Predictability Verification with Petri Net Unfoldings Agnes Madalinski

Predictability Verification with Petri Net Unfoldings Agnes Madalinski 1 and Victor Khomenko 2 1 Faculty 2 School of Engineering Science, University Austral de Chile of Computing Science, Newcastle University, UK

Predictability 2

Concept of fault diagnosis observations system faults actions (repair, reconfigure) diagnosis detection, localisation and identification of faults diagnosis: task of explaining an occurrance of a fault given an observation of the system’s behaviour predictability: the possibility of predicting a fault before it actually occurs by monitoring the visible behaviour 3

Predictability a fault is predictable if it is always possible to predict its occurrence by observing the visible actions of the system observations o 1, o 2 assumptions: diagnosis fault will occur the system has finitely many reachable states the system is deadlock-free any infinite execution has infinitely many occurrences of observable transitions (i. e. the system is divergence-free) 4

System model labelled Petri net N=(P, T, , M 0, O, U, ℓ) O set of observable transition labels U set of unobservable transition labels ℓ: T→O U F U set of fault transition labels not predictable w. r. t. f O = {a, b, c} U = {u, f} F = {f} 5

Witness of predictability violation A witness of predictability violation is a pair of traces such that: o 1 o 2 o 3 f can be finite or infinite; the rest of this trace after f is not important no faults synchronisation on observable, no faults ∞ no synchronisation required 6

Building the verifier

Building the verifier – two copies f

Building the verifier – remove f 2 f

Building the verifier – sync. product a b c f synchronisation

Building the verifier – switch a b c f synchronisation desynchronisation

Building the verifier – switch a b c f synchronisation desynchronisation

Model checking reduce the problem of predictability to LTL-X model checking by building a verifier property to check: existence of an infinite trace of the verifier containing a fault f such a trace can be mapped to a witness of predictability violation ◊f

Experimental results predictability is a new field – mostly theoretical work, no benchmarks, no tools we created three series of scalable benchmarks based on producer-buffer-consumer system each benchmark has predictable and non-predictable variants used parallel LTL-X model checking based on unfoldings showed the feasibility of the proposed approach good levels of parallelisation can be achieved

Conclusions and future work proposed a better way of verifying predictability previous work: de-synchronise dynamically, use a customised algorithm our work: de-synchronise statically, use a general- purpose algorithm moving from theory to practical verification the method can be trivially generalised to high-level Petri nets: the verifier construction can be lifted to HL nets parallel LTL-X model checking based on unfoldings works for HL nets too