seder, the middle part models the etwor, ad the right part models the receiver. The PN model cotais seve places, draw as ellipses or circles, five trasitios draw as rectagular boxes, a umber of directed arcs coectig places ad trasitios, ad fially some textual iscriptios ext to the places, trasitios, ad arcs. The iscriptios are writte i the PN ML programmig laguage. Places ad trasitios are called odes. Together with the directed arcs they costitute the et structure. arc always coects a place to a trasitio or a trasitio to a place. It is illegal to have a arc betwee two odes of the same id, i.e., betwee two places or two trasitios. `(,"OL " )++ `(2,"OUR")++ xt s To Sed s d xt Sed xt Trasmit xt NextSed + Trasmit Fig. 2. First PN model of the simple protocol

2.2 Net Structure ad Iscriptios 5 The places are used to represet the state of the modelled system. Each place ca be mared with oe or more toes, ad each toe has a data value attached to it. This data value is called the toe colour. It is the umber of toes ad the toe colours o the idividual places which together represet the state of the system. This is called a marig of the PN model: the toes o a specific place costitute the marig of that place. y covetio, we write the ames of the places iside the ellipses. The ames have o formal meaig but they have huge practical importace for the readability of a PN model, just lie the use of memoic ames i traditioal programmig. similar remar applies to the graphical appearace of the odes ad arcs, i.e., the lie thicess, size, colour, ad positio. The state of the seder is modelled by the two places stosed ad NextSed. The state of the receiver is modelled by the place sd ad the state of the etwor is modelled by the places,,, ad. Next to each place is a iscriptio which determies the set of toe colours (data values) that the toes o that place are allowed to have. The set of possible toe colours is specified by meas of a type, as ow from programmig laguages, ad it is called the colour set of the place. y covetio, the colour set is writte below the place. The places NextSed,, ad have the colour set. olour sets are defied usig the PN ML eyword colset, ad the colour set is defied to be equal to the set of all itegers it: colset = it; This meas that toes residig o the three places NextSed,, ad will have a iteger as their toe colour. The colour set is used to model the sequece umbers i the protocol. The remaiig four places have the colour set xt, which is defied to be the product of the types ad T. This type cotais all two-tuples (pairs) where the first elemet is a iteger ad the secod elemet is a text strig. Tuples are writte usig bracets ( ad ) aroud a comma-separated list. The colour sets are defied as colset T = strig; colset xt = product * T; The colour set T is used to model the payload of data pacets ad is defied to be the set of all text strigs strig. The colour set xt is used to model the data pacets, which cotai a sequece umber ad some data. The iscriptio o the upper right side of the place NextSed specifies that the iitial marig of this place cosists of oe toe with the toe colour (value). Ituitively, this idicates that data pacet umber is the first data pacet to be set. The iscriptio o the upper left side of the place stosed: (,"OL") ++ (2,"OUR") ++ (3,"E ") ++ (4,"PET") ++ (5,"RI ") ++ (6,"NET")

6 2 No-hierarchical oloured Petri Nets specifies that the iitial marig of this place cosists of six toes with the data values (,"OL"), (2,"OUR"), (3,"E "), (4,"PET"), (5,"RI "), (6,"NET"). The symbols ++ ad are operators used to costruct a multiset cosistig of these six toe colours. multiset is similar to a set, except that values ca appear more tha oce. The ifix operator taes a o-egative iteger as its left argumet, specifyig the umber of appearaces of the elemet provided as the right argumet. The operator ++ taes two multisets as argumets ad returs their uio (the sum). The iitial marig of stosed cosists of six toes represetig the data pacets which are to be trasmitted. The iitial marig of a place is, by covetio, writte above the place. The absece of a iscriptio specifyig the iitial marig meas that the place iitially cotais o toes. This is the case for the places,,,, ad sd. The five trasitios draw as rectagles represet the evets that ca tae place i the system. s with places, the ames of the trasitios are writte iside the rectagles. The trasitio ames have o formal meaig, but they are very importat for the readability of the model. Whe a trasitio occurs, it removes toes from its iput places (those places that have a arc leadig to the trasitio) ad it adds toes to its output places (those places that have a arc comig from the trasitio). The colours of the toes that are removed from iput places ad added to output places whe a trasitio occurs are determied by meas of the arc expressios, which are the textual iscriptios positioed ext to the idividual arcs. The arc expressios are writte i the PN ML programmig laguage ad are built from variables, costats, operators, ad fuctios. Whe all variables i a expressio are boud to values of the correct type, the expressio ca be evaluated. s a example, cosider the two arc expressios ad o the arcs coected to the trasitio Sed. They cotai the variables ad d, declared as var : ; var d : T; This meas that must be boud to a value of type (i.e., a iteger), while d must be boud to a value of type T (i.e., a text strig). We may, for example, cosider the bidig (variable assigmet) =3, d="pn"

2.3 Eablig ad Occurrece of Trasitios 7 which bids to 3 ad d to "PN". For this bidig the arc expressios evaluate to the followig values (toe colours), where should be read as evaluates to : 3 (3,"PN") ll arc expressios i the PN model of the protocol evaluate to a sigle toe colour (i.e., a multiset cotaiig a sigle toe). This meas that the occurrece of a trasitio removes oe toe from each iput place ad adds oe toe to each output place. However, i geeral, arc expressios may evaluate to a multiset of toe colours, ad this meas that there may be zero, exactly oe toe, or more tha oe toe removed from a iput place or added to a output place. This will be illustrated later with some further examples. 2.3 Eablig ad Occurrece of Trasitios Next, cosider Fig. 2.2, which shows the protocol model with its iitial marig M 0. The marig of each place is idicated ext to the place. The umber of toes o the place is show i a small circle, ad the detailed toe colours are idicated i a box positioed ext to the small circle. s explaied earlier, the iitial marig has six toes o stosed ad oe toe o NextSed. ll other places are umared, i.e., have o toes. `(,"OL " )++ `(2,"OUR")++ s To Sed xt 6 `(,"OL ")++ `(2,"OUR")++ s d xt Sed xt Trasmit xt NextSed + Trasmit Fig. 2.2 Iitial marig M 0

8 2 No-hierarchical oloured Petri Nets The arc expressios o the iput arcs of a trasitio determie whether the trasitio is eabled, i.e., is able to occur i a give marig. For a trasitio to be eabled, it must be possible to fid a bidig of the variables that appear i the surroudig arc expressios of the trasitio such that the arc expressio of each iput arc evaluates to a multiset of toe colours that is preset o the correspodig iput place. Whe a trasitio occurs with a give bidig, it removes from each iput place the multiset of toe colours to which the correspodig iput arc expressio evaluates. alogously, it adds to each output place the multiset of toe colours to which the correspodig output arc expressio evaluates. osider ow the trasitio Sed. I Fig. 2.2, the trasitio Sed has a thic border, whereas the other four trasitios do ot. This idicates that Sed is the oly trasitio that has a eabled bidig i the marig M 0. The other trasitios are disabled because there are o toes o their iput places. Whe the trasitio Sed occurs, it removes a toe from each of the iput places NextSed ad stosed. The arc expressios of the two iput arcs are ad, where ad d (as show earlier) are declared as var : ; var d : T; The iitial marig of the place NextSed cotais a sigle toe with colour. This meas that the variable must be boud to. Otherwise, the expressio o the arc from NextSed would evaluate to a toe colour which is ot preset at NextSed, implyig that the trasitio is disabled for that bidig. osider ext the arc expressio o the iput arc from stosed. We have already boud to, ad ow we are looig for a bidig of d such that the arc expressio will evaluate to oe of the six toe colours that are preset o stosed. Obviously, the oly possibility is to bid d to the strig "OL". Hece, we coclude that the bidig =, d="ol" is the oly eabled bidig for Sed i the iitial marig. occurrece of Sed with this bidig removes the toe with colour from the iput place NextSed, removes the toe with colour (,"OL") from the iput place stosed, ad adds a ew toe with colour (,"OL") to the output place. Ituitively, this represets the sedig of the first data pacet (,"OL") to the etwor. Note that it was the toe o NextSed that determied the data pacet to be set. The pacet (,"OL") is ow at place, waitig to be trasmitted by the etwor. The ew marig M is show i Fig. 2.3. I the marig M, Trasmit is the oly eabled trasitio sice the other trasitios have o toes o their iput places. Place has a sigle toe with colour (,"OL"), ad hece it is straightforward to coclude that =, d="ol" is the oly eabled bidig of the trasitio Trasmit i M. Whe the trasitio occurs i that bidig, it removes the toe (,"OL") from ad adds a ew toe with the same toe colour to place. Ituitively, this correspods

2.3 Eablig ad Occurrece of Trasitios 9 `(,"OL " )++ `(2,"OUR")++ `(2,"OUR")++ s 5 To Sed xt `(,"OL ") Sed Trasmit xt NextSed xt + s d xt Trasmit Fig. 2.3 Marig M reached whe Sed occurs i M 0 to a trasmissio of data pacet umber over the etwor. The data pacet is ow at place, waitig to be received. The ew marig M 2 is show i Fig. 2.4. I the marig M 2, we have a sigle eabled trasitio,, ad oce more we use the bidig =, d="ol". The occurrece of the trasitio removes the toe with colour (,"OL") from place, adds a toe with colour (,"OL") to the place sd, ad adds a toe with colour 2 to the place. The toe colour at becomes 2, sice the arc expressio + o the arc from to evaluates to 2 i the above bidig. Ituitively, this correspods to the receipt of data pacet umber by the receiver. The received data pacet is stored i the place sd. The toe o represets a acowledgemet set from the receiver to the seder i order to cofirm the receipt of data pacet umber ad to request data pacet umber 2. The ew marig M 3 is show i Fig. 2.5. I the marig M 3 there is a sigle eabled trasitio Trasmit. This time we use the bidig =2. Ituitively, this represets the trasmissio over the etwor of the acowledgemet requestig data pacet umber 2. The ew marig M 4 is show i Fig. 2.6. I the marig M 4 there is a sigle eabled trasitio, ad oce more we use the bidig =2. The ew marig M 5 is show i Fig. 2.7. This marig represets a state where the seder is ready to sed data pacet umber 2 (sice the first data pacet is ow ow to have bee successfully received).

20 2 No-hierarchical oloured Petri Nets `(,"OL " )++ `(2,"OUR")++ s To Sed xt Sed xt NextSed 5 `(2,"OUR")++ Trasmit `(,"OL ") xt + s d xt Trasmit Fig. 2.4 Marig M 2 reached whe Trasmit occurs i M `(,"OL " )++ `(2,"OUR")++ s To Sed xt 5 `(2,"OUR")++ `(,"OL ") s d xt Sed xt NextSed Trasmit Trasmit xt `2 + Fig. 2.5 Marig M 3 reached whe occurs i M 2 I the above, we have described the sedig, trasmissio, ad receptio of data pacet umber ad the correspodig acowledgemet. I the PN model this

2.3 Eablig ad Occurrece of Trasitios 2 `(,"OL " )++ `(2,"OUR")++ s To Sed xt 5 `(2,"OUR")++ `(,"OL ") s d xt Sed xt NextSed Trasmit `2 Trasmit xt + Fig. 2.6 Marig M 4 reached whe Trasmit occurs i M 3 `(,"OL " )++ `(2,"OUR")++ s To Sed xt 5 `(2,"OUR")++ `(,"OL ") s d xt Sed xt Trasmit xt NextSed `2 + Trasmit Fig. 2.7 Marig M 5 reached whe occurs i M 4

22 2 No-hierarchical oloured Petri Nets correspods to five steps, where each step is the occurrece of a trasitio i a eabled bidig. We have listed these five steps below, where each step is writte as a pair cosistig of a trasitio ad the occurrig bidig of the trasitio. Such a pair is called a bidig elemet. Step idig elemet (Sed, =, d="ol" ) 2 (Trasmit, =, d="ol" ) 3 (, =, d="ol" ) 4 (Trasmit, =2 ) 5 (, =2 ) It is easy to see that the ext five steps will be similar to the first five steps, except that they describe the sedig, trasmissio, ad receptio of data pacet umber 2 ad the correspodig acowledgemet: Step idig elemet 6 (Sed, =2, d="our" ) 7 (Trasmit, =2, d="our" ) 8 (, =2, d="our" ) 9 (Trasmit, =3 ) 0 (, =3 ) fter these additioal five steps, we reach the marig M 0 show i Fig. 2.8. Next, we shall have five steps for data pacet umber 3 ad its acowledgemet. The five steps for data pacet 4, five for data pacet umber 5, ad fially five steps for data pacet umber 6. fter these steps the marig M 30 show i Fig. 2.9 is reached. This marig correspods to a state of the protocol where all data pacets have bee received by the receiver, all acowledgemets have bee received by the seder, ad o pacets are outstadig o the etwor. This marig has o eabled trasitios, ad hece it is said to be a dead marig. This completes the survey of the first very simple PN model of the protocol. This model is determiistic, i the sese that each marig reached has exactly oe eabled trasitio with exactly oe eabled bidig, except for the last marig which is a dead marig. Hece, there is oly oe possible occurrece sequece, cosistig of the marigs M 0, M, M 2,..., M 30 ad the 30 steps described above. It should be oted that this is quite uusual for PN models, which are usually odetermiistic, i.e., they describe systems where several trasitios ad bidigs are eabled i the same marig.

2.3 Eablig ad Occurrece of Trasitios 23 `(,"OL " )++ `(2,"OUR")++ s To Sed xt 4 `(,"OL ")++ `(2,"OUR") 2 s d xt Sed xt Trasmit xt NextSed `3 + Trasmit Fig. 2.8 Marig M 0 reached after trasmissio of data pacet umber 2 `(,"OL " )++ `(2,"OUR")++ s To Sed xt `(,"OL ")++ `(2,"OUR")++ 6 s d xt Sed xt Trasmit xt NextSed `7 + Trasmit Fig. 2.9 ead marig M 30 reached whe all pacets have bee trasmitted

24 2 No-hierarchical oloured Petri Nets 2.4 Secod Model of the Protocol We ow cosider a slightly more complex PN model of the protocol. It is based o the PN model which was ivestigated i the previous sectios, but ow overtaig ad the possibility of losig data pacets ad acowledgemets whe they are trasmitted over the etwor are tae ito accout. Hece, it is ecessary to be able to retrasmit data pacets, ad the receiver must chec whether it is the expected data pacet that arrives. Sice acowledgemet may overtae each other, we also have to tae ito accout that the seder may receive acowledgemets out of order. This secod model of the protocol is o-determiistic ad will be used to itroduce cocurrecy ad coflict, which are two ey cocepts for PN models ad other models of cocurrecy. Figure 2.0 shows the secod PN model of the protocol i the iitial marig M 0. It has the same five trasitios as for the first PN model of the protocol. We also fid six of the places used i the previous model, together with two ew places. The place atad is used istead of sd. Now we wat to eep oly the data from the data pacets, ot the etire data pacets. Hece the colour set of the place atad is specified to be T istead of xt. This place has a iitial marig, which cosists of oe toe with colour "" which is the empty text strig. The place NextRec has the same colour set as the place NextSed ad it plays a similar role. It cotais the umber of the data pacet that the receiver expects to receive ext. This time a small amout of space has bee saved i the drawig by specifyig the iitial marig of the place stosed by meas of a symbolic costat, defied as lls s To Sed xt Sed 6 NextSed `(,"OL")++ `(2,"OUR")++ xt the ` Trasmit NextRec Trasmit the ` xt if = the + else `"" data if = the + else ata d `"" T if = the data^d else data Fig. 2.0 Secod PN model of the protocol i the iitial marig M 0

2.4 Secod Model of the Protocol 25 val lls = (,"OL") ++ (2,"OUR") ++ (3,"E ") ++ (4,"PET") ++ (5,"RI ") ++ (6,"NET"); osider ow the idividual trasitios. The trasitio Sed has the same surroudig arc expressios as before, but ow the two iput arcs are replaced by double-headed arcs. double-headed arc is a shorthad for the situatio where there are two oppositely directed arcs betwee a place ad a trasitio sharig the same arc expressio. This implies that the place is both a iput place ad a output place for the trasitio. Whe the trasitio occurs with a eabled bidig, toes are removed from the place accordig to the result of evaluatig the arc expressio, but they are immediately replaced by ew toes with the same toe colours. This meas that the marig of the place does ot chage whe the trasitio occurs, but it does determie the eablig of the trasitio. I the iitial marig, the oly eabled trasitio is Sed with the bidig =,d="ol". s before, a occurrece of Sed with this bidig adds a toe to place represetig a data pacet to be trasmitted over the etwor. However, ow the data pacet is ot removed from stosed ad also the toe at NextSed is left uchaged. This will allow retrasmissio of the pacet, if this becomes ecessary. Figure 2. shows the marig M reached whe the above bidig elemet occurs i the iitial marig. osider the marig M ad the trasitio Trasmit. This trasitio has the same iput arc expressio as before, but ow there is a additioal boolea variable success, declared as var success : OOL; which appears o the output arc. The colour set OOL is defied as colset OOL = bool; The trasitio Trasmit is eabled with two differet bidigs i M : b + = =, d="ol", success=true b = =, d="ol", success=false The first of these bidigs, b +, represets a successful trasmissio over the etwor. Whe it occurs, the followig happes: The data pacet (,"OL") is removed from the iput place. ew toe represetig the same data pacet is added to the output place (i the if the else expressio, the coditio success evaluates to true, while evaluates to (,"OL")). Figure 2.2 shows the marig M 2 +, which is the result of a occurrece of the bidig b + i M. The secod bidig, b, represets a usuccessful trasmissio, i.e., the data pacet is lost o the etwor. Whe this bidig occurs, the followig happes:

26 2 No-hierarchical oloured Petri Nets lls s To Sed xt Sed 6 NextSed `(,"OL")++ `(2,"OUR")++ `(,"OL") xt the ` Trasmit NextRec Trasmit the ` xt if = the + else `"" data if = the + else ata d `"" T if = the data^d else data Fig. 2. Marig M reached whe Sed occurs i M 0 lls s To Sed xt Sed 6 NextSed `(,"OL")++ `(2,"OUR")++ xt the ` Trasmit NextRec Trasmit `(,"OL") the ` xt if = the + else `"" data if = the + else ata d `"" T if = the data^d else data Fig. 2.2 Marig M + 2 after successful trasmissio i M The data pacet (,"OL") is removed from the iput place. No toe is added to the output place (i the if the else expressio, the coditio success evaluates to false, while the costat empty evaluates to the empty multiset).

2.4 Secod Model of the Protocol 27 Figure 2.3 shows the marig M2, which is the result of a occurrece of the bidig b i M.ThemarigM2 is idetical to the iitial marig M 0 previously show i Fig. 2.0. It should be oted that the output arc expressio of Trasmit uses ad ot just i the if the else expressio. Usig a arc expressio such as the would result i a type mismatch sice the the-part ad the else-part have differet types. The costat empty deotes a multiset of toes, ad hece we also eed to specify a multiset of toes i the other brach of the if the else expressio. Types ad expressios are discussed further i hap. 3. osider ow the receptio of data pacets i the marig M 2 +. The trasitio has four variables o the surroudig arc expressios, with the followig purposes: ad d deote the sequece umber ad the data, respectively, of the icomig data pacet. The variables ad d will be boud accordig to the colour of the data pacet to be removed from place. (of colour set ) deotes the expected sequece umber of the data pacet. It will be boud to the colour of the toe o the place NextRec. data (of colour set T) deotes the data that has already bee received. It will be boud to the colour of the toe o the place atad. Whe a data pacet is preset at place there are two differet possibilities. Either = evaluates to true, which meas that the data pacet beig received is the oe that the receiver expects, or = evaluates to false which meas that it lls s To Sed xt Sed 6 NextSed `(,"OL")++ `(2,"OUR")++ xt the ` Trasmit NextRec Trasmit the ` xt if = the + else `"" data if = the + else ata d `"" T if = the data^d else data Fig. 2.3 Marig M 2 after usuccessful trasmissio i M

28 2 No-hierarchical oloured Petri Nets is ot the data pacet expected. If the data pacet o place is the expected data pacet (i.e., =), the followig happes: The data pacet is removed from place. The data i the data pacet is cocateated to the ed of the data which is already preset at the place atad. The operator ˆ is the cocateatio operator for text strigs. The toe colour o the place NextRec chages from to +, which meas that the receiver ow waits for the ext data pacet. acowledgemet is put o place. The acowledgemet cotais the sequece umber of the data pacet that the receiver is expectig ext. Figure 2.4 shows the result of a occurrece of the trasitio i the marig M 2 + show i Fig. 2.2. This occurrece of correspods to the receptio of the expected data pacet. If the data pacet o is ot the expected data pacet (i.e., ), the followig happes: The data pacet is removed from place. The data i the data pacet is igored (the marig of atad does ot chage). The toe colour o the place NextRec does ot chage, which meas that the receiver is waitig for the same data pacet as before. acowledgemet is put o place. The acowledgemet cotais the sequece umber of the data pacet that the receiver is expectig ext. lls s To Sed xt Sed 6 NextSed `(,"OL")++ `(2,"OUR")++ xt the ` Trasmit `2 NextRec Trasmit the ` xt if = the + else `2 `"OL" data if = the + else ata d `"" T if = the data^d else data Fig. 2.4 Marig reached whe occurs i M + 2

2.5 ocurrecy ad oflict 29 The trasitio Trasmit has a behaviour which is similar to the behaviour of Trasmit. It removes acowledgemets from place ad adds them to the place i case of a successful trasmissio. The choice is determied by the bidig of the variable success that appears i the output arc expressio. osider ow the receptio of acowledgemets. The trasitio has two variables: (of colour set ) deotes the sequece umber i the icomig acowledgemet, ad will be boud to the acowledgemet o the place. (of colour set ) deotes the sequece umber of the data pacet which the seder is sedig. It will be boud to the colour of the toe o the place NextSed. Whe the trasitio occurs, it removes a acowledgemet from place ad updates the toe o NextSed to cotai the sequece umber specified i the acowledgemet. This meas that the seder will start sedig the data pacet that the receiver has requested via the acowledgemet. 2.5 ocurrecy ad oflict We shall ow cosider the behaviour of the PN model show i Fig. 2.0 i further detail. sigle bidig elemet is eabled i the iitial marig (Sed, =, d="ol" ) Whe it occurs, it leads to the marig M show i Fig. 2.5 (ad Fig 2.). I the marig M, three differet bidig elemets are eabled: SP = (Sed, =, d="ol" ) TP + =(Trasmit, =, d="ol", success=true ) TP =(Trasmit, =, d="ol", success=false ) The first bidig elemet represets a retrasmissio of data pacet umber. The secod bidig elemet represets a successful trasmissio of data pacet umber over the etwor, ad the third bidig elemet represets a trasmissio where the data pacet is lost o the etwor. The last two bidig elemets, TP + ad TP,areicoflict with each other. oth of them are eabled, but oly oe of them ca occur sice each of them eeds a toe o place, ad there is oly oe such toe i M. However, the bidig elemets SP ad TP + ca occur cocurretly (i.e., i parallel). To occur, SP eeds a toe o the place stosed ad a toe o NextSed, while TP + eeds a toe o place. This meas that the two bidig elemets use disjoit sets of iput toes, ad hece both of them ca get the toes they eed without competitio or iterferece with the other bidig elemet. y a similar argumet, we ca see that SP ad TP are cocurretly eabled. They use disjoit sets of iput toes ad hece ca occur cocurretly.

30 2 No-hierarchical oloured Petri Nets lls s To Sed xt Sed 6 NextSed `(,"OL")++ `(2,"OUR")++ `(,"OL") xt the ` Trasmit NextRec Trasmit the ` xt if = the + else `"" data if = the + else ata d `"" T if = the data^d else data Fig. 2.5 Marig M reached whe Sed occurs i M 0 ssume that the first ad secod of the three eabled bidig elemets i the marig M occur cocurretly, i.e., that we have the followig step, writte as a multiset of bidig elemets: (Sed, =, d="ol" ) ++ (Trasmit, =, d="ol", success=true ) We the reach the marig M 2 show i Fig. 2.6. I the marig M 2,wehave four eabled bidig elemets, of which the first three are the same as i the marig M : SP = (Sed, =, d="ol" ) TP + =(Trasmit, =, d="ol", success=true ) TP =(Trasmit, =, d="ol", success=false ) RP = (, =, d="ol", =, data="" ) s before, we have a coflict betwee TP + ad TP, whereas all of the other bidig elemets are cocurretly eabled sice they use disjoit multisets of iput

2.5 ocurrecy ad oflict 3 lls s To Sed xt Sed 6 NextSed `(,"OL")++ `(2,"OUR")++ `(,"OL") xt the ` Trasmit NextRec Trasmit `(,"OL") the ` xt data if = the + else `"" if = the + else ata d `"" T if = the data^d else data Fig. 2.6 Marig M 2 reached whe Sed ad Trasmit occur i M toes. Let us assume that we have a step where the first ad last of the four bidig elemets occur cocurretly, i.e., the followig step: (Sed, =, d="ol" ) ++ (, =, d="ol", =, data="" ) We the reach the marig M 3 show i Fig. 2.7. I the marig M 3,wehave five eabled bidig elemets, of which the first three are the same as i the marig M : SP = (Sed, =, "OL" ) TP + =(Trasmit, =, "OL", success=true ) TP =(Trasmit, =, "OL", success=false ) T + =(Trasmit, =2, success=true ) T =(Trasmit, =2, success=false ) However, this time there are two toes o place. This meas that TP + ad TP ca occur cocurretly because there is a toe o for each of the two bidig elemets. It also meas that TP + ca occur cocurretly with itself, ad the same is true for TP. Thus it is possible to trasmit multiple pacets o the etwor

32 2 No-hierarchical oloured Petri Nets lls s To Sed xt Sed 6 NextSed `(,"OL")++ `(2,"OUR")++ 2`(,"OL") 2 xt the ` Trasmit `2 NextRec Trasmit the ` xt if = the + else `2 `"OL" data if = the + else ata d `"" T if = the data^d else data Fig. 2.7 Marig M 3 reached whe Sed ad occur i M 2 cocurretly. Hece, we have the followig five eabled steps with bidigs for Trasmit, where each step is a multiset of bidig elemets: TP +, TP, TP + ++ TP, 2 TP +, 2 TP Moreover, it ca be see that each of the five steps with bidigs for Trasmit ca occur cocurretly with the followig five steps with bidigs for Sed ad/or Trasmit: SP, T +, T, SP ++ T +, SP ++ T. This meas that the marig M 3 has a total of 35 eabled steps (25 for the possible combiatios of the idividual steps i the two groups above plus 0 because each of the 0 steps costitutes a step o its ow). The above illustrates that it soo becomes complex, time-cosumig, ad errorproe for huma beigs to eep trac of the eabled bidig elemets ad steps, ad the curret marig of a PN model. This is oe of the reasos for buildig ad usig computer simulators for the executio of PN models. step, i geeral, cosists of a o-empty, fiite multiset of cocurretly eabled bidig elemets. step may cosist of a sigle bidig elemet. empty multiset

2.5 ocurrecy ad oflict 33 of bidig elemets is ot cosidered to be a legal step, sice it would have o effect ad always be eabled. The effect of the occurrece of a set of cocurret bidig elemets is the sum of the effects caused by the occurrece of the idividual bidig elemets. This meas that the marig reached will be the same as that which will be reached if the set of bidig elemets occur sequetially, i.e., oe after aother i some arbitrary order. s a example, cosider the marig M show i Fig. 2.5 ad the eabled step cosistig of the followig two bidig elemets: SP = (Sed, =, d="ol" ) TP + =(Trasmit, =, d="ol", success=true ) The marig M 2 resultig from a occurrece of this step was show i Fig. 2.6. The marig M 2 is also the marig resultig from a occurrece of SP followed by a occurrece of TP +, ad it is also the marig resultig from a occurrece of TP + followed by a occurrece of SP. The PN Tools simulator executes oly steps cosistig of a sigle bidig elemet. This is sufficiet, sice the marig resultig from the occurrece of a eabled step with multiple bidig elemets is the same as lettig the bidig elemets i the step occur oe after aother i some arbitrary order. Hece, marigs that ca be reached via occurrece sequeces cosistig of steps with multiple bidig elemets ca also be reached via occurrece sequeces cosistig of steps with a sigle bidig elemet. Whe the first data pacet has bee set by a occurrece of Sed, we may choose a sequece of bidig elemets that will successfully trasmit the data pacet, receive the data pacet, successfully trasmit the acowledgemet for the data pacet, ad fially receive the acowledgemet updatig the toe o NextSed to the value 2: Step idig elemet (Sed, =, d="ol" ) 2 (Trasmit, =, d="ol", success=true ) 3 (, =, d="ol", =, data="" ) 4 (Trasmit, =2, success=true ) 5 (, =2, = ) This could be called the successful occurrece sequece for pacet umber. I the successful occurrece sequece, o retrasmissio of pacet umber taes place. However, it should be oted that the trasitio Sed is eabled i all of the marigs of the successful occurrece sequece. If, i ay of these marigs, we choose to execute Sed, this represets a retrasmissio of data pacet umber. Ituitively, the retrasmissio happes because the trasitios i the successful occurrece sequece are too slow i occurrig ad hece are outraced by the secod occurrece of Sed, i.e., the retrasmissio of data pacet umber. This meas that we have described a time-related behaviour without the explicit use

34 2 No-hierarchical oloured Petri Nets of time. What is importat at the chose abstractio level is ot whe a retrasmissio may occur, but the simple fact that it is possible that such a retrasmissio ca occur. While we are executig the successful occurrece sequece for pacet umber, we may also deviate from it by choosig a bidig for Trasmit or Trasmit which loses the pacet/acowledgemet, i.e., a bidig i which success=false. The Sed will be the oly eabled trasitio, ad a retrasmissio will be the oly possible way to cotiue. The PN model preseted i this sectio is without ay referece to time. It is specified that retrasmissios are possible, but we do ot specify how log the seder should wait before performig such retrasmissios. What matters is the possible sequeces i which the various evets (bidig elemets) may occur: at least for the momet, we are uiterested i the duratios of ad start/ed times for the idividual evets. Timed P-ets will be itroduced i hap. 0; these mae it possible to model the time tae by the various evets i the system. Notice that it is possible to reach marigs where place cotais two differet toes, for example, the multiset (,"OL") ++ (3,"E ") represetig data pacets umbers ad 3. I this situatio the variables ad d of Trasmit- ca be boud such that evaluates to (,"OL") or (3,"E "), ad hece it is possible for data pacet 3 to overtae data pacet. similar remar applies to data pacets o place ad acowledgemets o places ad. 2.6 Guards I the discussio above, we have see that it is the iput arc expressios that determie whether a trasitio is eabled i a give marig. However, trasitios are also allowed to have a guard, which is a boolea expressio. Whe a guard is preset, it must evaluate to true for the bidig to be eabled, otherwise the bidig is disabled ad caot occur. Hece, a guard puts a extra costrait o the eablig of bidigs for a trasitio. Figure 2.8 shows a variat of the receiver part of the protocol which illustrates the use of guards. I this variat, the receptio of data pacets, previously modelled by, has bee split ito two trasitios: iscard ad Next. The idea is that Next models the case where the data pacet received is the oe expected, whereas iscard models the case where the data pacet received is ot the oe expected. This variat also illustrates a modellig choice cocerig the umber of trasitios i a PN model. Each of the two trasitios iscard ad Next has a guard, which, by covetio, is writte i square bracets ad positioed ext to the trasitio. The guards of the two trasitios compare the sequece umber i the icomig data pacet o place with the expected sequece umber o the place NextRec. The guard of the trasitio Next is [=] expressig the coditio that the sequece umber of the icomig data pacet boud to must be equal to the expected sequece umber boud to. The guard [<>] of the trasitio iscard uses the iequality operator <> sice this trasitio is oly to be

2.7 Iteractive ad utomatic Simulatio 35 `"" ata d T xt data data^d iscard [<>] NextRec + Next [=] + Fig. 2.8 Variat of the receiver part illustratig guards eabled whe the sequece umber of the icomig data pacet differs from the expected sequece umber. osider ow Fig. 2.9, which depicts a marig where there are two data pacets o place : oe correspodig to a data pacet that has already bee received, ad oe correspodig to the expected data pacet. For this marig, we ca cosider the followig bidigs of Next: RN = =, d="ol", =2, data="ol" RN 2 = =2, d="our", =2, data="ol" For both bidigs the iput places have the toes eeded. However, the guard [=] of Next evaluates to false i the bidig RN. Hece, oly the bidig RN 2, correspodig to receptio of the expected data pacet, is eabled i the marig show i Fig. 2.9. Similarly, we ca cosider the followig two bidigs of iscard: P = =, d="ol", =2 P 2 = =2, d="our", =2 I this case oly the bidig P, correspodig to receptio of the data pacet that has already bee received, is eabled. The reaso is that the guard [<>] of iscard evaluates to false i the bidig P 2. Guards ca, i geeral, be used i may differet ways ad for may differet purposes. Further examples of the use of guards will be give i later chapters. 2.7 Iteractive ad utomatic Simulatio executio of a PN model is described by meas of a occurrece sequece, which specifies the itermediate marigs reached ad the steps that occur. mar-

36 2 No-hierarchical oloured Petri Nets iscard [<>] `2 NextRec `"OL" `(,"OL")++ 2 `(2,"OUR") xt + data Next [=] `"" ata d T data^d + Fig. 2.9 Marig illustratig the sematics of guards ig that is reachable via a occurrece sequece startig from the iitial marig is called a reachable marig. The existece of a reachable marig with more tha oe eabled bidig elemet maes a PN model o-determiistic. This meas that there exist differet occurrece sequeces cotaiig differet sequeces of steps ad leadig to differet reachable marigs. It is importat to stress that it is oly the choice betwee the eabled steps which is o-determiistic. The idividual steps themselves are determiistic, i the sese that oce a eabled step has bee selected i a give marig, the marig resultig from its occurrece is uiquely determied, uless a radom umber fuctio is used i oe of the arc expressios. PN Tools uses graphical simulatio feedbac, such as that show i Fig. 2.20, to provide iformatio about the marigs that are reached ad the bidig elemets that are eabled ad occur durig a simulatio. The rectagular box ext to the trasitio will be explaied shortly. The tools that are available for simulatig PN models i PN Tools ca be foud i the simulatio tool palette show i Fig. 2.2. VR (video cassette recorder) metaphor is used for the graphical symbols represetig the simulatio tools. The simulatio tools ca be piced up with the mouse cursor ad applied to the PN model. The available tools (from left to right) are: Retur to the iitial marig. Stop a ogoig simulatio. Execute a sigle trasitio with a maually chose bidig. Execute a sigle trasitio with a radom bidig. Execute a occurrece sequece with radomly chose bidig elemets iteractively (i.e., display the curret marig after each step). Execute a occurrece sequece with radomly chose bidig elemets automatically (i.e., without displayig the curret marig after each step). Evaluate a PN ML expressio (to be explaied i hap. 3).

2.7 Iteractive ad utomatic Simulatio 37 lls xt s To Sed 6 `(,"OL")++ `(2,"OUR")++ `"OL" ata d `"" T Sed NextSed `2 `(,"OL")++ `(2,"OUR") 2 xt the ` Trasmit `2 Trasmit the ` NextRec xt if = the + else `2 `(,"OL")++ `(2,"OUR") 2 data = 2 if = data = "OL" the = +? else 2 d =? "OL" "OUR" if = the data^d else data Fig. 2.20 Simulatio feedbac i PN Tools Fig. 2.2 Simulatio tool palette i PN Tools Whe a PN model is simulated i iteractive mode, the simulator calculates the set of eabled trasitios i each marig ecoutered. It is the up to the user to choose betwee the eabled trasitios ad bidigs. Figure 2.20 shows a example where the user is i the process of choosig betwee the eabled bidig elemets of the trasitio. The choice betwee the eabled bidig elemets is doe via the rectagular box opeed ext to the trasitio. This box lists the variables of the trasitio ad the values to which they ca be boud. I this case, the value 2 has already bee boud to the variable, ad the value "OL" has bee boud to data. This is doe automatically by the simulator, sice there is oly oe possible choice for these variables. The user still has a choice i bidig values to the variables ad d. The user may also leave the choice to the simulator, which uses a radom umber geerator for this purpose. I the above case it suffices for the user to bid either or d, sice the value boud to the other variable is the uiquely determied ad will be automatically boud by the simulator. The simulator executes the chose bidig elemet ad presets the ew marig ad its eablig to the user, who either chooses a ew eabled bidig elemet or leaves the choice to the simulator, ad so o. This meas that it is the simulator that maes all the calculatios (of the eabled bidig elemets ad the effect of their occurreces), while it is the user who chooses betwee the differet occurrece se-

38 2 No-hierarchical oloured Petri Nets queces (i.e., the differet behavioural scearios). iteractive simulatio is by its ature slow, sice it taes time for the user to ivestigate the marigs ad eabligs ad to choose betwee them. This meas that oly a few steps ca be executed per miute ad the worig style is very similar to the sigle-step debuggig ow from covetioal programmig eviromets. Whe a PN model is simulated i automatic mode, the simulator performs all of the calculatios ad maes all of the choices. This id of simulatio is similar to a program executio, ad a speed of several thousad steps per secod is typical. efore the start of a automatic simulatio, the user specifies oe or more stop criteria, for example, that 00 000 trasitios shall occur. Whe oe of the stop criteria becomes fulfilled, the simulatio stops ad the user ca ispect the marig which has bee reached. There are also a umber of differet ways i which the user ca ispect the marigs ad the bidig elemets that occurred durig the automatic simulatio. We shall briefly retur to this at the ed of this sectio. We have previously illustrated that our PN model of the protocol possesses o-determiism, cocurrecy, ad coflict. Now let us loo at the marig M i Fig. 2.22. This marig is oe of the may possible results of a automatic simulatio. From the marig of NextRec, it ca be see that the receiver is expectig data pacet umber 5, ad from the marig of atad it ca be see that the receiver has already received the data i the first four data pacets i the correct order. However, from the marig of NextSed, it follows that the seder is still sedig data pacet umber 4, ad a copy of this data pacet is preset o place. Sice this is ot the expected data pacet, it will be discarded by the receiver. acowledgemet requestig data pacet umber 5 is preset at place. Whe this is received by the seder, NextSed gets the toe colour 5, ad the seder will start sedig data pacet umber 5. If the automatic simulatio is cotiued from the marig M, we may reach the dead marig M dead show i Fig. 2.23. Owig to the o-determiism i the PN model, we caot guaratee to reach the dead marig sice it is possible to eep losig pacets ad acowledgemets. However, if a dead marig is reached, it will be the marig show i Fig. 2.23. Here, we see that all six data pacets have bee received i the correct order. The seder has stopped sedig because NextSed has the toe colour 7 ad there is o data pacet with the umber 7. ll of the places,,, ad coectig the etwor to the seder ad receiver are empty. Hece, this marig represets the desired termial state of the protocol system. y performig a umber of automatic simulatios of the PN model startig from the iitial marig, it is possible, by meas of simulatio, to test that the protocol desig as captured by the PN model appears to be correct, i the sese that the protocol succeeds i deliverig the data pacets i the correct order to the receiver. oductig a set of automatic simulatios does ot, however, guaratee that all possible executios of the protocol have bee covered. Hece, simulatio caot i geeral be used to verify properties of the protocol, but it is a powerful techique for testig the protocol ad locatig errors. I hap. 7, we itroduce state space

2.7 Iteractive ad utomatic Simulatio 39 lls s To Sed xt 6 `(,"OL")++ `(2,"OUR")++ `"OLOURE PET" ata d `"" T Sed NextSed `4 xt `5 the ` Trasmit `5 NextRec Trasmit `(4,"PET") the ` xt if = the + else data if = the + else if = the data^d else data Fig. 2.22 Marig M reached by a automatic simulatio lls s To Sed xt 6 `(,"OL")++ `(2,"OUR")++ `"OLOURE PETRI NET" ata d `"" T Sed NextSed `7 xt the ` Trasmit `7 NextRec Trasmit the ` xt if = the + else data if = the + else if = the data^d else data Fig. 2.23 ead marig M dead reached at the ed of a automatic simulatio aalysis, which esures, that all executios are covered. This maes it possible to verify systems, i.e., prove that various behavioural properties are preset or abset. s metioed earlier i this sectio, the user may be iterested i ispectig some of the marigs that were reached ad some of the bidig elemets that occurred durig a automatic simulatio. simple (ad brute-force) way to do this is to ispect the simulatio report, which lists the steps that have occurred. For the

40 2 No-hierarchical oloured Petri Nets simulatio described above, the begiig of the simulatio report could loo as show i the extract i Fig. 2.24. Here we see the first six trasitios that have occurred. The simulatio report specifies the ame of the occurrig trasitio, the module istace where the trasitio is located, ad the values boud to the variables of the trasitio. I this case all trasitios are i istace of the Protocol module because the PN model cosists of just a sigle module, amed Protocol. The cocept of modules i P-ets will be preseted i hap. 5. The umber 0 followig the step umber specifies the model time at which the trasitio occurs. Sice the model of the protocol preseted i this chapter is utimed, all steps occur at time zero. Timed P-ets will be itroduced i hap. 0. It is also possible to use graphical visualisatio o top of PN models. These mae it possible to observe the executio of the PN model i a more abstract maer usig cocepts from the applicatio domai. Figure 2.25 shows a example of a message sequece chart (MS) created from a simulatio of the PN model of the protocol. This MS has four colums. The leftmost colum represets the seder ad the rightmost colum represets the receiver. The two middle colums represet the seder ad receiver sides of the etwor. The MS captures a sceario where the first data pacet (,"OL") set by the seder is lost, as idicated by the small square o the S-Networ colum. This the causes a retrasmissio of the data pacet. This time, the data pacet is successfully trasmitted to the receiver ad the correspodig acowledgemet 2 is successfully received by the seder. 0 Sed @ (:Protocol) - d = "OL" - = 2 0 Trasmit @ (:Protocol) - = - d = "OL" - success = true 3 0 @ (:Protocol) - = - data = "" - = - d = "OL" 4 0 Trasmit @ (:Protocol) - = 2 - success = true 5 0 @ (:Protocol) - = - = 2 6 0 Sed @ (:Protocol) - d = "OUR" - = 2 Fig. 2.24 egiig of a simulatio report

2.7 Iteractive ad utomatic Simulatio 4 Fig. 2.25 Example of a message sequece chart I hap. 3, we give examples of applicatio domai graphics ad explai how they ca be added to PN models usig the visualisatio pacage [09] provided together with PN Tools. Oe of the examples i hap. 3 also illustrates how graphics ca be used to provide iput to the PN model ad thereby cotrol its executio.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback