• No results found

5.4 On the existence of spurious deadlocks in some Petri net system subclasses

5.4.2 DSSP

Let us consider the preservation of liveness in DSSP in two steps: first, preservation of live- ness considering finite firing sequences (parallel to directness of theRSD(N , m0) in live

DSSP) and then preservation of lim-liveness in consistent and live discrete DSSP (parallel to directness of its integer linerialized reachability set).

In [RTS98] it was proven that for live and consistent DSSP, there are no spurious dead- locks for discrete PN systems. This result also holds for live and consistent continuous DSSP, although the characteristics of continuous systems need to be considered in the proofs. Let us recall first a previous result from [RTS98] which also holds for continuous DSSP with some changes and considerations.

Lemma 5.17 LethN , m0i be a DSSP which is live as discrete. Let m be a reachable mark-

ing, and∆m ≥ 0 where ∆m[pi] = 0 ∀pi 6∈ B and ˜m = m + ∆m. Let ˜m−→mα ′, then

β, γ exists s.t. ˜m−→ ˜α m′ β−→ ˜m′′, andm−→ ˜γ m′′, wherem˜′′= m′′− ∆m, and γ = α +

β. Moreover, if m=m˜ − ∆m = m + C · α ∈ LRS

C(N , m), then β is a finite sequence

fireable fromm.

Proof. Letδ be the shortest sequence fireable from m s.t. a transition t ∈ kαk is immediately fired afterδ an amount at, i.e. m−→.δatt

We will proof below that, even considering continuous markings in the places, it holds thatI(kδk) ∩ I(kαk) = ∅.

Assume contrary. Lettδ be the first transition inδ s.t. I(tδ) ∈ I(kαk), and tαthe first

transition inα belonging to that SM. Since the difference among m and ˜m is only in the buffers, thentδ is enabled after firing m−→ iff tδ δ is enabled after firingm˜−→. Therefore,δ

instead oftδ,tαcould have being fired inδ. Contradiction with the minimality of δ.

Then, let us denote ˆt the first transition of α from the same SM than t, which is fired a certain amountatˆt. I.e., α = αaˆtαb, whereI(t) = I(ˆt) 6∈ I(kαak).

Given thatt, ˆt are the first transitions from that SM enabled at δt (from m),α (from ˜

m), and the only difference between m and ˜m is in the buffers, thenenab(ˆt, m) > 0 ⇔ enab(ˆt, ˜m) > 0. Given that I(kδk ∩ I(kαk) = ∅, ˆt is also enabled after the firing ˜m−→.δ

However, it can be enabled an amount smaller thanat. In that case, we fire it the maximal

allowed amount. Select:

Selectingax in this way, δaxˆt can be fired from m and also from ˜m. Then, apply the

inductive hypothesis to mδaxˆt

−→, ˜mδaxˆt

−→ and αa(at− ax)ˆt αb, to findβ′,γ′. Finally, the sought

sequences are:β = δβ′andγ = δa xˆtγ′.

If m′− ∆m ∈ LRSC(N , m), then β = δβ′is a finite sequence fireable from m.

The following result is obtained from [RTS98], applying Lemma 5.17, which is specific for continuous PN.

Theorem 5.18 Let hN , m0i be a live DSSP and ma, mb ∈ RSC(N , m0). Then

RSC(N , ma)∩ RSC(N , mb) = ∅.

A consequence of Theorem 5.18 is presented below.

Theorem 5.19 Given a discrete DSSP system hN , m0iD which is live, the continuous

hN , m0iCis also live.

Proof.

Because of Theorem 5.18, for every pair of markings ma, mb ∈ RSC(N , m0), there

exists a common successor. Consequently, none of them can be a deadlock marking. Conse- quently,hN , m0iC is deadlockfree as continuous, and live (because deadlock-freeness and

liveness are equivalent in continuous DSSP systems[Rec98]).

And the result about spurious deadlocks, analogous to the one proposed for discrete con- sistent DSSP (using Lemma 5.17 and Theorem 5.18) is presented below.

Theorem 5.20 Let hN , m0iC be a live and consistent DSSP. If ma, mb ∈ lim-

RSC(N , m0), then lim-RSC(N , ma) ∩ lim-RSC(N , mb) 6= ∅.

Proof. We claim that every m ∈ lim-RSC(N , m0) has a successor in lim-RSC(N , m0).

Then, both ma, mb, have reachable successors and applying Theorem 5.18, this successor

have a common successor, which concludes the proof.

To proof the claim, we well see that∆m0exists s.t. m+ ∆m is reachable from m0+

∆m. Then, applying Lemma 5.17, a successor of m + ∆m exists, ˜m′ verifying thatm˜ − ∆m ∈ RSC(N , m) ∩ RSC(N , m0), which proves the claim.

Let m= m0+ C · α. Let x be a T-semiflow which contains all the transitions (x > 0).

If we remove the buffer places from the state machine, a sequenceα′with firing count vector α′ = α + x is fireable. Since N is consistent, a T-semiflow x exists with kxk = T . Then, we can add tokens to the buffers (∆m) s.t. the marking of the buffers does not prevent the firing of sequences with firing count vectorsα and x. The firing of α′from m0+ ∆m gives

to m+ ∆m, since x is a T-semiflow.

Using Theorem 5.20, the following result about deadlock-freeness preservation in consis- tent DSSP systems is obtained.

5.4. On the existence of spurious deadlocks in some Petri net system subclasses 61

Theorem 5.21 Given a discrete consistent DSSP systemhN , m0iD which is live, the con-

tinuoushN , m0iCis live and lim-live.

Proof. Given thathN , m0iDis live, then every transition is fireable from m0(i.e. there are

no empty siphons at m0). Due to the fact thatN is consistent and there are not empty siphons

at m0, lim-RSC(N , m0) = LRSC(N , m0) ([RTS99], Theorem 3). Because of Theorem

5.20, there are not a marking m in LRSC(N , m0) which is a deadlock. Consequently,

hN , m0iC is lim-deadlockfree as continuous, and lim-live (because deadlock-freeness and

liveness are equivalent in DSSP systems, Corollary 2 in [RTS98]).

However, we can also prove this result in a direct way. The proof is inspired in the proof of Theorem 3.15 of [Rec98].

Theorem 5.22 Given a discrete consistent DSSP systemhN , m0iD which is live, the con-

tinuoushN , m0iCis also live.

Proof. Suppose there exists a deadlock mdin lim-RSC(N , m0). Then, ∀t ∈ T, ∃p ∈•t s.t.

md[p] = 0.

Given thatNiare state machines, at least one place ofN is marked. Hence, and at least

a transition ofNi is disabled only because one buffer is empty: ∀i ∈ {1..n}, there exists

at least a bufferb s.t. dest(b) = i and it is empty (md[b] = 0). And also all the internal

transitions of the SM are not enabled.

Consider an arbitraryb which was emptied, buffer b s.t. dest(b) = i, and Ni.

Since the net is consistent, we consider the there exists at least one transitiontj ∈ Tj

from a certainNjsuch thatb ∈•tj.

Consider an arbitraryj. SM Njis also deadlocked, and it also have an input buffer which

is empty at md. Since the number of SM is finite, at the end of the backward recursion we

will have considered every SMNz.

However, in the case of live but non consistent DSSP, there can be spurious solutions, and (lim-)liveness of the system after fluidization cannot be guaranteed. For example, the DSSP in Fig. 5.7 is not consistent, and it has a killing spurious marking, md= (1, 0, 0, 0, 1, 0, 0).

However, when more general subclasses of net systems are considered, the state equation can contain some killing spurious solutions. It is the case of Multi-level Deterministically

Synchronized Sequential Processes((DS)*SP) [RTS01], which may model complex cooper-

ationrelations; and Systems of Simple Sequential Processes with Resources (S3PR) [ECM95], which focus on competition relations (see Fig. 2.4 and Fig. 3.2).

5.4.3

(DS)*SP

The subclass of (DS)*SP [RTS01], named multi-level deterministically synchronized sequen-

tial processes, are a generalization of DSSP which allows more complex relations (see Sec- tion 2.1).

t11 t21 t1 2 t2 2 t2 3 t2 4 p1 1 p2 1 p2 2 p2 3 p1 2 b1 b2

Figure 5.7: A live (but not consistent) DSSP with a spurious deadlock [RTS98].

Although they are a generalization of DSSP, some basic properties can not be generalized from DSSP to (DS)*SP in the discrete analysis, and also the results about deadlock-freeness and liveness preservation of consistent DSSP do not hold here.

Let us show, through the example, that discrete live (DS)*SP systems can have killing

spurioussolutions which become (lim-)reachable in the fluidified net system. The PN ex- ample in Fig. 2.4 is deadlock-free as discrete. However, it has a killing spurious solution which becomes (lim-)reachable in the fluidified net system. The system belongs to (DS)*SP [RTS01], a subclass of PN systems which models intricate cooperation relations.

Considering the initial marking depicted in the figure, the infinite firing sequenceσd = 1

2t111 12t121 14t111 14t121 18t111 18t121. . . can be fired, which converges to a marking mdin

whichmd[p112] = md[p122] = md[b12] = 1, and the other places are empty [Rec98]. Notice

that this marking is a deadlock (i.e., a killing spurious marking in the discrete system which becomes lim-reachable in the continuous one).