3. Reaction chains
• Domain: symbolic system biology
• “Symbolic systems biology is the
qualitative and quantitative study of
biological processes as integrated
systems rather than as isolated parts.”
• Property: reachability
6. Reaction chains
• “For reachability queries on our nets,
answering a reachability query that would
have taken hours using a general purpose
model-checking tool takes on the order of
a second in LoLA — fast enough to permit
interactive use.”
8. GALS circuits
• Domain: asynchronous/
synchronous hardware design
• prototype for IEEE-802.11 chip
• asynchronous hardware is not
clocked - order/timing of events
makes a difference
• problem: glitch
9. Glitch
P(a) = 1
a AND P(c) = 0
c
b Gate
P(b) = 0
1
P(a): 0 1
P(c): 0
P(b): 1
0
ΔT
9
10. Glitch
P(a) = 1
0
a AND P(c) = 0
c
b Gate
P(b) = 0
1
P(a): 0 1
P(c): 0
P(b): 1
0
ΔT
9
11. Glitch
P(a) = 1 0
0
a AND P(c) = 0 0
c
b Gate
P(b) = 0
1
P(a): 0 1
P(c): 0
P(b): 1
0
ΔT
9
12. Glitch
P(a) = 1 0
0
a AND P(c) = 0 0
1 c
b Gate
P(b) = 0
1
P(a): 0 1
P(c): 0
P(b): 1
0
ΔT
9
13. Glitch
P(a) = 1 0
0
a AND P(c) = 0 0 0
1 c
b Gate
P(b) = 0 1
1
P(a): 0 1
P(c): 0
P(b): 1
0
ΔT
9
14. Glitch
P(a) = 1
a AND P(c) = 0
c
b Gate
P(b) = 0
1
P(a): 0 1
P(c): 0
P(b): 1
0
ΔT
10
15. Glitch
P(a) = 1
a AND P(c) = 0
1 c
b Gate
P(b) = 0
1
P(a): 0 1
P(c): 0
P(b): 1
0
ΔT
10
16. Glitch
P(a) = 1
a AND P(c) = 0 1
1 c
b Gate
P(b) = 0 1
1
P(a): 0 1
P(c): 0
P(b): 1
0
ΔT
10
17. Glitch
P(a) = 1
0
a AND P(c) = 0 1
1 c
b Gate
P(b) = 0 1
1
P(a): 0 1
P(c): 0
P(b): 1
0
ΔT
10
18. Glitch
P(a) = 1 0
0
a AND P(c) = 0 1 0
1 c
b Gate
P(b) = 0 1
1
P(a): 0 1
P(c): 0
P(b): 1
0
ΔT
10
19. Glitch
P(a) = 1 0
0
a AND P(c) = 0 1 0
1 c
b Gate
P(b) = 0 1 Hazard
1
P(a): 0 1
P(c): 0
P(b): 1
0
ΔT
10
62. Soundness
• 735 real-world business processes
from IBM customers
• original formalism: UML dialect
from the IBM Websphere Business
Modeler
• translation: compiler UML2oWFN
• original question: can soundness
be verified using model checking
techniques
64. Soundness
• “IBM Soundness” = absence of
• lack of synchronization (= unsafe marking)
• deadlock (= deadlock)
• + certain assumptions on the structure
• for LoLA: two checks
• Is the final marking life?
• Is the net safe?
65. Soundness
for each SESE fragment
matches
"
structural heuristics?
!/
A
B SESE "
translation C decomposition sound counterexample
business process
model workflow graph SESE fragments soundness check analysis result
(plain state space)
choice depends on SESE fragment
IBM WebSphere Business Modeler / SESE approach
liveness check
!/
(reduced state space)
translation "
sound counterexample
Petri net safeness check analysis result
(reduced state space)
always perform both checks
LoLA
trivial workflow net? !
sound
extension to structural analysis result
workflow net reduction
workflow net reduced workflow net soundness check
(structure and
state space)
!/
sound
"
structural information
analysis result
Compiler Woflan choice depends on net structure
66. Soundness
• execution scheduled and optimized using
Makefiles
• max. 50 ms per check
• “analysis on demand”
• observed effect: structural reduction
techniques do not pay off when using
stubborn sets
soundness
68. Concurrent Programs
• concurrent processes
• shared and global variables
• goal: find Aa. small-model roening, and T . Wahl
650 K aiser, D . K
property
to make a statement on the correctness of
an arbitrary number of instances
|R n |
|R| |R|
(a) (b)
n
m c
69. Concurrent Programs
• problem can be solved by checking for
reachable states in a coverability graph
• challenge: number of places = number of
states of a process
• concurrency only through tokens
• it took a while to beat LoLA
concurrent
71. AI Planning
• setting: smart conference room
• several projectors, canvases, documents,
and lamps
• AI planning problem: Configure the room to
display document A on that canvas.
• original formalism: proprietary
planning language; manually translated
72. AI Planning
• straightforward translation to state predicate
Goals: FORMULA
( LightOn 1 Lamp1 ); LightOn.<Lamp1|TRUE> = 1 AND
( LightOn 1 Lamp2 ); LightOn.<Lamp2|TRUE> = 1 AND
( DocShown 1 Doc1 LW3 ); DocShown.<Doc1|LW3|TRUE> = 1 AND
( DocShown 1 Doc2 LW1 ); DocShown.<Doc2|LW1|TRUE> = 1 AND
( CanvasDown 1 VD1 ); CanvasDown.<VD1|TRUE> = 1
• system is extremely concurrent
• depth-first search actually finds shortest path
planner
Editor's Notes
\n
\n
\n
\n
\n
\n
\n
\n
Problem hier: delta T wird beliebig klein \n
Problem hier: delta T wird beliebig klein \n
Problem hier: delta T wird beliebig klein \n
Problem hier: delta T wird beliebig klein \n
Problem hier: delta T wird beliebig klein \n
Problem hier: delta T wird beliebig klein \n
Problem hier: delta T wird beliebig klein \n
Problem hier: delta T wird beliebig klein \n
Problem hier: delta T wird beliebig klein \n
Problem hier: delta T wird beliebig klein \n
Problem hier: delta T wird beliebig klein \n
Problem hier: delta T wird beliebig klein \n
Problem hier: delta T wird beliebig klein \n
Problem hier: delta T wird beliebig klein \n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n
Pegelpl&#xE4;tze -> triviale Idee\nFlankenpl&#xE4;tze -> D. Gomm\n