A counter-example to the minimal coverability tree algorithm

In [1], an algorithm to compute a minimal coverability tree for Petri nets has been presented. This document demonstrates, thanks to a simple counter-example, that this algorithm may compute an under-approximation of a coverability tree, i.e. a tree whose set of nodes is not sufficient to cover all the reachable markings. 1 Preliminaries Definition 1 A Petri Net (PN for short) N is a tuple 〈P, T ,m0〉, where P = {p1, p2, . . . pn} is a finite set of places, T is finite set of transitions. A marking of the places is a function m : P 7→ N. A marking m can also be seen as a vector v such that v = [m(p1),m(p2), . . . ,m(pn)]. m0 is the initial marking. A transition t ∈ T is a pair 〈I,O〉 where I : P 7→ N and O : P 7→ N. Given a Petri net N = 〈P, T ,m0〉, an ω-marking is a function m that associates to each place of P either a natural number, or ω. Notice that markings are particular cases of ω-markings. We define ω + c = ω and ω − c = ω for all c ∈ N. Definition 2 Given a PN N = 〈P, T ,m0〉, and an ω-marking m of N , a transition t = 〈I,O〉 is said to be enabled in m iff ∀p ∈ P : m(p) ≥ I(p). An enabled transition t = 〈I,O〉 can occur, which transforms the ω-marking m into a new ω-marking m′ (we denote this by m t − → m′). m′ is computed as follows: ∀p ∈ P : m′(p) = m(p) − I(p) + O(p). We note m ∗ − → m′ when there exists a sequence of transitions t1, . . . , tk and a sequence of ω-markings m1, . . . ,mk−1 such that m t1 −→ m1 t2 −→ . . . tk−1 −−−→ mk−1 k −→ m′. The set of reachable markings of N , noted RS(N ), is the set {m |m0 ∗ − →m}. Given two ω-markings m1 and m2 ranging over set of places P , we have m1 4 m2 iff ∀p ∈ P : m1(p) ≤ m2(p). In particular: i < ω, for any i ∈ N. Moreover m1 ≺ m2 iff m1 4 m2 and m2 64 m1. A coverability set of a PN N = 〈P, T ,m0〉 is a set of ω-markings CS(N ) such that RS(N ) = {m ∈ N|P| | ∃m′ ∈ CS(N ) : m 4 m′}. A coverability set CS(N ) is minimal if and only if ∀m,m′ ∈ CS(N ) : m 4 m′ implies m = m′. Proposition 1 For any PN N , there exists a minimal coverability set CS(N ) such that (i) CS(N ) is unique and (ii) CS(N ) is finite. Definition 3 A labelled tree of a Petri net N = 〈P, T ,m0〉 is a directed acyclic graph 〈N, root,B,Λ〉 where N is a finite set of nodes, root is the root node, B ⊆ N × N is a transition relation and Λ : B 7→ (N ∪ {ω})|N | is a function labelling the nodes by ω-markings of N . B is such that (i) for all n ∈ N \ {root}, there exists one and only one n′ ∈ N such that B(n′, n) and (ii) there does not exist n ∈ N such that B(n, root). 1 A labelled tree T = 〈N, root,B,Λ〉 is a coverability tree for the Petri net N = 〈P, T ,m0〉 if the set {m | ∃n ∈ N : Λ(n) = m} is a coverability set of N . If that set is the minimal coverability set of N , we say that T is a minimal coverability tree. 2 The minimal coverability tree algorithm [1] In this section we briefly recall the main ideas of the algorithm to compute a minimal coverability tree, as presented by Finkel in [1]. The algorithm is given at Algorithm 1. Let us first detail several auxiliary function we use in the algorithm. Given a labelled tree T , nodes(T ) returns the set of all the nodes of T . Given a node n, subtree(n) returns the maximal subtree rooted at n. Algorithm 1 is essentially a refinement of the classical Karp&Miller algorithm, see [2]. A set to treat holds the nodes that are waiting to be processed (initially, this sets contains the root node of the labelled tree, whose label is the initial marking of the net). The processing of a node consist in trying to apply several reduction rules, which are detailed along the various cases of the if. Whenever there exists in the labelled tree computed so far a node n1 that is larger than the node n currently processed, the algorithm decides to discard n. This node gets suppressed from the labelled tree. When one finds in the labelled tree computed so far a node n1 that is smaller than n, the Accelerate function, which is the same as in the K&M algorithm, is first called. Remark that in the case where n has no ancestor smaller than itself, the function simply returns Λ(n). Accelerate(n) begin mω ← Λ(n) ; m← Λ(n) ; foreach ancestor n1 of n s.t. Λ(n1) ≺ m do m1 ← Λ(n1) ; foreach place p s.t. m1(p) < m(p) do mω(p)← ω ; return(mω) ; end Then, we check whether there exists an ancestor n1 of n that is smaller than n. In this case, the marking returned by Accelerate contains ω’s, and we place it as high as possible in the labelled tree. Finally, we look at all the other nodes that are smaller than n (without being one of its ancestors). Of course, all these nodes have to be forgotten. Finally, in the case where none of the reductions could be applied, we simply develop the successors of the node n that has been taken out of to treat, and add them to the labelled tree, as well as to to treat. 3 Counter-example to the algorithm This section presents our counter-example to the algorithm recalled in the previous section. The algorithm presented in [1] is supposed to compute the minimal coverability set of any 2 Algorithm 1: The solution of [1] to compute a minimal coverability tree of a Petri net. Data : A Petri net P with initial marking m0. Result : a minimal coverability tree of P. begin Let T = 〈N,n0, B,Λ〉 be the labelled tree computed as follows: to treat = {n0} such that Λ(n0) = m0, N = {n0}, B = ∅ ; while to treat 6= ∅ do chose and remove n in to treat ; if There is n1 ∈ N s.t. Λ(n) = Λ(n1) then /* Nothing to do */ else if There is n1 ∈ N s.t. Λ(n) ≺ Λ(n1) then /* n being smaller, we can forget it */ N ← N \ {n} ; Let n′ be the direct ancestor of n ; B ← B \ (n′, n); else if There is n1 ∈ N s.t. Λ(n1) ≺ Λ(n) then /* The classical Karp& Miller acceleration */ m←Accelerate(n) ; /* Ancestors are treated first */ if There is an ancestor n′ of n s.t. Λ(n′) ≺ m then Let n′ be the highest such ancestor in T ; Λ(n′)← m ; to treat← to treat \ nodes(subtree(n′)) ; Remove subtree(n′) from T (but keep n′) ; to treat← to treat ∪ {n′} ; else to treat← to treat ∪ {n} ; /* Then the other nodes that are smaller than m */ foreach n′ ∈ N s.t. Λ(n′) ≺m do to treat← to treat \ nodes(subtree(n′)) ; Remove subtree(n′) from T (including n′) ; else /* When we couldn’t apply reductions, we compute the successors of n */ foreach marking m′ successor of Λ(m) do Let n′ be a new node s.t. Λ(n′) = m′ ; N ← N ∪ {n′} ; B ← B ∪ {(n, n′)} ; to treat← to treat ∪ {n′} ; Return(T ) ; end