0% found this document useful (0 votes)

269 views

Petri Nets An Introduction (PDFDrive)

Uploaded by

Miruna Metes

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

269 views

Petri Nets An Introduction (PDFDrive)

Uploaded by

Miruna Metes

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 171

EATCS

Monographs on Theoretical Computer Science

Volume 4

Editors: W. Brauer G. Rozenberg A. Salomaa

Advisory Board: G. Ausiello S. Even M. Nivat
Chr. Papadimitriou A. L. Rosenberg D. Scott
Wolfgang Reisig

PETRI NETS
An Introduction

With III Figures

Springer-Verlag
Berlin Heidelberg New York Tokyo
Dr. Wolfgang Reisig
GMD
Postfach 1240, SchloB Birlinghoven
5205 St. Augustin I, Germany

Prof. Dr. Wilfried Brauer

FB Informatik der Universitat
Rothenbaum-Chaussee 67-69, 2000 Hamburg 13, Germany

Prof. Dr. Grzegorz Rozenberg

Institut of Applied Mathematics and Computer Science
University of Leiden, Wassenaarseweg 80, P.O. Box 9512
2300 RA Leiden, The Netherlands

Prof. Dr. Arto Salomaa

Department of Mathematics, University of Turku
20500 Turku 50, Finland

Translation of the German original edition: W. Reisig, Petrinetze

ISBN 3-540-11478-5
Springer-Verlag Berlin Heidelberg New York 1982

Library of Congress Cataloging in Publication Data

Reisig, Wolfgang, 1950-
Petri nets.
Based on lectures given by the author at the Technical University of Aachen.
Translation of Petrinetze.
Includes index.
l. Petri nets. 1. Title.
QA267.R4513 1985 511 84-26700

ISBN-13: 978-3-642-69970-2 e-ISBN-13: 978-3-642-69968-9

DOl 10.1007/978-3-642-69968-9
This work is subject to copyright. All rights are reserved, whether the whole or part of
material is concerned, specifically those of translation, reprinting, re-use of illustrations,
broadcasting, reproduction by photocopying machine or similar means, and storage in
data banks. Under § 54 of the German Copyright Law where copies are made for other
than private use a fee is payable to "Verwertungsgesellschaft Wort", Munich.
I{)Springer-Verlag Berlin Heidelberg 1985
Softcover reprint of the hardcover 1st edition 1985
The use of registered names, trademarks, etc. in the publication does not imply, even in
the absence of a specific statement, that such names are exempt from the relevant pro-
tective laws and regulations and therefore free for general use.

2145/3140-543210
Preface

Net theory is a theory of systems organization which had its origins, about 20
years ago, in the dissertation of C. A. Petri [1]. Since this seminal paper, nets
have been applied in various areas, at the same time being modified and
theoretically investigated. In recent time, computer scientists are taking a
broader interest in net theory.
The main concern of this book is the presentation of those parts of net
theory which can serve as a basis for practical application. It introduces the
basic net theoretical concepts and ways of thinking, motivates them by means
of examples and derives relations between them. Some extended examples il-
lustrate the method of application of nets. A major emphasis is devoted to those
aspect which distinguish nets from other system models. These are for instance,
the role of concurrency, an awareness of the finiteness of resources, and the pos-
sibility of using the same representation technique of different levels of ab-
straction. On completing this book the reader should have achieved a system-
atic grounding in the subject allowing him access to the net literature [25].
These objectives determined the subjects treated here.
The presentation of the material here is rather more axiomatic than in-
ductive. We start with the basic notions of 'condition' and 'event' and the con-
cept of the change of states by (concurrently) occurring events. By generali-
zation of these notions a part of the theory of nets is presented. It would have
been possible to proceed in the opposite order by firstly presenting net repre-
sentations of practical, real systems and then, proceeding by a sequence of ab-
straction steps, reaching nets consisting of conditions and events. However, the
chosen method of presentation corresponds to the usual way of proceeding in
the framework of theoretical computer science.
It is not intended, in this book, to give a total overview and summary of the
theory and applications of nets. Such an attempt is doomed to failure, not only
because of the number of publications in the field, more than 500 are refer-
enced in [25], but also because of the wide spectrum of the topics covered; for
example complexity theory, the theory of formal languages, the theory and de-
sign of logic circuits, computer architecture, operating systems, the connection
of computer processors, process control and real time systems, programming
and command languages, databases, communication protocols, software en-
gineering and yet even further into topics outside computer science (ad-
ministration, jurisprudence, the logic of inter-personal interaction). Also, we
are not able here to treat the foundations of net theory which lie in the philoso-
VI Preface

phies of natural sciences, in the classical and non-classical logics, in theoretical

physics and in the theories of communication.
A series of lectures for students in the third and fourth year of computer
science, which the author gave at the Technical University of Aachen, served as
a basis for this book. It might therefore be used in university courses, but it is
also intended for the graduate student, the researcher and the professional who
want to start within the field of Petri Nets.
The book assumes only an elementary knowledge of the structure, function-
ing and application of computer based information systems and sQme elemen-
tary mathematics. Using the first chapter as a basis, Part 1 and Part 2 may be
read rather independently of each other. Part 3 uses the notions introduced in
Chapts. 2, 4, 5 and 6. The computing practitioner should, in addition to the first
chapter, find it worthwhile to study, particularly, the example at the start of
Chapt. 5 and Sects. 6.3 to 6.5 and 8.1 to 8.3.
At the end of each chapter exercises are given. The more difficult ones are
marked with *.
The appendix presents the mathematical notions and notation which are
used in this book.
This book was originally published in German by Springer-Verlag in 1982.
For the English edition it was revised and the "Further Reading" appendix and
the exercises were incorporated.
Acknowledgements

This book could not have been created without the help of a number of people.
At the Institut fUr Informationssystemforschung of the Gesellschaft fUr Mathe-
matik und Datenverarbeitung in Bonn (West Germany), I received great sup-
port in discussing particular topics from C. A. Petri, H. Genrich, K. Lauten-
bach und P. S. Thiagarajan. Prof. W. Brauer gave many valuable remarks on
the German manuscript.
On the occasion of the English translation it was possible to revise the text
due to many hints and comments from its readers. Especially I am indepted to
Eike Best, Ursula Goltz, Kurt Lautenbach, Roberto Minio, Horst Muller, Leo
Ojala, Anastasia Pagnoni, Grzegorz Rozenberg and P.S. Thiagarajan for their
many critical and constructive notes. Horst Muller and Dirk Hauschildt mainly
contributed to the revision of Lemma 5.3 (d) and Theorem 7.2 (k), respectively.
I am deeply indebted to the translators Ursula Goltz and Dan Simpson, who
with remarkable competence, fervour and patience did an excellent job. They
also brought up some valuable discussion with regard to the contents of the
book.

W.R.
Aachen, Germany
June 1983

To the English Edition

We have retained the notation of the German book (e.g. B for sets of conditions
and S for sets of places) corresponding to the standards introduced at the Ad-
vanced Course on Net Theory and Application, cf. [17]. Any changes might
have induced further problems (e.g. C for conditions would exclude an ap-
propriate notation for cases. P for places would imply the non-standard notion
of P-invariant).

u.G., D.S., Aachen and Sheffield

Contents

Introduction

Chapter 1. Introductory Examples and Basic Definitions 3

l.l Examples from Different Areas ....... . 5
1.2 Examples from Logic Circuits and Operating Systems 8
1.3 Non-Sequential Programs 10
1.4 An Example for Systems Analysis 12
1.5 Some Basic Definitions 14
1.6 Summary and Overview 16
Exercises for Chapter I 16

Part 1. Condition/Event-Systems 17

Chapter 2. Nets Consisting of Conditions and Events 18

2.1 Cases and Steps . . . . 18
2.2 Condition/Event-Systems 21
2.3 Cyclic and Live Systems 23
2.4 Equivalence ..... 24
2.5 Contact-Free C/ E-Systems 25
2.6 Case Graphs 28
Exercises for Chapter 2 30

Chapter 3. Processes of Condition/Event-Systems 32

3. I Partially Ordered Sets 33
3.2 Occurrence Nets 35
3.3 Processes . . . . . 37
3.4 The Composition of Processes 39
3.5 Processes and Case Graphs 41
Exercises for Chapter 3 . . . . 44

Chapter 4. Properties of Systems 46

4.1 Synchronic Distances 46
4.2 Some Quantitative Properties of Synchronic Distances 52
4.3 Synchronic Distances in Sequential Systems . . . . 53
Contents IX

4.4 Synchronic Distances in Cyclic Systems 54

4.5 Facts ..... 55
Exercises for Chapter 4 57

Part 2. Place/Transition-Nets 61

Chapter 5. Nets Consisting of Places and Transitions 62

5.1 Place/Transition-Nets .... 62
5.2 Linear Algebraic Representation 65
5.3 Coverability Graphs . . . . . 66
5.4 Decision Procedures for Some Net Properties 71
5.5 Liveness . . . . 73
Exercises for Chapter 5 74

Chapter 6. Net Invariants 77

6.1 S-Invariants 77
6.2 Nets Covered by S-Invariants 81
6.3 The Verification of System Properties Using S-Invariants 82
6.4 Properties of a Sender-Receiver Model . . . . . . . 84
6.5 A Seat-Reservation System . . . . . . . . . . . . 87
6.6 The Verification of Facts in CI E-Systems by Means of S-Invariants. 93
6.7 T- Invariants 94
Exercises for Chapter 6 . . . . . . . . . . . . . 96

Chapter 7. Liveness Criteria for Special Classes of Nets 98

7.1 Marked Nets, Deadlocks and Traps 98
7.2 Free Choice Nets 101
7.3 Marked Graphs 108
Exercises for Chapter 7 109

Part 3. Nets with Individual Tokens 111

Chapter 8. Predicate/Event-Nets 112

8.1 An Introductory Example 112
8.2 Predicate/Event-Nets 114
8.3 An Organization Scheme for Distributed Databases 117
8.4 Facts in PIE-Nets . . . . . 119
8.5 A Normal Form for PIE-Nets 122
Exercises for Chapter 8 123

Chapter 9. Relation Nets 124

9.1 Introductory Examples 124
9.2 Relation Nets . . . . 126
X Contents

9.3 The Translation of P / E- Nets into Relation Nets 129

9.4 Calculation with Multirelations 129
9.5 A Matrix Representation for Relation Nets 132
9.6 S-Invariants for Relation Nets . . . . . 133
9.7 An Example for Applying S-Invariants: The Verification of Facts 133
9.8 Relation Net Schemes ....... . 135

Appendix. Mathematical Notions and Notation 139

I. Sets 139
II. Relations 139
III. Mappings, Functions 140
IV. Partial Orders 140
V. Graphs . . . . . . 140
VI. Suprema of Sets of Natural Numbers and Calculations with w 141
VII. Vectors and Matrices 142

1.1 Examples from Different Areas

In the preface and the introduction, we have already used the terms "system
organization", "system model", "condition", "event" and "information trans-
formation" without explaining them. These notions are of fundamental im-
portance in net theory. However, as they are concepts from the real world, we
shall not try to give precise definitions of them but rather appeal to the intui-
tion and general understanding of the reader. But, we shall have to consider
properties of objects of this kind, and also the relationships between such ob-
jects. We shall say, for instance, that "system models" represent real systems
more or less adequately, that "events" occur and that "conditions" do or do
not hold.

(a) Let us first consider systems compnsmg conditions and events. Figure 1
shows a system in which the conditions are: "it is spring", "it is summer", "it is
autumn" and "it is winter"; the events are: "start of spring", "start of sum-
mer", "start of autumn" and "start of winter". We see that each condition is
represented by a circle and each event by a box. Each condition which holds is
marked by a dot (a token) (in Fig. 1, it is "spring"). The set of conditions
which hold in some configuration is called a case. In the system represented in

start of
swnmer
swnmer

start of start of
spring autwnn

winter autwnn

start of
winter
Fig. I. The four seasons and their changes
4 Introductory Examples and Basic Definitions

Fig. 1, each case has only one element. Whenever an event occurs, another case
results. A condition, b, and an event, e, may be related with each other as
follows:
(1) b starts to hold when e occurs. b is then called a postcondition of e. Graphi-
cally, this relationship is represented as an arc from e to b.
(2) b ceases to hold when e occurs. b is then called a precondition of e. Graphi-
cally, this relationship is represented as an arc from b to e.
If b is not affected by the occurrence of e there is no arc between band e at
all.
So, in our system of the four seasons, when an event occurs the token is
moved to the next season.

start of
swnmer
swnmer

start of start of
spring autwrm

winter autwrm

start of
winter
Fig. 2. Addition of two conditions to Fig. I

start of
swnmer
spring swnmer

winter or
spring start of
start of
spring autwrm
not
autwrm

winter autwrm

start of
winter
Fig. 3. The system of Fig. 2 after start of summer
1.1 Examples from Different Areas 5

Fig. 4. The occurrence of an event e

When modelling the four seasons and their changes we may wish to rep-
resent additional conditions and events. When we add the conditions "winter or
spring" and "not autumn", we obtain the system shown in Fig. 2. Note that
now some events have several pre- or postconditions.
In the system represented in Fig. 2, consider now in which case the event
"start of summer" may occur. This is when it is both "spring" and "winter or
spring", and it is not already "summer". By the occurrence of this event we
obtain the configuration shown in Fig. 3. In general, an event may occur if all
its preconditions hold and none of its postconditions hold. Figure 4 shows the
requirements for, and the result of, an event, e, occuring.
Although it is certainly an interesting event that winter ends, it should not
be distinguished from the start of spring because neither of these events can
occur without the other. The end of winter and the start of spring are coinci-
dent events, they are represented by one single box.

(b) When describing systems, at some levels, it is not always appropriate to use
the notions of "condition" and "event". For example, when looking for

consumer

producer
consumer

Fig. 5. A system consisting of one producer and two consumers

6 Introductory Examples and Basic Definitions

bottlenecks in manufacturing processes, it may only be the total number of

goods produced which is of interest and not their individual identities. In the
representation of a store, a set of conditions ("the places SI, ... , sn are used")
may then be combined into one item which is marked n-times ("n places are
used"). Figure 5 shows a system of one producer and two consumers using a
buffer as their store. The producer generates items (represented as tokens),
which are placed in the buffer. The consumers may remove items which are in
the buffer. In such nets, we say the elements are places 0 and transitions D.
Places may, in contrast to conditions, carry more than one token. Arcs again in-
dicate the flow of tokens. A transition fires by removing a token from each in-
put place and by adding a token to each output place (Fig. 6). If we restrict
each place to carry at most one token this firing rule corresponds to the effect
of event occurrences described above .

•
•• ••
==t> -

•
Fig. 6. The firing of a transition t

The two consumers are represented by two tokens in one single consumer
part of the net as in Fig. 7. However, now the consumers may no longer be
distinguished as individuals.

(c) Nets consisting of places and transitions model system properties concern-
ing the number, the distribution and the flow of objects which are not further
distinguished. If we wish to consider individual properties of the objects we
must be able to identify particular tokens. Figure 8 shows a fragment of an
industrial production system, the operation of which is intuitively clear. This
also illustrates the construction of nets. Round nodes (places) represent passive
system components. These are those components which may store items, take
particular states and make things observable. Rectangular nodes (transitions)

producer two consumers

Fig. 7. Combination of the two consumers of Fig. 5 into one part of the net
1.1 Examples from Different Areas 7

capacity:
100 items

Fig. 8. A fragment of an industrial production system

represent active system components. Such components may produce, transport

and change objects. Arcs show which system components are directly coupled
with each other and in which direction objects may "flow" through the
net. These objects themselves are represented as individual tokens:

(d) There are systems where some of the connections between system com-
ponents are not oriented. Some systems do not have objects which flow. But we
shall always adhere to the principle of partitioning the system into active and
passive components. This partitioning may often be done in a number of dif-
ferent ways. For example, as a first approximation, a game of chess may be
represented as an interaction, t, of two players (holders of states) S1 and S2'
Alternatively, the board, s, may be considered as a passive object to be ac-
cessed by the moves, t1 and f2, made by each player. Figure 9 shows the first
8 Introductory Examples and Basic Definitions

player 1 moves of player 2 moves of board moves of

the players player 1 player 2
Fig. 9. Two representations of a chess game

view as N] and the second view as N 2 • These two different partitions stress two
different aspects of the same system. Each may be refined so that the aspects
of the other view are included. Figure 10 shows the smallest refinement which
covers the aspects of both views.
As long as no distinguished flow of objects is to be represented, the arcs of
a net may be undirected, as in Fig. 9 and Fig. 10. In this book we will not dis-
cuss nets of this kind.

player 1 moves of board moves of player 2

player 1 player 2

coarsening yielding Nl

t1 r----------, 5 ,---.-----4'

-01
]
I
I 1 I
] I I I
L _ _ _ _ _ _ _ _ _ ..J L __________ -L

coarsening yielding N2
Fig. 10. Common refinement from Fig. 9

1.2 Examples from Logic Circuits and Operating Systems

(a) Let us start with a problem from logic circuits. x and yare two variables,
which can take the values "true" and "false". Each is assigned an initial value
independently of the other. They are then combined to give the value x 1\ y to
the variable x and the value x v y to the variable y. These new values are
available until they are, again independently, deleted. Then the system returns
to the initial configuration and the variables may be given new values. Fig-
ure 11 shows this system as a net consisting of conditions and events.
1.2 Examples from Logic Circuits and Operating Systems 9

I------~.
sta:rt of
cyde

initialization

initiaZ
~o vaZues

compute new
vaZues

computed
~o vaZues

deZete
vaZues

vaZues are
deZeted
x y

Fig. 11. A system which calculates x := x /\ y and y := x V y

(b) In operating systems several processes may write to, or read from, an area
in main memory. For example, consider a configuration of two processes with
write access and four processes with read access. At most three reader pro-
cesses may overlap in their access to the memory. When the memory is being
changed by some writer process no other process may have access.
Figure 12 shows this system as a net consisting of places and transitions.
Two of the arcs are labelled by 3. In this case, when the appropriate transition
fires the token count on the place s is reduced or increased by 3 instead of 1.

ready to
write
ready to
read

access other
other
control processing
processing

2 writer processes 4 reader processes

Fig. 12. Organization of the access rights of six processes to a memory area
10 Introductory Examples and Basic Definitions

1.3 Non-Sequential Programs

In the area of software engineering, non-sequential programs are required, in

particular for systems programming and process control. Even in small pro-
gramming problems the actual requirements for the program can not always
be represented using purely sequential techniques. To do so means we must
accept an overspecification. Because of the currently available computer archi-
tectures this overspecification may be economically advisable and seem more
efficient, for if we specify the non-sequential behaviour we still have to give a
sequential specification for the implementation. However, we propose it is a
fundamental advantage to avoid the introduction of orderings except in those
situations where they are necessary or wanted. To show this, we now consider
two examples.

(a) We want to construct a program for the addition of two natural numbers
stored in the variables x and y. In the final state, the variable x should contain
the value 0 and the variable y the required sum. The operations allowed are
the addition and the subtraction of the value 1 and the test for o.
Figure 13 presents two sequential solutions to this problem. The nets shown
there are similar to ordinary flow charts. Instructions are represented as events,
and possible program states as conditions. The current state is marked by a
token. In both nets, each event has exactly one pre- and exactly one postcondi-
tion. Hence, from the firing rule given above, there is always only one token
in the net.
The two programs shown in Fig. 13 are almost identical. They differ only
in the order of the instructions x := x-I and y := y + 1. Clearly their order is
of no importance; actually, when executing them no order need be observed at
all as they are logically independent.
Figure 14 shows a non-sequential program for the addition problem. Here,
e] and e2 change the number of tokens in the net from one to two and back to

initial state

final state

Fig. 13. Two sequential programs for the addition problem

1.3 Non-Sequential Programs II

initial state

x>o

e'
1

final state

Fig, 14. A non-sequential program for the addition problem

mx>mn

.l-----t-----.I
final
initial state
state

Fig. 15, A non-sequential program for solving the rearrangement problem

12 Introductory Examples and Basic Definitions

one, respectively. In this representation it is explicit that the instructions

x := x - I and y := y + 1 may be executed independently.
(b) The program shown in Fig. 15 solves the following rearrangement prob-
lem: given two finite, non-empty, disjoint sets A and B, A u B is to be re-
arranged into two subsets A' and B' such that [A'[ = [A[, [B'[ = [B[ and
max (A') < min (B').
Operations on sets are certainly slow in comparison with simple assign-
ments. In this solution the set operations are executed concurrently whenever
possible.
Non-sequential programs of the kind discussed in this section are not to be
considered as special non-deterministic programs. In some particular run of
such programs, it need not be decided in which order concurrent instructions
are executed. The program is deterministic in that its meaning is independent
of any ordering of instruction evaluations. If, nevertheless, a computing system
chooses to impose an order, it performs a service which is beyond the require-
ments specified in the program.

1.4 An Example for Systems Analysis

Whenever computers are used for practical applications we have to develop

programs from informal problem descriptions. Nets may be used to support
this development in the following way. To start with, some structural proper-
ties are imposed on the informal description by some net representation. Then
a series of gradual refinement steps follows, finally yielding system parts in a
form suitable for programming. By this continuous and systematic develop-
ment, we also obtain a description of how the system parts relate to each other
and to their environment.
For example, consider the organization of the borrowing and the returning
of books in a library. An unambigous and perspicuous representation of this
organization is needed to describe several different levels and several different
views of the organization. Different views correspond, for instance, to the
needs of the library staff, the users, the suppliers of new books, the caretaker,
the administration, etc.
Moreover, when the library system is set up, the designers of the library
would need a representation of their view as would the designers of a com-
puter-aided administration system.
Figure 16 shows a first coarse structuring of the library system. Users can
access the library by three desks; the request desk, the collection desk and the
return desk. In the library all books are kept in the stack and each book has an
index card. A potential borrower enters the library system at the request desk
where a particular book may be requested. If the book is in the library it is
taken from the stack and the borrowed book index is updated. The user gets
the book at the collection desk. When a user returns a book he does so via the
return desk; the book is put back in the stack and the index is appropriately
updated.
1.4 An Example for Systems Analysis 13

kerneZ of the Zibrary

Fig. 16. Coarse structure of a library

A first refinement of Fig. 16, shown in Fig. 17 involves two active agencies
which organize the delivery and re-acceptance of the books and two passive
components, the stack and the borrowed book index.
Figure 18 represents a simple organization scheme for such a library. The
tokens in this net are of three kinds: order forms, books and index cards. Each
book is identified by a number and, for each book, there is an index card bear-
ing this number. To borrow a book an order form containing the book number
is put on the request desk. The book and its index card are taken from the
stack, the book and the order form are placed on the collection desk and the
index card is inserted in the borrowed book index. However, if the book
requested has already been borrowed, the order form with an appropriate
message is given to the collection desk. When a book is returned, the book to-
gether with its index card is replaced into the stack. Figure 18 illustrates a
typical situation in this small library. Book 1 has been ordered and the cor-
responding order form is on the request desk. On the collection desk is book 3
with its order form, and also an order form saying book 5 is already borrowed.
Book 2 has been returned and is still on the desk. The stack contains books 1
and 4 with their index cards and books 2, 3 and 5 are borrowed.
A change to a new situation is possible by the occurrence of one of the
three events e" e2, e3. For such an occurrence the objects written on the arcs

delivery collection
request
desk desk

library borrowed
stack book index

return
desk
re-acceptance
Fig. 17. Refinement of Fig. 16
14 Introductory Examples and Basic Definitions

delivery
request r--------------------------------------l
desk II No(order form)
e
1
I
I
co llection
desk
I =No (index card) order form lili th I
I message ItboPPol.JJedlf:

No (order form)
=No (index card)
=No (book)

return
----------------~ desk
I
I No (book)
I =No (index card) I
book
e3
1L ________________ JI

re-aecep tanae

Fig. 18. A simple library organization

leading to ej have to be instantiated by suitable items from the input places;

the items must be chosen so that the formula written on ej besomes true. When
ej occurs the corresponding tokens flow in accordance with the event occur-
rence rule for nets consisting of conditions and events. Such nets are called
predicate / events-nets.

1.5 Some Basic Definitions

In all the constructions described in the previous sections, the underlying

structure consisted oftwo sorts of objects and some relatiol)s between them. As
long as these objects are not interpreted in any special way (for instance, as
conditions, states, stores or events, state changes, instructions), we call circles
S-elements and boxes T-elemen ts, respectively *. The relations between S- and
T-elements, represented as arcs, are combined yielding the flow relation. It was
not accidental that the flow relation in the previous examples always connected
elements of different sort. Rather, this is a basic property of nets.

* These terms are derived from the interpretation as places (German: ~tel1en) and !.ransi-
tions. To date, this has been the most thoroughly investigated and frequently applied inter-
pretation.
1.5 Some Basic Definition 15

We now make this precise in the following definition:

(a) Definition. A triple N = (S, T; F) is called a net iff

(i) Sand T are disjoint sets (the elements of S are called S-elements, the ele-
ments of T are called T-elements),
(ii) F c::; (S x T) u (T x S) is a binary relation, the flow relation of N.

Graphically, we represent S-elements as circles and T-elements as boxes

(mnemonically ®, ITJ). The flow relation is represented by arcs between the
respective circles and boxes.

(b) Notation. Let N = (S, T; F) be a net. We sometimes denote the three com-
ponents S, Tand Fby SN, TN and FN, respectively. If confusion can be excluded,
we also write N for S u T.

(c) Definition. Let N be a net.

(i) For x EN,
·x = {y [y FN x} is called the preset of x,
x· = {y [x FNY} is called the postset of x.
For X c::;N, let T= U·x
and x· = x·. U
XE'X XEX

In particular we have, for x, YEN:

x E"y~ Y EX·.
(ii) A pair (s, t) E S NX TN is called a selj~loop iff sFN t /\ t FNS. N is called
pure iff FN does not contain any self-loops.
(iii) x EN is called isolated iff ·x u x· = 0.
(iv) N is called simple iff distinct elements do not have the same pre- and
postset, i.e.
vx, YEN: ex = "y /\ x· = y") = x = y.
Figure 19 shows a net which is simple but not pure and which contains no
isolated elements.

S={Sl"" ,ss}
T={t 1 ,···, t,s}
F={ (s l' t 1) , (t l' s 2) , (t l' s 3) , (t l' s 4) ,( s 3' t 2) , (t 2 , s 3) , (s 2' t 2) , (s 2' t 3) , (s 4' t 2) , (s 4' t 4)
(t 3 'S4)' (t 3 ,ss)' (t 4 ,ss)' (ss,t s )}

Fig. 19. Graphical representation of a net

16 Introductory Examples and Basic Definitions

(d) Definition. Let Nand N' be two nets.

(i) Given a bijection 13: N ~ N', we call Nand N' j3-isomorphic iff S E SN <=>
j3(s) ESN' and XFNy<=>j3(x)FN,j3(y). (This implies that tETN<=>
j3(t) E TN")
(ii) Nand N' are calle isomOlphic iff they are j3-isomorphic for some bijec-
tion 13.

Graphical representations in which the elements are not named explicitly

represent nets uniquely up to isomorphism. We always use such representa-
tions if the names of the elements are not important.

1.6 Summary and Overview

The examples given in this chapter may be classified into three groups: Nets
consisting of conditions and events, nets consisting of places and transitions,
and nets which carry individuals as tokens. Formally, these classes are distin-
guished mainly by the way the nets are marked. In the first case, an S-element
is either marked or unmarked, in the second case it carries a certain number
of indistinguishable tokens, in the third case it is marked by individual objects.
The three parts of this book correspond to these three interpretations. Other
interpretations (see, for instance, the chess game discussed in 1.1 (d)) will not
be considered here.

Exercises for Chapter 1

1. Represent in Fig. 1 the two conditions

a) "not winter and not spring",
b) "spring or autumn".

2. Rearrange Fig. 12 so that in each case either none or more than one process
is reading.
Part 1. Condition/Event-Systems

Part I deals with a fundamental class of systems in net theory called condi-
tion/event-systems. They are introduced in Chap. 2. In Chap. 3 we investigate
what single processes running in such systems look like. Chapter 4 introduces
and explains notions for the representation and description of some properties
of condition/event-systems.
Chapter 2

Nets Consisting of Conditions and Events

First, for nets consisting of conditions and events, we must make precise the
meaning of "occurrence of a single event or several independent events". For
this, the notion of a step is introduced. A notion of equivalence for condition/
event systems (C/ E-systems) is then introduced, and we show how each system
can be transformed to an equivalent contactjree normal form. Finally we dis-
cuss the case graph of a C/ E-system. This graph provides an overview of all
cases and steps of the system.

2.1 Cases and Steps

In the first chapter we have already informally discussed systems consisting of

conditions and events. Conditions are represented as 5-elements, events as T-
elements. We know already that conditions are either satisfied or not, and that
the occurrence of events changes condition holdings. In each configuration of
such a system some conditions hold, while the rest do not hold. The set of con-
ditions which hold in a configuration is called a case. An event e can occur in
a case c, if and only if the preconditions of e belong to c and the post-
conditions of e do not belong to c. When e occurs, the preconditions of e cease
to hold and the postconditions of e begin to hold.
I[ 5- and T-elements are to be interpreted as conditions and events, respec-
tively, we shall write (B, E; F) instead of (5, T; F).

(a) Definition. Let N = (B, E; F) be a net.

(i) A subset c <:; B is called a case.
(ii) Let e E E and c <:; B, e has concession in c (is c-enabled) iff'e <:; c /\ e' n c = 0.
(iii) Let e E E, let c <:; B and let e be c-enabled. c' = (c \ 'e) u e' is called the
follower case of c under e (c' results from the occurrence of e in the case c)
and we write: c [e >c'.

To represent a case c graphically, we draw a dot (a token) in each circle

belonging to c.
Figures 1- 3 show nets consisting of conditions and events; one case is
shown in each figure.
According to Definition (a), an event e can only occur if no condition in its
postset e' is satisfied. If any satisfied postconditions are preventing the occur-
2.1 Cases and Steps 19

rence of e; that is, if, in a case c, "e s; c 1\ e" n c =1= 0, then this is called a con-
tact-situation. At first glance,it might not seem fully justified that e is then not
allowed to occur: One could, for example, propose that every postcondition
which is satisfied before the occurrence of e remains so after the occurrence
of e. But let us discuss the implications. In terms of some examples, it would
mean that spring may start when it is already spring; that an already written
memory cell may be rewritten; that a full glass may be filled; that a reserved
seat may be reserved again; or that a car may move to a place where another
car is already standing. Some such events are impossible, but on the other
hand some may be intended, or else possible but unwanted. We will see later
how such events can be described, discovered or prevented. But at the lowest
and most detailed level of description, which concerns us now, we rule them
out. There are also formal reasons for this: Suppose that we allow a transition
~ =:::> o-c::J--.@ and that in the situation ~
both events occur exactly once, then it depends on the order of their occur-
rences, whether the case ~ or the case ()--{J--@---[J-
results. But we want to be able to explicitly distinguish, to represent and to
trace, whether events occur in a particular intended order or whether they oc-
cur in arbitrary order or independently.
When an event has led from one case to another, other events may occur,
yielding yet other cases. These events are dependent on each other in different
ways: In Fig. 20, for example, e, has to occur before e3 and e4' e3 and e4 on the
one hand and e2 on the other hand are alternatives. If e3 and e4 occur, they can
be combined into one step. The occurrence of a set of events G in one step is
possible if all events of G are enabled and their pre- and postsets are disjoint;
G will then be called detached.

.~,,~.
~ b2 e) b4

~el®'~ o. " "

b e2

•b:1 e) b4

b) e4 bs

~o,~"
b:1 ~ b4

Fig. 20. The change of cases by event occurrences

20 Nets Consisting of Conditions and Events

(b) Definition. Let N = (B, E; F) be a net.

(i) A set of events G ~ E is called detached iff Ye] , e2 E G: e] =1= e2 =>
.e] n .e2 = 0 = ei n ei .
(ii) Let c and c' be cases of N and let G be detached.
G is called a step from c to c' (notation: c [G) c') iff each event e EGis c-
enabled and c' = (c\·G) u G·.

By a step c[G) c', G leads from a case c to a case c'. Obviously, if G con-
tains only one element, G = {e}: c [G) c' <=> c [e) c'.
The following lemma clarifies some relations between c, G and c'.

Proof If c[G) c', all e E G are enabled and c' = (c\·G) u G·. Hence, ·G ~ c and
G·nc=0.
Now it follows
c\c' = c\«c\·G) u G·)
= (c\(c\·G)) n (c\G·) according to A3 (v) (cf. Appendix)
= (c n ·G) n (c\G·) according to A3 (ii)
= (c n . G) as c n G· = 0
=·G as·G ~ c.
c'\c = «c\·G) u G·)\c
= «c\·G)\c) u (G·\c) according to A3 (iii)
= 0 u (G·\c)
= G· as G· n c = 0.

Conversely, if c\c' = ·G then ·G ~ c, and if c'\c = G· then G· n c = 0, hence

all e E G are c-enabled. Furthermore,
(c\·G) u G· = (c\(c\c')) u (c'\c)
= (c n c') u (c'\c) according to A3 (ii)
= c', hence c [G) c'. D

~--------------~. M---------------~
2.2 Condition/Event-Systems 21

Fig. 22. A situation of confusion

In general there are several possibilities for combining events into steps: In
Fig. 21 not only {e" e2} but also {e" e3} yield a step. By changing cases succes-
sively by steps, a process is generated (this notion will be made precise later).
If a step is finite, then it can be realized by the occurrence of its events in
arbitrary order:

(d) Lemma. Let N be a net, let c and c' be cases of N and let G be a finite step
from c to c'. Let (e" ... , en) be an arbitrary ordering of the elements of G, such
that G = {e" ... , en}. Then there are cases co, ... , Cn, such that c = co, c' = Cn
and Ci-' [e) Ci (i = 1, ... , n).

Proof Let e, e' E G and let c be a case in which e and e' both have concession;
then, 'e n e' = 0/\ e'n 'e' = 0. So, if c [e) c', 'e' s;;:: c.
Analogously it can be shown that e" n c' = 0. So e' has concession in c'. For
i = 1, ... , n it follows that ei remains activated during successive occurrence of
e" ... , ei-' and can therefore transform Ci-' into Ci. D

It may be the case that two enabled events can occur in a single step. How-
ever it may be the case that they have common pre- or postconditions and that
their occurrences are therefore mutually exclusive. Such events are said to be
in conflict with each other. It may not be obvious whether conflicts will arise;
for example, if in Fig. 22 starting with the case shown there, e, occurs before e2
then there will be no conflict between e, and e3. If, however, e2 occurs before
e, then such a conflict results. There is no order specified between e, and e2;
this is a situation called confusion.

2.2 Condition/Event-Systems

We will now introduce nets which model the notions of condition and event
and which are intended to make derived notions, such as case and step, usable
for the description of real systems.
A system consisting of conditions and events is not fully described until we
specify, in addition to the net (B, E; F), also the cases we wish to consider.
(For example, the net of the four seasons in Fig. 1 would not make sense as
intended with a case containing two elements.) Such a set of cases C should
have the following properties:
22 Nets Consisting of Conditions and Events

1) If a step G s; E is possible in a case C E C, then G leads again to a case

in C (steps do not lead out of C).
2) Conversely, if a case C E C can result from a step G s; E, then the situation
we moved from was also a case of C. (In other words, when we reason
backwards and look for preceding cases, we only find cases of C).
3) All cases in C can (by forward and backward reasoning) be transformed
into each other. This is a weak demand; it does not imply that, for any two
cases C" C2 E C, there exists a sequence of steps from CI to C2 or from C2 to
CI' It only demands a deducible dependency between the two cases.
4) C should be large enough such that (i) for each event e E E there is a case
in C in which e has concession, and (ii) each condition b E B belongs to at
least one case of C but does not belong to every case of C. This excludes
self-loops and isolated conditions. We also exclude isolated events, since
the occurrence of an event should be observable.
Further, we shall not allow two conditions b l and b2 to have the same pre-
and postset, since otherwise in every situation either both would hold or
neither of them holds (or they would never be able to change). Hence two
conditions are indistinguishable in the context represented in the net; they are
representatives of the same condition. It is sufficient to include every condi-
tion only once in a net.
A similar argument is applicable to events with equal pre- and postsets.
Any two such events either both have concession in a case or neither has con-
cession, and the occurrence of either of them leads to the same follower case. If
in a given context all important aspects of a system are represented, the signifi-
cance of an event is uniquely determined by its pre- and postset.
We summarize these requirements in the following definition:
(a) Definition. A quadruple I = (B, E; F, C) is called a condition/event-system
(C/ E-system, for short) iff
(i) (B, E; F) is a simple net without isolated elements, B u E =1= 0.
(ii) C S;9 (B) is an equivalence class of the reachability relation R E= (rE u ri')*,
where rEs;.9(B)x,9(B) is given by ClrEC2<=> :3Gs;E:cdG)C2' C is
called the case class of I.
(iii) Yes; E :3 C E C such that e has concession in c.

Fig. 23. A CI E-system, it;; case class is C = {{ bd, {b 2}, {b 3}, {b 4}}
2.3 Cyclic and Live Systems 23

Obviously, the case class C of a C/ E-system 1: is fully determined by an

arbitrary element of C.

(b) Notation. Let 1: = (B, E; F, C) be a C / E-system. Analogously to 1.5 (b) we

denote B, E, F and C by BE, EE, FE and C E , respectively. Where no confusion
arises we write 1: both for B u E and for the net (B, E; F).

(e) Proposition. Let 1: be a C/ E-system.

(i) BE =l= 0!\ EE =l= 0 !\ FE =l= 0.
(ii) For c E C E, C' s; BE and G s; EE:
c [G) c' = C' E CE and
c' [G) c = C' E CE.
(iii) Yb EBE 3c, C' E C E with bE c!\ b ¢ c'.
(iv) 1: is pure.
Proof (i) Since BE u EE =l= 0 and isolated elements are excluded, there exist
some elements x, y E 1: with X FE y.
(ii) follows from Definition 2.2 (a) (ii).
(iii) Since b is not isolated (2.2 (a) (i)), there is an event e in 'b u b'. Since
cases c, c' E CE with c [e) c' exist and since bE c U c', the result follows.
(iv) An event contained in a self-loop never has concession. D

(d) Proposition. Let 1: be a C / E-system and let f s; 9 (BE) x 9 (BE) be defined by

C1 f C2 ¢ > 3 e E EE: C1 [e) C2. If EE isfinite then RE = (f U P-1)*.

Proof For R = (f u f- 1)*, R s; RE trivially holds. Since with EE finite every

step of 1: is finite, it follows from Lemma 2.1 (e) that rE S; f* and rEI S; (f-1)*.
The result follows using A 7 (iii) and (iv). D

2.3 Cyclic and Live Systems

The requirements for the case class C E of a C/ E-system 1: might not be im-
mediately obvious; rather, one may perhaps expect C E to be the set of all suc-
cessor cases of some initial case. If all cases of 1: are reproducible, any such
case class is identical to CE.

(a) Definition. A C/ E-system 1: is called cyclic iff Y C1, C2 E C E : C1 (r.n C2.

(b) Proposition. Let 1: be a cyclic C / E-system and let c E C E . Then

CE={c'lcrt c'}.

Proof Since 1: is cyclic rEI S; r1. Then applying A7 (iv) RE S; r1. D

Figures 1,2,20,21,22 show cyclic C/ E-systems.

In a cyclic system every event can always reoccur.
24 Nets Consisting of Conditions and Events

Fig. 24. A system which is live but not cyclic

(c) Definition. A C/ E-system L: is called live iff Y c E Cx; Ye E Er ::Ic' E Cr

such that c r't c' and e is c'-enabled.

(d) Proposition. Every cyclic C/ E-system is live.

Proof Let c E C r , e E E r . By 2.2 (a) there exists c' E Cr such that e has con-
cession in c', and by 2.3 (a), c r1 c'. 0

Figure 24 shows that not every live system is cyclic: The indicated case can
not be reproduced by event occurrences.

2.4 Equivalence

The systems shown in Fig. 1 and Fig. 2 behave quite similarly: In both of them
the continual change of cases yields the cyclic alternation of the four seasons.
We call two C/ E-systems equivalent if their cases and steps correspond to each
other in the following way:

(a) Definition. Let L: and L:' be C/ E-systems.

(i) Given bijections y: Cr -+ Cr , and e: Er -+ E};" we call L: and L' (y, e)-equiv-
alent iff for all cases Cl, C2 E Cr and all sets of events G ~ E r : Cl [G) C2
-=- y(Cl) [e (G» y (C2). (Let e (G) = {e(e) leE G}, cf. A9 (iii).) L: and L' are
called equivalent iff they are (y, e)-equivalent for some tuple (y, e) of bi-
jections.
(ii) L: and L:' are called isomorphic iff the nets (B r, Er; F r) and (B};" E r ,; Fd
are ,B-isomorphic for some bijection,B and if c E Cr <=> {,B (b) I bE c} E Cr.

(b) Notation. L: '" L:' iff the C/ E-systems L: and L:' are equivalent.

(c) Proposition. '" is an equivalence relation.

(d) Proposition. Equivalent C/ E-systems always have the same number of cases,
events and steps. They may however have a different number of conditions.

It is obvious that the systems shown in Fig. 1 and Fig. 2 are equivalent;
both are also equivalent to the system shown in Fig. 25.
w·w
2.5 Contact-Free ClE-Systems 25

,'='t of ~ ,taPt of
~n~ ~nt~
S, start start S3
of of
autumn summer
Fig. 25. A C/ E-System which is equivalent to those shown in Fig. 1 and Fig. 2. Its cases are
{SI, S2} == spring, {SI, S3} == summer, {S2, S3} == autumn, 0 == winter

(e) Proposition. Let I: and I' be two equivalent C/ E-systems.

(i) I is cyclic ~ J;' is cyclic.
(ii) I is live ~ J;' is live.

Sequential C/ E-systems with single element cases (for example the system
shown in Fig. I) correspond to finite automata. For any two such systems the
notion of equivalence is not interesting: it coincides with isomorphism.

(1) Lemma. Let I and I' be C / E-systems with Y c E CE U C E': I c I = 1.

I and J;' are equivalent if and only if they are isomorphic.

Proof Let I be y- c-equivalent to I'. Since every case contains exactly one
element, every condition b forms a case {b} (every condition must hold in some
case by Proposition 2.2 (c) (iii)). Hence y: CE --> CE , induces a bijection
fJ/: BE --> BE' by means of fJ' (b) = b' ~ y ({b}) = {b/}.
fJ: I --> 2, defined as fJ (x) = fJ' (x) for x E BE and fJ (x) = c (x) for x E EE,
is also bijective.
Since events must be able to occur, I·e I = Ie·1 = 1 for all e E EE. Let b FE e.
Then e is {b}-enabled, therefore c (e) is fJ (b)-enabled and fJ (b) FE' c (e). Anal-
ogously c (e) FE' fJ (b) follows from e FE b. The converse is trivial. 0

2.5 Contact-Free C / E-Systems

In Sect. 2.1, we argued that events should not have concession in contact situa-
tions. We will now show that such situations are avoidable by means of equiv-
alent transformations of C/ E-systems. To do this, we add to each condition b
its complement b, such that in every case either b or b holds.

(a) Definition. Let I be a C/ E-system and let b, b' E BE.

(i) b' is called the complement of b iff·b = b'· and b· = ·b' .
(ii) I is called complete iff each condition b E BE has a complement b' E BE.

(b) Lemma. Let I be a C / E-system and let b E BE.

(i) b has at most one complement. It will be denoted by b.
If b has a complement b then
26 Nets Consisting of Conditions and Events

(ii) b has a complement and b= b.

(iii) V c E CE : b E C V b E c.
If I is complete, then
(iv) Ve EEE: I'el = lel
t
(v) Vc E CE: Icl = ·IBEI·

Proof (i) holds since I is simple.

(ii) follows using the definition of a complement.
(iii) is mandatory as otherwise the involved events are m no case enabled,
which contradicts Definition 2.2.
(iv) follows using the definition of a complement, since bE' e -= bEe'.
(v) is implied by (iii). 0

Fig. 26. A condition b and it complement b

(c) Definition, Let I be a C / E-system and let B s:; BE be the set of those con-
ditions which have no complement in BE. For each b E B let b denote a new
element. Let F= {(e, b) I (b, e) E FE /\ bE B} u {(h, e) I (e, b) E FE /\ bE B}.
For c E CE let ((J (c) = c u {h I b E B /\ b ~ c}. Then the C/ E-system £ =
(BEu{blbEB}, EE;FEuF,((J(CE» is the complementation of I. ((J(c) is the
complementation of c.
Obviously, each condition b which has no complement in I has got b as a
complement in £.

(d) Proposition, Let I be a C/ E-system and let c E C E.

(i) l=£
(ii) Vb EBE Vc E CE: b E ((J(c) -= b ~ ((J(c)
(iii)c=((J(c)nB E .

(e) Lemma, Thefunction ((J: CE ~ Ci as defined in 2.5 (c) is bijective.

Proof ((J is surjective: if c E Ci, c' = c n BEE CE and ((J (c') = c.
((J is injective: ((J(c]) = ((J(C2) => C] = ((J(c]) n BE = ((J (C2) n BE = C2. 0

Notation, Let I be a C/ E-system, and let e E EE. To simplify the notation, let
-e and e- denote the pre- and postset of e in t, respectively, while 'e and e'
will, as usual, denote the pre- and the postset of e in I, respectively.

(f) Proposition, Let I be a C/ E-system, let G s:; EE and let B be the set of those
conditions which have no complement in BE.
(i) -G = 'G u {b I b E B /\ bEG '}, G- = G' u {b I b E B /\ bE' G}.
(ii) 'G =-GnB E, G'=G-nB E.
2.5 Contact-Free CIE-Systems 27

1) these elements are new

Fig. 27. A CI E-system 1: and its complementation i

We are now able to show that the complementation of a C/ E-system yields

an equivalent contact-free system.

(g) Theoremo If t is the complementation of a C/ E-system L then t is equiva-

lent to L.

Proof As rp: CE -> Cf is bijective (Lemma 2.5 (e)), it is sufficient to show:

V c), Cz E CE V G r;; R E : c) [G) C2 <=> rp (c)) [G) rp (cz). According to Lemma
2.1 (c) we show instead:
(c) \C2 = °G 1\ C2\c) = GO) <=> «rp (c)) \rp (C2)) = -G 1\ rp (C2)\rp (c)) = G-).
According to the Propositions 2.5 (d) and 2.5 (e) it holds:
c)=rp(c))nBE' c2=rp(cz)nB E, °G=-GnBE and GO=G-n BE, hence
C)\C2= (rp(c)) nBE)\(rp(C2) nB E) = (rp (c))\rp (C2)) nBE (A3 (vi))
= -G nBE=oG.
C2 \c) = GO is derived in the same way.

Conversely, let B as in 2.5 (c), let.8) = {b I b E B\cd and let.8z = {b I bE B\cz}.

Hence, rp (c)) = c) U B) and rp (C2) = Cz u B 2. Now we get
rp (c))\rp (C2) = (c) u B))\(C2 u B 2)
= (C)\(C2 u B 2)) U (B)\(C2 U B 2)) according to A3 (iii)
= (C)\C2) u (B)\B z), as obviously c) n B2 and B) n C2 are empty
=OG u ({bib EB\cd\{blb EB\cz})
= °G u {b b E (b\c)) 1\ b rt (B\C2)}
= °G u {b b E B 1\ b rt c) 1\ b E C2}
= °G u {b b E B 1\ b E C2 \cd
= °G u {b b E B 1\ b EGO}
= -G according to Proposition 2.5 (e).

rp (C2)\rp (c)) = G- is derived in the same way. D

28 Nets Consisting of Conditions and Events

(h) Definition. Let I: be a C! E-system.

I: is called contactjree iff for each e E EE and for each c E C E:
(1) 'e ~ c =;. e' ~ BE\C and
(2) e·~c=;. ·e~BE\c.

Note that in (h), requirement (2) does not always follow from (1).
Example: C!)---{J

(i) Theorem. (i) Every complete C/ E-system is contact-free.

(ii) For every C/ E-system there is an equivalent contactjree C/ E-system.
(iii) If I: is contactjree, then Ye E EE : 'e =l= 01\ e' =l= 0.

Proof (i) Let I: be complete, let bE BE, e E EE and c E CEo Then

bEe' n c =;. bE 'e n (BE\C) =;. 'e % c,
bE'e n c =;. bEe' n (BE\C) =;. e' % C.
(ii) t is complete (2.5 (d) (i)), contact-free ((i)) and equivalent to I: (2.5 (g)).
(iii) Assume e' = 0 =;. 'e =l= 0 (e is not isolated). Then ::l c E C E with 'e ~ C.
Since e' ~ BE\c, this is a contact situation. Analogously for 'e = 0. 0

Of course, not every contact-free C/ E-system is complete, as for example

Figs. 1,2,20,21,22 show.

2.6 Case Graphs

In order to obtain an overview of all cases of a C/ E-system, the construction of
a case graph is useful. Its nodes are the cases and its arcs are the steps of the
C/ E-system.

(e) Definition. Let I: be a C/ E-system, let 01 be the set of all steps of I:, and let
P = {(CI' G, C2) E C E x_9 xCE I cdG) C2}.
Then the graph wE = (CE,P) is called the case graph of I: (for the repre-
sentation of graphs see A12- A14).

(b) Theorem. A C/ E-system is cyclic if and only if its case graph is strongly
connected.

Proof Let I: be a C/ E-system with set of steps 01. I: is cyclic

<=> Yc, c' E CE : (c r1 c')
<=> Y c, C' E CE ::lG I , ... ,
Gn E 01 ::lco, ... , Cll E CE : Co [G I) CI'" [G n) Cn
Co = c 1\ Cn = C'
1\
<=> WE is strongly connected. 0

(c) Theorem. A C / E-system I: is live if and only if for each Co E C E and for each
e E EE there is a path Co II CI ... In Cn in WE with In = {e}.
2.6 Case Graphs 29

Proof I is live <=> V Co E CE Ve E EE ::ic, C' E CE : Co rt C /\ C [e) c' <=> there is

a path Co II CI '" cn-I/n Cn with Cn-I = C, In = {e}, Cn = c'. 0

(d) Theorem. Two CI E-systems are equivalent if and only if their case graphs are
isomOlphic.

Proof Let I and I' be two CIE-systems with case graphs if>E= (C E, P) and
if>E' = (Cr , P'), respectively, and let;:9 be the set of steps of I.
I is y-£-equivalent to I'
<=> (VCI, C2 E CE VG E;:9: CI [G) C2 <=> y(cl) [c(G) y(C2))
<=> (V CI, C2 E C E VG E;:9: (c], G, C2) E P <=> (y (c]), c(G), y (C2)) E P')
<=> if>E is y-e-isomorphic to if>r. 0

Not every graph can be interpreted as the case graph of a CI E-system, as

shown in Fig. 29: In case C], e] and e2 have concession. If in C] there is a con-
fhct between e] and e2, e2 is not c2-enabled, and therefore the arc (C2' {e2}, C4)
is excluded. If in C] there is no conflict between e] and e2, e] also has conces-
sion in C3 and therefore the arc (C3, {ed, C4) is required.

Fig. 29. A graph which can not be the case graph of any C IE-system
30 Nets Consisting of Conditions and Events

Case graphs quickly get very complicated in strongly concurrent systems.

For example, a step consisting of n events generates 2 n arcs in the case graph.
The following theorem will be needed later:

(e) Theorem, Let L be a C / E-system, let c] , C2, C3 E C1: and let G] , G2 <:; E1:.
(i) If c] G] C2 G2 C3 is a path in lP1:, then G] n G2 = 0.
(ii) Let G] n G2 = 0. If c] (G] u G2 ) C3 is an arc in lP1: then there exists C E C1:
such that c] G] C G2 C3 is a path in lP 1:.

Proof
(i) e E G] => C2 n 'e = 0 => e is not c2-enabled => e ~ G2 •
(ii) c] (G] u G2) C2 is an arc in lP1: => c] [G] u G2) C2 => c] [G]) c and
where c = (c]\'G]) u Gj.

Exercises for Chapter 2

1. A shepherd intends to cross a river together with a goat, a wolf and a head
of cabbage. With the shepherd, only one additional object fits into the boat.
The situation must be avoided where a) the wolf and the goat, or b) the goat
and the head of cabbage remain allone (for obvious reasons). Represent a
suitable organisation for crossing.

2. Interpret the conditions s], S2 and S3 in Fig. 25.

3. Are the following C/ E-systems equivalent?

b c

~a d e

b c

d e
Exercises for Chapter 2 31

4. For the following CI E-system construct an equivalent one with a minimal

number of conditions:

*5. Let E and E' be two CI E-systems.

(i) Given a bijection y: Cr -4 C E " E' y-simulates E iff Y G s; EE :::lG' s; EE'
such that Cl [G) C2 => y (Cl) [G') y (C2)'
(ii) Given a bijection c:: EE -4 EE', E' c:-simulates E iff Y Cl, C2 E C E
:::lci, C2 E CE' such that Cl [G) C2 => ci [c: (G) C2.
(a) Are E and E' equivalent, if E' y-simulates E and E y-l-simulates E'?
(b) Are E and E' equivalent, if L' c:-simulates E and E c:-l-simulates E'?

6. Are the CI E-systems of the following figures contact free: Fig. I, Fig. 2,
Fig. 21, Fig. 22, Fig. 24, Fig. 25?

7. Construct the complementation of the following CI E-system:

8. Construct the case graph of the CI E-system in Exercise 7.

Chapter 3
Processes of Condition/Event-Systems

This chapter deals with processes which can run on C/ E-systems. One may be
tempted to define a process of a C/ E-system as a path of its case graph. But
what we mean intuitively when speaking of processes is not adequately de-
scribed by such a path: the total ordering of its elements does not give any
information as to whether the events actually occur one after the other or
whether they are independent of each other. The partial order in which events
occur is only indirectly represented in the case graph by the set of all possi-
bilities of occurrences as successions of steps.
We therefore search for a more convenient description of processes: one
which is, in particular, unambiguous and indicates explicitly whether events
occur concurrently. Such a description can be considered as a record of event
occurrences and changes of conditions. The entries in this record are partially
ordered by the relation "a is a causal prerequisite for b", since repetitions of
the same event or the same condition are recorded as new entries. There is a
fairly obvious representation of such records, namely again as a net. For in-
stance, all of the occurrences in Fig. 20 are completely represented in Fig. 30.

Fig. 30. A net representation corresponding to Fig. 20

A given T-element represents the occurrence of the event denoted by its

labelling. Distinct T-elements with the same labelling denote several, different,
occurrences of the same event. Similarly, an S-element s shows by its inscrip-
tion b, that b was satisfied by the occurrence of·s and ceased to hold as a result
of the occurrence of s·. Just as in the corresponding concrete situations the con-
flicts were resolved, all S-elements are now unbranched. To facilitate the
handling of such process descriptions as "partially ordered nets", we shall first
study some properties of partially ordered sets and then consider occurrence
nets, i.e. those partially ordered nets which are suitable for the description of
processes. We then introduce processes and show how they can be composed
and decomposed, and finally study their connection to case graphs.
3.1 Partially Ordered Sets 33

3.1 Partially Ordered Sets

The relations of causal dependence and independence will turn out to be sym-
metric and (by definition) reflexive, but in general they will not be transitive
relations. To start with, we shall consider similarity relations:

(a) Definition. A binary relation Q S; A xA on a set A is called a similarity rela-

tion iff
(i) Ya E A: a Q a (Q is reflexive),
(ii) Va, bE A: a Q b => b Q a (Q is symmetric).
A subset B S; A is called a region of a similarity relation Q iff
(i) Ya,bEB:aQb(Qisfull"onB),
(ii) Ya EA: a ¢ B => 3b E B: I (a Qb) (B is a maximal subset on which Q is
full).

(b) Proposition. Let A be b set and let Q S; A x A be a similarity relation.

(i) Each element of A belongs to at least one region of Q.
(ii) Regions ol a non-empty set A are not empty, and no region is a proper sub-
set of any other region.
(iii) fl Q is an equivalence relation then the regions of Q are exactly the equiva-
lence classes of Q.

(c) Graphical representation. A finite similarity relation over a set A can be

represented uniquely as an undirected graph. A is taken as the set of nodes and
K = {(a, b) I a =1= b 1\ a Qb) as the set of arcs. Figure 31 shows a similarity rela-
tion. Its regions are surrounded by broken lines.
We now consider partially ordered sets (see All). The relations li (ele-
ments are linearly ordered, are on one line) and co (elements are unordered,
are "concurrent") are defined as follows: '

(d) Definition. Let A be a partially ordered set,

(i) Letli s;AxA begivenbyalib ¢::?a<bvb<ava=b.
(ii) Let co S;A xA be given by a co b ¢::? I (a li b) V a = b.
(i.e. a co b ¢::? I (a < b V b < a».

//<"" - - ) ( - - - ...... ,

\/ .y~~
~iV·I\\
)
\ /'1·~·
"--1-' . . _~_ ....... '
,--, \ J
/
r.) \_,
"--' ... -"

Fig. 31. A similarity relation with 4 regions

34 Processes of Condition/Event-Systems

(e) Proposition. Let A be a partially ordered set, and let . b EA.

(i) ali b V a co b,
(ii) (a li b A a co b) <=> a = b.

(0 Theorem. For any partially ordered set A, li and co are similarity relations.
Proof Reflexivity and symmetry of li follow immediately from the definition.
The complement A xA\Q of a symmetric relation Q ~ A xA is symmetric. The
complement of li is therefore symmetric, and becomes reflexive by adding the
pairs (x, x). 0
Figure 32 shows a partially ordered set and the corresponding relations li
and co (the graphical representation of partial orders is explained in All).

o _b -;::-~-------_.c

d~
e ---------+. f _ g

b45Bf
c
/\M/~
---0 --g --- e
\/\/
g---c--e--b

Ii co
Fig. 32. A partially ordered set with its relations fj and co

(g) Definition. Let A be a partially ordered set, and let B ~ A.

(i) B is called a line iff B is a region ofli.
(ii) B is called a cut iff B is a region of co.
The partial ordering in Fig. 32 yields the three lines {a, b, c}, {e, j; g} and
{a, b, d,j; g}, and the five cuts {e, a}, {e, b}, {e, d, c}, {j, c} and {g, c}.

(h) Proposition. Let A be a partially ordered set, and let B ~ A.

(i) B is a line iff
(a) Va, b E B : a < b vb < a V a = band
(b) Va EA\B3bEBwith,(a<bvb<a).
(ii) B is a cut iff
(a) Va, b E B : , (a < b V b < a) and
(b) VaEA\B3bEB with a<bvb<a.

(i) Definition. Let A be a partially ordered set, let B, C ~ A.

(i) A is called bounded iff there exists an n E N such that for each line L of A,
ILl ~n.
(ii) B precedes C (we write B ~ C) iff Vb E B VC E C: b < c V b co c.
(B < C means B ~ C and B =1= C.)
3.2 Occurrence Nets 35

(iii) LetB-= {a EA I{a} :S:.B} and B+= {a EA IB:S:. {a}}.

(iv) Let °B = {b E B I Y b' E B : b co b' V b < b' },
B °= {b E B IY b' E B : b co b' V b' < b}.
In particular, °A consists of the "minimal elements" of A, and A ° consists
of the "maximal elements" of A.

(j) Theorem. If A is a partially ordered bounded set then °A and A °are cuts.

Proof Let a and b be arbitrary elements of °A. Then a co b since I (a < b V

b < a). Let c E A\ °A and let L be a line with c E L. Since L is finite, there
exists dEL n °A and therefore d < c. By Proposition 3.1 (h) it follows that °A
is a cut. Similarly it can be shown that A ° is a cut. D
A line and a cut have at most one element in common:

(k) Proposition. Let A be a partially ordered set, let L be a line and let D be a cut
of A. Then I L n D I :S:. 1.

ProClf Let a, bEL n D. Then ali b, as a, bEL. However a co b, as a, bED.

Using Corollary 3.1 (e),a=b. D

(I) Definition. A partially ordered set A is called K-dense iff each line has a
non-empty intersection with each cut.

The partial ordering illustrated in Fig. 32 is K-dense, as can be easily

verfied. Figure 33 shows that not every partial order is K-dense.

Fig. 33. A partially ordered set which is not K-dense: {e, b) n {a, d) = 0

3.2 Occurrence Nets

Occurrence nets will now be introduced as cycle-free nets with unbranched

S-elements. Thus, we immediately obtain a partial ordering of the elements of
an occurrence net. We shall show that bounded occurrence nets are K-dense.

(a) Definition. A net K = (SK, T K; FK) is called an occurrence net if and only if
(i) Ya, bE K: a (Ft) b <=> I (b Ft a) (K is cycle-free),
(ii) Y sE SK: I·s I:S:. 1/\ I s·1 :S:. 1 (S-elements are unbranched).

Figure 34 shows examples of occurrence nets.

36 Processes of Condition IE vent-Systems

(b) Proposition. Let K be an occurrence net. The relation <, defined by a < b <=>
a F!< b, for all a, b E K, is a partial order on K.

Hence, all notions concerning partially ordered sets, such as lines, cuts,
boundedness and K-density are particularly defined for occurrence nets.

(e) Definition. A slice of an occurrence net K is a cut containing only S-elements.

Let g (K) be the set of all slices of K.
Examples of slices are shown in Fig. 34.

an occurrence net with three

lines and 11 cuts, S of which
are slices.
Example of a line
{s.3,t 2 ,s4,t.3,s6}

Example of a cut
{t 1 ,s4'sS}

a cut which is a slice

K2
An unbounded occurrence net which is not K-dense
{sO.t 1 , s l ' ' ' · } n {sl',s2', ... } = II

Fig. 34. Examples for occurrence nets

(d) Theorem. Every bounded non-empty occurrence net is K-dense.

Proof Let K be a bounded non-empty occurrence net. Assume that K is not K-

dense. Let L be a line and D be a cut of K with L n D = 0. Since L is not
empty and finite, XI = min (L) and X2 = max (L) exist. Obviously XI E °K and
X2EKo. Since D is a cut and XI ¢:D,3dED such that xl<dvd<xl' As
XI E °K, XI < d. By analogy, as X2 E KO, there exists some d' E D with d' < X2.
3.3 Processes 37

Now let aj = max {x E L 13d E D with x < d} and a2 = min {x E L 13d E D

with d < x}. The existence of aj and az follows now from the finiteness of L.
If a2 ::::; aj, 3d, d' E D with d < a2 ::::; aj < d'. But this is not possible since D
is a cut. Therefore aj < a2, since aj, az E L. From the definition of aj it fol-
lows: 3b j E aj 3d E D with b j ::::; d and 3b2 E ·az 3d' E D with d'::::; bz , where
bj , hz ~ L.
Since aj, a2 ELand aj < a2, 3cj Eaj with Cj ELand 3C2 E·a2 with C2 E L.
Obviously b j =F Cj and bz =F Cz. Since S-elements are unbranched, aj, a2 E T K
follows. Therefore (aj, a2) ~ FK . There must be at least one S-element s E L
with aj < s < a2' By definition of aj, Y dE D : s co d. But this is impossible
since D is a cut. 0
Figure 34 shows that unbounded occurrence nets are not always K-dense.

3.3 Processes

We will now define processes of C/ E-systems using bounded occurrence nets.

We will define this notion only for contact-free C/ E-systems, the reason for this
will be discussed after having given the definition. Anyway, this is no severe
restriction since every C/ E-system can be transformed into an equivalent con-
tact-free system (Theorem 2.5 (i) (ii)).
Processes will be described as mappings from bounded occurrence nets
into contact-free C/E-systems satisfying two requirements: (i) Each slice is
mapped injectively onto a case and (ii) the mapping of a T-element to an
event respects the environment of the event.

(a) Definition. Let K be a bounded occurrence net and let L be a contact-free

C/ E-system. A mapping p: K -+ L is called a process of L iff for each slice D
of K and each t E TK :
(i) pi D is injective /\ p (D) E CL"'
(ii) p Ct) = .p (t) /\ P (n = p (tr·

In graphical representations of processes p: K -+ L, every element x of K is

labelled by its image p (x). In this way, Fig. 30 shows a process corresponding
to Fig. 20.
The property that bounded occurrence nets are K-dense is important for
the use of occurrence nets to describe non-sequential processes. Every line rep-
resents a sequence of elements which are causally dependent (a sequential sub-
process). A cut is interpreted as a "snapshot" of the process. One element can
be seen together with different elements in different snapshots. The K-density
of an occurrence net guarantees that every sequential subprocess is represented
in every snapshot.
Why may this definition not be applied to arbitrary C/ E-systems? It turns
out that problems arise when contact enforces a certain order of event occur-
rences.
38 Processes of Condition/Event-Systems

As an example, we consider the system shown in Fig. 24. In the represented

case, e] may only occur after e2, even though all preconditions of e] are satis-
fied. A process which precisely describes this sequential occurrence of e] and
e2 must indicate that b ceases to hold before e] occurs, and this cannot be
achieved without introducing the complement of b as a condition of L.
A possibility to introduce a notion of process for arbitrary C/ E-systems L
would be to define a process of L to be the corresponding process of the com-
plementation t, defined as above. However, this would yield additional S-
elements in processes of contact-free, but not complete systems L.

(b) Theorem. For each process p: K ---+ L:

(i) p (SK) <;::; BE /\ p (TK) <;::; EE (p is sort preserving),
(ii) Vx, y E K: x FKy => P (x) FEP (y) (p respects theflow relation),
(iii) V x, Y E K: p (x) = p (y) => x)j y (events and conditions are not concurrent
with themselves),
(iv) Vt E TK: ·t =1= 0/\ [" =1= 0 (events have prerequisites and consequences),
(v) for each cut D of K: p I D is injective.

Proof (i) p (SK) <;::; BE follows immediately from Definition (a), as each s E SK
belongs to at least one slice. For t E TK there exists an x E L with x E .p (t)
up (tr (Definition 2.2 (a) (ii)). Using Definition 3.3 (a) (ii) the existence
of aYE·t u [" with p (y) = x follows. Since y E SK, we have x E BE and
p (t) EX· U ·x <;::; EE.
(ii) For s E SK and t E T K: sh t => S E ·t => p (s) E "p (t) => P (s) FE P (t).
Similarly, for t FK s: s E [" => p (s) E p (tr => p (t) FE P (s).
(iii) For x,Y E SK the result follows immediately from the definition. For
x, Y E TK, X =1= y, P (x) = P (y) implies "p (x) = "p (y) and p (xr = p (yr.
Now using Definition 3.3 (a) (ii) we find p ex) = p ("y) and p (x·) = p (f).
Suppose x co y, then there are slices D] :;::> ·x U "y and D2 :;::> x· U y .. Either
·x u "y or x· u y. is non-empty, and ·x n "y = 0 = x· n y. (S-elements of K
are unbranched); therefore p ID] or pi D2 is not injective. Hence x )j y.
(iv) For t E TK , using (i) we have p (t) E EE. By Theorem 2.5 (i) (iii),
.p (t) =1= 0 andp (tr =1= 0. The result follows by Definition 3.3 (a) (ii).
(v) follows from (iii) and Definition 3.3 (a) (i). 0

(c) Theorem. Let p:K ---+L be a process, let T<;::; TK with Vt], t2 E T: t] co t2.
Then ::lCI, C2 E CE with c] [p (T) C2·

Proof Obviously V s] , S2 E 7: s] co S2. Then there is a slice D E §1 (K) with

"T <;::; D. Definition 3.3 (a) yields p (D) E CE and .p (T) = P (7) <;::; P (D).
Vs E T ::ls] ED with s] < s. Therefore Tn D = 0, and also p (D) n p (T) =
P (D) n p (T). = 0. Hence p (T) is p (D)-enabled, and the result follows. 0

(d) Definition. Two processes p] : K] ---+ Land P2: K2 ---+ L of a C/ E-system L

are called isomorphic iff K] is fl-isomorphic to K2 and Vx E K] : p] (x) =
P2 (fl(x)).
3.4 The Composition of Processes 39

In the following we shall not distinguish between isomorphic processes; by

"process", we shall sometimes mean either a whole equivalence class of iso-
morphic processes or an arbitrary representative of this equivalence class. As
discussed in 1.5 (d), the elements of the underlying occurrence nets will there-
fore not be explicitly named in graphical representations. This convention has
already been applied in Fig. 30.
Contact-free C/ E-systems are fully characterized by their sets of processes:
Note that a process p: K -+ I is actually conceived as the set of pairs
{(x, P (x)) I x E K}.

(e) Theorem. Let II, I2 be two contactjree C/ E-systems and let Pi be the set of
processes of Ii (i = 1, 2). Then PI = P 2 -=- II = I 2·

Proo.! Let Ii= (Bi,Ei;Fi , C i) (i=I,2) and let I 1 *,I2. Then there exists
(without loss of generality) bE Bl U B2 or e EEl U E2 or c E C 1 U C2 such that
bEB1\B2 or eEE 1\E2 or (b,e) EFl\F2 or (e,b) EFl\F2 or c E C 1\C2. Then
there is a step Cl [e') C2 in II which is not possible in I2 (choose bE Cl U C2
or e' = e or c = Cl or c = C2, respectively). With K = (S, {t}; F), let p: K -+ II
be a process such that P(°K)=CI and p(KO)=C2 and p(t)=e'. Then
P E P 1\P2 • 0

3.4 The Composition of Processes

For processes PI, P2 we define the composition PI °P2, provided that PI ends
in the same case that P2 starts with.

(a) Lemma.lfp: K -+ I is a process then °K and KO are slices of K.

Proo.! By theorem 3.1 (j), oK and KO are cuts. Since I is contact-free (De-
*' *'
finition 3.3 (a)), for each e E Ex;, ·e 0 and e· 0 (Theorem 2.5 (i) (iii)).
°K U KO ~ SK follows from Definition 3.3 (a) (ii). 0

(b) Lemma. Let Pi: Ki -+ I (i = 1,2) be two processes with PI (Kn = P2 (0 K2).
Then there exists up to isomorphism exactly one occurrence net K, with a slice D,
and a process p: K -+ I, such that pi D- = PI and pi D+ = P2.

Proo.! Let Ki = (Si, T i ; F i) (i = 1, 2) and without loss of generality (Sl uTI) n

(S2uT2)=Klo=oK2. K=(SlUS2, T 1 uT2 ; F 1 uF2), D=K 10=oK 2, and
p, defined by p (x) = Pi (x) -=- X E Ki (i = 1,2), fulfils the requirements. 0
40 Processes of Condition IE vent-Systems

P, Pz P
Fig. 35. Composition of processes, PI a PZ = P

(c) Definition. Let PI, P2, P be processes, satisfying the statement of the above
lemma. Then P is referred to as the composition of PI and P2, and we write
P =PI °P2·
Each slice divides a process into composable subprocesses:

(d) Proposition. Let p: K --+ L be a process and let D be a slice of K. Let

P- = pi D- and p+ = pi D+. Then P- and p+ are processes and P = P- °p+.

The composition of processes is associative:

(e) Proposition. Let PI , P2, P3 be processes such that PI °P2 and P2 °P3 are de-
fined Then PI °(P2 °P3) and (PI °P2) °P3 are isomorphic processes.

We call a process elementary if it describes a single step. Processes are de-

composable into finitely many elementary processes.

(1) Definition. A process p: K --+ L is called elementary iff SK = °K u K O •

As examples, the process PI in Fig. 35 and the processes P3, P4, Ps, P6 m
Fig. 36 are elementary.

@
~~o

~
~ b4
0

P3 P4 P

P6
o

~ Ps
Fig. 36. Composition of the process P shown in Fig. 35 using the elementary processes
3.5 Processes and Case Graphs 41

(g) Proposition. (i) p: K -4 E is an elementary process iff p (0 K) [p (TK) P (KO)

is a step of E.
(ii) lfp: K -4 E is elementary, then for all t], t2 E T K: t] co t2.

(h) Definition. A process p: K -4 E is called empty iff TK = 0.

(i) Proposition. (i) Every empty process is elementary.

(ii) If p' is an empty process and p 0 p' (or p' 0 p) is defined, then p = p 0 p'
(or p = p' 0 p), respectively.

(j) Theorem. lfp: K -4 E is a process then there exist finitely many elementary
processes p] , ... ,Pn such that p = p] 0 .•• 0 Pn.

Proof There exists a largest number, m, of T-elements on any line of K.

We prove the result by induction on m. If m = 0 then TK = 0 and p is empty.
If the longest lines of K contain m + 1 T-elements, then p is decomposable
into p' and p" such that p = p' 0 p"; the longest lines of p' contain m T-ele-
ments; and p" is elementary but not empty. By the induction hypothesis, p' is
composable from elementary processes p], ... , Pn, p' = p] 0 ••• 0 Pn, and hence
p = p] 0 ••• 0 Pn 0 p". 0

3.5 Processes and Case Graphs

In this section we investigate the relation between processes and the paths in
case graphs.
We start by showing that elementary processes directly correspond to arcs
in case graphs. Then we look for paths in a case graph describing one single
process. It turns out that all those paths can be transformed into each other
by "decomposition" and "unification" of their arcs.

(a) Lemma. Let E be a contactjree C/ E-system. p: K -4 E is an elementary pro-

cess iff there is an arc v = (c], G, C2) in CPr such that p (OK) =c], P (KO) = C2,
and p (TK) = G.

Proof Ifp:K-4E is elementary thenp(°K) [P(TK)p(K O) is a step in E, so

(p (0 K),p (h), P (KO)) is an arc in CPr.
Conversely, if (c], G, C2) is any arc in CPr then c] [G) C2. Let K= (c] U C2,
G; Fr n (c] U C2 U G)2); then id: K -4 E is an elementary process of E. 0
This lemma establishes a unique correspondence between elementary pro-
cesses and arcs, and we therefore define:
42 Processes of Condition IEvent-Systems

{I,'}

y~
)"S} {o c} U,4}

/' \o\. )c/j~}

')'/j\<b '/t'
p=

(.~<
{2,6}'" {b, d} {l,s}

{b r"" ~
{l,6}

Fig. 37. A process and a part of a case graph: Each of the 13 paths from {I, 4} to {3,6} cor-
responds to the process p

(b) Definition. Let L be a contact-free C/ E-system.

(i) If v is an arc in CPL:, then let ~ denote the process corresponding to v,
which is uniquely determined (Lemma 3.5 (a)). ~ is called the process of v ;
v is called the arc of ~.
(ii) Let V""',V n be arcs and let W=V""V n be a path in CPL:. Then I;Y=
~, 0 ••• 0 ~n is called the process ofw; w is called a path of I;Y.
(iii) For v = (c" G, cz) and e E G, let t (v, e) = y-' (e) and let :T (v) =
{I (v, e) Ie E G}.

For each path of a case graph there is exactly one corresponding process.
Conversely, there are in general several paths corresponding to a single pro-
cess, as shown in Fig. 37. I (v, e) and:T (v) denote a single T-element and a set
of T-elements of an occurrence net, respectively.

(c) Definition. Let L be a C / E-system, let c, , CZ, C3 E CL: and G, , G z ~ E L:.

(i) If u, = c, G, cz, Uz = Cz Gz C3 and v = c, (G, u G z) C3 are arcs in CPL:, then
the path u, Uz is called a decomposition of v; v is called a unification of
u, Uz.
(ii) Let w, w' be paths in CPL:' w' is called a permutation of w iff there exist
paths u" ... , U4 such that w = u, Uz U3, W' = U, U4 U3, and U4 is a decompo-
sition or a unification of Uz.
(iii) Let W" ... , Wn be paths in CPL:' (w" ... , wn ) is called a permutation se-
quence iff for i = I, ... , n - 1: Wi+' is a permutation of Wi.

(d) Proposition. Let L be a contactfree C / E-system, let c" CZ, C3 E C L:, and let
G" Gz ~ EL: be disjoint and non empty.
(i) If v = c, (G, u Gz) Cz is an arc in CPL: then there exists a decomposition of v
of the form c, G, c Gz Cz ,for some c E CL:.
(ii) Let u, = c, G, C3 and Uz = C3 Gz Cz be arcs of CPL:, and let ~, 0 ~z: K -+ L.
Then Yt" tz E TK : t, co tz iff c, (G, u Gz) Cz is an arc in (PE.
3.5 Processes and Case Graphs 43

Proof (i) follows immediately from Corollary 2.6 (e) (ii).

(ii) Vt l , t2 E TK : tl co t2 iff there is an elementary process p: K -+ E with
peaK) =CI, p(KO) = C2; and P(TK) =G I U G 2 iff CI (G I U G 2) C2 is an arc
in CPr (Lemma 3.5 (a». 0

(e) Lemmao Let w be a path of some non-empty process (~: K -+ E). Then there
is a path w' and an arc v with.r (v) = {t E T K lOt s; oK}, and a permutation se-
quencefrom w to v w'.

Proof The proof is by induction on the length, n, of w. If n = I, w is an arc and

the result follows immediately if we choose v = wand the path w' of length O.
If n> I, there exist arcs VI, V2 and a path w' such that w = W' VI V2. Let
A = {t EY (V2) lOt s; °K} and let B =Y (v2)\A (Fig. 39).
,,-,
O------------~~~
/ LJ \-V
/ I

:
/ I
\

.'T(w') .'T(v 1 ) .'T(v 2 )

Fig. 39. Illustrating the proof of Lemma 3.5 (e)

If A =l= 0 and B =l= 0 then, by Proposition 3.5 (d) (i), there exists a decomposi-
tion V3V4 ofv2 withY(v3)=A andY(v4)=B. Since for all tEA and for all
t' EY(vd t co [', VI can be unified with V3 yielding an arc Vs (Proposition
3.5 (d) (ii». W'VSV4 is a permutation of w of length n. Using the induction
hypothesis, w'vs can be permuted to a path v'w" withY(v') = {t E TKIOts; OK}.
v' W" V4 is the required permutation.
If B = 0, VI can immediately by unified with V2. If A = 0, the result follows
from the induction hypothesis by permuting w' VI. 0

(0 Theoremo Two paths wand w' correspond to the same process if and only if a
permutation sequence from w to w' exists.

Proof Let wand w' be paths of the process p: K -+ E. We prove the result by
induction on the length n of w. n = I: w is an arc. For all t E Y (w), °t s; OK. The
44 Processes of Condition IE vent-Systems

permutation of w, using Lemma 3.5 (e), yields w'. Now, assume the hypothesis
for paths of length n - 1. Using Lemma 3.5 (e), we permute wand w' yielding
VWI and v'wi such thatY(v)={tETK["ts;:oK}=Y(v'). By the induction
hypothesis, there exists a permutation sequence from WI to wi, and the result
follows, since v = v'.
Conversely, if UI U2 is a decomposition of an arc v then the processes of
UI U2 and of v are equal (Proposition 3.5 (d)). Thus, if w' is a permutation of w,
then wand w' are paths of the same process. Hence all elements of a permuta-
tion sequence are paths of the same process. 0

Exercises for Chapter 3

1. Construct the regions of the following similarity relation:

• i-i~i
.--.--.
2. How many cuts, slices and lines has the following occurrence net?

*3. Two occurrence nets K and K' are similar iff there exists a bijection
r: TK ---+ TK, such that Y ll' t2 E T K : II < t2 => r (tl) < r (l2)'
a) For the following occurrence net construct a similar one with a minimal
number of S-elements:

b) Let K and K' be similar occurrence nets. Does a bijection

a: g (K) ---+ ~ (K') exist such that Y DI , D2 E g (K): DI < D2 => a (D I ) <
a(D2)?
c) Does a bijection p exist as characterized in b), if K is finite?
Exercises for Chapter 3 45

4. Decompose the following process into a minimal set of elementary pro-

cesses:

5. Construct a process of the following C / E-system:

*6. Let K be a bounded occurrence net and let J; be a C/ E-system. Show that a
mappingp: K ---+ J; is a process iff
(i) pi oK is injective and p (0 K) E C~, and
(ii) \It E TK : p Ct) ="p (t) /\ P (n = p (tr /\ p is injective on °t and on (.
Chapter 4
Properties of Systems

In the previous chapter we saw how to describe C/ E-systems and how to de-
fine and analyse their dynamic behaviour. We shall now concern ourselves
with some properties of C/ E-systems. We shall see that some of those proper-
ties can again be described by means of the net calculus.

4.1 Synchronic Distances

An important property of a system is the degree of dependence between occur-

rences of its events, i.e. in which way the occurrence of a certain event is
dependent on the occurrences of other events. For example, we mentioned in
Chap. 1.1 (a) that the end of winter and the beginning of spring are two
strongly connected (strictly "synchronized") events. Neither of them can occur
without the occurrence of the other; we say that they are coincident. Events
can be less tightly synchronized, for example, if their occurrences alternate
(e2 and e3 in Fig. 22), if they are concurrent (e] and e2 in Fig. 21), or if they
occur in arbitrary order. At the other end of the spectrum, the occurrences of
e] and e2 in Fig. 22 are completely independent.
We wish to define a measure for the synchronization of events. To this end,
we generalize the above considerations to pairs of sets of events, say E],
E2 <;; EE. We observe how often the events of E] and the events of E 2, respec-
tively, occur in each process p of the system. The absolute difference of their
respective occurrence frequencies is what we call the variance of E] and E2 in
the process p. The supremum of the variances in all processes is called thesyn-
chronic distance a(E], E 2) of E] and E 2. It will turn out that a is a metric func-
tion. Hence, synchronic distances are a means of obtaining quantitative in-
formation about the dynamic behaviour of a system without the introduction
of a notion of "time".
Again we will restrict ourself to contact-free C/ E-systems L, as the notion
of synchronic distance is based on processes.
To define the synchronic distance a (E], E 2) of two sets of events, E],
E2 <;; EE, we consider all processes p:K ---+ L and count the elements of p~ I (E])
and r] (E2). Since we are interested in the maximal difference of the occur-
rences of E] and E2, we count for all slices D], D2 of K the elements of p~] (E])
and p~] (E2 ) between D] and D 2 • For this, we define, for subsets M of T K , the
measure f1 (M, D], D2). If D] < D 2, let f1 (M, D], D 2) = 1M n Dt n D"2I; if
4.1 Synchronic Distances 47

,0, D2
I
,
I

o
I

\l({t 1 },D 1 ,D2 ) =1 \l({t 2 , t 3 },D 3 ,D2 ) =-1

\l({t 4 , t 5 },D 2 ,D 3 ) =-2 \l( {t2' t 4} ,D 3 ,D2 ) =0
\l({t 2 , t 3 },D 2 ,D 3 ) =1

Fig. 40. An example for the measure t1

D2 < D1, let fl (M, D 1, D 2) = 1M " D] " D! I. However, slices may not be com-
parable; therefore, we define fl generally in the following way:

(a) Definition. Let K be an occurrence net, let D 1, D2 be slices of K, and let

M ~ TK be finite. Then let
fl (M, D1, D2) = 1 M " Dt " D2"1 - 1 M " D] " D! I·

(b) Proposition. For all finite subsets M of T-elements and all slices D 1, D2 of
an occurrence net K, we have fl (M, D 1, D 2) = - fl (M, D 2, D1).

Using the measure fl, we now define the variance v of two sets of events in
a process.

(d) Definition. Let I: be a contact-free C/ E-system. Let p: K -+ I: E n1: and

E1,E2~E1:.
Then v (p, E 1, E 2) = max {fl (p-1 (E 1), D1 , D 2) - fl ( r 1 (E 2), D 1, D 2) D 1, D2 1

E §l(K)} is called the variance of E1 and E2 in p.

(e) Proposition. For each process p:K -+ I: and each pair E 1, E2 ~ E1::
v (p, E 1, E2) = v (p, E 2, E1).
The synchronic distance of two sets of events can now be defined as the
supremum of the variances in all finite processes.

(1) Definition. Let I: be a contact-free C/ E-system and let E 1, E2 ~ E1: both be

finite.
48 Properties of Systems

v(p,{e o },{e 3 })=1

v(p,{e o }' {e l ,e 2 }) =2
v(p,{e o ,e 1 },{e 2 })=2
v(p, {ell, {e 2 }) =2

Fig. 41. Examples for the variance v

a (El' E2) = sup {v (p, E l , E 2) Ip E nr} is called the synchronic distance of El

and E2.

(g) Remarks. If necessary a is indexed to indicate the underlying C/ E-system.

Synchronic distances of single events are denoted by a (el ,e2) instead of
a ({ed, {e2}).

(h) Graphical representation of synchronic distances. For two sets E l , E2 of

events of a C/ E-system L, the synchronic distance a (El' E 2) is illustrated by an
additional S-element s with ·s = El and s· = E 2. S is not a condition of the con-
dition/event-system L, but is allowed to carry arbitrarily many tokens. In each
case c of L, s contains a number of tokens (sufficiently many tokens, in order
not to hinder event occurrences). Whenever an event of El or E2 occurs, this
number is increased or decreased by 1, respectively. a (El' E 2) is the su-
premum over the maximal variation of the number of tokens on s, yielded by
finite processes. In graphical net representations, s and the new arcs are drawn
as broken lines, and s is labelled by "a = x", if a ("s, s·) = x.
We do not provide proof here, because the newly introduced S-element s
imposes a more general class of nets, which will be treated in the next chapter.
In Exercise 9 of Chap. 5, we will return to this problem.

o({e 4 }, {eo}) =1
o({e 2 }, {e 4 }) =2
o({e 2 ,e 3 }, {e 4 ,e S }) =4
o({e 2 ,e 4 }, {e 3 ,e S }) =2
cr({e 4 ,e S }' {e 3 }) =w

• W-------------~

eo
Fig. 42. Synchronic distances between sets of events
4.1 Synchronic Distances 49

/ \
I
I \
/ \
/ \
e1 / \
. . -t 'l...
0=2:. ; I • ',0=W
'-<\
\
~,'"
/ I
\ /
\ /
\ /
\ /
/

• ~---------------------------1

eo
Fig. 43. Graphical representation of the synchronic distances given in Fig.42

C/E-system L

process p of L
Fig. 44. A C/ E-system in which the two events el and e2 occur concurrently (0" (el' e2) = 2)
50 Properties of Systems

CIE-system L'

b~----------->i

process Pl

process P2

b<}-----------~

Fig. 45. A C/ E-system in which el and e2 occur in some (arbitrary) order (0" (el' e2) = I)

(i) Some special synchronic distances. Obviously, we obtain a synchronic dis-

tance (J (e" e2) = 0 if and only if e, = e2; that is, e, and e2 occur coincidently
(as, for example, the end of winter and the beginning of spring in 1.1 (a)). Cor-
respondingly, for sets of events E" E 2, (J (E" E 2) = 0 if and only if E, = E 2.
We now consider the two systems I and L' shown in Fig. 44 and in Fig. 45.
The two events e" e2 occur in I concurrently, they are independent. By ap-
plying the definitions, we obtain (JI (e" e2) = 2. In Fig. 45 we change the sys-
tem by introducing a regulation mechanism, which prevents e, and e2 from oc-
curing concurrently, forcing them to occur in some arbitrary order. (Pi' (e,)
and Pi' (e2) (i = 1,2) are situated on one line in the processes p, and P2 of I',
while P-' (e,) and P-' (e2) are concurrent in the process P of I.) The conceptual
difference of the systems I and L' is reflected by the synchronic distance of
e, and e2. In the system I', we find (JI' (e" e2) = 1. This example shows how
synchronic distances may describe the difference between concurrency
«(J (e" e2) = 2) and occurrence in some (possibly unspecified) order.
In Fig. 46, corresponding pairs of events of I, and I 2 , respectively, have
the same synchronic distances: (J (e" e2) = (J (e" e4) = wand (J (e" e3) =
4.1 Synchronic Distances 51

L2
Fig. 46. Two C/ E-systems LI, L2 with Cl'.~;, (e, e') = aE 2 (e, e') for e, e' E {el, ... , e4}

Fig. 47. Other synchronic distances in the systems of Fig. 46

... J.,.
~
.-
I
I
/a=w

Fig. 48. An infinite synchronic distance because of a conflict

(J(e2' e4) = I in both systems. But intuitively, I2 is "more strictly synchro-

nized", as in I2 no two events may occur concurrently. This is expressed by the
synchronic distance of {el' e2} and {e3, e4}, which is 2 in II, but I in I2
(Fig. 47).
In the system shown in Fig. 48 the events el and e2 are unboundedly often
in conflict with each other; we obtain an infinite synchronic distance. In
Fig. 49, the synchronic distance of el and e2 is also infinite. But in contrast to
the system shown in Fig. 48, the occurrences of el and e2 are dependent on
52 Properties of Systems

• e2
2:[

,-,
I

'.'0=2
'-'
•
[
[
I
[

Fig. 49. A weighted synchronic distance

each other: e, occurs twice as often as e2. To express this, we need to

generalize the concept of a synchronic distance. In Fig. 49, for example, we
specify that the occurrence of e2 reduces the number of tokens on the new S-
element by 2. In the graphical representation, the corresponding arc is labelled
by the "weight" 2. This concept of weighted synchronic distances is not ex-
plained any further here.

4.2 Some Quantitative Properties of Synchronic Distances

First, we show that synchronic distances define a metric on the sets of events of
a C/ E-system. Then some other properties of synchronic distances are proved.

(a) Theorem. Let I be a contactjree C/ E-system, let E" E 2, E3 ~ EI . Then

(i) a(E" E 2) = 0 <=;> E, = E 2,
(ii) a(E" E2) = a(E2' E,),
(iii) a (E" E 2) ::;; a (E" E 3) + a (E3, E2).

Proof (i) and (ii) follow immediately from Definition 4.1 (f). To prove (iii),
let p: K ~ IE TiI and let D, and D2 be slices of K such that v (p, E" E 2) =
J1 (p-' (E,), D], D 2) - J1 (p-' (E2)' D" D2). Then, defining [EJ = J1 (p-' (Ei)'
D" D2 ) (i = 1,2,3), we have: v (p, E" E 2 ) = [Ed - [E 2 ] = [Ed - [E3] + [E3] -
[E2]::;; v (p, E" E 3) + v (p, E 3, E2). Using A16 we obtain: a (E\, E 2) =
sup {v(P,E"E2)lp E TiI} ::;; sup {v(P,E"E 3) + v(p,E3,E2)lpETiI} ::;;
sup {v (p, E" E 3) Ip E TiI} + sup{v(P, E 3, E 2) I p E TiI}. 0

(b) Theorem. Let I be a contactjree C/ E-system and let E" ... , E4 ~ E I .

Then aCE, u E 2 , E3 u E 4) ::;; a (E\, E 3) + a (E2' E 4) + a (E\ n E 2, E3 n E4).
4.3 Synchronic Distances in Sequential Systems 53

Proof Let p: K ---> 1: E nE and let D I , D2 be slices of K such that v (p, EI U E 2,

E3 U E4) = J1 (p- I (EI U E 2), D I , D 2) - J1 (p-I (E3 U E 4), D I , D2). For E ~ EE
let [E] = J1 (p-I (E), D I , D2). Obviously for all E, E' ~ EE: [E u E'] = [E] +
[E'\E], [E\E'] = [E] - [E n E'] and [E] - [E'] :s; v (p, E, E') :s; (J (E, E'). There-
fore v (p, EI U E2, E3 U E 4) = [EI U E 2] - [E3 uE4] = [Ed + [E2\Ed - [E3] -
[E4\E3] = [Ed + [E2] - [E2 n Ed - [E3] - [E4] + [E4 n E 3] :s; v (p, E I , E 3) +
v (p, E 2, E4) + v (p, EI n E 2, E3 n E4).
The result follows using A 16, as in the proof of the above theorem. 0

°
(c) Corollary. Let 1: be a contactjree C/ E-system and let E I , ... , E4 ~ EE such
that EI n E2 = = E3 n E4. Then (J (EI U E2, E3 U E4) :s; (J (EI' E3) + (J (E2' E4).

Proof Since (J (0, O) = °

(Theorem 4.2 (a) (i», the result follows immediately
by application of Theorem 4.2 (b). 0

(d) Theorem. Let 1: be a contactjree C/ E-system and let E I , E2 ~ EE. Then

(J (EI' E 2) = (J(EI\E2' E 2\E I ).

Proof Let p: K ---> 1: E nE and let D I , D2 E ~(K). For E ~ EE let [E] =

J1 (p-I (E), D I , D2). Then [E I] - [E 2] = [(E I\E2) u (EI n E 2)] - [(E 2\E I ) u
(EI n E2)] = [E I\E2] + [EI n E 2] - [E2\Ed - [EI n E 2] = [E I\E2] - [E2\Ed.
Hence v (p, E I , E 2) = v (p, E I\E2, E 2\E I ); the result follows. 0

4.3 Synchronic Distances in Sequential Systems

In purely sequential systems, synchronic distances are not very interesting. For
any pair of single events we always obtain one of the values 0, 1 or w.

(a) Definition. A C/ E-system is called a state machine iff

(i) YeEEE:I·el=le·l=l,
(ii) Y c E CE : Ie I = 1.
The Figs. I and 13 show examples of state machines.

(b) Theorem. Let 1: be a state machine and let el, e2 E E E. Then (J (el , e2) E
{O, I, w}.

Proof Each process of 1: consists of a line of the form

o--D-0- .... -0--0
Assume, that there exists a process p: K ---> 1: with two T-elements t l , t2 E T K ,
such that, for i=1 or i=2, p(t l )=p(t2)=ei and YtEttntz:p(t)ot=ei.
Then, with PI = pi ett n ·tz), Pn = PI 0 ••• 0 PI is a process, and v (Pn, {ed, {e2})
--.-..
~ n. Then (J (el' e2) = w. n-times
Otherwise, for all processes P of 1:, v (p, el , e2) :s; 1 and therefore
(J (el , e2) :s; I. 0
54 Properties of Systems

4.4 Synchronic Distances in Cyclic Systems

The definition of synchronic distances in 4.1 takes account of the fact that, in a
process, concurrency may yield slices which are not ordered. This is important
if the C/ E-system is non-cyclic because the values corresponding to the situa-
tions discussed in 4.1 (i) could otherwise not be obtained. We are now going
to define a simpler function a', which is equivalent to the synchronic distance
a in the special case of cyclic C/ E-systems.

(a) Definition. Let L be a C/ E-system which is contact-free, let E I , E2 ~ E};

and let P E 7C};. We define v' (p, E I , E 2) = IIp- 1 (E I) I-Irl (E 2) I and a' (EI' E 2)
= sup {v' (p, E I , E 2) Ip E 7C};}.

(b) Proposition. For any arbitrary C/ E-system Land E I , E2 ~ E};: a' (EI' E 2) S
a (EI' E2)'
For example, in Fig. 44, a' ({ed, {e2}) = 1 < a({ed, {e2}) = 2.

Proof By Proposition 4.3 (b), it is sufficient to show a' (EI' E2)~ a(E], E2)' To
prove this, we construct for each process p of L a process p' of L such that
v' (P', Eh E 2) 2 v(p, E I , E2)'
Let p: K ----> L be given. Let D I , D2 be slices of K with v (p, E I , E 2) =
f1 (P-] (E]), D], D2) - f1 (P-] (E 2), D], D2)' Since L is cyclic, a process p':
K' ----> L and a slice D3 of K' exist such that pop' is a process of Land p (D3) =
p (D 2) (see Fig. 50). Then D] < D3 and D2 < D 3 .
For slices D,D' with D<D', we define the process PD,D' by PD,D'=
pi (D+ n D'-).
If v' (PD" D" E], E 2) > 0, let p" = PD" D, 0 ••• 0 PD" D" and we obtain

v' (P", E], E 2) 2 v(p, E I , E2)' Now assume

v' (PD"D" E], E2) = II PiJ;, D, (E I) 1-lpiJ;, D, (E2) II = 0.

0, /0 2
,,0
---""l
3
"- I

,,,
\
"-

~'
l
J

I
I
I
I ""- I
I

\.. v
)\..
v
p p'
Fig. 50. Illustrating the proof of Theorem 4.4 (c)
4.5 Facts 55

Clearly, IPD,I,D 3(E;) 1= IPD;,D 3(E;) 1+ Ip- I (E;) n Dt n D'21

-Irl (E;) n D] n Dil.
Then v' (PD" D3' E I , E 2)
= IlpD;,D 3(E I) I+ Ip- I (E I ) n Dt n D'2I-lp-1 (E I ) n D] n Di I
-IPD;,D3(E2) I + Ip- I (E2) n Dt n D'2I-lp- 1 (E2) n D] n Di 11 = 0
= IJl (p-l (E I ), D I , D 2) - Jl (p-I (E2 ), D I , D 2) I
= v(p, E I , E2)' 0

4.5 Facts
It is possible to construct formulae of propositional logic by using the condi-
tions of a CI E-system. Since conditions are allowed to change, such formulae
will be true or false depending on which case the system is in. Formulae which
are true in all cases of the system are especially interesting, because they de-
scribe invariant properties of the system. We shall now show how the
representation and evaluation of such formulae can be integrated into the net
calculus.
Consider again the C/ E-system II of Fig. 46, consisting of two simple
sequential cycles. We now add the requirement that bl and b2 do not hold
together in any case of the system. We can achieve this by the construction of
I2 shown in Fig. 46. The new property of the system can be expressed in the
net calculus by adding a new T-element t with °t = {b l , b2 } and to = 0, as shown
in Fig. 51, which is enabled in no case of the system.
We first study the relations between formulae consisting of conditions of a
CIE-system (for example I (b l 1\ b2) in Fig. 51) and the possibility of events
being enabled. To this end, we consider a condition b as an atomic proposi-
tional formula, which is true in a given case c if and only if b belongs to c.
Then we can construct formulae of propositional logic and evaluate their truth
values.

(a) Definitiono Let I be a CI E-system.

(i) The set AE ofJormulae (of propositional logic) over BE is the smallest set
such that

Fig. 51. Enhancement of 1:2 of Fig. 46 by aT-element t which is never enabled

56 Properties of Systems

(1) BE c::;AE,
(2)0,),0,2 EAE=> (0,)1\0,2) EA E, (ai Va2) EAE,
(a) ---> a) E A E , (10,]) E A E •
(ii) Each case c E C E induces for each a E AE a value c (a), defined by
c: AE ---> {O, I}
b t--+ I iff bEe,
b t--+ 0 iff b ¢ c,
(a) 1\ 0,2) t--+ min (c (a), c (~»,
(a) V~) t--+ max (c (a), c (~»,
(a) --->~) t--+ C«lad V az),
(10,]) H 1- c (a)).
We interpret 1 as "true" and 0 as "false", and we call a formula a valid in
the case c iff C(a) = 1.
(iii) Two formulae a) ,az E AE are called equivalent in L iff for all c E C E:
C(a]) = c(az).
We shall omit unnecessary brackets (note that 1\ and V are associative
opera tors).
Next we shall associate a formula aCe) with each event e of a C/ E-system
in such a way that for all cases c: aCe) is valid in c if and only if e is not
c-enabled.

(b) Definition. Let L be a finite C/ E-system and let e E EE. Let ·e =

{b], ... ,bn }, e·={bi, ... ,b;"}. Then aCe) is the formula (b]I\ ... l\b n )--->
(bi v ... V b;"). If e· = 0, then aCe) is the formula I (b) 1\ ... 1\ bn ). If ·e = 0,
then a (e) is the formula bi V ... V b;".

(c) Lemma. Let L be a finite C/ E-system and let e E EE. Then for each c E CE ,
aCe) is valid in c iff e is not c-enabled.

Proof c(a(e» = 1 ~ ::3b E·e with c(b) = 0 or ::3b' E e· with C(b') = 1 ~

::3b E ·e with b ¢ cor ::3b' E e· with b' E c ~ e is not c-enabled. 0

We showed above how to associate a formula to an event of a C/ E-system.

Next we consider how to represent arbitrary valid formulae built from con-
ditions of the system.
For this we enlarge a C/ E-system L by additional T-elements which are
enabled in no case of L ("dead" T-elements). Thus they do not influence the
behaviour of the system. If we associate with each new T-element t a formula
aCt), as shown above for events, then a (t) is valid in L (valid in each case of
I). In this way it is possible to represent all valid formulae of L by a number
of "dead" T-elements. Such T-elements are called facts.

(d) Definition. Let L be a C/ E-system.

(i) A formula a E AE is called valid in L iff for all c E CE: C (a) = 1.
(ii) For B],B 2 c::;B E, let t=(B],B z) be a new T-element with ·t=B] and
( = B 2 • t is called afact of L iff t is never enabled for any c E C E.
Exercises for Chapter 4 57

Fig. 52. Enhancement of the system of Fig. 2 by one condition and two facts

In the graphical representation of L, a fact t = (BI' B 2 ) is drawn as a T-

element [E] (labelled by a schematic "F"), as already shown in Fig. 51.
For a fact t, the formula a(t) is defined just as a(e) is defined for events e;
for instance, if °t = {b l , ... , b n}, [" = {bi, ... , b;"}' then a (t) = (b l /\ ... /\ b n)
-+ (bi V ... vb;").

(e) Theoremo Let L be a finite C/ E-system and let a E A E . a is valid in L if and

only iffacts t l , ... , tn exist such that a is logically equivalent to a (t l ) /\ ... /\ a{tn).

Proof Each a E AE can be transformed into a logically equivalent formula

d =al /\ ... /\ ak, where each ai is a term of the form J b l V ... V J b n V
bi v ... V b;" with bi, bi E BE (conjunctive normal form). Therefore, ai is logi-
cally equivalent to a formula a (t i) with °ti = {b l , ... , b n} and ti = {bi , ... , b;"}.
Now, ais valid in L <;=>a' is valid in L <;=> for all i, ai is valid in L <;=> for
alI i, a (t i) is valid in L <;=> for all i, ti is a fact. 0

(f) What about formulae which are valid in some, but not in all, cases of
the system? For a case c E CE , let c' denote the conjunction of all conditions
of L which hold in c. Then, if ais valid in the cases CI, ... , Ck, we can describe
this by the valid formula (ci /\.:. /\ ck) -+ a.

Exercises for Chapter 4

I. Construct two non-equivalent, contact free C/ E-systems Land L' and a

bijection c:: EE -+ EE' such that Vel, e2 E EE: (J (el' e2) = (J (c: (el), c: (e2))'

2. Let L be a finite, cyclic C/ E-system and let E I , E2 <;::: EE. Show that
(J (EI , E 2 ) = w <;=> there exists a non-empty process p: K -+ L such that
p (0 K) = p (KO) and v' (p, E I , E I ) > O.
58 Properties of Systems

*3. Given a contact-free C/ E-system I, a process p of I, two finite event sets

E I , E2 <;; EE and a mapping g: EE ~ N\{O}, let Vg (p, E I , E 2) =

max {L g(e)' f.1 (p-I (e),DI ,D2) - L g (e)' f.1 (p-I (e),DI ,D2) IDh D2 E ~(p)}
eEE1 eEE2

(weighted variance of EI and E2 inp).

Then ag (EI' E 2) = sup {vg (p, E I , E 2) Ip EnE} is a weighted synchronic dis-
tance of EI and E2. -
a) Show for all g: EE ~ N\{O} and all Eh £2, E3 <;; EE:
1) ag (EI' E 2) = 0 <=:> EI = E 2,
2) ag (~I' E2) = ag (E2' E I),
3) ag (EI' E2) ~ ag (EI' E3) + ag (E3, E2)'
b) Consider the following C / E-system:
E1

/
/'
---- --
/'
/
/
I
I /'
I /'
/'
/'
/'

~---------------~

(i) Compute the (unweighted) synchronic distance a (EI' E2)'

(ii) Does a weight mapping g exist such that ag (EI' E 2 ) is finite?
Exercises for Chapter 4 59

c) Consider the following CI E-system:

(i) Compute the (unweighted) synchronic distance (J (el' e2).

(ii) Does a weight mapping g exist such that (Jg (el' e2) is finite?

4. In the four season system (Fig. I) represent the following facts:

a) If it is neither summer nor winter, then it is spring or autumn.
b) Ifit is summer then it is neither winter nor autumn.
Part 2. Place/Transition-Nets

As one abstraction of the many ways to interpret nets, we shall consider, in this
part, nets with S-elements which - in contrast to conditions - may carry more
than one token. In such nets S-elements are called places, the T-elements are
called transitions. An actual state of the system is represented by a certain dis-
tribution of tokens over the places, such that the number of tokens on each
place is greater than or equal to zero and not greater than its capacity. A tran-
sition t may fire if all places in °t carry at least one token and if the capacity of
all places in ( is greater than the number of tokens they actually carry. When
t fires, a token is removed from every place in °t and a token is added to every
place in (. We shall also allow weights to be attached to the arcs, these weights
are natural numbers n E N. In this case, not one but n tokens are added or
removed, respectively, when a transition fires. The firing rule is changed cor-
respondingly; there must be sufficient tokens on each place in °t and sufficient
capacity in ( to receive the tokens.
Examples for this kind of nets have already been discussed in Chap. I
(Fig. 5 and Fig. 6) and also in connection with synchronic distances (Fig. 43).
Chapter 5 explains the basic notions of nets consisting of places and tran-
sitions and introduces the coverability graph, a first method for analysing
these nets. A further analysis method is the evaluation of invariants which is
discussed in Chap. 6. For special classes of nets (free choice nets and marked
graphs), analysis methods are derived in Chap. 7.
Chapter 5

Nets Consisting of Places and Transistions

As a first example in this chapter we consider a system consIstmg of one

producer and two consumers. We have already seen this in Fig. 5. In this
modified version
(I) the buffer may contain at most five tokens,
(2) the producer generates three tokens in each step,
(3) at most one consumer is able to access the buffer in each configuration of
the system,
(4) each consumer removes two tokens when accessing the buffer,
(5) the production steps of the producer are counted.
The system shown in Fig. 53 fulfils these requirements. The meaning of
this should be intuitively clear; it is explained formally in the next section.

counter

producer consumer
Fig. 53. A producer-consumer system with limited buffer capacity, multiple generation and
mUltiple consumption, limited buffer access, and a counter

5.1 Place/Transition-Nets

This section presents the basic notions of place/transition-nets.

(a) Definition. A 6-tuple N = (S, T; F, K, M, W) is called a place/transition-net

(PIT-net) iff
(i) (S, T; F) is a finite net, the elements of Sand T are called places and
transitions, respectively,
5.1 Place/Transition-Nets 63

(ii) K: S --+ N u {w}, gives a (possibly unlimited) capacity for each place,
(iii) W: F --+ N\{O}, attaches ;r weight to each arc of the net,
(iv) M: S --+ N u {w} is the initial marking, respecting the capacities, I.e.
M(s) ~ K (s) for all s E S.
By analogy with C/ E-systems, the components of a P / T-net N are denoted
by SN, TN, FN, K N, W N, M N.
In the following definition we give the firing rule for place/transition-nets.

(b) Definition, Let N be a place/transition-net.

(i) A mapping M: SN --+ N u {w} is called a marking of N iff M (s)
~ KN (s)
for all s E SN.
Let Mbe a marking of N.
(ii) A transition t E TN is M-enabled iff
Ys E't: M(s) ;;::: W N (s, t) and
Ys E [': M(s) ~ KN (s) - W N (t, s).
(iii) An M-enabled transition t E TN may yield a follower marking M' of M
which is such that for each s E S N
M(S) - W N (s, t) iff s E 't\t',
M' ( ) - { M(s) + WN (t, s) iff s E (\'t,
s - M(s)-WN(s,t)+WN(t,s) iffsE'tnt',
M (s) otherwise.
We say tfiresfrom M to M', and we write M[t) M'.
(iv) Let [M) be the smallest set of markings such that
(1) ME [M) and
(2) if ME [M) and for some t E TN M j [t) M2 then M2 E [M).

In the graphical representation of P /T-nets, the arcs f E F are labelled by

W(.f) if W(.f) > 1. The capacity of a place s E S is represented by the inscrip-
tion "x = K (s)". The inscription "x = w" may be omitted. A marking M is rep-
resented by drawing M(s) tokens or the symbol w on each place s.
Examples of enabled and non-enabled transitions are shown in Fig. 54 and
Fig. 55.
Notice that transitions contained in self-loops may only fire if the markings
of the corresponding places leave enough latitude (Fig. 56). This is a
consequence of the firing rule.
Figure 53 shows a place/transition-net. The marking shown means that the
producer must wait for some free place in the buffer, that the consumers com-

••
••

Fig. 54. Firing of a transition

64 Nets Consisting of Places and Transitions

e.
K=3
Fig. 55. Situations in which a transition is not enabled

K.::3 K=3

Fig. 56. Both transitions are not enabled and therefore may not fire

pete for the right to access the buffer, and that the producer has already com-
pleted five production steps (i.e., it has produced 15 tokens).
Clearly, every CI E-system can be considered as a special place/transition-
net with place capacities and arc weights equal to one. Conversely, a placel
transition-net with place capacities and arc weights equal to one behaves like a
net consisting of conditions and events. But note that a C IE-system is provided
with a case class C, whereas for PIT-nets we assume an initial marking.
As a generalization of CI E-systems, a marking M yields a contact situation
for a transition t E TN if t fails to be M-enabled solely because the places in ("
do not have sufficient capacity.

(c) Definition. A PIT-net N is called contactfree iff for all ME [MN) and for
all t E TN:
ifYsE·t:M(s)2 WN(s,t) then YSE(":M(s)::::KN(S)-WN(t,S).

Analogously with CI E-systems, every PIT-net can be completed by adding

places such that its behaviour is not changed but contact situations are ex-
cluded.
Figure 57 shows an example of this construction. Given any PIT-net N, the
corresponding net N' is obtained by adding new places and arcs: For every
place S of N we construct an additional place "5 and for all arcs (t, s) and (s, t)
of FN we add new arcs ("5, t) and (t, "5), respectively, such that W N , ("5, t) =
WN (t, s) and WN, (t,"5) = W N (s, t). Assuming the capacity KN' ("5) = KN (s) and
for the new places s the initial marking M N, ("5) = KN (s) - MN (s), the resulting
net is obviously contact-free, as for any reachable marking M, M (s) + M ("5) =
KN (s). Markings M of Nand M' of N' correspond iff the restriction of M' to
the places SN of N equals M. Obviously, this correspondence is unique. Given
5.2 Linear Algebraic Representation 65

Fig. 57. Complementation in P / T-nets

corresponding marking M of Nand M' of N', every transition t is M-enabled

in N if and only if t is M'-enabled in N'. Furthermore, we may replace all
finite place capacities KN (s) E N in N' by w without affecting the behaviour
of N'.

502 Linear Algebraic Representation

The formal treatment of PIT-nets is much simplified by a linear algebraic
representa ti on.

(a) Definition. Let N = (S, T; F, K, M, W) be a PIT-net.

(i) For transitions t E T, let the vector L S -+ 7L be defined as
Wet, s) iff s E n·t,
1
_ - W(s, t) iff s E °t\(,
1.(s) - Wet, s) - W(s, t) iff s E °t n (,
o otherwise.
(ii) Let the matrix !j: S x T -+ 7L be defined as !j (s, t) = 1. (s).
(Vectors and matrices are introduced in Appendix VII.)

Clearly, every marking of a net may be represented by a vector. Figure 58

shows the matrix !j and the initial marking MN of the net shown in Fig. 53.
!j (Sj, 0 describes the change in the marking of Sj when tj fires. Entries with
value 0 are omitted.
This representation is unambiguous only for pure nets. Iri this case, the
components SN, TN, FN and W N can be derived. If we additionally require that
N is contact-free, the behaviour of N is fully determined by the matrix !j and
the vector M N •
With this matrix representation we find the following short formulation of
the firing rule introduced above:

(b) Corollary. Let N be a PIT-net and let M,M': SN-+N u{w} be two
markings of N. Then for each transition t E TN:
(i) rrt is M-enabled then M[t) M' <=> M + 1. = M'.
66 Nets Consisting of Places and Transitions

t] t2 t3 t4 t5 MN

8] -] ]

8 -] ]
2

83 5

8 4 3 -2 3

8 -]
5

86 -] 2

8 7 -1

Fig. 58. Matrix and initial marking corresponding to Fig. 53

If N is pure then additionally

(ii) t is M-enabled <=:> 0 :::;; M + 1:::;; K N ,
(iii) N is contactfree <=:> (Y ME [MN) : 0 :::;; M + 1 => M + 1 :::;;KN).

For nets with infinite place capacities the following monotonicity property
holds:

(c) Lemma. Let N be a PIT-net with Ys E SN: KN(S) = w. Let M" M 2:SN -4
N u {w}.
(i) M, [t) M => (M, + M2) [t) (M + M2)'
(ii) ME [M) => (M + M2) E [M, + M2)'

Proof (i) is obvious from the definitions.

(ii) is implied by (i). o

5.3 Coverability Graphs

It would be nice to have a finite graph directly representing the reachable

markings of a (finite) PIT-net. Obviously this is impossible, since, in general,
infinitely many different markings will be reachable. However, we can get a
finite graph such that every reachable marking is either explicitly represented
by a node of the graph, or else is "covered" by a node. Therefore such a graph
will be denoted coverability graph.
In order not to overwhelm the construction we will assume nets N with un-
limited capacities, i.e. KN (s) = w for all places S E SN. According to Sect. 5.1
5.3 Coverability Graphs 67

this is a purely technical restriction, as every PIT-net can be transformed to a

net with unlimited capacities without affecting its behaviour.
Each node E of a coverability graph should be thought of as a marking of
the net; some will actually be reachable markings, others cover reachable mark-
ings. The basic idea of covering markings comes from examining how infinite
sequences of reachable markings can arise. One way in which an infinite se-
quence of distinct markings can arise is as follows. Suppose M and M' are
reachable markings and M' E [M). Suppose further that for each place s
M (s) :s; M' (s) and M,* M' (we write this M < M'), and that KN (s) = w at all
those places s where M' (s) > M (s); then any transition enabled in M is also
enabled in M'. So, by repeating the chain of transitions that lead from M to M'
we obtain a new marking Mil with M' < Mil. Iterating this procedure, we
generate an infinite sequence of distinct markings (M;), i = 1,2, .... Note that
this sequence has the property that M; (s) = M (s) if M' (s) = M (s) while
Mi+1 (s) > M; (s) if M' (s) > M(s). The sequence will be represented in the
graph by a covering node K with K (s) = M (s) if M' (s) = M (s) and K (s) = w
if the number of tokens on s is increasing. Once the construction of the graph
is formalised, it will be possible to prove by induction (Lemma (c)) that every
reachable marking is either explicitly represented or is covered by such a
covering node. Finally, in Theorem (g), we shall prove that only a finite num-
ber of nodes are introduced in the construction.
(a) Definition. Let N be a PIT-net with infinite capacities and let T= Go, G1 , •••
be a sequence of graphs which meets the following requirements:
(i) Go = ({MN }, 0).
(ii) Let G; = (H, P) be given. Let E E H and let t E TN such that
(a) tis E-enabled,
(b) no arc starting at E is t-inscribed (i.e. 7J E' such that (E, t, E') E P).
Then define the marking E, for every s E SN, by E (s) = w, if there exists
a node E' in H such that E':s; E + 1 and E' (s) < E (s) + 1(S), and there
exists a path from E' to E in G;, E (s) = E (s) + 1(S), otherwise, and let
Gi + 1 = (H u {E}, P u {(E, (,E)}).
(iii) If it is not possible to construct G; + 1 following (ii) then let G; + 1 = G;.

T is called a c.overing sequence; G =

generatedbyT(wlthG;=(H;,P;)).
(.0 .0 p;)
,~O
H;,
,~O
is the coverability graph

Notice that, in the above definition, the marking E may already be con-
tained in H, being a node of Gi . In this case only a new arc (E, t, E) is added
in Gi + l , but no new node. .
Remember that the assumption of unlimited place capacities is a purely
technical restriction. In the following unlimited capacities will be understood
if coverability graphs are discussed.
We will now show that indeed each reachable marking is "covered" by a
node of a coverability graph:
(b) Lemma. Let G be a coverability graph of some PIT-net N. For each firing
sequence MN [tl) MI'" Mn-dt n) Mn there exists a path Eo tl EI ... E n- I tn En
in G such that MN = Eo andfor all i = 1, ... , n, Mi:s; E i .
68 Nets Consisting of Places and Transitions

N S1 • d c

Fig. 59. A PIT-net with two different coverability graphs (Markings M are represented as
vectors M(sl) M(S2) M(S3)' arc indices show the order of generation of the arcs)

Proof We prove the Lemma by induction on n. If n = 0, Mo = MN is by defini-

tion a node of G. Assume now there exists a node E ;:::: Mn _ I. Since tn is Mn -I -
enabled, tn is also E-enabled and there exists an arc (E, tn, E') in G. Clearly
Mn -I + tn ::;; E + tn ::;; E', and the result follows. D

Our next aim is to show that co-entries in coverability graphs indeed rep-
resent unbounded places. This is achieved by associating to each node E of a
coverability graph a set of markings such that, for all co-entries of E, there
are infinitely many markings with an unlimited token count on the correspond-
ing place.

(c) Definition. Let N be a PIT-net and let E: SN ~ N u {co}. Let E be a

node ofG.
(i) LetQ (E) = {s E SN I E(s) = co}.
(ii) For i E N, a marking M of N is called an i-marking of E iff Y SEQ (E) :
M(s);:::: i and Ys 1= Q (E) : M(s) = E (s).
5.3 Coverability Graphs 69

(iii) LeL#'E £ [MN) be a minimal set such that, for each i E N, there exists an
i-marking M of E inJlE . Then,Jl E is called a covering set of E.

(d) Lemma. Let G be a coverability graph of some PIT-net, N. For each node E,
there exists a covering set JIE.

Proof Let Go, GI , ... be a covering sequence of G. We prove the result by in-
duction following the definition of G.
For the single node of Go, the proposition is trivially true.
To show the induction step, let mEN, let (E, t, E) be a new arc in Gm ,
and assume thatJlE exists. We wish to show that Mi exists.
Let E' = E + L According to the definition of covering sequences, Q (E) £
Q (E). For every set S such that Q (E) £ S £ Q (E) we prove

(*) Yi E N 3M E [MN) : (Y s E S: M (s) ?:. i) /\ (Y s tj Q (E) : M (s) = E' (s))

by induction on S = Q (E), ... , S = Q (E).
To show (*) for S = Q (E), note that we assume that JIE exists. As Q (E) =
Q (E'), o/((E' = {M + 11 ME JlE } exists. This immediately implies (*) for
S=Q(E).
By induction hypothesis, assume (*) for some S = SI and let Sl E Q (E)\SI.
By Definition 5.3 (a) there exists in Gm a node Eo and a path Eo tl ... tn En with
(En -I, tn, En) = (E, t, E) such that Eo s E' and Eo (Sl) < E' (Sl). To show (*)
for SI u {sd, let i E N and let
z = max ({ Ifj (s) I lOs j s n /\ s E S I /\ 0 (s) sO} u {i}).
By induction hypothesis there exists a marking Mo E [MN) such that
YSESI:Mo(s)?:.(i+I)·n·z and YstjSI:Mo(s)=E'(s). Starting with Mo
we can fire from Mo the transitions tl ... tn: Mo [tl) ... [t n) M n , and it holds
Y s E SI : Mn (s) ?:. i· n . z, Mn (Sl) > Mo (Sl) and Y s tj Q (it) : Mn (s) = E' (s). So
we can even fire tl ... tn i times: Mo [(tl ... tn)i) M and for the resulting mark-
ing M it holds Ys E SI: M(s)?:' n· z, M(sl)?:' i and Ys tj Q (E): M(s) =
Mo (s). This, however, implies (*) for S = SI u {sd (as n . z ?:. z ?:. i).
Finally we obtain (*) for S = Q (E). This expresses the existence of Mi and
finishes the induction step for Gm • 0
These two lemmas motivate the name "coverability graph". Each reachable
marking is covered by some node of the graph and, conversely, each node
covers a set of reachable markings which may have arbitrarily large values for
the co-components.
Figure 60 shows the kind of structural properties of MN not represented in
the coverability graph. The coverability graph does not show that, in N I , the
transition c may fire arbitrarily often but, in N 2 , c may fire at most as many
times as a previously fired.
Coverability graphs of finite nets are finite; in Definition 5.3 (a) case (ii)
applies only finitely often, as will be shown in the sequel.
(e) Definition. Let N be a PIT-net. Two markings, M I , M 2 , of N are called
unordered iff neither MI < M2 nor M2 < MI.
70 Nets Consisting of Places and Transitions

b b
N1 N2
Q (

owQ
b

b 001

G
Fig. 60. Two different PIT-nets with the same coverability graph

(1) Lemma. Every set ofpairwise unordered markings of a PIT-net is finite.

Proof We prove the somewhat stronger proposition, that each infinite se-
quence a = M 1 , M 2 , ••• of mutually distinct markings has a strongly increasing
infinite subsequence a' = M i" M i" ••••
If I SN I = I then Mi < ~ or ~ < Mi for all i,j E N. In this case, let
M;, =MI and, given M i;, there exist only finitely many markings M in a such
that M < M;; (as descending sequences of naturals are finite), hence there
exists some index ij + 1 > ij such that M i;+l > M i;-
For SN = {sJ, ... , Sn + I}, there exists by the induction hypothesis an inifite
subsequence a" = Aft" M I" ... of a such that
(*)
With M i, = M I, we construct a' = M i" M i" ... as a subsequence of a":
Given M;p there are only finitely many markings M in a" such that M (sn + I)
:s; M;j (Sn+I)' Hence, there exists some index ij +1 > ij such that M i;+l ina" and
M;;+1 (Sn+l) > Mi; (sn)· With (*), we have Mi;+1 > M i;. D

(g) Theorem. Every coverability graph of a PIT-net isfinite.

Proof For j = I, 2, ... , let (Kj _ 1 , tj , Kj ) be the arc which was added in Gj . Let
TO=GO,G 1 , ••• be a covering sequence of a finite PIT-net and let G be the
coverability graph generated by r. A path w = K o tl Kl ... of G is called con-
structive iff there exists a subsequence G io ' Gil' ... of T such that Gi; generates
5.4 Decision Procedures for Some Net Properties 71

the arc(~_I,tj,~) U=1,2, ... ) and G;o=Go. We shall show that every con-
structive path w = Ko tl KI ... is finite. Let 1> = K o, K I , ... be the sequence of
nodes in wand let S={sESNIMN(s) =1= w}. For each descending sub-
sequences Ko > K{ > ... > K~, n::; L Ko (s). For each increasing subsequence
S E s
K6 < K{ < ... < K~, we have by construction of w, Ki (s) < KJ (s) => KJ (s) = w.
Therefore n ::; 1SN I. Hence 1> and also w is finite.
Obviously the constructive paths of G constitute an acyclic subgraph G'
of G. As G' is finitely based and finitely branched, and as each constructive
path is finite, G' is finite according to Koenig's Lemma (cf. A16). Since every
node of G lies on some constructive path, the node sets of G and of G' are
equal and the Theorem follows. 0

Thus, coverability graphs can actually be constructed for PIT-nets and can
be used to prove certain properties of such nets.

5.4 Decision Procedures for Some Net Properties

Some questions about coverability and liveness can be reduced to properties

of coverability graphs. Since coverability graphs of PIT-nets are finite and can
actually be constructed, we obtain constructive procedures for the decision of
these problems. Such procedures are the main concern of this section.
It is decidable for arbitrary markings M of a PIT-net N whether a mark-
ing M' E [MN) with M::; M' exists, that is, M is covered by some marking of
[MN):

(a) Theorem. Let N be a PIT-net, let M: SN --> lN u {w} be an arbitrary marking

of N and let G be a coverability graph of N. A marking M' E [MN) with M::; M'
exists if and only if
(i) Vs E SN: (M(s) = w => MN (s) = w) and
(ii) there exists a node E in G such that M ::; E.

Proof Let M' E [MN) with M s M'. (i) using Lemma 5.3 (b), there exists a
node E of G with M'::; E. Therefore, M s E. (ii) Clearly, MN (s) =1= w implies
V M' E [MN): M' (s) =1= w.
Conversely, assume (i) and (ii), let E be a node of G with M s E. Using
Lemma 5.3 (d), there exists M' E [MN) with M' (s) ::?: M (s) in the case
E (s) E lN, and M' (s) arbitrarily large in the case E (s) = w. If M (s) = w, we
have MN (s) = wand therefore M' (s) = w. 0

(b) Definition. Let N be a PIT-net. S s;: SN is called simultaneously unbounded

iff ViE lN 3M; E [MN) such that V s E S: M; (s) ::?: i.

(c) Theorem. Let N be a PIT-net, let S s;: SN and let G be a coverability graph
of N. S is simultaneously unbounded iff there exists a node E in G such that
V s E S : E (s) = w.
72 Nets Consisting of Places and Transitions

Proof Let M I , M 2, ... E [MN) such that Vs E S Vi EN: Mi (s) ~ i. Using

5.3 (b) there exists, for each M, a node Ei such that M i :-:; E i . Since G is finite
(5.3 (g», there exists a node E of G such that, for infinitely many ii, i2 , •••
EN, M j :-:; E. Since V s E S: ij :-:; M j (s) :-:; E (s), we have E (s) = w.
The converse is Lemma 5.3 (d). D

(d) Definition. Let N be a PIT-net, let M: SN -4 N u {w} be a marking of N,

and let t E TN.
t is called M-dead iff V M' E [M) : t is not M'-enabled.

(e) Theorem. Let N be a PIT-net, let t E TN and let G be a coverability graph

ofN.
tis Mwdead ifJ there exists no arc of the form (E, t, E') in G.

Proof If (E, t, E) is an arc of G then E [t) E and, by Lemma 5.3 (d) there
exists a marking ME JiE which enables t.
If t is not Mwdead then there exist M I , M2 E [MN) with M J [t) M 2 , So, by
Lemma 5.3 (b) there exists a node E with M I :-:; E. Since tis MJ-enabled, it is
also E-enabled and an arc (E, t, E) exists. D

(0 Theorem. Let N be a PIT-net, such that V s E SN: KN (s) = w, let M: SN-4

N u {w} be a marking of N, and let t E TN be M-dead. Then for all M' < M, t is
M'-dead.

Proof Assume t is not M'-dead. Then there exists a marking kf' E [M') such
that t is M'-enabled. Starting from M, firing the same transitions in the same
order as when firing from M' to M', yields a marking M such that t is M-
enabled. D

(g) Corollary. Let N be a PIT-net and let G be a coverability graph of N. The

set [MN) of reachable markings isfinite ifJno node ofG has an w-component.

Proof [MN) is infinite iff at least one place s is unbounded. According to

Theorem 5.4 (c), this is true iff at least for one node E of G, E (s) = w. D

For the practical analysis of nets, coverability graphs are of limited value,
as algorithms for their construction are too complex. It was shown in [81] (cf.
also [47,73]) that there exists a sequence N I , N 2 , ... of PIT-nets with linearly
growing size (let the size of a net be the number of its elements, arcs, and
initial tokens) such that the corresponding coverability graphs Go, G], ... grow
(with respect to the number of nodes) quicker than any primitive recursive
function.
As a consequence of this result, the following is proved in [81] and [82]: Let
Nand N' be two PIT-nets with identical places (i.e. SN = SN') and finite sets
[MN) and [MN,) of reachable markings. It is obviously decidable if [MN) ~
[MN .), but not in primitive recursive time (or space). A similar result holds for
the problem whether or not [MN) = [MN')'
5.5 Liveness 73

Assuming Nand N' as above, but with infinite sets [MN) and [MN'), the
problems [MN) ~ [MN.) and [MN) = [MN') are not decidable [76]. Further-
more it is shown there that it is not decidable if [MN) decreases in case a
transition is skipped from the net.
For a PIT-net N it is decidable in space 2 n . log (n) (let n denote the size of
C ·

N) if [MN) is finite [80]. Hence the construction of coverability graphs is not

required for this problem. Equally complex is the problem if, for an arbitrary
marking M, there exists a reachable marking M' E [MN) such that M::;; M'.
Furthermore it is shown in [80] that both problems can not be decided in
space 2Vn.
The problem if an arbitrary marking M of a PIT-net N is a reachable
marking (i.e. ME [MN») became well known as the reach ability problem. It was
recently (positively) solved [67].

5.5 Liveness

P IT-nets are often used in application areas where the number and distribu-
tion of dynamically moving objects is important; for instance, the data in a
computer, the goods in a warehouse, the documents in an administration sys-
tem, the work in progress in a production system. In such areas, the aim is
generally to obtain an organisation which allows for variations in the number
and distribution of the moving objects, but which restricts such variations
within certain limits. There may be failures in the form of blockings, which
cause a partial or total standstill of the system. Such blockings are either the
result of a lack of such moving objects, or the result of a jam (superfluity).
In the net representation of such systems, active system elements (proces-
sors, agents, machines) are represented as transitions, passive system elements
(buffers, stores) are represented as places. Moving objects are represented as
tokens. Then, blockings are visible as transitions which are not able to fire any
more. Such nets are not live. There are several notions of liveness; a marking
may be called live if, for each follower marking, there exists some enabled
transition, or if each transition may sometimes be enabled, or if each transition
may sometimes be enabled from each follower marking, or if each (or at least
one) follower marking is reproducible, etc. A net may be called live if, with
respect to any of the above liveness notions for markings, it can be provided
with a live marking.
In the following we use a notion of liveness which requires, for each
marking, the possibility of each transition being enabled.

(a) Definition. Let N be a PIT-net, let t E TN.

(i) t is called live iff V ME [MN) 3M' E [M) such that t is M'-enabled.
(ii) N is called live iff V t E TN: t is live.

The intuitively obvious conjecture that enlarging (adding tokens to) the
initial marking of a live net yields again a live net turns out to be false.
Figure 61 shows a counterexample.
74 Nets Consisting of Places and Transitions

Fig. 61. A live PIT-net. If, additionally, the place s is marked, this yields a net which is no
longer live

This liveness notion does not imply that each marking is reproducible, i.e.
for all M"M2 E[MN):M2 E[M,). Even then this is not the case, if all capaci-
ties are finite. An example of this is shown in Fig. 24.
It might be interesting to discuss Ii veness of markings:
(b) Definition. A marking M of a PIT-net N is live iff 'It E TN 3 M' E [M) such
that t is M'-enabled.
Then we get the following.
(c) Lemma. A PIT-net N is live iff all markings M E [MN) are live.

Proof N is live <=:> 'It E TN: t is live <=:> 'It E TN '1M E [MN) 3M' such that t
is M'-enabled <=:> '1M E [MN) M is live. 0

Exercises for Chapter 5

1. Consider the PIT-net of Fig. 12.

a) Introduce minimal capacities which do not affect the behaviour of the
net.
b) Construct the matrix of this net.
2. Construct different coverability graphs for the following PIT-net:
a

• c d
Exercises for Chapter 5 75

3. Construct a PIT-net with three different coverability graphs.

4. Construct three different PIT-nets with equal coverability graphs.

5. Show that in the PIT-net of Exercise 2

a) 3M' E [MN) with (0, 5, 10) < M',
b) tJM' E [MN) with (1, 2, 3) < M',
c) {S2' S3} is simultaneously unbounded,
d) there exist no MN-dead transitions.

6. Consider the following PIT-net:

a) Which subsets of places are simultaneously unbounded?

b) Is the net live?
(Hint: Construct the coverability graph.)

7. Is the net in Exercise 2 live?

8. Rearrange Fig. 12 such that never only one process is reading. If two pro-
cesses are reading, a third one may join them.

*9. a) In Sect. 4.1 (h) we suggested a graphical representation for synchronic

distances. Formalise this idea.
Hints. Let a CI E-system I and a pair s = (EI' E 2 ) of subsets of Er be
gIven.
Define the net Is by Is = (B r U {s}, Er; Fr U {(e,s) leE Ed u {(s, e) leE E2}).
Together with an initial marking M, Is can be conceived as a PIT-net.
Define now what it means to simulate an (initial part of a) process
p: K ---+ I as a firing sequence in Is. To do this, consider event sequences
which are obtained by extending the partial order of TK to total orders: Let
w = el ... en E../ (P) iff there exists a slice Dw of K with D;:; n TK = {tl, ... ,tn}
such that for alII::;; i,j::;; n, p (ti) = ei and (t i < t; => i <j).
As an example, for the process p as shown in Fig. 41, we obtain ../(P) =
{eo el e2 e3, eo e2 el e3, eo el e2, eo e2 el , eo e2, eo}.
76 Nets Consisting of Places and Transitions

Let w = e, ... en E../' (P) and let Dw be a slice as given in the definition of
For E ~ Ex; let A (E, w) = {i I ei E E}. Obviously, ), (E, w) =
../' (P).
Ir' (E) nD~I·
If w is embedded in a firing sequence Mo [e,) M, ... M n -, [en) Mn of Is.
!i (w, s) = A (E" w) - A (E2' w) denotes the effect of w to s, i.e. jl (w, s) =
Mn (s) - Mo (s) (as obviously Mn (s) = Mo (s) +), (E" w) - A (E2' w)).
jl (w, s) is the contribution of w to the variance v of p, defined by v (p, s) =
max{!i(w,s)lw E../(p)}-min{jl(w,s)lw E../'(p)}. v(p,s) defines the con-
tribution of p to the maximal variation of the number of tokens on s.
Define now 6 (E, , E 2 ) = sup {v (p, s) Ip E nx;} and show 6 = (J. (Ob-
viously it is sufficient to show v(p, s) = v (p, E" E2))'
b) Let I, Is, and ../'(p) be as above and let the set 9J( of markings of Is be
defined by: ME 9J( iff M (s) E N and there exists a case C E ex; such that
Vb E Bx;: M(b) = I if bE c andM(b) = 0 if b ¢ c.
Let 6 (E" E 2 ) = sup {Mn (s) - M~, (s) I ::3 p E nx; ::3 ME 9J( such that there
exist two firing sequences M[a,) M, ... M n-, [an) Mn and M[a;) M; ...
M~,_,[a~-)M~' with {a, ... an, a; ... a~,}~../'(p)}. Show that (J and 6 are
equal.
Chapter 6
Net Invariants

In this chapter, we are first concerned with sets of places of PIT-nets which
do not change their token count during transition firings. Knowledge about
any such sets of places not only helps in analysing liveness but also allows us to
investigate other properties of systems (for instance, facts in CI E-systems).
Such sets of places will be called S-invariants. Since invariants are charac-
terized by solutions of linear equation systems of the form lJ'· x = 0, (lJ' de-
notes the transpose of N, cf. Appendix VII) it is possible to compute them by
the well-known methods of linear algebra.
By means of two examples, a sender-receiver model and a seat-reservation
system, we shall discuss how to apply invariants to the construction and
analysis of systems.
As well as S-invariants, we also obtain T-invariants as solutions of lJ . x = o.
They indicate how often, starting from some marking, each transition has to
fire, to reproduce this marking.

6.1 S-Invariants

To begin with we shall consider a special class of S-invariants. Let N be a

PIT-net with arcweight I for all arcs. We want to characterize sets of places,
S s:; SN, of N which do not change their joint total token count when transi-
tions fire. Certainly we can see that if S is such a set of places and s E S then
for each transition t E s' which may be enabled there must be a place s' E t'
which is also contained in S. Intuitively speaking, a token flows along the
arcs (s, t) and (t,s') from s to s'. Analogously, there is, for each transition t E 's
which may be enabled, a place s' E 't such that a token flows along (s', t) and
(t, s) from s' to s. Thus, S may be characterized by a set, F, of arcs which
fulfils the following requirements:
I) When an arc belonging to F starts or ends at a place s then all arcs from and
to s belong to F.
2) For each arc of F ending at some transition t there is exactly one arc be-
longing to F starting at t.
Figure 62 shows such a set of places. The corresponding arcs are repre-
sented by thick lines. The token count is also constant on the set of places
{Sj, S2, S4, ss}.
78 Net Invariants

Fig. 62. The sum of tokens on the set {SI, S3, S4} of places is not changed by transition firings

This simple method of characterizing sets of places with constant token

count does not work if there are arcweights other than 1. An example is
shown in Fig. 63. Therefore, we have to investigate further how the firing of
transitions affects such sets of places.
If the token count on S <;; SN does not change when a transition t E TN fires
fum .
I W(s, t) = I W(t, s).
SE·/ n S S E /. n S

By Definition 5.2 (a), this condition is equivalent to

I f(s) = - I f (s), i.e. I f(s) + I f (s) = o.
SE ·/n S SE /. n S S E·/ n S SEt" n S

This is equivalent to
I ! (s) = 0 and even to I £ (s) = o.
SE("/ut")nS SES

Fig. 63. The sum of tokens on all places of the net is not changed by transition firings
6.1 S-Invariants 79

If we replace S by its characteristic vector Cs (see A20) the condition be-

comes
L, f (s) . Cs (s) = 0 or, by vector multiplication, f' Cs = O.
SE SN

If the token count on S s:; SN never changes under arbitrary transition

firings, the condition fi . Cs = 0 must be fulfilled for all transitions ti E TN,
hence lj' . Cs = 0 must hold.
Conversely, each solution C of lj'. x = 0 consisting of components from
{O, I} is a characteristic vector of a set of places with constant token count. So
such sets are found by solving lj' . x = O.
We shall now make precise this informally introduced relation between sets
of places with constant token count and solutions of linear equations, and in-
troduce the general class of S-invariants.

(a) Definition. Let N be a P / T- net.

A place vector i; SN ...... lL is called an S-invariant of N iff lj' . i = O.

(b) Lemma. Let i 1 and i2 be S-invariants of a net N and let Z E lL. Then i1 + i2
and Z . i 1 are also S-invariants of N.

Figure 64 shows invariants of the net of Fig. 62. The only invariants which
are characteristic vectors are i 1 and i 2 . In fact, they denote the sets {Sl' S3, S4}
and {Sl' S2, S4, ss}, which we previously recognized as sets of places with a con-
stant token count.
How can we now interpret the S-invariants which are not characteristic
vectors? The token count on the corresponding places is certainly not constant,
but on the other hand it does not vary without limit. Considering Fig. 62, we
can say that a token on Sl "counts" as much as a token on S2 and a token on .1'3
together. Similarly, a token on S4 "counts" as much as two tokens distributed
on .1'3 and Ss. Tokens on .1'1 and S4 have a "weight", which is twice that of tokens

t1 t2 t3 t4 ts i1 i2 i3 i4

81 -1 -1 2

8 2 -1 1 1

8 3 -1 -1

84 -1 2

8S -1 1

Fig. 64. The matrix and four invariants of the net shown in Fig. 62
80 Net Invariants

on S2, S3 and S5. If we consider these weights we find "weighted" token counts
on the net which remain constant during transition firings: Let MI and M2 be
markings of the net of Fig. 62 and let t E {tl' ... , t5} be a transition such that
MI [t)M2'
Then,
2 MI (SI) + 2 MI (S4) + MI (S2) + MI (S3) + MI (S5) =
2 M2 (SI) + 2 M2 (S4) + M2 (S2) + M2 (S3) + M2 (S5)'

So, with invariant i3 of Fig. 64:

M; . i3 = M2 . i3·

Considering again Fig. 62, we find a further regularity concering the places
S2, S3 and S5. S2 and S3 always get (by t l ) the same number of tokens. The
tokens of S2 may flow to S5' From S5 and S3 the same number of tokens is
always removed (by t5). Hence the token count on S3 varies in the same way as
the sum of tokens on S2 and S5. Therefore, M (S3) = M (S2) + M (S5) for all reach-
able markings ME [Mo) of a marking Mo with Mo (S2) = Mo (S3) = Mo (S5) = O.
Using invariant i4 of Fig. 64 we have Mo . i4 = 0 = M . i4.

(c) Lemma, Let N be a PIT-net with a positive S-invariant and let S =

{SESNli(s»O}.
Then S' = 'S.

Proof Assume there exists t E S'\'S. Then

::3s E S : f (s) < 0 and YS E S : I (£ (s) > 0).

Then clearly f' Cs < 0 and, since i is positive, Cs ::;; i and therefore f . i < O.
So i is, under this assumption, not an S-invariant. For t E 'S\S', we find simi-
larly f' i> O. 0

This corollary corresponds to the intuition that sets of places with constant
token count are obtained from sets of arcs which lead from a place in 'I to a
place in t'.

(d) Theorem, Let N be a PIT-net. Then, for each S-invariant i of N and each
reachable marking M E [MN), M· i = M N ' i.

Proof Let M, M2 E [MN) and let 1 E TN such that MI [I) M 2. Then, in par-
ticular, M2 = MI + f (Corollary 5.2 (b)) and f' i = 0 (since i is an invariant).
Therefore M2 . i = (MI + D. i = MI . i + f . i = MI . i. 0

The converse of this theorem is only true if every transition may fire at
least once; in particular, it is true for live nets.

(e) Lemma, Let N be a live PIT-net and let i: S N ---+ 7L be a place vector such
thatJor all M E [MN), M· i = M N ' i. Then i is an S-invariant.
6.2 Nets Covered by S-Invariants 81

Proof It is sufficient to show, for each transition t E TN, ~. i = O. So let t E TN

and let ME [MN) such that t is M-enabled. Then, with M [t) M', M· i = M' . i
= (M + D . i (Corollary 5.2 (b)) = M· i + ~. i. Hence ~ . i = O. 0

(f) Corollary. Let N be a live PIT-net and let i : S N -+ 7L be a place vector.

i is an S-invariant if and only iffor all M E [MN), M· i = M N · i.

(g) Corollary. Let N be a PIT-net and let S ~ S N be a set of places whose charac-
teristic vector Cs is an S-invariant.
Then,forall ME [MN), L M(s) = LMN (s).
SES SES

6.2 Nets Covered by S-Invariants

If a place S of a PIT-net N may obtain unboundedly many tokens then S may

not belong to any positive invariant i. This section deals with this dependency
between the boundedness of places and their being contained in invariants.

(a) Definition. A PIT-net N is said to be covered by S-invariants iff, for each

place s E SN, there exists a positive S-invariant i of N with i (s) > o.

(b) Corollary. If some PIT-net N is covered by S-invariants then there exists an

invariant i with i (s) > 0 for all s E SN.

Proof By the hypothesis, there exists, for each s E S N, an invariant is with

is (s) > o. Using Corollary 6.1 (b), i = L
is is an invarjant fulfilling the re-
quirements. S E SN 0

Fig. 65. This net, which is live and contact-free with capacity 1, IS not covered by S-
invariants
82 Net Invariants

(c) Definition. A PIT-net N is called bounded iff MN is finite and there exists
n E N such that, for all ME [MN) and all S E SN, M (s) :0:; n.

(d) Theorem. Let N be a PIT-net and let MN be finite. If N is covered by S-in·

variants then N is bounded.

Proof Let So E SN and let i be a positive S-invariant with i (so) > 0; let ME [MN)'
Since M(so)'i(so):O:; "i.M(s)·i(s)=M·i=MN·i. (Theorem 6.1 (d)), we
MN'i SE SN
haveM(so) :o:;~(
1 So
) . o
The converse of this theorem is not true, even if N is presupposed to be
live or if the limit for the number of tokens is assumed to be one. Figure 65
shows such a net.

6.3 The Verification of System Properties Using S-Invariants

We first consider a small example to show which structural properties can be

recognized by a knowledge of the S-invariants of a net. Suppose that n pro-
cesses in an operating system are each allowed to access a buffer in reading or
writing mode. To guarantee reliability, reading and writing access is restricted
in the following way: When no process is writing to the buffer then up to k :0:; n
processes are allowed to read it. But writing access to the buffer is only per-
mitted as long as no other process is reading or writing the buffer.
In Fig. 66, such a system of reader and writer processes is shown as a PI T-
net. Each process is in one of five states, represented by the places so, ... , S4'
In the initial state, all n processes are passive; hence So contains n tokens under
the initial marking MN • The place S5 contains k tokens in M N • This

so: inactive processes

s ]'. processes which are ready

to read

s2: reading processes

s :
;3
processes which are ready
to write
t1 writing processes
s4:

s5: synchronization

Fig. 66. A system of reader and writer processes of an operating system

6.3 The Verification of System Properties using S-Invariants 83

to t1 t2 t3 t4 t5 i1 i2 MN

80 -1 -1 n

8 1 -1

8 2 -1

8 3 -1

8 4 -1 k

85 -1 -k k k

Fig. 67. Matrix, invariants iI' i2 and initial marking of the net shown in Fig. 66

corresponds to the number of processes which are allowed to read the buffer
concurrently.
With the invariants shown in Fig. 67, it is possible to prove the correctness
of the system design.
Using iI, we have, for each follower marking M E [MN):
4 4
LM(s;) = L MN (s;) = n.
;=0 ;=0

This means: The number, n, of processes remains constant and each process is
in one of the states so, ... , S4.
Using i2, we have, for each marking M E [MN):
M (S2) + k . M (S4) + M (ss) = MN (S2) + k . MN (S4) + MN (ss) = k.
Hence, we find: S4 contains at most one token under M; that is, there exists at
most one writing process. When S4 carries a token then S2 and Ss are empty. So,
while some process is writing, no other process reads the buffer. S2 carries at
most k tokens: there are at most k processes reading concurrently. When no
process is writing, that is, M (S4) = 0, then S2 may in fact obtain k tokens. Then
the synchronization place Ss is empty.
In particular, we prove the following

Proposition. With the capacity K N, defined as KN (s;) = n for i E {O, I, 3},

KN (S4) = I and KN (S2) = KN (ss) = k, and with the initial marking MN given in
Fig. 67, the net shown in Fig. 66 is live.

Proof For the reasons discussed above the given capacity KN will never hinder
any firing of transitions. We start by showing that each marking ME [MN)
enables at least one transition. In the case M (so) + M (S2) + M (S4) > 0, we see
from the net structure that at least one of the transitions to, t3 , t2 or ts is
84 Net Invariants

enabled. If M (so) + M (S2) + M (S4) = 0, we get from i l that M (SI) + M (S3) = n,

and from i2 that M(ss) =k. Then tl or t4 is enabled. Now, if So is empty for
some ME [MN ), it may be marked by some succession of firings. This implies
the liveness of to and t3. The liveness of the other transitions follows imme-
diately. [J

6.4 Properties of a Sender-Receiver Model

As a modification of the producer-consumer model (Fig. 5 and Fig. 53), we
discuss here a model consisting of a sender and a receiver. Both may terminate
their activities by reaching a terminal state. The solution shown in Fig. 68 is not
satisfactory since the receiver may reach its terminal state while the sender is not
in its terminal state or the channel is not yet empty. To exclude these possibilities,
we introduce a second channel (Fig. 69) which may carry a "terminated"
message from the sender; additionally, the channel is supplemented by its
complement allowing the possibility of testing whether it is empty.
This sender-receiver system is embedded into an environment, as repre-
sented in Fig. 70, which controls its activities. When the sender and the re-
ceiver reach their inactive state, they signal this to the environment. Then both
may be restarted.
If the sender-receiver system is modelled correctly, it has the following
properties:
(PI) In each constellation, the sender is "inactive", "ready to send" or has just
"finished sending". The recei ver is "inactive", "ready to receive" or has just
"finished receiving".
(P2) The message channel contains at most n messages.

sending receiving
finished finished

terminaZ state terrrrinaZ state

Fig. 68. Unsatisfactory version of a sender-receiver system with final states
6.4 Properties ofa Sender-Receiver Model 85

sending reeeiving
finished message ehannel finished

x=n

ehannel for
"terminated"-
message

terminal state terminal state

Fig. 69. Sender-receiver system with final states

sending receiving
S1 finished S7 finished

x=n

channel for
"terminated"-
message

S,1

S12 • ) 4 - - - - - - - - - - - - - - - 1
controlling environment
Fig. 70. The sender-receiver system, enlarged by a cyclic control
86 Net Invariants

(P3 ) The sender (and receiver, respectively) is inactive if and only if it sent a
corresponding signal to the environment. It can leave the inactive state
only as a result of a signal from the environment.
(P4 ) If the sender has reached the inactive state, it cannot leave it again until
the receiver has also reached its inactive state.
(Ps) The decision of the receiver whether to receive or whether to become in-
active depends on the behaviour of the sender. In this respect, no con-
flict arises.
(P6 ) The receiver may only become inactive if the channel is empty and the
sender is inactive.
We prove these properties using the S-invariants shown in Fig. 71.
Let ME [MN) be an arbitrary reachable marking of M N. Using iI, we find
M (SI) + M (S2) + M (S3) = 1. Similarly using i2: M (S7) + M (S8) + M (S9) = 1.
This proves (PI).

81 -1

82 -1 -1

8 -1 -1
3

8 4 -1

8 5 -1 n -n

86 -1

8 7 -1

8 8 -1 -1

89 -1 n -1

810 -1 -1

8 11 -1

8 12 -1

8 13 -1

Fig. 71. Matrix, invariants i], ... , i6 and the initial marking MN of the net shown in Fig. 70
6.5 A Seat-Reservation System 87

i3 shows that the channel is correctly controlled, including the prevention

of overflow: M (S4) + M (S5) + n . M (S9) = n. This implies (P 2 ) and, addition-
ally, that the channel S4 and its complement S5 are both empty if and only if S9
carries a token, that is, the receiver is inactive.
Property (P3) for the sender follows from i4 with M (SIO) + M (S'2) -
M (S3) = O. This means that S3 is marked if and only if SIO or S12 is marked. For
the receiver, (P 3) follows in the same way from i5. Using i6, we have M (S6) -
M (SIO) + M (s,,) = O. Hence M (S6) = 1 implies M (SIO) = 1. This implies (P4 ).
To show (P5), we assume that t6 and ts are both enabled by a marking
ME [MN). Then, in particular, M (S4) ~ 1 A M (S5) ~ n AM (ss) ~ 1, hence
M (S4) + M (S5) + M (ss) ~ n + 2. But, using the invariant i2 + i3, we have
M(S4) +M(S5) +M(S7) +M(ss) + (n + 1)· M(S9) = n + 1, hence M (s4)+M(S5)
+ M(ss) :::;; n + 1.
For (P6): The receiver can reach the inactive state only when ts is enabled,
that is, when M(S5) ~ n A M(S6) ~ 1 A M(ss) ~ 1.
For such markings M, it has to be shown that
(1) M(S4) = 0 and (2) M(S3) ~ 1.
Suppose ts is enabled. So M(S5) ~ nand M(S6) ~ 1.
(l)By i3, M(S4)+M(s5)+n·M(s9)=n. So, M(S4):::;;O (since M(s5)~n and
M(S9) ~ 0).
(2) i4 + i6 gives: M (S6) + M (S12) + M (s,,) - M (S3) = o. So M (S3) ~ M (S6) ~ 1.

6.5 A Seat-Reservation System

The stepwise development of a seat-reservation system is intended to show

how models for planned systems can be constructed as PIT-nets. First, the sys-
tem is represented as a net with inscriptions in English. Then it will be refined
so that its structure corresponds to a PIT-net and its behaviour to the firing
rule. By means of S-invariants, we shall prove some properties of the model.
Specification of the system: A seat-reservation system organizes the reserva-
tion of limited resources, for example the reservation of seats in aeroplanes.
Several independent agencies (travel agencies) may access the system in order
to book a seat or to cancel a reservation. In the case of a booking transaction,
the system adds the customer to the passenger list; if the passenger list is full,
he is added to a waiting list. In the case of a cancelling transaction, the
customer is deleted from the passenger list or the waiting list, respectively. In
each case, the customer gets a message; particularly, if the task may not be
executed, for instance, in the case of repeated booking by the same customer
or the cancellation of a reservation which has not been previously booked. The
manager of the system may, using an updating routine, reserve released seats
for customers on the waiting list and send them a message or, if the waiting
list is empty, release those seats for direct reservation. Figure 72 shows the
global view of the system.
88 Net Invariants

update

output

Fig. 72. Global view of the seat-reservation system

To achieve a high throughput, the system should handle transitions concur-

rently, as much as possible. In particular, booking and cancelling tasks should
not hinder each other.
We shall prove the following three properties:
(PI) It is not possible to overbook the passenger list.
(P 2) A customer is only added to the waiting list if the passenger list is full.
(P 3 ) A customer not in the waiting list is only directly added to the passenger
list if the waiting list is empty; customers on the waiting list are the first
to be served when reservations are cancelled.
Figure 73 shows the system as an inscribed net. The tasks from the travel
agencies enter the system through the input place. Each task contains a
customer identification and the booking or cancelling order; it should be con-
sidered as a labelled token. The conditions written into places (for example,
a = b or i E W) have to be fulfilled to allow the associated transitions to fire. As
in the representations of algorithms in Chap. 1 (Figs. 11,13,14), the inscrip-
tions on transitions denote instructions, which are executed when the transition
fires. Between instructions, the symbol "&" denotes concurrent execution, ";"
denotes, as usual, sequential execution. The lists Wand P are organized fol-
lowing a first-in-first-out principle, whereby first (W) denotes the first element
ofW
An instruction X -4 Wadds X to the end of the list W, skip (x, W) deletes x
from the list W. mi:= ... means an appropriate message is sent to the travel
agency of customer i.
The instructions on one transition form an atomi<;: action. This means that,
during the execution of the instructions of some transition, the entities in-
volved may not be changed by the firing of other transitions. (It would of
course be possible to represent the organization of these indivisible executions
by additional places in the net.) To achieve good performance, sections of
indivisible instructions must be kept as small as possible. This is mainly
6.5 A Seat-Reservation System 89

input
i a

m.:= ...

,
m.

i: austomer identifiaation
a: kind of order (b for booking or a for aanaeLLing)

mi : message from the system to austomer i

W: waiting list
P: passenger List

K: capaaity of P
k: number of seats reserved in P
q: number of cancelLed reservations for which the seats
are not yet reLeased.
Fig. 73. The seat-reservation system

achieved by the idea that cancelled seats are not immediately released for
reservation again. Instead, they are counted by the variable q and may be pro-
cessed by the updating module.
For considerations concerning liveness and boundedness, the dependencies
between W, P, k and q are crucial. The influences from the environment can
not be controlled within the system. Therefore, it is sufficient to consider the
part of the system represented in Fig. 74 and to formalise these inscriptions.
Thus, we have to presuppose that the six transitions t 1 , ••• , t6 are enabled at
unforeseen intervals whenever the associated conditions are fulfilled. In par-
ticular, the messages to customers do not influence liveness and boundedness.
90 Net Invariants

1~(i,W)1
t6
",,=[irst (W)

~
~(?:3P)
~ (x~W) & t4
x~p
& q:=q+l

i -+ W

t2 tJ

Fig. 74. The relevant part of Fig. 73 for correctness investigations

1~('i,W)
t6
x:=fir'st (1-/)
~(X3W)
q:=q+l

Fig. 75. Replacement of inscriptions concerning the passenger list in Fig. 74 by a new place P

q:=q-l &
t4
k:=k-l

fl
L . - - - - . . J t1

Fig. 76. Replacement of inscriptions concerning the waiting list in Fig. 75 by a place Wand
its complement W
6.5 A Seat-Reservation System 91

Fig. 77. Replacement of the remaining inscriptions of Fig. 76

To start with, we formalize the passenger list and its processing. To do this,
a new place P is introduced and embedded in the system of Fig. 74 such that
its token count represents the actual number of seats reserved in the passenger
list. The corresponding inscriptions are deleted. Figure 75 shows the resulting
system, whereby P is empty under the initial marking M N .
As is the case of the passenger list, we organise the waiting list W as a new
place W with MN (W) = o. Of course, the waiting list (as the passenger list) has
a finite capacity, L. When it is also exhausted no further booking orders can be
processed. As well as W, we also introduce the complementary place TV with
MN (TV) = L. Figure 76 shows the result. (Notice that the introduction of com-
plements p of places p serves to test emptyness of p.)
To replace the remaining inscriptions, we introduce places for q and k with
MN (q) = MN (k) = 0 as shown in Fig. 77. For k, we also introduce the comple-
ment k with MN (k) = K.
The self-loops in the system of Fig. 77 are decomposed as shown in Fig. 78.
Using the invariants given in Fig. 79, we are now able to prove the proper-
ties (PI)' (P2), (P3) formulated above. In the following, let ME [MN) be an
arbitrary reachable marking of M N .
Using iI, M(P) +M(q) +M(k) +M(y) = A!.p(P)+MN(q)+MN(k)+
MN (y) = K. This implies M(P) = K - M (q) - M (k) - M (y) ~ K and hence
(PI).
Assume the passenger list P is totally booked. Then the number of actually
reserved seats M (P) together with the not yet released seats M (q) exhausts
92 Net Invariants

Fig. 78. Decomposition of self-loops in Fig. 77

the capacity K of P. x is marked if an only if the system answers a booking

order by adding the customer to the waiting list. In this case we have, using i2 ,
M(P) + M(q) - M(k) - K· M(x) = 0 i.e. M(P) + M(q) = M(k) + K· M(X)
= M (k) + K:2: K. This proves (P2).
Let us now conversely assume a situation in which booking orders are an-
swered by adding the customer to the waiting list. For the corresponding
marking M we have by (P2): M J (k) = K. Using i3 , K· M(X) + M(y) + M(k)
+ M(k) = K and hence M J (k) = O. Now, the updating module may release
some seats for re-reservation and thus allow the system to react to a customer's

t1 t21 t22 t3 t41 t42 t5 t6 i1 i2 i3 i4 MN

x -1 -K K

Y -1 L

k -K K -1 -1

k -1 K

W -1 -1

W -1 - L L L

P -1

q -1 -1

Fig. 79. Matrix, invariants i J , ••• , i4 and the initial marking MN of the net shown in Fig. 78
6.6 The Verification of Facts in CIE-Systems by Means of S-Invariants 93

booking by adding him to the passenger list (firing of t]): K is marked. This
is realised by firing t42 and requires that y was marked under some marking
M 2 E[M). Using i 4 , M(x)+L·M(y)+M(W)+M(W)=L and hence
M2 (W) = O. This proves (P3).

6.6 The Verification of Facts in C / E-Systems by Means

of S-Invariants

Since CIE-systems may be regarded as special PIT-nets, the invariant calculus

is also applicable to them. In particular, it may be used for the verification of
facts. Looking at the proof of Theorem 6.1 (d), we see immediately, for in-
variants i, that M· i = MN . i holds for all markings M which are reachable
from MN by forward and backward reasoning. This means for a CI E-system L,
all d, d' E CE and an invariant i, that Cd· i = Cd' • i (again Cd denotes the charac-
teristic vector of d, see A20). If i itself is a characteristic vector of some set of
conditions B c:; BE, i = CB, then Cd· CB = d n B I.
1

Consider again the two systems shown in Fig. 51 and Fig. 52. We shall
show that the T-elements t and t], t 2 , respectively, are facts by regarding these
systems as PIT-nets with capacity one. The initial markings are the cases rep-
resented in Fig. 51 and Fig. 52 respectively.
First, we consider the system of Fig. 51. CB, B = {b], ... , b4 }, is an S-in-
variant and we have, for the represented case d, d n B = 1, i. e. Cd· CB = 1.
1 1

Using Theorem 6.1 (d), we have, for all reachable markings d', Cd'· CB = 1, i.e.
I d' n B 1= 1. Since I' t n B ! = 2, t will never be enabled.

e1 e2 e3 e4 i d

b1 -1 1

b2 -1 1

b3 -1

b" -1

bs -1

b6 -1 -1

b? -1 -1 1

Fig. 80. Matrix, an invariant and the initial marking of the net shown in Fig. 52
94 Net Invariants

Figure 80 shows the matrix, an invariant i and the initial marking d of the
system of Fig. 52. This yields d· i = -1. Using i, we find, for all reachable
markings M, M (b s) - M (b 6 ) - M (b 7 ) = -1 and hence M (b 6 ) + M (b 7 ) =
M (b s) + 1. So, if b6 and b7 are marked then bs is also marked and t2 is a fact.
On the other hand, if b s is marked then, in particular, b 7 is also marked and
tl is a fact.
There is no general rule how invariants can be applied for the verification
of facts. How they can be applied depends on the particular case.

6.7 T-Invariants

In this section, we are concerned with solutions of systems of equations of the

form J::l. x = O. Let v : TN -4 N be such a solution. If it is possible, starting
from some marking M, to fire each transition t exactly v (t) times, then this
again yields the marking M. This is explained by the following argument.
If CI is the characteristic vector of {t}, t E TN, then £ = J::l. CI • If Mo [t) MI
then Mo+£=MI (Corollary 5.2(b)) and hence Mo+J::l·cl=M I . If Mo[tl)
MI [t 2 ) M2 we have Mo + tl + tz = M2 and hence Mo + J::l . cit + lJ. . CI2 = Mo +
J::l(cl• + C12 ) =M2. Generalising this, with Mo [t l ) ... [tn) M n,
n n n
Mn = Mo + L !i = Mo + L J::l. Cli = Mo + J::l . L Cli ·
i=1

We formalize these considerations in the following way:

(a) Theorem. Let N be a PIT-net, let M o, ... , Mn E [MN) and let t l , ... , tn E TN
such that Mo [tl) MI'" [tn) M N. Let v: TN -4 N be given by v (t) =
I{i 11 ~ i ~ n /\ ti = t} I. Then Mo + J::l . v = Mn.
Proof By induction on n. n = 0: Mo + J::l. 0 = Mo + 0 = Mo. Now assume the
proposition is true for n - 1. For v': TN -4 N, defined as v' (t) = I {i 11 ~ i ~ n-l
/\ ti = t} I we have by the induction hypothesis Mo + J::l. v' = Mn - I ' Further-
more Mn = Mn -I + fn = Mo + J::l. v' + tn = Mo + J::l. v' + J::l. cln = Mo +
J::l(v'+ctJ=Mo+J::l·v. D

The converse of this theorem is in general not true since, for the realization
of some vector v: TN -4 N, enough tokens and enough free capacities are
needed.

(b) Theorem. Let N be an unbounded PIT-net. Let M, M': SN -4 7L and let

v: TN-4N. Then M+J::l'v=M' (ff::3M":SN-4N::3t l , ... ,tn ETn such that
(M + M")[t l ) ... [t n ) (M' + M") and V t E TN: v (t) = I {i 11 ~ i ~ n /\ ti = [} I .

Proof "=" Theorem 6.7 (a).

6.7 T-Invariants 95
n
"=>" Induction on k = L, v (t i ). k = 0: Then M = M'. The result follows with
i~1

arbitrary Mil since M + Mil [0) M' + Mil.

Now assume that the proposition is true for k - 1. Let t E TN such that
n
v=v'+c,. Then L,v'(ti)=k-1. We have M+J:j·v=M'. Now let M'"=

M' - f. Then M + J:j. v' = M + J:j. (v - c,) = M + J:j. v - J:j. c, = M + J:j. v- f=

M' - t = Mill.
By the induction hypothesis, there exists n EN, some marking Mil, and
E Tn such that (M + Mil) [t l ) ... [tn) (M'" + Mil), where v' (t) =
t l , ... , tn
I{i11:S: i:S: n /\ tj = t} I. Now let £1: SN ~ N be given by
£1(s) = {WN(S,t) .if SE't
o otherwise.
Then £1[t) £1 + f and (M + Mil + £1) [tl)'" [tn) (M'" + Mil + £1) [tn+l)
(M'" + £ + Mil + £1), tn+1 = t, since Vs E SN: KN (s) = w. M'" + f = M' and
VtETN:v(t)=IUII:S:i:S:n+I/\ti=t}l. D
We are now able to investigate the relation between solutions of J:j . x = 0
and reproducible markings.
(c) Definition. A marking M of a PIT-net N is called reproducible iff 3M' E [M)
with M' =l= M and M E [M').
(d) Proposition. Let N be a PIT-net with V s E SN: KN (s) = w. If M is a re-
producible marking and M' is an arbitrary marking of N then M + M' is repro-
ducible.

(e) Definition. Let N be a PIT-net. A vector i: TN ~ 7L is called aT-invariant

iff J:j. i= O.

(f) Corollary. If i l and i2 are T-invariants of a PIT-net Nand z E 7L then i l + i2

and z . i l are also T-invariants.

(g) Theorem. Let N be a PIT-net with Vs E S: KN (s) = w. N possesses a posi-

tive T-invariant v =l= 0 if and only if N possesses a reproducible marking.
Proof !'f. v = 0 <=*- 0 + J:j. v = 0 <=*- 3M" 3t l , ... , tn E TN such that (0 + Mil)
[t l ) ... [t n) (0 + Mil) and Vt E TN: v (t) = I {ill :S: i:S: n /\ ti =t} I (Theorem
6.7 (b». D

(h) Definition. AT-invariant i of a PIT-net N is called realizable iff there

exists an Mo E [MN) and a firing sequence Mo [tl)'" [tn) Mn such that
V t E TN: i (t) = I {j 11 :S: j :S: n /\ tj = t} I.

Not every positive T-invariant i of some PIT-net N is realizable; even if N

is live and bounded and each marking of N is reproducible and i is not the
sum of other positive invariants.
96 Net Invariants

Fig. 81. The T-invariant i, given by i (f l ) = i (f2) = i (is) = i (f6) = I and i (f3) = i (f 4) = 0, is
not realizable

Figure 81 presents an example.

To conclude this section, we show that live and bounded PIT-nets are
covered by T-invariants.

(i) Definition. A PIT-net is called covered by T-invariants iff, for each transition
t E TN, there exists a positive T-invariant i of N with i (t) > O.

(j) Corollary. If a PIT-net N is covered by T-invariants then there exists a T-

invariant i of N such that Y t E TN : i (t) > O.

Proof For t E TN, let it be a positive T-invariant with it (t) > O. Then, using
Corollary 6.7 (f), i = L it is a T-invariant fulfilling the requirements. D
t E TN

(k) Theorem. Every PIT-net which is finite, live and bounded is covered by T-
invariants.
Proof If N is finite and live then YM == [MN) ::3ME [M):Mo[tI) ... [tn)Mn
with Mo =M and Mn = M and TN = {t l , ... , t n }. If, furthermore, N is bounded,
then q=[[MN)IEN. Then, for i=O, ... ,q, there exist firing sequences
~ [ti) ... [tin) Mt with TN = {ti" ... , tin), Mo = MN and Mi = Mi + I. Then
there exist two indices 0 :s; j < k :s; q such that Mj = Mk and a firing sequence
~ [tf) ... [t~) Mk such that Y t E TN ::31:s; i :s; m : ti = t. Let the vector
v: TN --7 N be defined as v (t) = I{i 11 :s; i:S; m /\ ti = t} I. Using Theorem 6.7 (a),
~ + lJ. . v = Mk and therefore lJ.. v = 0, because ~ = M k . Since Y t E TN:
v (t) > 0, v is a T-invariant which covers N. D

Exercises for Chapter 6

I. a) Compute some S-invariants of the PIT-net in Fig. 12.
b) Is this net covered by S-invariants?
Exercises for Chapter 6 97

2. Show that the net in Exercise 6, Chap. 5, is not covered by S-invariants.

3. Show that the following net has T-invariants which are not realizable:
Chapter 7

Liveness Criteria for Special Classes of Nets

In this chapter, we investigate marked nets; these are special P / T-nets which
are suitable for many applications. The liveness analysis for such nets is not
much simpler than for P / T-nets in general, but there are special classes of
marked nets for which criteria for liveness or safeness are known. These cri-
teria are the main topic of this chapter.

7,1 Marked Nets, Deadlocks and Traps

(a) Definition, A PIT-net is called a marked net iff, for all s E SN, MN(S) EN,
KN (s) = W, and for all P E F N, WN (P) = I.

When investigating liveness it is important to consider parts of the net

which will never be marked or which will never lose all their tokens. In this
section we shall consider such parts of nets and in particular we shall consider
those in which such situations are easily recognizable.
A set S of places will never be marked again, after losing all tokens, if and
only if no transition which contains in its postset a place belonging to S may
ever fire again. In particular, this is the case if all these transitions also contain
a place belonging to S in their preset, that is, V t E TN: t E ' S => t E S' or,
equivalently, 's s; S' (Fig. 82). A set of places which meets this condition is
called a deadlock. A deadlock may be found using the following procedure:
Let So be a place which belongs to a deadlock, S, we want to construct. Then,
as well as so, for all transitions t E 'so, at least one place S1 E 't must belong
to S; that is 'so s; S'. Now we iterate this and always require, for new elements
S E S, that's s; S'. The iteration terminates whenever V S E S: 's s; S', that is
whenever'S s; S'. Hence a deadlock has been found.

\ deadlock
\
I
/

Fig. 82. Deadloks and traps

7.1 Marked Nets, Deadlocks and Traps 99

Deadlocks are critical system parts for liveness analysis, because transitions
may never be enabled again if they contain places of an unmarked deadlock in
their preset.
Dual to deadlocks, there are also system parts which will never lose all
tokens again after they have once been marked. This is the case for some set
of places, S, if every transition removing tokens from S also puts at least one
token onto S. For this, we must have, for the set of transitions S·, that S· <;; •S
(Fig. 82). If S fulfils this condition then S is called a trap. A trap may be found
using the following procedure: Let So be a place which belongs to the trap, S,
we want to construct. Then, as well as so, for all transitions t E so, at least one
place Sl E [" must belong to S; that is, So <;; • S. Now we iterate this and always
require, for new elements S E S, that s· <;; • S, we terminate when V S E S:
s· <;; • S. This is equivalent to the condition S· <;; • S derived above.
A deadlock which contains a marked trap as a subset will never become
empty. Therefore, such deadlocks are important for liveness analysis.

(b) Definition. Let N be a marked net and let S <;; S N.

(i) S is called a deadlock iff· S <;; S·.
(ii) S is called a trap iff S· <;; • S.

Examples of deadlocks and traps are shown in Fig. 83.

I
/ --,\ deadlock
\ and
I trap
I -'/
\

" ....... _--

a deadlock but
not a trap

a trap but not a deadlock

Fig. 83. Deadloks and traps
100 Liveness Criteria for Special Classes of Nets

(c) Corollary. Let N be a marked net with a positive S-invariant i and let S =
{s E SN Ii (s) > O}. Then S is a deadlock and also a trap.

Proof This follows immediately from Corollary 6.1 (c). o

(d) Corollary. Let N be a marked net, let M: SN -+ N be a marking of N and let
Sr;;;.SN·
(i) If S is a deadlock which is unmarked under M then S is unmarked under
each reachable marking M' E [M).
(ii) If S is a trap which is marked under M then S is marked under each reach-
able marking M' E [M).
(iii) The union of deadlocks is a deadlock.
(iv) The union of traps is a trap.
(v) S contains a maximal deadlock and a maximal trap.

Proof (i) Let S be unmarked under M, let M[t) M'. Assume S is marked under
M'. Then t E •S. If S is a deadlock then t E S·, but this is not possible
since t is M-enabled.
(ii) Let S be marked under M, let M[t) M'. Assume S is unmarked under
M'. Then t E S·. If S is a trap then t E ·S. So S is marked unter M'.
(iii) ·S, r;;;. Sj A ·S2 r;;;. Si => ·(S, u S2) = ·S, u ·S2 r;;;. Sj u Si = (S, u S2f.

°
(iv) Sj r;;;. ·S, A Si r;;;. ·S2 => (S, u S2r = Sj u Si r;;;. •S, u ·S2 = ·(S, u S2).
(v) follows using (iii) and (iv), since is a deadlock and a trap. 0

For the class of all marked nets, we have the following relation between
deadlocks, traps and reachable dead markings.

(e) Definition. Let N be a marked net and let M: SN -+ N be a marking of N.

M is called dead iff no transition of TN is M-enabled.

(f) Lemma. Let N be a marked net. If M: S N -+ N is a dead marking then

S = {s E SN I M(s) = O} is a non-empty, unmarked deadlock of N.

Proof Clearly S =!= 0, otherwise all transitions would be M-enabled. S is a

deadlock: Each transition t E·S is, by hypothesis, not M-enabled. Hence
·t n S =!= 0, i.e. t E S·. By definition, S is unmarked. 0

(g) Theorem. Let N be a marked net. If each non-empty deadlock of N contains a

trap which is marked under MN then there is no dead marking in [MN).

Proof Let ME [MN). Using Corollary 7.1 (d) (ii), each deadlock S =!= of N
contains a trap which is marked under M. Hence each non-empty deadlock of
°
N is marked under M The Theorem follows from the above Lemma 7.1 (f). 0
7.2 Free Choice Nets 101

7.2 Free Choice Nets

In marked nets, a situation is called "confusion" (compare Sect. 2.1), if the

enabeling of a transition t depends on the order in which two other transitions
t', til fire. The analysis of liveness is particularly difficult in the presence of
confusion. We shall now consider nets which exclude confusion by their struc-
ture, without regard of the marking class. A conflict between transitions
tJ , tn may only be resolved in favour of some transition t i , I::;; i::;; n; that
••• ,

is, ti fires. This is achieved by the requirement that tJ , ... , tn possess only one
common place s E 't i and no further places in their presets. This means, in
short, that the output transitions of a forward branched place may not be
branched backwards. This is equivalent to the requirement that, for each arc
(s, t) E FN , s' = {t} or 't = {s}. Since, in such nets, one transition out of several
transitions involved in a conflict may be chosen freely and independently to
fire, they are called Fee choice nets.

(a) Definition. A marked net N is called a free choice net iff, for each arc
(s, t) E FN " (SN x TN), s· = {t} V t' = {s}.

(b) Theorem, The following properties of a marked net N are equivalent:

(i) N is aFee choice net.
(ii) s E SN 1\ Is'l > I => Yt E s' : 't = {s}.
(iii) SJ, S2 E SN 1\ sj "si =j= 0 => 3t E TN with sj = si = {t}.
(iv) s E SN 1\ Is'l > 1 => '(s') = {s}.

Proof (i) => (ii): Ifls'l > 1 then, for each t E s',s'=j= {t}. Using (i),'t = {s}.
(ii)=> (i): Let (s,t) EFN " (SNxTN). Ifls'l=1 then immediately s'={t}.
If Is'l > 1, using (ii), 't = {s}.

Fig. 84. A free choice net

102 Liveness Criteria for Special Classes of Nets

(i) =>(iii): Let t E sj n S2' Since {Sl' S2} ~ °t, °t =1= {sd and °t =1= {S2}. Using (i),
sj = {t} and S2 = {t}.
(iii) => (i): Let (Sl' t) E FN n (SN x TN)' If °t =1= {sd, there exists S2 E SN,
S2 =1= Sl, with t E S2. Then t E sj n S2 =1= 0 and, using (iii), sj = {t}.
(iv) is obviously equivalent to (ii). 0

The rest of this section is devoted to the derivation of a theorem, which

states that a free choice net N is live if and only if each non-empty deadlock
of N contains a trap which is marked under M N • First we prove that this cri-
terion is sufficient for liveness, and then that it is also necessary for liveness.
We start with some technical lemmas. Given a set of transitions, T, none of
which may ever be enabled again, we show how to find further transitions of
this kind.

Proof Let tl E T, s E °tl and t2 E sO\T (Fig. 85). Since tl =1= t2, we have SO =1= {td
and SO =1= {t 2}. By the definition of free choice nets, °tl = °(2 = {s}. t2 is enabled
if and only if s is marked. But, in this case, tl is enabled too.

1--'-·---'
1 t 1 :T
L ____ J
:---;;1
___ J
(. T)' \ T

,/
'T
\
'-
--_ ...... /

Fig. 85. Illustrating the proof of Lemma 7.2 (c)

o
(d) Definitiono Let M be a marking of a net N. Then M denotes the set of
places which are unmarked under M.

(e) Lemmao Let N be a free choice net and let T ~ TN be a set of transitions none
of which is enabled by any marking in [MN)' Then there exists a marking
ME [MN) such that none of the transitions in "("T n M) is enabled by any mark-
ing in [M).

Proof Let Mo E [MN) be a marking such that there exists a transition

t EO (T n Mo) which fires to a marking MI and thereby marks a place
s ETnMo (Fig. 86). Using Lemma 7.2 (c), the transitions firing from MN to
MI do not belong to CTr. Hence all places of T\MN are marked under MI
too, and therefore, in T, only the places of Tn MN are unmarked. Since s is
marked under M I , we have Tn MI ~ Tn Mo ~ Tn MN •
By iterating this procedure (starting from M I ), we find in finitely many
steps a marking M such that TT n M) may not be enabled in [M). Otherwise
all elements of T could be marked. 0
7.2 Free Choice Nets 103

"(" Tn"M ) T (" T)"

o
'----l ,------,
I I
I t I I I
I____ JI :..... ____ J

{ (
"
8
"
i"Tn"M
"' \"n'
I "
\" ./ 01

---
'-...~- /
-....... /'

Fig. 86. Illustrating the proof of Lemma 7.2 (e)

We shall show indirectly that a free choice net N is live if every deadlock
contains a trap marked under M N. To do this we start from a set T s; TN oftran-
sitions which may not be enabled in [MN). We construct a deadlock Q s; "T
which is unmarked under some reachable marking M' E [MN). Q contains traps
(Corollary 7.1 (d) (v)). Using Corollary 7.1 (d) (ii), these traps must already be
unmarked under M N •

(1) Lemma" Let N be a marked net and let T s; TN. If"("T n M N) S; T then
either there exists a transition in T which is MN-enabled or "T n MN is an un-
marked deadlock.

Proof Assume no transition in T is Mwenabled. Let Q = "T n MN and let

t E "Q. By the hypothesis, t E T. Since T is not MN-enabled, "t n MN =l= 0 and
hence "t n Q =l= 0, that is t E Q" (Fig. 87). Since this is true for each t E "Q we
have"Q S; Q".

!-~--t--l.
I T

,."..,,"':-- ~~~~"'""
/ " Q
I /
"----'"
Fig. 87. Illustrating the proof of Lemma 7.2 (f)
o
(g) Theorem" Let N be a free choice net and let T S; TN be a set of transitions none
of which is enabled by any marking in [MN). Then there exists a marking
ME [MN) and a deadlock of N which is unmarked under M.

Proof By induction on I TN\TI. I TN\TI = 0: Since TN = T, trivially "("T n M N )

S; T. Using Lemma 7.2 (f), "T n MN is an unmarked deadlock. Induction hypo-
thesis: The proposition is true if I TN\TI = n. Now let I TN\TI = n + 1. Using
104 Liveness Criteria for Special Classes of Nets

Lemma 7.2 (e), there exists a marking ME [MN) such that no transition in
·(7 n M) may be enabled in [M). If ·(7 n if) <:::::: T the result follows using
Lemma 7.2 (f). Otherwise, let tE·(7nM)\T. Since Tu{t} may not be
enabled in [M) (Lemma 7.2 (e)) and ITN\(T u {t}) 1= n, we have by the induc-
tion hypothesis: There exists a marking M' E [M) such that some deadlock of
Nis unmarked under M'. In particular, M' E [MN)' 0

(h) Corollary. Let N be a free choice net. If every non-empty deadlock contains a
trap which is marked under MN then N is live.

Proof If N is not live then there exists a marking ME [MN) and a non-empty
set of transitions which may not be enabled in [M). Then, using Theorem
7.2 (g), there exists a marking M' E [MN) and a deadlock Q which is unmarked
under M'. Corollary 7.1 (d) states that Q may not become empty in [MN) if Q
contains a trap which is marked under M N . 0

We have derived a criterion for the liveness of a free choice net and shown
that it is a sufficient condition. Next, we shall show that it is also a necessary
condition. For this, we assume a non-empty deadlock Q which does not con-
tain a marked trap under the initial marking. By firing the appropriately
chosen transitions of Q.\.Q the token count on Q is reduced until no transition
of Q. may fire any more. This is possible if all traps of Q are unmarked. Then
only tokens of the places in Q\QI, where QI is the maximal trap in the dead-
lock Q, have to be removed as far as possible. To each place s E Q\QI , a tran-
sition a (s) E s· is allocated. One difficulty is that these transitions a (s) have to
be fired in such a way that those transitions a (s) which are not enabled may
not be enabled again.

(i) Definition. Let N be a marked net and let S <:::::: S N. A mapping a: S --+ S· is
called an allocation.
An allocation a is called cyclejree iff there is no set of places {so, ... , sn} <:::::: S
such that Si E a (Si-I)" (i = 1, ... , n) and So E a (sn)". An allocation a partitions
S· into the set a (S) of images of a and the set {i (S) = S·\a (S).

(j) Lemma. Let N be a marked net and let S <:::::: S N be an arbitrary set of places.
Let QI <:::::: S be the maximal trap in S and let Q2 = S\QI. Then there exists a
cyclejree allocation a: Q2 --+ Qi such that a (Q2) n ·QI = O..

°°
Proof By induction on I Q21. I Q21 = 0: Then a: --+ fulfils the requirements.
Induction hypothesis: The proposition is true if IQ21 = n. Now let I Q21 = n + 1.
Then there exists some place So E Q2 and some transition t E TN such that
So E·f and [" n QI = 0 (Fig. 88). With Q2 = Q2\{SO}, QI is the maximal trap in
QI u Qz. Then, by the induction hypothesis, there exists a cycle-free alloca-
tion a': Qz --+ Qr such that a' (Q2) n ·QI = O. Now we define the allocation
a: Q2 --+ Qi by a (s) = a' (s) for s E Qz, a (so) = t. Since a (so) n ·QI = t n ·QI = 0,
we have a (Q2) n ·QI = a (Qz u {soD n ·QI = O. Since a (so)" n Q2 = [" n Q2=0,
7.2 Free Choice Nets 105

this arc is excluded

Fig. 88. Illustrating the proof of Lemma 7.2 (j)

So does not belong to any cycle of Q2' Therefore, as r:t.' is cycle-free by the in-
duction hypothesis, r:t. is also cycle-free. 0

Figure 89 shows an example illustrating this lemma.

/--- ,,----
(
----~

\ I
l\ s1
L._ /

\
\ /
\ /
"\ /
" '-----/ /

trap Q1
Fig. 89. An example for Lemma 7.2 (j)

(k) Theorem. Let N be afree choice net and let Q ~ SN be a deadlock such that
the maximal trap of Q is unmarked under M N • Then there exists a marking
ME [MN) such that Q. may not be enabled in [M).
106 Liveness Criteria for Special Classes of Nets

- - - - - - - - - - - - - - - - ---------..::.;".---
"-\
'\
; \ Q1
/ \
./ \
1------ - Q
1
I Q2
I
I

Fig. 90. A deadlock Q with the maximal trap QI' The thick arcs represent a cycle free allo-
cation of Q2' The sets Bo, ... , B3 of places are also represented

Proof Let QI be the maximal trap of Q and let Q2 = Q\QI' Using Lemma
7.2 (j), there exists some cycle-free allocation r:t. of Q2 such that r:t. (Q2) n 'QI = 0.
The following notions will be applied during this proof: Call a marking
M" E [MN) properly reached iff there exists a firing sequence MN [t l ) MI'"
Mn- 1 [tn> Mn such that YI:-:;; i:-:;; n: tj <t Ii (Q2)'
For s, s' E Q2 let s < s' iff :3 So , ... ,Sn with r:t. (Si) E 'Sj + 1 (i = I, ... , n) 1\ So = s
1\ Sn = s'. S ~ Q2 is left closed iff Y s E S, S' E Q2 : s' < s => S' E S.
A subset S ~ Q2 is detached by a marking M iff for all properly reached
markings M' E [M), no transition in r:t. (S) is M'-enabled. The proof will be based
on five propositions:

Proposition 1. For some place s E Q2 let S = {s' E Q21 s' < s} be detached by a
marking M Then there exists a properly reached marking M' E [M) such that
S u {s} is detached by M'.

Proof As S is detached, no transition t E 's n r:t. (Q2) can be fired by markings

which are properly reached from M (as 's ~ r:t. (Q2) u Ii (Q2»' SO, in the class
of properly reached markings, r:t. (s) can not be fired more than M (s) times.
Hence there exists some properly reached M' such that S u {s} is detached
byM'.

Proposition 2. There exists a properly reached marking M such that Q2 is

detached by M

Proof Let Q2 = {SI' ... , sn} such that, for all 0:-:;; i:-:;; n, Sj = {Sl' ... , sd is left
closed. As Q2 is finite, this can easily be achieved.
For each subset Sj (0 :-:;; i:-:;; n) we show by induction on i that there exists
a properly reached marking M j E [MN) such that Sj is detached by Mi. For
i = 0, Sj = 0 and the Proposition holds with M = M N .
By induction hypothesis assume a properly reached marking M j E [MN)
such that Sj is detached by Mi. With Proposition I, there exists a properly
reached marking M i + 1 E [M) such that Si+1 is detached by M i + l • Obviously,
M;+I is properly reached from M N . For i = n, the Proposition follows.
7.2 Free Choice Nets 107

Proposition 3. If M is a properly reached marking, QI is unmarked.

Proof By induction on the set of properly reached markings: By assumption of

the Theorem, QI is unmarked by M N . Assume QI to be unmarked by M and let
M[t) M'. We have to show that t ~ ·QI. Note that "QI S; "Q S; Q" = Qi u Qi =
Qi u lI. (Q2) u IX (Q2)' Obviously t ~ Qi as QI is unmarked by M. t ~ IX (Q2), if
M' is to be properly reached. If tEll. (Q2), by construction of lI., t ~ "QI'

Proposition 4" Let M be a properly reached marking such that Q2 is detached

by M Then no transition tE Q" is M-enabled.

Proof By construction, Q" = Qi u lI. (Q2) u IX (Q2)' For t E Qi, apply Proposi-
tion 3. For tEll. (Q2) notice that Q2 is detached by M. So, let t E IX (Q2). Then
there exists a place s E Q2 such that t E s" and t =1= lI. (s). By the free choice
properly of N, "t = "lI. (s) = s. As lI. (s) is not M-enabled, M (s) = 0, hence t is
also not M-enabled.

Proposition 5" Let M be a properly reached marking such that Q2 is detached

by M Then each marking M' E [M) is properly reached and Qi is detached by M'.

Proof By induction on the structure of [M). For M the Proposition holds by

assumption. So, let M' E [M) be properly reached and let Q2 be detached by
M'. For M'[t) Mil we have to show that t ~ IX (Q2)' This follows from Pro-
position 4, as ii (Q2) S; Q".
We show the Theorem now as follows:
By Proposition 2, let ME [MN) be properly reached such that Q2 is
detached by M By Proposition 5, each M' E [MN) is properly reached and Q2
is detached by M'. The Theorem follows with Proposition 4. D

(I) Corollary" Afree choice net N is live if and only if every non-empty deadlock of
N contains a trap which is marked under M N.

Proof "<=" Corollary 7.2 (h).

"=" Let Q be a deadlock such that all traps of Q are unmarked. Then the
maximal trap of Q (the union of all traps of Q) is also unmarked and the result
follows using the above theorem. D
Using this corollary we can easily verify that the marked net shown in
Fig. 84 is not live, moreover that there is no initial marking under which it is
live. Clearly, Q={SI,S2,S3,S6,S7} is a deadlock, since Q"=TN"2"Q. But this
deadlock does not contain any non-empty trap.
As an immediate consequence of this result we obtain that any enlargement
of the initial marking of free choice nets preserves liveness.

(m) Corollary" Let Nand N' be free choice nets such that (SN, TN; F N) =
(SN' , TN'; FN') and MN :s; M N,. Then the liveness of N implies the liveness of N'.
108 Liveness Criteria for Special Classes of Nets

Proof N is live => each non-empty deadlock of N contains a trap which is

marked under MN (Corollary 7.2 (I)) => each non-empty deadlock of N' con-
tains a marked trap under M N , => N' is live (Corollary 7.2 (I)). 0

Figure 61 shows that this conjecture turns out to be false for the general
case of marked nets.

7.3 Marked Graphs

To conclude this chapter, we investigate nets with only unbranched places. As

in such nets every place possesses exactly one pre- and one post-transition, no
conflict situations are possible. Such nets describe systems which are only
structured by synchronization of their active elements. They are wellknown
under the name marked graph.
Liveness and safeness of marked graphs are characterizable by very simple
properties.

(a) Definition. A marked net is called a marked graph iff

(i) Yt l , t2 E TN: tl (F~) t2 (N is strongly connected),
(ii) YsE SN: I·s I = Is·1 = 1 (places are unbranched).

Examples of marked graphs are shown in Figs. 1,2,3,21 and 42.

An important property of marked graphs is that the token count on each
cycle does not change when transitions fire.

(b) Definition. Let N be a marked graph. A sequence w = (so, ... , sn) of places
is called a path of length n iff, for i = 1, ... , n, S;·_I = ·s; and for all 1 ::;; i =l= j ::;; n
s; =l= sj /\ ·s; =l= ·Sj. w starts at ·so and ends at s~. w is called a cycle iff w is a path
such that ·so = s~ .

(c) Lemma. Let N be a marked graph and let (so, ... , sn) be a cycle of N. Then,
n n
for all markings M E [MN), L, M (s;) = L, MN (s;).
;=0 ;=0

Proof Let MI [t) M2 denote a firing in N.

First case: t = ·s; for some 0::;; i::;; n. The firing of t decreases the number
of tokens on S; by one and increases the number of tokens on S; + 1 by one (let
Sn + 1 = so). The marking of all other places of the cycle is not affected. Second
case: t 1: ·{so, ... , sn}. The marking of all places belonging to the cycle remains
unchanged. 0

(d) Corollary. If a set of places of a marked graph is a cycle then its characteristic
vector is an S-invariant.
Exercises for Chapter 7 109

Liveness of marked graphs may be characterized in a simple way:

(e) Theorem. Let N be a marked graph. N is live if and only if every cycle of N
contains at least one place which is marked under M N.

Proof If there is a cycle which has all places unmarked under MN then, using
Lemma 7.3 (c), these places are also unmarked under all markings reachable
from M N • Hence the transitions belonging to this cycle may not be enabled
in [MN).
Conversely let ME [MN). Using Lemma 7.3 (c), every cycle contains at
least one place which is marked under M. Since N is finite, there may not be
arbitrary long paths in N such that all places on the path are unmarked un-
derM.
Now let t E TN and let n be the maximal length of the unmarked paths
under M N , ending with t. The start transition of each such path is enabled
(otherwise there would be a longer unmarked path). Now it is possible to fire
all these transitions independently of each other. This yields a marking
ME [MN) such that the maximal length of the paths unmarked under M, ending
at t, is n - I. The iteration of this procedure yields, after n - I steps, a marking
such that t is enabled. 0

(0 Definition. A PIT-net N is called safe iff, for all ME [MN) and all s E SN,
M(s) :::;; 1.

(g) Theorem. Let N be a marked graph which is live. N is safe if and only if each
place s E SN belongs to a cycle, which possesses exactly one place which is
marked under M N.

Proof By Lemma 7.3 (c), this condition is sufficient for safeness.

Now let s E SN be a place, which belongs only to cycles which carry more
that one token. Since N is live, the transition in ·s may be enabled and there
exists a marking ME [MN) with M(s) = 1. Now we remove temporarily this
token from s. By Theorem 7.3 (e) this does not affect liveness, since every cycle
still possesses at least one marked place. Again the transition in ·s may be
enabled. After its firing, s now contains two tokens, including the token which
we removed temporarily. So N is not safe. 0

(h) Corollary. A marked graph N is live and safe if every cycle of N contains at
least one marked place and if every place of N belongs to a cycle which contains
exactly one marked place.

Exercises for Chapter 7

1. For which initial markings MN of the following net N do not any dead
reachable markings M E [MN) exist?
110 Liveness Criteria for Special Classes of Nets

2. Does an initial marking exist such that the following net is live?

3. Construct an initial marking such that the following marked graph is live
and safe:

*4. Show that the initial marking of each marked graph can be modified such
that a live and safe marked graph is obtained.
Part 3. Nets with Individual Tokens

The markings of the nets considered so far are fully determined by the number
and the distribution of tokens on the S-elements. Now we shall allow indi-
vidual objects as tokens. A marking then also depends on the nature of its
tokens. We have already seen an example for such a net, called a predicate I
event-net, with the library system in Fig. 18. As in Sect. 4.5, we shall show how
relations between individuals which hold in all cases may be formulated in
predicate logic. Again, they may be represented, in such nets as T-elements
which are never enabled. A concept of "invariants" (as used for PIT-nets in
Chap. 6) again helps us to verify properties of such nets. Such invariants will
be defined for relation nets, which are introduced in Chap. 9.
The step from predicate/event-nets to relation nets is the same as from
CI E-systems to PIT-nets: Instead of single individual objects we allow several
individuals of the same kind. Then a linear algebraic calculus may be used to
compute invariants.
Chapter 8

Predicate/Event-Nets

8.1 An Introductory Example

We consider an example which is well known as "The Dining Philosophers

Problem". To start with, we represent it as a C/ E-system.
Three philosophers are sitting around a round table. Each philosopher has
a plate in front of him. Between any two neighbouring plates lies a fork
(Fig. 91). Whenever a philosopher eats he uses both forks, the one to the right
and the other to the left of his plate. When a philosopher has finished eat-
ing he replaces both his forks on the table and starts thinking. Figure 92 shows
this as a C/ E-system using the following conditions: di (philosopher Pi is think-
ing), ei (philosopher Pi is eating) and gi (the i-th fork is not being used). In the
case represented, PI is eating, the other two philosophers are thinking and only
fork 3 is not being used. Now, the thinking philosophers have to wait until PI
puts the forks back (UI) and starts to think. Then a conflict over fork 3 arises
and either P2 or P3 may start to eat, or PI starts eating again.
The three conditions di (philosopher Pi is thinking) (i = I, 2, 3) are now
combined into one predicate d ("thinking philosophers"). For each case c of
the system, it must now be specified for which philosophers the predicate d is
true. We now represent the predicate d as an S-element and the philosophers Pi
as tokens and mark d with those philosophers for which d is true. Figure 93
ill ustrates this step.
Analogously, we construct the predicate e ("eating philosophers") and the
predicate g ("available forks"). The set of objects for which some predicate is

Fig. 91. The dining philosophers

8.1 An Introductory Example 113

Fig. 92. A C/ E-system of the philosophers

true may be modified by events. Such events are again represented as T-ele-
ments connecting the predicates. The arcs are labelled to indicate which ob-
jects are affected by an event. In this way we obtain the representation in
Fig. 94, equivalent to the system shown in Fig. 92.
In Fig. 94, the events 11 ,12 and 13 have equal pre- and postsets; they only
differ with respect to the affected objects. These three events can be repre-
sented by one single T-element as shown in Fig. 95; the affected sets of objects
are indicated by arc inscriptions consisting of variables and functions. The
functions I and r associate with each philosopher his left and his right fork,
respectively. It is possible to derive the concrete events Ii (1 :;:;; i :;:;; 3) from the
event schema t by substituting for the variable x the respective philosopher Pi.
Correspondingly, the T-element u in Fig. 95 is a unification of the events UI,
U2 and U3 of Fig. 94.

d,(!} QIO e,(!)

d Q e
dZ(!} -<>9 ~O -wC>G) ezO <>(0
d30 ~(!) ~O
Fig. 93. The step from conditions to predicates
114 Predicate/Event-Nets

Fig. 94. The system of philosophers using predicates

P = {Pl'P 2 ,P S }

x G = {gl,g2,gS}
x
UN = PUG

t(x)
t
r(x) l: P-- G
Pi .... gi

x r: P -- G
PC
P2 g2
g3
P 3>-> g1

Fig. 95. The system of philosophers using predicates and event schemas

Using the representation shown in Fig. 95 we are able to model a meal of

arbitrarily many philosophers: in the initial case let d be marked by {PI, ... , Pn},
and g by {gl, ... , gn}. Now the two functions I and r are defined as I (Pi) =
gi (i = 1, ... , n), r (P;) = gi+ I (i = 1, ... , n -1) and r (Pn) = g, .

8.2 Predicate/Event-Nets

Now we are going to precisely formulate the concepts introduced informally

in 8.1. We start with algebras and define terms over algebras which we shall
use as arc inscriptions in the definition of predicate/ event-nets.
8.2 Predicate/Event-Nets 115

(a) Definitiono Let D be an arbitrary set.

(i) For n E Nand M s; Dn, f: M -- D is called a partial operation on D. Let
1J be a set of partial operations on D. Then J) = (D; 1J) is called an al-
gebra. In particular, 1J may contain functions d: DO -- D, which may be
identified with elements of D.
(ii) Let X be a set of variables. The set Y (J), X) of terms over D and X is the
smallest set of expressions such that
(a) Xs;Y(J),X),
(b) iU I , ... ,In E Y(J), X) and f: D n -- D E 1J then f(/l, ... , In) EY(J),X).
In particular, an element of D which belongs to 1J as a function
DO __ D is a term.
(iii) A mapping p: X -- D is called a valuation of X. It induces, canonically, a
mapping p: Y(J),X)--D by P(f(tl, ... ,tn))=f(P(/I), ... ,P(l n)). Fi-
nally, we expand P for sets of terms JI s; Y (J), X) by P (//) = {P (t) It E vU'}.

Using these notions, we are now able to define the class of nets we dis-
cussed informally in the previous section and for which Fig. 95 shows an
example.

(b) Definitiono N = (P, E; F, J), A, c) is called a predicate I event-net (PIE-net) iff

(i) (P, E; ,F) is a net without isolated elements, the elements of P and E are
called predicates and events, respectively,
(ii) J) is an algebra,
(iii) k F -- 9(Y (J), X))\{0} is a mapping, (9 denotes powerset),
(iv) c: P -- 9 (D) is the initial case of N.

We denote the six components of a PIE-net N by P N, EN, FN, J)N, AN, CN.
In the following we assume the set of variables X and write Y (N) for
Y (J)N, X), and Jfor AN (f) (f E FN). In Fig. 95, the sets of terms, J, are written
without brackets.
To decide whether an event e of a PIE-net is enabled, one has to consider
valuations P and to apply them to the arc inscriptions around e. For arcs (p, e)
the set pep, e) must be contained in the marking of p, for arcs (e, p) no element
of P(e,p) may already be contained in the marking of p. When e occurs, the
elements of pep, e) are removed from the predicates p E °e, and the elements
of P(e, p) are added to the predicates p E eO. Figure 96 shows an example.

Fig. 96. The occurrence of the event t in the system of Fig. 95 with f3 (x) = P2
116 Predicate/Event-Nets

(c) Definitiono Let N be a PIE-net.

(i) A mapping c: P N --> 9(DN) is called a case (by analogy with C/ E-systems).
(ii) Let e E EN and let 13 be a valuation such that for all f E FN n (P N x {e} u
{e} x PN) : if t l , t2 E A (f) and tl =l= t2 then 13 (tl) =l= 13 (t2). For a given case c,
e is called c-enabled with 13 iff VpEoe: j3(p, e) r;;;. c(P) and VpEeo:
j3(e,p) n c(P) = 0.
(iii) An event e which is c-enabled with 13 yields a follower case c' of c under
13 by
C(P)\j3(P'e) iff pEOe\eO,
,
l
_ c(P) uj3(e,p)
c (P)- c(P)\j3(p,e)uj3(e,p) iff pEoeneo,
iff p E eO\Oe,

C (P) otherwise.
We say, e transforms the case c to c' under 13, and we write c [e)p c'. Let
[CN) be the smallest set which contains CN and which is closed with respect
to event occurrences.

To represent a case c graphically, the elements c (P) are written into the
circle for p.

start of cycle

initialization

initial values

compute ne1J
values

computed values

delete values

values are deleted

Fig. 97. The System of Fig. 11, represented as a PIE-net with !2 = ({ 0, 1), {v, I\})
8.3 An Organization Scheme for Distributed Databases 117

Figure 97 shows a PIE-net representing the same system as the CI E-system

of Fig. 11. The algebra of this PIE-net is the boolean algebra with the carrier
{O, I} and the logical operations 1\ and v.
In most cases, the carrier D of the algebra I1N will naturally be the disjunct
union of several sets D;, where each predicate p will only be true for elements
of one of these sets D;, for all reachable cases. For the system represented in
Fig. 95 we find that the set of forks belongs, in this way, to the predicate g and
the set of philosophers belongs to d and e.

8.3 An Organization Scheme for Distributed Databases

We assume a situation where geographically distributed sites access a common

database, in which reading operations occur much more often than writing
operations. To minimize the costs of data transmission, it is convenient in this
case to have one copy of the data base at each site and to organize an updating
mechanism which handles writing operations correctly.

pix) ... P. p

passive
sites

K = {do, ... ,dn }

DN = K U (K X K) U {m}

P.:K ... KxK

J
d .... (d.,d . . d)
1- 1- 1-+J mo n
Fig. 98. An organization scheme for updating a distributed database
118 Predicate/Event-Nets

All updates of the database have to be carried out in the same way in all
copies of the database. An update is invoked by a particular site, called the
sender, which sends a message to all other sites. Each receiver of such a
message updates its copy of the database and sends an acknQwledgement back
to the sender. The update is successfully completed when the sender has
received acknowledgements from all other sites. Since all sites act according to
the same scheme we are able to model them as tokens in one single net
(Fig. 98).
The message interchange is realized by packages which contain the update
message and which are labelled with the identification of the sender and the
receiver. Since we are only interested in the organization of the updates and
not in the contents of the update messages, we represent each package by a
pair consisting of sender and receiver identifications.
Let K = {~, ... , dn } be the set of involved sites. As long as no messages are
being interchanged, the predicate "idle component" is true for all sites d; and
the predicate "inactive package" is true for all packages (d;, dj ) (see Fig. 98).
A site d; E K invokes an update procedure by occurrence of the event el with
fJ (x) = d;. Then all packages PI (d;), ... , Pn (d;) with Pj (d;) = (d;, dU+j ) mod n) are

Fig. 99. A case of the system of Fig. 98 with n = 2

8.4 Facts in PIE-Nets 119

initialized. di is now waiting for the acknowledgements. The event e2 causes

the receivers of the packages to accept and to process the message, indepen-
dently of each other. When the processing is finished each receiver gives the
"empty" package back to the sender by e3. After all acknowledgements for
processed updates have arrived in the form of empty packages, the sender
returns to its idle state with e4. Thereby the packages become inactive. Ad-
ditionally a token m is put onto s which enables a new cycle.
In Fig. 99 a reachable case is shown for n = 2.

8.4 Facts in PIE-Nets

The set of objects for which some predicate of a PIE-net is true changes by
event occurrences. Nevertheless there may be relations between predicates
which hold for all cases. By analogy with CI E-systems, such relations may be
expressed as logical formulae and may be represented as T-elements which are
never enabled. In this section we shall derive, as in 4.5, a dependency between
the validity of logical formulae and the possibility of events to be enabled.
First, we define those logical formulae which we need to build facts. In
terms of the predicate calculus, we have first order formulae in prenex normal
form without existential quantifiers. The universal quantifiers may then be
omitted.

(a) Definition. Let N be a PIE-net.

(i) The set ,<;fN of (logical) formulae over N is the smallest set such that
(a) iftEY(N) andp E P N thenp (t) EdN ,
(b) ifal ,a2 EdN then (al 1\ tq) E d N , (al V (2) E d N ,
(al ----t(2) EdN , (-WI) EdN·
As in 4.5, unnecessary brackets will be omitted.
(ii) Each case c of N induces, for each formula a E d N and each valuation /3,
a value cp (a) E to, I}, defined by
cp:dN ----t{O,J}

p (t)
1-+ {I iff /3(t) E c(P) (l == true),
o iff /3(t) ¢ c (P) (0 == false),
al 1\ a2 1-+ min {cp (ad, Cp (az)},
al Vaz 1-+ max {cp (al), Cp (az)},
al ----ta2 1-+ Cp (,al V (2),
,a 1-+ 1- cp(a).
(iii) For each case c of N, let the function c be defined as c: d N ----t to, I},
h
were
'()
c a =
{I
iff,forallvaluations/3,cp(a)=J,
.
o
otherwIse.
(iv) Two formulae al ,a2 E d N are called equivalent (we write ttl == (2) iff, for
each case c of N, c (al) = c(al).
120 Predicate/Event-Nets

By analogy with Chap. 4.5, we construct for each event e of a P / E-net N a

formula aCe) such that a (e) is true in all cases in which e is not enabled under
any valuation fJ. This will be used in the fact calculus.

(b) Definition, Let N be a finite P / E-net, let P E P N and let e E EN.

(i) For (p, e) E FN and (p, e) = {tI' ... , td, a(p, e) denotes the formula
P (iI) 1\ ... 1\ P (td·
(ii) For (e,p)EFN and (e,p)={tI, ... ,tg}, a(e,p) denotes the formula
P(tI) v ... V p(tg).
(iii) Let 'e={PI"",Pn} and e'={Pn+I, ... ,Pm}. Then a (e) is the formula
(a(p], e) 1\ ... 1\ a(pn, e)) ~ (a(e,Pn+I) v ... V a (e,Pm))'
(iv)If 'e=0 and e'={PJ, ... ,Pm} then a (e) is the formula a(e,PI)V ...
V a(e,Pm).
(v) If 'e = {PI, ... , Pn} and e' = 0 then a (e) is the formula I (a(pI , e) 1\ ...
1\ a(pn, e)).

In Fig. 95, we have: a(u) == e (x) ~ d (x) V g (l (x)) V g (r (x)),

a (t) == d(x) 1\ g (l(x)) 1\ g (r(x)) ~ e(x).

(c) Theorem, Let N be a finite P / E-net and let e E EN. Then, for each case
c E [CN): C(a(e)) = I iff e is not c-enabled with any valuation fJ.

Proof c (a(e)) = I ¢ > Y fJ: Cp (a(e)) = 1

¢ > YfJ: (:3p E'e with cp (a(p, e)) = 0 V :3p E e' with cp (a(e, p)) = 1)

¢ > Y /1: (:3p E'e and :3 t E (p, e) with cp (p (i)) = 0

V :3p E e' and:3 t E (e,p) with cp (p (t)) = 1)

¢ > YfJ: (:3p E 'e :3 tE(p, e) with fJ (i) tt c (p)

V :3p E e' :3 tE (e, p) with fJ (t) E C (p)

¢ > Y fJ: (:3p E 'e with fJ (p, e) $ c (p) V :3p E e' with fJ (e;p) n c (P) =1= 0)
¢ > e is not c-enabled with any valuation fJ. 0

By analogy with 4.5, we saw in the previous section that T-elements which
never become enabled represent formulae which are valid for all cases. Now
we shall show that each valid formula may be represented by such T-elements.

(d) Definition, Let N be a PIE-net.

(i) A formula a E s1'N is called valid in N iff, for all cases c E [c N), C (a) = 1.
(ii) For PI, P2 ~ P N and PI U P 2 =1= 0, let t = (PI, P 2 ) be a new T-element
with 't=P I and (=P 2 . For each new arcfE (PI x {t}) U ({t} xP 2 ), let a
set of terms A (f) ~.'T (N) be given by a mapping L (t, A) is called a
fact of N iff t is never enabled for any case c E [CN) and any valuation fJ.
(iii) Corresponding to Definition 8.2 (b), we also use with respect to a fact t
the notations (p, t) and (t, p) for A (p, t) and A (t, p), respectively. The
formula aCt) is defined as aCe) for events e.

In the graphical representation of P / E-nets, a fact is drawn as [Ej, as for

C/ E-systems; the associated arcs are appropriately inscribed.
8.4 Facts in PIE-Nets 121

x x x

Fig. 100. Some facts in the system of Fig. 95

Figure 100 shows some facts in the system of the dining philosophers.
Their meaning may be explained as follows:
tI: I (d (x) 1\ e (x)): A thinking philosopher is not eating and an eating phi-
losopher is not thinking.
t2: p(x) --+ d(x) V e(x): Each philosopher is either eating or thinking. There
is no other activity represented in this system.
t3: g (l (x)) --+ d (x): Whenever the left fork of some philosopher is not being
used then he is thinking.
t4: As t3, with respect to the right fork.
t5: I (e (x) 1\ g (I (x)): whenever a philosopher is eating then his left fork is
not available, and whenever his left fork is available he is not eating.
t6: As t5, with respect to the right fork.

(e) Theorem. Let N be a P / E-net and let a E .9/N' a is valid in N iff there exist
facts t I , ... , tn such that a is logically equivalent to a (tI) 1\ ... 1\ a (tn).

Proof The if-part follows immediately using Theorem 8.4 (c). Conversely, a
can be transformed into a logical equivalent formula a' = 0,\ 1\ ... 1\ ak in con-
junctive normal form. Each a g (1 S g s k) is a term of the form I qI (t I ) V ...
v,qn(tn)Vqn+I (t n+I) v ... vqm(tm) with qI, ... ,qmEPN andtI, ... ,tmE.'T(N).
For each PEP N, let Yp={ti!lsisnl\qi=p} and ~={tj!n+lsjsm
I\qj=p}. Now let tg be a new element with ·tg ={p!Yp=l=0} and t;=
{p! ~ =1= 0}, and let (p, tg) = Yp and (tg, p) = ~. Cleaily, ag = a(tg)
(g=l, ... ,k). Hence each tg is a fact and a is logically equivalent to
a(t I) 1\ ... 1\ a(tg). D

As for C/ E-systems, we again have the problem of how to verify facts. We

shall see that, for P / E-nets also, the concept of invariants is helpful for this.
To deal with invariants, we shall introduce a slightly different net model,
called "relation nets". P / E-nets are transformable into relation nets, using the
normal form which is introduced in the next section.
122 Predicate/Event-Nets

8.5 A Normal Form for PIE-Nets

In the normal form we are going to construct, we shall reduce the number of
variables in the environment of events. Instead of variables x], ... , Xn which
are valuated by single elements of DN we use one variable x which is now
valuated by objects of (DNt. The variables Xi are then simulated by projec-
tions. So only the arc inscriptions have to be changed and other valuations of
the variables have to be used for event occurrences.

(a) Definition. Let N be a finite PIE-net and let X = {x], ... , x n } be the vari-
ables occuring in terms of N.
(i) With DN = (D, (/)), let J]:= (D u Dn, (/) u {pri I ~ i ~ n D. We associate with
each term t E.Y (N) a term t EY (J], {x}) i~he following way:
t= pri(X) iff t = Xi (1 ~ i ~ n),
i= f(~, ... , t,.) iff t = f(t] , ... ,tn)'
(ii) Let IV = (PN, EN; F N, J], A, CN), where A(f) = {ilt E AN (f)}.

(b) Definition. A PIE-net is called in normal form iff I X I = 1.

(c) Corollary. Let N be afinite PIE-net. Then IV is in normal form.

The net shown in Fig. 95 is in normal form. Figure 101 shows a scheme for
the construction of the normal form.

(d) Definition. Two PIE-nets Nand N' are called equivalent iff D N = D N' 1\
EN=EN'I\FN=FN,I\(YC],C2E[CN), YeEEN:there exists a valuation fJ
with C] [e)p C2 in N iff there exists a valuation fJ' with C] [e )p' C2 in N').

(e) Lemma. Each PIE-net N is equivalent to its normal form IV.

Proof Let X = {x], ... , x n } be the set of variables of N and let x be the
variable of IV. We associate with the valuation fJ induced by fJ: X ~ D a valua-
tion fJ' by fJ' (x) = (fJ (x]), ... , fJ (x n )). Conversely, if fJ': {x} ~ D is given, then
let fJ be defined by fJ(x;) = pri (fJ' (x)). D

The library system is represented in Fig. 18 as a PIE-net with events

labelled by additional inscriptions. Such inscriptions maybe considered as ad-

in N

Fig. 101. Construction of the normal form of a P/ E-net

Exercises for Chapter 8 123

ditional predicates which must be fulfilled before an event occurs and which
are not changed by the occurrence of this event. In the calculus of P / E-nets
they have to be represented as additional S-elements.
For system design, it is of course recommended that more than one vari-
able is used and that events are labelled by conditions. Such conditions have
only to be substituted if system properties are represented as facts. Also the
restriction to one variable in the environment of events is necessary only if
invariants are to be calculated.

Exercises for Chapter 8

1. Represent the four season system (Fig. 1) as a P / E-net with a minimal
number of predicates and events.

2. In Fig. 98 represent the following facts:

a) Whenever a package is waiting for acknowledgement, its corresponding
receiver is processing.
b) Whenever an empty package is to be returned, its sender is waiting.

*3. Supplement the system of dining philosophers (Fig. 95) with a fair
schedule such that each philosopher who wants to eat, will eventually be
able to eat.
Chapter 9

Relation Nets

After introducing PIE-nets, we now present a further net model using in-
dividuals as tokens. This new model, in particular, supports a calculus of in-
variants.
In Chap. 6 we introduced the idea of invariants for PIT-nets. Now we
generalize the notion of markings of PIT-nets to individual tokens in the same
way as we generalized the notion of cases of C IE-systems, when defining PI E-
nets. A marking will now indicate, for each place, not only the number but also
the sorts of its tokens. Thus a marking M (s) of some place s is a mapping
M(s): D ---+ N giving for each sort dE D the number of tokens of this sort d
on s. Whenever a transition fires, the distribution of the typed tokens over the
places is changed.
We recall, from Chap. 6, some prerequisites for the construction of S-
invariants. For expressions of the form l'f' . x = 0 or i· M = i . MN to be sen-
sible it must be possible to multiply matrix entries with each other and with
markings, the results of these operations have to be summed. With respect to
addition, a neutral element "0" is required and the multiplication must be
distributive over the addition.
As the arc inscriptions are used as matrix entries, these inscriptions and the
whole net model must be chosen in such a way that such operations are pos-
sible. As the arcs will be labelled using relations, the resulting nets will be
called relation nets.
We shall show in which way PIE-nets may be considered as special
relation nets. Using a matrix representation, a calculus for S-invariants is ob-
tained. This may be used to verify facts.

9.1 Introductory Examples

We start with the illustration of the main idea underlying the concept of rela-
tion nets, by considering a special case. We show how to represent PIE-nets as
relation nets. Every PIE-net may be transformed into a relation net in the fol-
lowing way: Each arc inscri ption 1 of a PIE-net in normal form yields, for each
valuation fJ of the variable x, the set fJ (f) s; D. Hence we may consider the
meaning of 1 as a set of tuples (fJ(x),y) with y E fJ (f), i.e.l denotes the
relation {(a, b) 1::J valuation fJ with a = fJ (x) and b E fJ (1)} s; D x D}. A transi-
tion t fires with respect to some parameter d by removing, from each place
Introductory Examples 125

id 'i id

'd
t4

t6 id

id
Fig. 102. The dining philosophers represented as a relation net (cf. Fig. 100)

S E °t, the elements (s,t) [d] and by adding to each place s E to, the elements
(t ,s) [d] (see A6 (iv)). Figure 102 shows a relation net with the same meaning
as the net shown in Fig. 100. Thereby the graph of a function is considered as
a relation (id denotes the identity relation).
We see that, when constructing a relation net N' from a P / E-net N,
markings M (s) <;: D are represented by their characteristic mapping M (s):
D --4 {O, l}. Each arc inscription ]<;:Y(!2, {xD of N is transformed into a
relation] <;: D x D which again may be considered as a characteristic mapping
l: D x D --4 {O, I}. In the general case, we shall have markings of the form
M(s): D --4 IN and arc inscriptions of the form]: D x D --4 IN in relation nets. A
transition t fires with respect to some parameter a by removing, from each

Let D={a,b} .

P4(X,y) =2
for X,Y ED

r:::\~
~
mar7cing after finne wi th a marking after firing wi th b
Fig. 103. The firing of a transition, t, of a relation net
126 Relation Nets

Fig. 104. The system of reader and writer processes of Fig. 66, identifying single processes

place s E 'f, (s, t) (a, d) elements of each sort d E D and by adding, to each
place s E (, (f,S) (a, d) elements of each sort d ED.
It is convenient to use relation nets if several individuals of some sort do
not have to be distinguished. One should not be forced to distinguish indi-
viduals if one doesn't wish to. This would lead to overspecification. The sys-
tem of reader and writer processes shown in Fig. 66 is an example of this.
There it might be convenient to distinguish the processes but it is certainly not
necessary to distinguish the k control tokens. Figure 104 shows a representa-
tion as a relation net where this is realized. Mappings of the form A: D --+ 7L
and Q: D x D --+ 7L will, in the following, be called multisets and multirelations,
respectively. These names reflect their nature as generalizations of charac-
teristic mappings of sets and relations, respectively.

9.2 Relation Nets

In the previous section, we gave an introduction to the use of multisets and

multi relations in relation nets. A multiset M defines for each element, d, of
some set of sorts, D, how often d is contained in M. Thereby we allow that
some element d may also be contained in M "negatively often". It is therefore
possible to calculate with multisets as with integers. In particular, they can be
added, subtracted and multiplied with integers by performing the correspond-
ing operations for each sort separately. Multirelations are multisets over the
cartesian product D x D of a set of sorts D.

(a) Definition. Let D be a set.

(i) A multiset over D is a mapping M: D --+ 7L. Let J( (D) denote the set of all
multisets over D.
(ii) A multiset A E J( (D) is called positive iff V dE D: A (d) ~ O. Let jl+ (D)
denote the set of all positive multisets over D.
(iii) We define the addition, product with integers Z E 7L and the ordering ~ for
multisets A, B E jl (D) as
9.2 Relation Nets 127

(..§l) A+B: D -4 7L
d 1--* A (d) + B (d),
~2) z·A: D-47L
d 1--* z . A (d),

~3) A~B <=>VdED A(d)~B(d).

For the handling of multi sets in our calculus the following notations and short-
hands are convenient:

(b) Definition. Let D be a set.

(i) For A, B E..§(D), let -A = (-1) . A and A - B = A + (- B).
(ii) For z E 7L, let the multiset ~ E..§ (D) be given by ~ (d) = z. In particular,
Qdenotes ·the empty multiset.
Multisets A with images A (d) E {O, I} for all dE D are (characteristic map-
pings of) sets. In this case, the addition + may be interpreted as the disjunct
union C!, and the ordering ~ as the inclusion ~. If B ~ A we then have
A-B=A\B.
If D = {d1, ••• , dn }, we shall write multisets A E .,1/ (D) also as linear com-
binations ml d 1 + ... + mn dn , where mi = A (di) (i = 1, ... , n). It is sufficient to
specify those elements di for which mi =!= O. In this sense, each summand mi d i
denotes a multiset M (by M (di) = mi, M (d) = 0 for d =!= dJ and it is possible to
calculate using this representation according to..§l, .,1(2 and..§3 as with integer
vectors. When the multiplicity 1 is not explicitly written, each element d E D
is a multiset itself and we write D also for the multiset L d.
dE D

(c) Definition. Let D be a set.

(i) :39 (D) = j ( (D2) denotes the set of all multirelations over D .
.~+ (D) =..§+ (D2) denotes the set of all positive multirelations over D.
(ii) For Q E :39 (D) and a ED, let Q [a]: D -4 7L, d 1--* Q (a, d).
Hence Q [a] is a multiset.
(iii) Let id E:39+ (D) be given by id (x, y) = 1 iff x = y, id (x, y) = 0 iff x =!= y.
Let 0 E:39+ (D) be defined as 0 (x, y) = 0 for all x, y E D.

As multi relations are special multisets, it is possible to calculate with them

according to the rules of9.2 (a).
Now we define relation nets as nets with positive multi sets as markings and
positive multirelations as arc inscriptions.

(d) Definition. A 7-tuple N = (S, T; F, K, D, A, M) is called a relation net iff

(i) (S, T; F) is a net, the elements of Sand T are called places and transitions,
respectively,
(ii) K: S -4 (D -4JN u {ron defines a (possibly unlimited) capacity for each
place,
(iii) D is a set, and Ie: F -4 :39+ (D) associates with each arc a positive multi-
relation as an inscription,
128 Relation Nets

(iv) M:S ---+JI+(D) is an initial marking respecting the capacities, i.e. Vs E S:

M(s) :::; K (s).

Again, we denote the components of a relation net N by SN, TN, F N, K N,

D N, AN and M N. As for PIE-nets we writeJfor A (f).

(e) Definition. Let N be a relation net.

(i) A mapping M: SN ---+ JI+ (DN) is called a marking of N iff V S E SN: M (s)
:::; KN (s).
(ii) For dE DN and a marking M of N, a transition t E TN is called M-
enabled with d iff VSE·t:M(s):2:(i,t)[d] and VSE(:M(s):::;
KN (s) - (t~) [d] and L: (s,t) [d] + L: (t:S) [d] > Q.
S E' t SEt'

l
(iii) A transition t E TN which is M-enabled with d yields a follower marking
M'of Mby
M(S) - (i,t) [d] iff S E ·t\t",
M' , _ M (s) + (t-;S) [d] iff S E (\·t,
(5) - M(s) - (i,t) [d] + (0) [d] iff S E ·t n (,
M (s), otherwise.
We say tfiresfrom M to M' and we write M [t)d M'.
(iv) Let [M) be the smallest set of markings which contains M and which is
closed with respect to transition firings.

In the graphical representation arcs f are labelled by 1 A marking M is

represented by drawing, into each place s, M (s) (d) tokens of each sort d.
The nets shown in Fig. 102 and Fig. 104 are relation nets. In most cases, the
carrier DN of a relation net N will naturally be the disjunct union of several
sets Di , such that, for each place s, the reachable markings consist only of ele-
ments of one set D i • In the net of Fig. 104, the set of processes {PI, ... , Pn}
belongs to Sl , ... , S4; the k control tokens belong to Ss.
All the different net models considered until now (C IE-systems, PIT-nets,
PIE-nets) are-special classes of relation nets. Figure 105 shows how the mark-
ings have to be restricted to obtain the corresponding special classes.

CIE-systems M(s): l.e} .... to,]} - - - - - - - M ( s ) : D .... {o, 1} PiE-nets

PIT-nets M(s): {e} .... lN - - - - -_ _ _ M(s):D .... lN relation nets

Fig. 105. Relations between different net models

9.4 Calculation with Multirelations 129

9.3 The Translation of PIE-Nets into Relation Nets

In Chap. 8.5, we derived a normal form for P / E-nets. Now we shall associate
with each PIE-net a behaviourly equivalent relation net. The idea of this con-
struction has already been introduced in Sect. 9.1.

(a) Definition.
(i) Let 11 be an algebra. For terms t E.Y (11, {x}), let the multirelation
Q(t): D2 --+ {O, l} be given by Q(t) (a, b) = 1 iff there exists a valuation p
with a = P(x) and b = P(t).
(ii) Let N be a PIE-net in normal form with terms over {x}. Let QN: FN --+
~+ (DN) be defined as QN (f) = L. Q(t). By Definition 8.2 (b) we have
tel
QN(f) (a, b) ::;: 1. For arbitrary cases e of N, let Me: PN -+JI+ (DN) be de-
fined as Me (P) (d) = 1 iff dEe (P), and Me (P) (d) = 0, otherwise.

(b) Theorem. Let N = (P, E; F, 11, .Ie, e) be a P / E-net in normal form and let the
relation net N' be given by N' = (P, E; F, K, D, QN, Me) with Vp E P: K (P) = 1.
Then, Ve, e' E eN Ve E E V valuations p: {x} --+ D: e [e)p e' in N iff Me [e)p(x)
Me' in N'.

Proof Let p E ·e\e'. e' (P) = c (P)\P (p, e)

<;:::> (V dE P (p, e): dEC (P) 1\ d ¢ c' (P) and, V d ¢ P (p, e): dEe (P) <;:::>
dEC' (d»

°:
<;:::> (V dE D with QN (p, e) (p (x), d) = 1 : Me (P) (d) = 1 1\ Me' (P) (d) =

V dE D with QN (p, e)(p (x), d) = Me (P)(d) = Me' (P)(d»

and,°
<;:::> Me, (P) = Me (P) - QN (p, e) [p (x)].

Analogously, Vp E e'\'e: c' (P) = C (P) up (p, e) <;:::> Me' (P) = Me (P) +
[P (x)]. By a similar treatment of the remaining cases the result fol-
QN (p, e)
lows. 0

9.4 Calculation with Multirelations

For the calculus of invariants of relation nets, we shall use a matrix represen-
tation. Therefore it must be possible to add and to multiply matrix entries,
which are arc inscriptions and hence multirelations. The summation of multi-
relations was previously defined in Chap. 9.2. Now we shall define a product,
which turns out to be a generalization of the relation product (see A6 (ii» to
multirelations. In particular, we shall show that addition is distributive for the
product. Finally we shall introduce a calculus for vectors consisting of multi-
sets and multirelations. At this point we shall have prepared all the pre-
requisites for the calculus of invariants.
We start by presenting all operations for multirelations.
130 Relation Nets

In 9.2, we defined the application of a multirelation 0 to a single element

a ED to be the multiset 0 [a] with 0 [a] (d) = 0 (a, d). Applying 0 to a multiset
A yields a multiset 0 [A] as follows: To determine 0 [A] (d), we consider, for
each e ED, the integer A (e) as a factor modifying 0 (e, d).
So A (e) 0 (e, d) yields the contribution of e to 0 [A] (d). 0 [A] (d) is obtained
as the sum of all products of this form.
The composition 0 0 a of two multi relations 0 and a is again a multirela-
tion. To compute 0 0 a (a, b), we consider, for each e E D, the integers 0 (a, e)
and a (e, b). Their product yields the contribution of e to 0 0 a (a, b).
0 0 a (a, b) is the sum of all products of this form.

(a) Definition. Let D be a set. Let a ED, A E vii (D), 0, a E f?hJ (D) and z E lL.
The addition and the product with integers for multirelations are given as
the corresponding multiset operations:
(f?hJ1) 0 + a: D2 ~ lL (f?hJ2) z· 0: D2 ~ lL
(a, b) 1-+ 0 (a, b) + a (a, b) (a, b) 1-+ z· (0 (a, b».
The application of a multi relation to a single element and to a multiset,
respectively, are defined as
(f?hJ3) o[a]: D ~ lL and (f?hJ4) O[A]: D ~ lL
d 1-+ o(a, d) d 1-+ L, A (e) ·0 (e, d).
e E D
The composition of multi relations is defined as
(f?hJs) 0 0 a: D2 ~ lL
(a, b) 1-+ L, 0 (a, e) . a (e, b).
eE D
As an example, with the multiset A, defined as A (a) = 2 and A (b) = -1,
we find using the relations 01 and 03 of Fig. 103:

01 [A] (a) ~ A (a) ·01 (a, a) + A (b) . 01 (b, a) = 2 . 2 - I . 1 = 3,

01 [A](b)~ A (a) ·01 (a, b) + A (b) . 01 (b, b) = 2·1- 1 ·2= 0,
01 0 Q3 (a, b) ~ 01 (a, a) . 03 (a, b) + 01 (a, b) . 03 (b, b) = 2 . 1 + 1 ·3= 5,
01 0 Q3 (b, a) ~ 01 (b, a) ·03 (a, a) + 01 (b, b) ·03 (b, a) = 1 . + 2 . 2 = 4. °
(b) Lemma. Let D be a set. Let a ED, A, BEvil (D), 0, a, r E f?hJ(D) and Z E lL.
(i) A+B = B +A
(ii) 0+a = a+0
(iii) z· (0 + a) (z . 0) + (z . a)
=
(iv) 0 0 (z . a) z . (0 0 a)
=
(v) (0 + a)[a] = 0 [a] + a [a]
(vi) 0 [A + B] = 0 [A] + 0 [B]
(vii) (0 0 a) [a] = a [0 [a]]
(viii) 0 0 (a+ r) = (0 0 a) + (0 0 r)

Proof Let a, bED.

(i) (A + B) (a)·/tJ A (a) + B (a) = B (a) + A (a)/tJ (B + A) (a)
9.4 Calculation with Multirelations 131

(ii) (0 + 0) (a, b)"~ 0 (a, b) + (J (a, b) = (J (a, b) + 0 (a, b) ~ «(J + 0) (a, b)

(iii) z' (0 + (J) (a, b) ~ z· «0 + (J) (a, b»'~ z . (0 (a, b) + (J (a, b» = z· 0 (a, b)
+z· (J(a,b)~ (z· 0) (a, b) + (z· (J) (a,b)~ «z· 0) + (z· (J» (a, b).
(iv) 0 0 (z· (J) (a, b)~ L 0 (a, e) . (z . (J (e, b» = z . L 0 (a, e) . (J (e, b)
e E D e E D
~Z' (0 0 (J) (a, b).
(v) (0 + (J) [a] (b)·~ (0 + (J) (a, b)·~ 0 (a, b) + (J (a, b) ~ 0 [a] (b) + (J [a] (d)
.~ (0 [a] + (J [aJ) (b).
(vi) 0 [A + B] (a)·~ L (A + B) (e) . 0 (e, a)·~ L (A (e) +B (e» . 0 (e, a)
e E D e E D

= ( L A (e) . 0 (e, a») + ( L B (e) . 0 (e, a») ~ 0 [A] (a) + 0 [B] (a)
eED eED

(vii) (0 0 (J) [a] (b)·~ (0 0 (J) (a, b)·~ L 0 (a, e) . (J (e, b)

e E D

.~ L (0 [a] (e» . (J (e, b)·~ (J [0 [aJ] (b)

eE D

(viii) (0 0 «(J + r» (a, b) ~ L 0 (a, e) . «(J + r) (e, b)

eE D

.~ L o(a, e)' «(J(e, b) + r (e, b» = L 0 (a, e)' (J (e, b)

e ED e ED

+ Lo(a, e)' r(e,b)~ «0 0 (J) + (0 0 r» (a, b). o

eE D

For the calculus of invariants we shall use, analogously to Chap. 6, a rep-

resentation of relation nets as matrices and the description of transition firings
as vector additions. That is why we now consider vectors consisting of multi-
sets and multirelations, respectively, and show how to calculate with them.

(c) Definition. Let Sand D be two sets. Let X, Y: S -+ J( (D) be vectors con-
sisting of multi sets, and let ifJ, 'l': S -+ ~(S) be multirelation vectors. Let d ED
and let Z E 7L. As usual, we define addition and product with integers:

('Yl) X + Y: S -+ J( (D) (Y2) z· X: S -+ J( (D)

s H Xes) + Yes) s HZ' (X(s»

(7'/) ifJ + 'l': S -+ ~ (D) (Y4) Z· ifJ: S -+ ~(D)

s H ifJ (s) + 'l' (s) s H Z ' (ifJ (s»

For multirelation vectors, the application to elements of D is defined com-

ponentwise:
(Ys) ifJ <d): S -+ J( (D)
s f-+ ifJ (s) [d].

Finally, we define two operations for multirelation vectors which yield

multisets and multirelations, respectively:
132 Relation Nets

the vector application (Y6) I/J [X] = L I/J (s) [X (s)] E vii (D)
S E S

and the vector product (Y-)) I/J * IJf = L I/J (s) 0 IJf (s) E §i (D).
SE S

The nullary relation vector Q is defined as Q : S --> §i (D)

Sl--+ O.
(d) Lemma, Let Sand D be sets, let I/J, 1Jf, Q: S --> §i (D) be vectors and let z E 71,.
(i) I/J * (1Jf + Q) = (I/J * If/) + (I/J * Q)
(ii) I/J * (z . If/) = z . (I/J * If/)
(iii) I/J [1Jf(d)] = (1Jf* I/J) [d].

Proof (i) I/J * (1Jf + Q) ~ L I/J (s) 0 «1Jf + Q) (s)) ~ L I/J (s) 0 (1Jf (s) + Q (s))
S E S S E S

9.4~vii L (I/J (s) 0 lJf(s)) + (I/J (s) 0 Q (s)) 9.4~)ii L I/J (s) 0 lJf(s)
SE S S E S

SES

(ii) I/J * (z . If/) ~ L I/J (s) 0 «z . 1Jf) (s))~ L I/J (s) 0 (z . (1Jf (s)))
SE S S E S

9.4~)iv L z· (I/J (s) 0 lJf(s)) 9.4~)iii z· (L I/J (s) 0 lJf(s))~ z' (I/J * 1Jf).
SES SES

(iii) I/J [1Jf (d)]'~ L I/J (s) [1Jf (d) (s)] ';;; L I/J (s) [1Jf (s) [d]]
SE S S E S

9.4~ViiL (lJf(s) 0 I/J (s)) [d] 9.4~)v ( L lJf(s) 0 I/J (s)) [d]~ (1Jf* I/J) [d]. 0
SES SES

9,5 A Matrix Representation for Relation Nets

(a) Definition, Let N be a relation net.

l
(i) For transitions t E TN, let the vector f: SN --> §i(DN) be defined as
-(s:t) iff sE't\t',
U;-s) iff s E t'\'t,
1 (s) = (0) - (s:t) iff s E 't n t',
0, otherwise.
(ii) Let the matrix 1:1 : SN x TN --> §i (DN) be defined as 1:1 (s, t) = 1 (s).
(iii) For 1Jf: SN --> §i (D N), let 1:1' * 1Jf: TN --> §i (DN)
t 1--+ t * 1Jf.

(b) Theorem, Let N be a relation net, let M, M' E [MN), let t E TN and d E D N.
1ft is M-enabledwith d then M[t)dM' iff M + 1 (d) = M'.
Proof Let s E 't\t'. Then M' (s) 9.;Je) M (s) - (s;t) [d] 9.~a) M (s) + 1 (s) [d]
'~M(s) + 1(d) (s).
9.7 An Example for Applying S-Invariants: The Verification of Facts l33

t u il i2 i3 MN

d -id id id l+r {P l ,··· 'P n }

g -(l+rJ l+r -id id {gl'··· ,gn}
e id -id id l+r 2.
Fig. 106. Matrix, invariants and the initial marking of the system shown in Fig. 102

For s E ("\'t, S E (" n 't and s ~ [" u 't, it can be shown analogously that
M' (s) = M(s) + 1 (d) (s). The result follows. 0

9,6 S-Invariants for Relation Nets

(a) Definition, Let N be a relation net. A place vector i: S N --+ .~ (D N) is called

an S-invariant ofN iff N' * i = Q.

(b) Corollary, Let i l and i2 be two S-invariants of a relation net N and let Z E 7L.
Then i l + i2 and z . i l are also S-invariants of N.

Proof Let t E TN.

( .) O+ = . 0 0
1* +
(. . ) 9.4 (d) i .
= 1 * + 1 * 12
. by hypothesis
1 II 12 II =
byhy~thesis Z.O=O.
.. )
( 11 1 * ( Z· II.) = z· 1 * II
9.4(d)ii ( .)
o
(c) Theorem, Let N be a relation net. Then, for each S-invariant i of N and each
reachable marking ME [MN), i [M] = i [MN].

Proof Let M, M' E [MN), let d E DN and let t E TN such that M[t)d M'.
i[M,]9.~b)i[M+1(d)]~ L i(s)[(M+1(d» (s)]

~ L i (s)[M(s) + 1(d) (s)] 9.4~} L (i (s)[M (s)] + i (S)[1 (d) (s)])

9.4~) i( L i (s)[M(s)]) + ( L i (s) [1 (d) (s)]) ~ i [M] + i [1 <d)]

SESN SESN '

9.4 ~ iii i [M] + (f * i)[d] = i [M] + 0 [d] = i [M] + .Q = i [M] . o

9,7 An Example for Applying S-Invariants: The Verification of Facts

Often it is possible to use invariants for proving system properties which are
formulated as facts. We shall show this for the facts specified in Fig. 100 in
134 Relation Nets

the system of the dining philosophers. Figure 102 shows this system for an
arbitrary number, n, of philosophers, represented as a relation net, N. The
capacity KN is given as KN (s) = 1 for all s E S N. The matrix and some in-
variants of the system are shown in Fig. 106. In the following, we use the nota-
tion and abbreviations of9.2 (b).

Proposition. The T-elements tl , ... , t6 of the system shown in Fig. 102 are facts.

Proof The proof is based on seven propositions.

Proposition 1. Let M: SN ---+J(D N) and let a E DN such that tl is M-enabled

with a. Then M(d) + M (e) ;:0: 2a.

Proof Using Definition 9.2 (e), we have M(d) ;:0: id [a] and M(e) ;:0: id [a], and
henceM(d) +M(e);:O: 2a.

Proposition 2. Y ME [M N): M(d) + M(e) = P.

Proof M(d) + M(e) = id [M(d)] + id [M(e)] = i 1 [M] = i 1 [MN] = id [MN (d)]

+ id [MN(e)] =MN(d) + MN(e) =P + Q=P.
To show that tl is a fact, notice that according to Proposition I, if tl is M-
enabled with a, then M (d) + M (e) ;:0: 2a. But, using Proposition 2, we have
for all ME [MN): M(d) + M(e) ::;; a. Hence M <t [MN) and tl is a fact.

Proposition3. Let M: SN ---+J(D N) and let a E DN such that t2 is M-enabled

with a. Then M(d) (a) + M(e) (a) ::;; O.
Proof Using Definition 9.2 (e), we have M (d) ::;; 1- a and M (e) ::;; 1- a,
hence M(d) + M (e) ::;; 2. - 2 a, and M (d) (a) + M (e) (a) ::;; (2. - 2 a) (a) = 2. (a)
-2a(a)=2-2=0.

To show that t2 is a fact, notice that according to Proposition 3, if t2 is M-

enabled with a, then M (d) (a) + M (e) (a) ::;; O. Since ·s = 0, M (s) ::;; MN (s)
= P. Since s E·t and (0) = id, a E P. But using Proposition 2, for all M' E MN:
M' (d) (a) + M' (e) (a) = 1. Hence M <t [MN) and t2 is a fact.

Proposition 4. Let M be a marking of N and let a E DN such that t3 is M-enabled

with a. Then (l + r) [M(d)] - M(g) =1= G.

Proof Using Definition 9.2 (e), M(d) ::;;1- a and M(g);:o: I [a], hence
(l + r) [M(d)]::;; (l + r) [1- a] and - M (g) ::;; - I [a]. This yields (l + r) [M (d)]
- M (g) ::;; (l + r) [1 - a] - I [a] = (l + r) [1] - (l + r)[ a] - I [a] = [I + r][l] - 21 [a]
- r [a] = 1[1] + r [1] - 21 [a] - r [a] = G + G - 21 [a] - r [a] = 2 G - 21 [a] - r [a] =1= G.

Proposition 5. Y ME [MN): (l + r) [M(d)] - M (g) = G.

9.8 Relation Net Schemes 135

Proof (/+r)[M(d)]-M(g) = (l+r)[M(d)]-id[M(g)] = i2 [M] = idMN] =

(l + r) [P] - G = 2G - G = G.
To show that t3 is a fact, notice that according to Proposition 4, if t3 is M-
enabled with a, then (l + r) [M(d)] - M(g) =l= G. But using Proposition 5, for
all M' E [MN): (l + r) [M' (d)] - M' (g) = G. Hence M ~ [MN) and t3 is a fact.
For t4 the proof is analogous to that for t3.

Proposition 6. Let t5 be M-enabled with a. Then (l + r) [M (e)] + M (g) =l= G.

Proof Using Definition 9.2, M(e) :2': a and M(g) :2': 1 (a), hence (l + r) [M(e)]
:2': (l+r)[a] and M(g):2':/(a). This yields (l+r) [M(e)]+M(g):2': (l+r)[a]
+ 1[a] = 1[a] + r [a] + 1[a] = 21 [a] + r [a] =l= G.

Proposition 7. V ME [MN): (l + r) [M (e)] + M(g) = G.

Proof (I + r) [M(e)] + M(g) = i3 [M] = i3 [MN] = (l + r) [Q] + G = G.

To show that t5 is a fact, notice that according to Proposition 6, if t5 is M-
enabled with a, then (l+r)[M(d)]-M(g)=l=G. Using Proposition 7,
M ~ [MN)' Hence t5 is a fact.
For t6 the proof is analogous to that for t5. 0

9.8 Relation Net Schemes

In many cases it is possible to derive properties of a relation net without spe-

cifying the underlying algebra. These properties then hold for all algebras with

,,
/ ,
/'
/!,///
it,
/ I
/
t ./
~ I-we::::;
t,
"'-t--·
I ••
I

-,
id:
I

'-----------------1 a
So
Fig. 107. A net scheme with two facts, 14 and Is
136 Relation Nets

t1 t2 t3 i MN

8 0 -id id a
81 id -id f
82 f -id id
8 3 f -id -id

Fig. 108. Matrix, an invariant and the initial case of the net shown in Fig. 107

corresponding operations, or if additional assumptions are made, for special

classes of such algebras. So we now consider relation net schemes which are
labelled by element and function symbols instead of concrete elements and
functions, respectively.

(a) Figure 107 shows such a relation net scheme with two facts. Indeed, t4
and t5 are facts for each concrete interpretation off and a. We prove this using
the invariant which is given in Fig. 108.

Proposition. The T-elements t4 and t5 of the net N shown in Fig. 107 arefacts for
any algebra llN = (D; {f}), assuming the capacity KN = 1.

Proof Let llN (D; {f}) be an arbitrary algebra for N. The proof is based on
three propositions.

Proposition 1. Let M: SN -+ DN and let dE DN such that t4 is M-enabled with d.

Then f[ M (s,)] + M (S2) - M (S3) =l= .Q.

Proof Using Definition 9.2 (e), M (s,) ~ d and M (S3) :s: 1 - f[d], hence
f[M(s,)]+M(S2)-M(S3) ~f[d]+M(s2)-1+f[d] = 2f[d]-1+M(s2) ~
2f[d] -1 =l= .Q.

Proposition 2. Y ME [MN): f[M (s,)] + M(S2) - M(S3) =.Q.

Prooff[M(s,)] + M(S2) - M(S3) = i [M] = i [MN] =.Q.

To show that t4 is a fact, using Proposition I and Proposition 2, we find that
t4 is not enabled for any marking M E [MN) and any d E D N.

Proposition 3. Let M: SN -+ DN and let dE DN such that t5 is M-enabled with d.

Then f[ M (s,)] + M (S2) - M (S3) =l= .Q.

Proof Using Definition 9.2 (e), M (S3) ~f[a], M (s,) :s: 1 - a, M (S2) :s: 1 - f[a],
hencef[M(s,)] + M(S2) -M(S3) :s:f[l- a] + (1- f[aD - f[a] = f[l] - f[a] +
I - f[a] - f[a] = I + f[1] - 3 f[a] =l= .Q.
To show that t5 is a fact, using Proposition 2 and Proposition 3, we find
that t5 is not enabled for any marking M E [MN) and any d E D N. 0
9.8 Relation Net Schemes 137

\ h
\
\
\

.
\

\, ," '. t
\.-","
'\ k
\

\
\

So
Fig. 109. A net scheme

(b) In the relation net scheme shown in Fig. 109 we assume, for each place
s E SN, the capacity KN (s) = 1. N contains aT-element t, drawn with broken
lines, which is a fact for some but not for all interpretations. For the free al-
gebra, generated by the (unary) operationsf, g, hand k, t is certainly a fact: If t
could be M-enabled with some a then we would have k (a) EM (S2)' Since no
arc ending at S2 is labelled with k, this is impossible. t is also a fact if
f = g = h = k or, as we shall see later, k = g 0 g-l = id or h = g-l 0 f. t is not a
fact if k = g-l and h =l= f, because t would then be enabled with d for the mark-
ing (Q.,.Q,g[d],J[d]) (a marking Mof N is here represented as (M(so), ... ,
M(s3))'

t1 t2 t3 i1 i2 i3 i4 i5 MN

So -id id g f d

sl id -id g id fog f

s2 g -g id g-1 f g-lof

s3 f -f id -r1 -g -id

iff iff iff

f or 1 fog gog-l

id gof id
=
gog-l
Fig. 110. Matrix, invariants and the initial case of the net shown in Fig. 109
138 Relation Nets

Accordingly, we find for the invariants of N (see Fig.IIO) that only iJ and
i2 are invariants under all interpretations. The vectors i3 to i5 are only in-
variants if the interpretation fulfils the respective conditions.
Again, we can use the knowledge about invariants to verify facts. We show
that t is a fact for all interpretations with k = g 0 g-J = id and h = g-J 0 f

Proposition 1. Let M: SN -+ DN and let dE DN such that t is M-enabled with d.

Thenf[M(sJ)] + h [M(S2)] -M(S3) =1= Q.

Proof Using Definition 9.2 (a), M(S2) :2 id [d] 1\ M(S3) ::s:;: 1- h [d], i.e. M(S2)
:2dl\-M(S3):2h[d]-L This yields h[M(S2)]:2h[d]I\-M(S3):2h[d]-L
Hence h [M(S2)] - M(S3) :2 2 h [d]-l and, since M (sJ) :2 Q, f[M (sJ)] +
h[M(s2)]-M(s3):22h[d]-1. In particular we have (2h[d]-l)(h[d])=
2 h [d] - h [d] = h [d] and the result follows. 0

Proposition 2. Y ME [MN) :f[M(sJ)] + h [M(S2)] - M (S3) = Q.

Proof f[M(sJ)] + h [M(S2)] -M(S3) = f[M(sJ)] + g-J 0 f[M(S2)] - id [M(S3)]

= i[M] = i[MN] = Q. 0
Using Proposition I and 2, it follows immediately that t is not enabled for
any marking M E [MN) and any d E D N.
Appendix

Mathematical Notions and Notation

I. Sets
AI. As usual we use, for sets M, the notation x EM and A s; M to denote that
x is an element of M and A is a subset of M. 9' (M) denotes the powerset of M.

A2. Let A, B, C be sets. As usual, Au B, An Band A\B = {a E A Ii (a E B)}

denote the union of A and B, the intersection of A and B and the complement
of B inA.

A3. From set theory, we use the distributive laws A n (B u C) =

(A n B) u (A n C), A u (B n C) = (A u B) n (A u C) and
(i) A\(B u C) = (A\B)\C,
(ii) A\(A\B) = An B,
(iii) (A u B)\C = (A\C) u (B\C),
(iv) (A\B)\A = 0,
(v) A\(B u C) = (A\B) n (A\C),
(vi) (A\B) n C = (A n C)\(B n C),
(vii) A S;B ~ A\B = O.
A4. N denotes the set of natural numbers {O, 1, 2, ... } and 7L denotes the set of
integers {... -2, -1, 0,1,2, ... }.

II. Relations

AS. Definition. Let M be a set. For x, y EM, (x, y) is called a pair over M. For
A,Bs;M, let AxB={(x,y)lxEAI\YEB}. Qs;MxM is called a relation
and we write x Q y for (x, y) E Q.

A6. Definition. Let M be a set and let Q, as; M x M be two relations over M.
We define:
(i) Q-l={(y,x)l(x,y) E Q}.
(ii)Q o a={(x,z)I::3YEM xQyl\yaz}. 00

(iii) With QO={(X,X)IXEM} and Qi+l=QioQ (i=O,I, ... ), let Q+=UQi

and Q* = Q+ U QO• i~l
(iv) For a EM, let Q[a] = {b E MI a Q b}.
140 Appendix. Mathematical Notions and Notation

A7. Corollary. If Q, (J s; M xM are relations then

(i) Q = QI,
(ii) Q S; (J ~ Q* S; (J*,
(iii) Q* U (J* S; (Q U 0)*,
(iv) (Q*)* = Q*.

AS. Lemma. Let Q, (J, r, Ijf S; M x M be relations. Then

(i) Q S; (J* /\ r S; Ijf* ~ (Q U r)* S; «(J U Ijf)*
(ii) Q S; (J* ~ (Q U (J)* S; (J*.

Proof (i) Q U r S; (J* U Ijf* S; «(J U Ijf)* ~ (Q U r)* S; «(J U Ijf)*)* =; «(J U Ijf)*.
(ii)
Q S; (J* ~ Q U (J* S; (J* ~ (Q U (J*)* S; «(J*)* = (J* ~ (Q U (J)* S; (J*. 0

ill. Mappings, Functions

A9. Definition. Let A, B be sets and let M S; A.

(i) f: A -+ B denotes a (total) function (or mapping) from A to B.
(ii) Forf: A -+ B, letf(M) = {f(a) I a EM}.
(iii) The mappingflM: M -+ B is defined asfIM(a) = f(a) for all a EM.
(iv) The relation {(a,j(a))la EA} is called the graph of the function
f:A-+B.

AIO. Definition. Let A be a set.

(i) id: A -+ A with id (a) = a is called the identity function or identity.
(ii) For n, i E N let pr;: An -+ A be defined by pr; (aI, ... , an) = a;.

IV. Partial Orders

All. Definition. Let M be a set. A relation Q S; M x M is called a partial order

iffYa, b EM:
(i) I (a Qa) (Q is irreflexive),
(ii) a Q b /\ b Q c ~ a Q C (Q is transitive).
Note that (i) and (ii) imply the asymmetry of Q: a Q b ~ I (b Q a).
Without regard to the carrier, we write partial orders Q S; MxM as "<".
Let a ::;; b ¢ > a < b V a = b.
Graphically, we present finite partial orders as graphs such that an arc
a -+ b is drawn iff a < b /\ $c: a < c < b.

V. Graphs

A12. Definition. A tuple G = (H, P) is called an (arc labelled, oriented) graph

over L iff Hand L are sets such that P S; H x L x H. The elements of H, Land
P are called nodes, arc labels and arcs, respectively.
The graphical representation of graphs is obvious.
VI. Suprema of Sets of Natural Numbers and Calculations with w 141

A 13. Definition. Let G = (H, P) be a graph over L. For i = 1, 2, ... Let Pi =

(hi,li,hj)EP. W=PIP2'" is called a path in G iff, for i=I,2, ... ,hj=hi + l •
Then we also write w = hi II h2 12 .... w is finite iff for some n EN, Pn + I is not
constructed. In this case, n is the length of w. The empty path e is of length O. w
is a circle iff, for some n E N, w is ofiength nand hn = hi.

A14. Definition. Let Gi = (Hi,P;) be graphs over Li (i= 1, 2). G1 is called r:t.-
[J-isomOlphic (isomorphic, for short) to G2 iff r:t.: HI -4 H2 and [J: Ll -4 L2 are
bijective mappings such that (h, I, h') E PI <=:> (r:t. (h), [J (I), r:t. (h')) E P2.

AIS. Definition. Let G = (H, P) be a graph.

(i) G is acyclic iff G contains no circles.
(ii) h E H is an initial node iff {(hi, I, h2) E PI h2 = h} = 0.
(iii) G is finitely based iff G has only finitely many initial nodes.
(iv) G is finitely branched iff for each node h E H, {(hi, I, h2) E P I hi = h} IS
finite.
We state now the well known Lemma of Konig in a form which is appro-
priate for our purposes:

A16. Theorem. Let G = (H, P) be an acyclic, finitely based and finitely branched
graph. If em)' path of G is finite then G itself is finite.

Proof For h E H, let suc (h) be the set of nodes h' E H such that there exists a
path from h to h'.
Assume G is infinite. We construct an infinite path hi 11 h2 12 ... as follows:
As G is finitely based there exists at least one initial node h such that suc (h) is
infinite. Let hi = h. By induction assume hi being given, and let suc (h;) be
infinite. As hi is finitely branched, there exists at least one arc (hi, I, h') such
that suc (h') is infinite. Then let Ii = I and hi + 1 = h'. 0

VI. Suprema of Sets of Natural Numbers and Calculation with ())

A17. Definition. (i) We expand the canonical ordering < and the operations +
and - on N to Nu{w} such that VnEN:n<w and VmENu{w}:
m + w = w + m = w; w - m = w.
(ii) For A ~ N u {w}, let
su (A) = {a iff a E A /\ Va' E A: a' :s; a,
~ w iff Vn E N:3a EA: n:S; a.

AIS. Corollary. Let A,B ~ N u {w} with A = {ai, a2, ... ,} and B = {b 1, b2, ... }.
If al < b1 /\ a2 < b2 /\ ... , then sup (A) :s; sup (B).
142 Appendix. Mathematical Notions and Notation

VII. Vectors and Matrices

We shall use arbitrary finite sets to index vectors and matrices (instead of the
more usual sequences of natural numbers). The components will be integers.

A19. Definition. Let A be a non-empty, finite set. A mapping v: A ---+ 7L is called

a vector or an A-vector. For two vectors VI : A ---+ 7L and V2 : A ---+ 7L, we define
(i) their sum VI + V2 as the vector v: A ---+ 7L with V (a) = VI (a) + V2 (a),
(ii) their product VI . V2 as the integer L. VI (a) . V2 (a),
aEA
(iii) for Z E 7L, the scalar product z· VI as the vector v: A ---+ 7L with V (a) =
Z . VI (a).

A20. Definition. Let A be a set.

(i) A vector v: A ---+ {O} is called the null vector and is denoted by 0 (its do-
main A is given by the particular context).
(ii) A vector v: A ---+ {O, I} is called characteristic.
For A' ~A let CA': A ---+ {O, I},
a f--+ 1 iff a E A',
a 1-+ 0 otherwise.
CA' is called the characteristic vector of A'.
(iii) A vector v: A ---+ 7L is called positive iff Va E A : V (a) 2 O.

A2l. Definition. Let A and B be non-empty, finite sets which are disjoint.
(i) A mapping C: A x B ---+ 7L is called a matrix.
(ii) The transposed matrix C' of a matrix C: A x B ---+ 7L is the matrix C':
B xA ---+ 7L with C ' (b, a) = C (a, b).
(iii) The product of a matrix C: A x B ---+ 7L with a vector v: B ---+ 7L yields the
vector C· v: A ---+ 7L with Co v (a) = L. C (a, b) . v (b).
bEB

Graphically, vectors and matrices are represented as tables, following the

scheme shown in Fig. Ill. With A = {aI, ... , an} and B = {b l , ... , bm }, let
v:A---+7L be a vector and C:AxB---+7L be a matrix. For i=I, ... ,n and
j= 1, ... , m, let Vi= v (aJand Cj = C (ai, bj ).

v C bl b

1:
m

al c ll (Jlm

a2 V2 a2 c 2l c 2m

,
a
n Ivn a
n
c nl c
nm

Fig. Ill. Graphical representation of vectors and matrices

1. Some Landmarks in the Development of Net Theory

As already mentioned in the preface, Net Theory started in the early 60ies with the disser-
tation of C. A. Petri, where the need for a theory of asynchronous machine models is stated:
[I] C. A. Petri: Kommunikation mit Automaten. Schriften des Institutes fUr Instrumentelle
Mathematik, Bonn 1962.
There is also an English Translation by Clifford F. Greene, Jr.:
[2] C. A. Petri: Communication with Automata. Final report, Volume I, Supplement I
RADC TR-65-377-vol-I-suppll, Applied Data Research, Princeton, NJ, Contract AF
30 (602)-3324 (January 1966).
Further early publications include:
[3] C. A. Petri: Fundamentals of a Theory of Asynchronous Information Flow. Information
Processing 1962, Proceedings of the IFIP Congress 62, Munich. North Holland Publish-
ing Company Amsterdam (1962) pp. 386 - 390
and
[4] C. A. Petri: Grundsiitzliches zur Beschreibung diskreter Prozesse. Drittes Colloquium
tiber Automatentheorie, Birkhiiuser Verlag Basel (1967), pp. 121 - 140.
The late sixties saw the Information System Theory Project which dealt. with nets of con-
ditions and events:
[5] A. W. Holt, H. Saint, R. Shapiro, S. Warshall: Final Report of the Information Systems
TheO/y Project. Technical Report RADC-TR-68-305, Rome Air Development Center,
Griffis Air Force Base, New York (Sept. 1968), 352 pages. Distributed by Clearing-
house for Federal Scientific and Technical Information, US Department of Commerce.
In this context, a basic paper is also
[6] S. S. Patil: Coordination of Asynchronous Events. PhD Thesis (May 1970) Cambridge,
Mass.: MIT Project MAC, Technical Report 72 (June 1970).
which was the beginning of MIT's short involvement in net theory.
144 Further Reading

As classical examples of papers on place/transition-nets we suggest M. Hack's introduction

of free choice nets:
[7] M H. T. Hack: Analysis oj Production Schemata by Petri Nets. Technical Report 94,
Project MAC (February 1972).
and Commoner's investigations on liveness for arc weighted free choice nets and simple nets:
[8] Frederic G. Commoner: Deadlocks in Petri Nets. Applied Data Research Inc., Wake-
field, Massachusetts 01880. Report Nr. CA-7206-2311 (1972).
The coricepts of processes and of K-density have their origin in
[9] C. A Petri: Non-sequential Processes. Internal Report GMD- ISF -77 -5 (1977), Gesell-
schaft fUr Mathematik und Datenverarbeitung, Bonn.
Nets with individual tokens were introduced by H. Genrich and K. Lautenbach in the
following paper:
[10] H. Genrich, K. Lautenbach: System Modelling with High Level Petri Nets. Theoretical
Computer Science 13 (1981), pp.109-136.
General Net Theory studies (beside others) concepts to systematically relate the various
net models (we did not stress these aspects in this book, but gave a small example in Figs. 9
and 10). C. A Petri (and others) developed this theory in various papers, e.g.
[II] C. A Petri: Concepts oj Net Theory. Mathematical Foundations of Computer Science,
Proceedings of Symposium and Summer School, High Tatras, September 3-8, 1973.
Math. Inst. of the Slovak Acad. of Science (1973), pp.137 -146
[12] C. A Petri: General Net Theory. Proceedings of the Joint IBM University of Newcastle
upon Tyne Seminar on Computing System Design, Sept. 1976, B. Shaw (ed.) (1977).
A recent contribution to the basic ideas of Net Theory is
[13] C. A Petri: State-Transition Structures in Physics and in Computation. International
Jorunal of Theoretical Physics, Vol. 21 Nos. 10111 (1982).

2. Conferences on Petri Nets

The earliest conferences dealing - at least to some extent - with Petri Nets were the MAC
Conference on concurrent systems in 1970, the GMD Conference "Ansatze zur Organisation
rechnergestiitzter Informationssysteme" in 1974, the MIT Conference on Petri Nets and Re-
lated Methods, 1975 (unpublished) and the Journees d'etude AFCET Reseaux de Petri, 1977.
[14] J. Dennis (Editor): Record oj the Project MAC ConJerence on Concurrent Systems and
Pm'allel Computation, New York: AMC (June 1970)
[15] C. A Petri (Editor): Ansiitze zur Organisationstheorie rechnergestutzter InJormations-
systeme. R. Oldenbourg Verlag Miinchen, Wien. Berichte der.Gesellschaft flir Mathe-
matik und Datenverarbeitung Nr.111 (1979)
[16] Institute de Programmation, Universite Paris VI (Editor): lourm?es d'etude AFCET Re-
seaux de Petri, Paris (1977)
An important event was the Advanced Course on General Net Theory of Processes and
Systems in Hamburg, Oct., 8-19,1979. The course material was published in
[17] W. Brauer (ed.): Net Theory and Applications. Springer Lecture Notes in Computer Sci-
ence, 84 (1980).
This represents the state-of-the-art until about 1979. More recent material is collected in
the proceedings of the European Workshops on Application and Theory of Petri Nets:
4. Bibliographies 145

[18] C. Girault, W. Reisig (eds.): Application and Theory of Petri Nets. Informatik Fach-
bericht 52, Springer Publishing Company (1982)
and
[19] A Pagnoni, G. Rozenberg (eds.): Application and Theory of Petri Nets. Informatik Fach-
berichte 66, Springer Publishing Company (1983).

3. Text Books
Until recently, there did not exist any text books on Petri Nets. As a substitute, the proceed-
ings [17] have sometime been used as an introductory text. In particular, this volume contains
a proposal for a standard terminology which we observed in this book:
[20] H. 1. Genrich, E. Stankiewicz-Wiechno: A Dictionary of Some Basic Notions of Net
Theory, in [17].
In the following we refer to books which are distributed by professional publishers. The
many introductory texts in journals or internal reports are not mentioned here.
in English:
[21] J. L. Peterson: Petri Net Theory and the Modeling of Systems. Prentice-Hall, Inc., Engle-
wood Cliffs, N.1. 07632 ISMN 0-13-661983-5 (1981)
in French:
[22] G. W. Brams (nom collective): Reseaux de Petri, Theorie et Pratique. Masson, Editeur,
120 boulevard Saint-Germain 75280 Paris Cedex 06 ISMN 2-903-60712-5 (1982). Two
volumes
in German:
[23] P. H. Starke: Petri-Netze. VeB Deutscher Verlag der Wissenschaften, Berlin (DDR)
(1981)
[24] U. Winand, B. Rosenstengel: Petri-Netze. Eine anwendungsorientierte Einfuhrung. Vie-
weg-Verlag Braunschweig. ISBN 3-528-03582-X (1981).
The original german version of the present book is published by Springer Verlag. An
Italian translation is published by Arnoldo Mondadori Editore, Milano (Italy).
All four books [21] to [24] concentrate on nets consisting of places and transitions.

4. Bibliographies
Many papers are referenced in the various contributions of [17]. A detailed and annotated
bibliography, covering papers until 1979, is contained in the book of Peterson [21]. The bi-
bliography
[25] E. Pless, H. Pliinnecke: A Bibliography of Net Theory. Second Edition ISF-Report 80.05.
Gesellschaft fUr Mathematik und Datenverarbeitung Bonn, Germany (1980)
reports about 500 papers which were published up to 1980. More recent references are con-
tinuously published in the newsletter of the GI-Special Interest Group on Petri Nets and
Related System Models:
[26] Newsletter of the Special Interest Group "Petri Nets and Related System Models". Ge-
sellschaft fUr Informatik (Computer Science Society in Germany), Bonn, Germany.
ISSN 0173-7473.
146 Further Reading

5. References to Chapter 2
Conditions and events have been fundamental notions of Net Theory from the very begin-
ning. The first extensive studies were published in [5], and can also be found in
[27] A Holt: Introduction to Occurrence Systems. Associative Information Techniques, New
York: American Elsevier (1971), pp. 175- 203.
For a further early study see also [6].
The notation we use is based on the following two papers:
[28] C. A Petri: Interpretations of Net Theory. Internal Report 75-07, second edition, 20. 12.
1976. Gesellschaft fiir Mathematik und Datenverarbeitung, Institut fiir Informations-
systemforschung, Bonn (1976)
[29] H. 1. Genrich, K Lautenbach, P. S. Thiagarajan: Elements of General Net Theory, in
[17].

6. References to Chapter 3
The idea of unfolding a condition/event-system to partially ordered event occurrences was
introduced in [5].
The notion of a process, as defined in 3.3 (a), was first discussed by C. A. Petri in [9].
Petri introduces a lot of properties which a "reasonable" notion of process should meet.
In [28] a collection of five such properties is chosen to define this notion. The theorems which
we prove in Chapt. 3.3 to 3.5 are not given in the literature.
An early paper on K-density is
[30] E. Best: A Theorem on the characteristics of non-sequential processes. Fundamenta Infor-
maticae IlL I (1980), pp. 77 - 94.
More recently, occurrence nets have been studied independently of any correspondence to
condition/event systems. As examples see
[31] E. Best, A Merceron: Discreteness, K-density and D-continuity of Occurrence Nets. 6th
GI Conference on Theoretical Computer Science. Lecture Notes in Computer Science
145, Springer-Vedag (1983)
[32] C. Fernandez, P. S. Thiagarajan: D-Continuous Causal Nets: A Model of Non-Sequential
Processes. Theoretical Computer Science 28 (1984), pp. 171-196.
In the context of schemes for nonsequential systems, the following papers describe pro-
cesses with the use of partial orders:
[33] A Mazurkiewicz: Concurrent Program Schemes and their Interpretation. University of
Aarhus, DAIMI PB-78 (1978)
[34] 1. Winkowski: Behaviours of Concurrent Systems. Theoretical Computer Science 12
(1980), pp. 39-60
[35] W. Reisig: Schemes for Nonsequential Processing Systems. 9th Symposium on Mathe-
matical Foundations of Computer Science, Lecture Notes in Computer Science 88,
Springer-Verlag (1980)
[36] M. Nielsen, G. Plotkin, G. Winskel: Petri Nets, Event Structures and Domains, Part I.
Theoretical Computer Science 13 (1981), pp. 85 - 108
[37] 1. Winkowski: An Algebraic Description of System Behaviours. Theoretical Computer
Science 21 (1982),pp. 315-340
[38] G. Winskel: Events in Computation. Ph. D. thesis, University of Edinburgh (1980).
8. References to Chapter 5 147

7. References to Chapter 4
Synchronic distance was first mentioned in
[39] C. A Petri: Concepts of Net Theory. Mathematical Foundations of Computer Science,
1973. High Tatra; Mathematics Institute of Slovak Academy of Science (1973), pp.
137-146.
There have been some formal definitions, e.g. in [28], but there are some problems in the
case of non-cyclic systems. In [29] a definition for synchronic distance is given which is
equivalent to ours. More on synchronic distances can be found in
[40] C. Andre, P. Armand, F. Boeri: Synchronic Relations and Applications in Parallel Com-
putation. Digital Processes 5 (1979), pp. 339 - 354
[41] U. Goltz, W. Reisig, P. S. Thiagarajan: Two Alternative Definitions of Synchronic Dis-
tance, in [18].
The extension to weighted synchronic distances is discussed in [29] and in
[42] U. Goltz, W. Reisig: Weighted Synchronic Distances, in [18].
A typical application of synchronic distances is
[43] A C. Pagnoni: A Fair Competition Between Two or More Partners, in [18].
The idea of facts was first mentioned in [28]. Further investigations on facts can be found
III

[44] H. J. Genrich, G. Thieler-Mevissen: The Calculus of Facts. Mathematical Foundations of

Computer Science 1976, Lecture Notes in Computer Science 45. Springer-Verlag (1976),
pp.588-595
and in
[45] G. Thieler-Mevissen: The Petri Net Calculus of Predicate Logic. Internal Report ISF-
76-09 (1976), Gesellschaft fiir Mathematik und Datenverarbeitung, Bonn.

8. References to Chapter 5
To a large extent, papers on Petri Nets deal with place/transition-nets. Indeed, often both
notions are synonymously used.
In order to give a representative survey over the area, we subdivide this section into
several sub-sections.

(a) Coverability Graphs

The first idea resembling the coverability graphs was the introduction of a "reachability tree"
by Karp and Miller:
[46] R. M. Karp, R. E. Miller: Parallel Program Schemata. Journal of Computer and System
Sciences 3 (1969), pp. 147- 195.
A construction method for coverability graphs which differs slightly from ours is pre-
sented in
[47] M. Jantzen, R. Valk: Formal Properties of Place/Transition Nets, in [17].

(b) Liveness
The notion of liveness has often been considered as a mayor problem for analysis. There exist
different reasonable notions of liveness, cf.
148 Further Reading

[48] K Lautenbach: Liveness in Petri Nets. Internal Report GMD-ISF 72-02.1 (1972).
Papers on liveness include
[49] M. Hack: The Recursive Equivalence of the Reachability Problem and the Liveness Prob-
lem for Petri Nets and Vector Addition Systems. Proceedings of the 15th Annual Sym-
posium on Switching and Automata Theory, New York IEEE (1974)
[50] K Gostelow: Computation Modules and Petri Nets. Third IEEE-ACM Milwaukee Sym-
posium on Automatic Computation and Control, New York (1975)
[51] H. Schmid, E. Best: Towards a Constructive Solution of the Liveness Problem in Petri
Nets. Technical Report 4/76, Institut fiir Informatik, Universitat Stuttgart, West Ger-
many (1976)
[52] Y. Lien: Termination Properties of Generalized Petri Nets. SIAM Journal of Computing
5, Nr. 2 (1976), pp. 251- 265.
Liveness is also discussed in [8] and [5].

(c) Further Properties

Further properties of place/transition nets which have not been discussed in this book in-
clude persistence, the existence of homestates and equivalence. Homestates are considered
e.g. in the first volume of [22]. Persistency is discussed in the following papers:
[53] L. Landweber, E. Robertson: Properties of Conflict-Free and Persistent Petri Nets.
Journal of the ACM, Vol. 25, Nr. 3 (1978), pp. 352- 364
[54] 1. H. Muller: Decidability of Reachability in Persistent Vector Replacement Systems.
9th Symposium on Mathematical Foundations of Computer Science, Lecture Notes in
Computer Science Vol. 88, Springer-Verlag (1980), pp. 426-438
[55] E. Mayr: Persistence of Vector Replacement Systems is Decidable. Acta Informatica 15
(1981), pp. 309-318
[56] H. Yomoasaki: On Weak Persistency of Petri Nets. Information Processing Letters 13,
3 (1981), pp. 94-97.
The concept of equivalence is discussed in
[57] 1. R. Jump, P. S. Thiagarajan: On the Equivalence of Asynchronous Control Structures.
13th Annual Switching and Automata Theory Symposium (Oct. 1972), 212- 223. Also:
SIAM Journal of Computing, Vol. 2, No.2 (June 1973), pp. 67 - 87
[58] C. Andre: Use of Behaviour Equivalence in Place/Transition Net Analysis, in [18].
[59] C. Andre: Structural Transformations giving B-equivalent PT-Nets, in [19]
[60] F. De Cindio, G. De Michelis, L. Pomello, C. Simone: Equivalence Notions for Con-
current Systems, in [19]
[61] M. Yoeli, T. Etzion: Behavioural Equivalence of Concurrent Systems, in [19].

(d) Analysis Methods

An analysis method for place/transition-nets which we did not mention in this book, is the
reduction of nets. In the first volume of [22], this method is discussed in detail. It is also
presented in
[62] G. Berthelot, G. Roucairol, R. Valk: Reduction of Nets and Parallel Programs, in [17].
Similar methods are presented in the following papers:
[63] 1. R. Valette: Analysis of Petri Nets by Stepwise Refinements. Journal of Computer and
System Sciences 18, No.1 (1979), pp. 35-46
8. References to Chapter 5 149

[64] M Toulotte, 1. P. Parsy: A Method for Decomposing Interpreted Petri Nets and its
Utilization. Digital Processes 5 (1979), pp. 223 - 234
[65] 1. Suzuki, T. Murata: A Method for Hierarchically Representing Large Scale Petri Nets.
Proceedings of the 1980 International Conference on Circuits and Computer, October
1980
[66] M. Silva: Simplification des Reseaux de Petri par elimination des places implicites. Digi-
tal Processes 6 (1980), pp. 245 - 256.

(e) The Reachability Problem

The reachability problem has been open since the introduction of vector addition systems [46]
and was solved recently by Kosaraju:
[67] S. R. Kosaraju: Decidability of Reachability in Vector Addition Systems. Proceedings of
the Fourteenth Annual ACM Symposium on Theory of Computing, San Francisco, Cali-
fornia, May 5 - 7, 1982, pp. 267 - 281.
Some corrections of this proof are given in
[68] H. 1. Muller: Filling a Gap in Kosaraju's Proof for the Decidability of the Reachability
Problem in VAS. Newsletter of the Special Interest Group "Petri Nets and Related Sys-
tem Models", No. 12, October 1982 (cf. [26]).
Milestones on the way to this solution are [54] and
[69] 1. van Leeuwen: A Partial Solution to the Reachability Problem for Vector-Addition Sys-
tems. Proc. of the sixth Annual ACM Symposium on Theory of Computing (1974), pp.
303-307.
[70] G. S. Sacerdote, R. L. Tenney: The Decidability of the Reachability Problem for Vector
Addition Systems. Proc. of the ninth Annual ACM Symposium on Theory of Computing
(1977), pp. 61-76.
[71] J. Hopcroft, 1. 1. Pansiot: On the Reachability Problem of five dimensional Vector Addi-
tion Systems. Theoretical Computer Science 8 (1979), pp. 135-159.
[72] E. W. Mayr: An Algorithm for the General Petri Net Reachability Problem. Proc. of the
13th Annual ACM Symposium on Theory of Computing (1981), pp. 238 - 246.

(1) Decidability and Complexity

A survey on decidability and complexity problems is contained in
[73] M. Jantzen: Komplexitiit von Petrinetz-Algorithmen. Unpublished course material, Uni-
versity of Hamburg (1984).
The decidability and the complexity of net properties are treated in [21,47] and in the
following papers:
[74] H. Baker: Rabin's Proof of the Undecidability of the Reachability Set Inclusion Problem
for Vector Addition Systems. Computation Structures Group Memo 79, Project MAC, MIT
Cambridge, Massachusetts (July 1973)
[75] M. Hack: Decidability Question for Petri Nets. Ph. D. thesis, Department of Electrical
Engineering, MIT (December 1974). Also: Technical Report 161, Laboratory for Com-
puter Science, MIT, Cambridge, Massachusetts (June 1976)
[76] M Hack: The Equality Problem for Vector Addition Systems is Undecidable. Theoretical
Computer Science 2 (1976), pp. 77 - 95
[77] T. Araki, T. Kasami: Some Decision Problems Related to the Reachability Problem for
Petri Nets. Theoretical Computer Science 3 (1977), pp. 85 -104
150 Further Reading

[78] T. Araki, T. Kasami: Decidable Problems on the Strong Connectivity of Petri Net
Reachability Sets. Theoretical Computer Science 4 (1977), pp. 99 -' 119
[79] N. Jones, L. Landweber, Y. E. Lien: Complexity of Some Problems in Petri Nets.
Theoretical Computer Science 4 (1977), pp. 277 - 299
[80] C. Rackoff: The Covering and Boundedness Problem for Vector Addition Systems.
Theoretical Computer Science 6 (1978), pp. 223 - 231
[81] E. W. Mayr: The Complexity of the Finite Containment Problem for Petri Nets. Cam-
bridge, Mass., MIT Lab. for Computer Science, Technical Report 181 (1977)
[82] E. W. Mayr, A. R. Meyer: The Complexity of the Finite Containment Problem for Petri
Nets. Journal of the ACM 28,3 (1981), pp. 561 - 576
[83] M Jantzen, H. Bramhoff: Notions of Computability by Petri Nets, in [19].

(g) Petri Net Languages

Much effort was spent in the 70ies on the investigation of Net Languages (assign to each
transition a character or the empty word and consider sequences of transition firings). Typical
papers are e.g. [75], and
[84] M Hack: Petri Net Languages. Computation Structures Group Memo 124, Project
MAC, MIT (1975). Also: Technical Report 159, Laboratory for Computer Science MIT
Cambridge, Massachusetts (1976)
[85] J. L. Peterson: Computation Sequence Sets. Journal of Computer and System Sciences
13, I (I976),pp. 1-24
[86] R. VaIk, G. Vidal-Naquet: Petri Nets and Regular Languages. Journal of Computer and
System Sciences 23 (1981), pp. 229-325
[87] S. Crespi-Reghizzi, D. Mandrioli: Petri Nets and Szilard Languages. Information and
Control 33, No.2 (1977), pp. 177- 192
[88] 1. Grabowski: The Unsolvability of Some Petri Net Language Problems. Information
Processing Letters 9, No.2 (1979), pp. 60-63
[89] D. Mandrioli: A Note on Petri Net Languages. Information and Control 34, No.2 (1977),
pp. 169- 171
[90] P. Starke: Free Petri Net Languages. Seventh Symposium on Mathematical Foundations
of Computer Science 1978, Lecture Notes in Computer Science 64, Springer-Verlag
(1978), pp. 506- 5 I 5
[91] Matthias Jantzen: On the Hierarchy of Petri Net Languages. R.A.I.R.O. Informatique
theoretique/Theoretical Informatics Vol. 19, No.1 (1979), pp. 19-30
[92] T. Araki, T. Kagimasa, N. Tokura: Relations of Flow Languages to Petri Net Languages.
Theoretical Computer Science 15 (1981), pp. 51 -75.
This topic is also discussed in the books of Peterson and Starke [21, 23].

(h) Behaviour Representation

As causal dependency and concurrency of transition firings are not represented in firing
sequences, several other methods have been suggested to represent the behaviour of place/
transition nets:
[93] P. Starke: Processes in Petri Nets. Elektronische Informationsverarbeitung und Kyber-
netik, ElK 17 8/9 (1981), pp. 389-416
[94] G. Rozenberg, R. Verraedt: Subset Languages for Petri Nets. Part I: The Relationship
to String Languages and Normal Forms. Part II: Closure Properties. Theoretical Computer
Science (1983), Vol. 26, pp. 301- 326 and Vol. 27, pp. 85 - 108
10. References to Chapter 7 151

[95] H. D. Burkhard: Ordered Firing in Petri Nets. Elektronische Informationsverarbeitung

und Kybemetik (ElK) 2/3 (1983), pp. 71- 86.
[96] U. Goltz, W. Reisig: The Non-sequential Behaviour oj Petri Nets. Information & Con-
trol, Vol. 57, Nos. 2-3 (1983), pp. 125-147.
The infinite behaviour of place/transition-nets is studied in the paper
[97] R. Valk: Infinite Behaviour oj Petri Nets. Theoretical Computer Science 25, (3) (1983),
pp.342-373.

9. References to Chapter 6
S-Invariants and T-Invariants were introduced by K. Lautenbach in [48]. An overview of
more net properties which can be derived by linear algebraic techniques is given in
[98] 1. Sifakis: Structural Properties oj Petri Nets. Mathematical Foundations of Computer
Science, Lecture Notes in Computer Science 64, Springer-Verlag (1978), pp. 474-483
and in
[99] G. Memmi, G. Roucairol: Linear Algebra in Net Theory, in [17].
Detailed considerations are also contained in the first volume of [22] and in
[100] 1. Martinez, M. Silva: A Simple and Fast Algorithm to obtain all Invariants oj a Gen-
eralized Petri Net, in [18].
The seat reservation system of Chap. 6.5 was constructed by Kurt Lautenbach (private
communication) and is based on an example by E. Ashcroft.

10. References to Chapter 7

(a) Free Choice Nets
As already mentioned above, M. Hack introduced free choice nets in [7]. Errata to this are
collected in
[101] M. Hack: Corrections to "Analysis oj Production Schemata by Petri Nets". Computation
Structures Group Note 17, Project MAC (June 1974).
In [7], Hack proves the deadlock/trap criterion for the liveness of free choice nets. Our
proof is a slight modification of his. Further studies on free choice nets include:
[102] E. Best, M. W. Shields: Some Equivalence Results Jor Free Choice Nets and Simple Nets
and on the Periodicity oj Live Free Choice Nets. Preprint of CAAP 83, 8th Colloquium on
Trees in Algebra and Programming, L'Aquila. Lecture Notes in Computer Science 159,
Springer-Verlag (1983), pp. 141-154
[103] K Dopp: Zum Hackschen WohlJormungssatz fur Free-Choice-Petrinetze. ElK 19,
112 (1983), pp. 3 -15
Generalizations of the liveness criterion for free choice nets are found in the following
two papers:
[104] M. Hack: Extended State Machine Allocatable Nets (ESMA), an Extension oj Free
Choice Petri Nets Results, Computation Structures Group Memo 78, Project MAC, MIT
Cambridge, Massachusetts (1973), revised as Memo 78-1 (1974)
[105] W. Griese: Liveness in NSC-Petri Nets, in: Discrete Structures and Algorithms, U. Pape
(ed.), Carl Hanser Verlag, Miinchen (1980)
[106] P. S. Thiagarajan, K. Voss: A Fresh Look at Free Choice Nets. Arbeitspapiere der
GMD, Nr. 58, October 1983
152 Further Reading

[107] E. Best, K Voss: Free Choice Systems have Home States. Acta Informatica 21 (1984),
pp.89-100
Similar results on further net classes are discussed in [47]. "Bipolar Schemata" may be
considered as a special class of free choice nets:
[108] H. 1. Genrich, P. S. Thiagarajan: A Theory for Bipolar Synchronization Schemes. Theo-
retical Computer Science 30 (1984), pp. 241- 318
They are also mentioned in [29].

(b) Marked Graphs

The first study on marked graphs was undertaken by H. Genrich in
[109] H. Genrich: Das Zollstationenproblem. Internal Reports GMD-I5/69-01-15 and 171-10-
13, Gesellschaft fUr Mathematik und Datenverarbeitung, Bonn (1969 and 1971),
immediately followed by
[110] A W. Holt, F. Commoner: Events & Conditions. Applied Data Research, New York
(1970).
Our proofs in Chap. 7.3 are taken from Genrich's paper [109]. More detailed investiga-
tions are given in [57] and in the following papers:
[III] F. Commoner, A W. Holt, S. Even, A. Pnueli: Marked Directed Graphs. Journal of
Computer and System Sciences 5 (1971), pp. 511- 523
[112] H. 1. Genrich, K Lautenbach: Synchronisationsgraphen. Acta Informatica 2 (1973), pp.
143-161.

(c) Further Net Classes

Co-ordination of sequential processes is modelled by the following classes of nets:
[113] O. Herzog: Static Analysis of Concurrent Processes for Dynamic Properties Using Petri
Nets. Lecture Notes in Computer Science 70, Springer-Verlag (1980)
[114] W. Reisig: Deterministic Buffer Synchronization of Sequential Processes. Acta Infor-
matica 18 (1982), pp. 117 - 134
[115] K Lautenbach, P. S. Thiagarajan: Analysis of a Resource Allocation Problem Using
Petri Nets. First European Conference on Distributed Processing, Toulouse, 1. Syre (ed.),
1979, pp. 260 - 266
[116] F. De Cindio, G. de Michelis, L. Pomello, C. Simone: Superposed Automata Nets, in
[18].
There have been investigations trying to find net classes with more or less simple decision
procedures for liveness. [8] introduced a class called "simple". They are also studied in [104].
Landweber and Robertson [53] consider "conflict free" nets.

11. References to Chapter 8

An early paper on nets with individual tokens is
[117] M. Schiffers, H. Wedde: Analyzing Program Solutions of Coordinated Problems by CP-
Nets. Mathematical Foundations of Computer Science 1978, Lecture Notes in Computer
Science 64 (1978), pp. 462-473
13. Modifications and Generalizations of Place ITran sition-Nets 153

A fundamental step was the introduction of variables as arc labels in the model of pre-
dicate/transition-nets which was introduced in [10]. As a special case of this model one may
consider the predicate/event-nets which we introduced in Chap. 8.
A further study of this model is
[118] H. Genrich, K Lautenbach: S-Invariance in Predicate/Transition Nets, in [19].
The distributed database example of Chap. 8.3 is taken from [29].

12. References to Chapter 9

Because the variables in predicate/transition-nets yield difficulties when constructing a cal-
culus of invariants, K Jensen defined a variable free calculus of nets with individual tokens in
[119] K Jensen: Coloured Petri Nets and the Invariant Method. Theoretical Computer Sci-
ence 14 (1981), pp. 317-336.
More on this model can be found in
[120] K Jensen: How to Find Invariants for Coloured Petri Nets. Mathematical Foundations
of Computer Science 1981, Lecture Notes in Computer Science 118 (1981), pp. 327 - 338
and in
[121] K Jensen: High Level Petri Nets, in [19].
Relation nets are related to other net models in
[122] W. Reisig: Petri Nets with Individual Tokens, in [19].
In FIFO-nets tokens are assumed to be characters, and S-elements behave according to
the first-in-first-out-principle (hence markings can be considered as character strings):
[123] R Martin, G. Memmi: Specification and validation of Sequential Processes Communi-
cating by FIFO Channels. 4th International Conference of Software Engineering for
Telecommunication Switching Systems. (IEEE) Worwick 1981
[124] A Finkel: Blocage et vivacite dans les reseaux a pile-file. STACS 84, Lecture Notes
in Computer Science 166 (1984), pp. 151-162.

13. Modifications and Generalizations of Place/Transition-Nets

It is often proposed to modify or to generalize the standard firing rule of place/transition nets
or to supply nets with additional components and distinguished interpretations. Most of these
generalizations refer to the fact that in place/transition nets it is not possible to test the
emptyeness of a place with infinite capacity.
Typical such modifications, as inhibitor arcs and priority rules, are extensively discussed
in the books [21,22,23].
Evaluation Nets and Macro-E-Nets introduce additional types of places:
[125] 1. D. Noe, G. 1. Nut: Macro-E-nets for Representations of Parallel Systems. IEEE Trans-
actions on Computers, Vol. C-22, No.8 (1973)
[126] 1. D. Noe: Nets in Modelling and Simulation, in [17].
The concept of dynamic change of arc weights (self modifying nets) is found in
[127] R. Valk: Generalizations of Petri Nets. Mathematical Foundations of Computer Science
1981, Lecture Notes in Computer Science 118 (1981), pp. 140-155.
154 Further Reading

This paper gives also an overview of several net models, their modifications and their
properties.
Different types of nets are also compared in
[128] K Jensen: A Method to Compare the Descriptive Power oj Different Types oj Petri Nets.
Mathematical Foundations of Computer Science 1980, Lecture Notes in Computer Sci-
ence 88, Springer-Verlag (1980), pp. 348- 361
[129] S. Porat, M. Yoeli: Towards a Hierarchy oj Nets. Technion-Israel Institute of Technol-
ogy, Dept of Computer Science Technical Report No. 224 (1981).
Notions of time are introduced in the following papers:
[\30] C. Ramchandani: AnalYSis oj Asynchronous Concurrent Systems by Petri Nets. Techni-
cal Report 120, Project MAC, MIT Cambridge, Massachusetts (1974)
[\33] 1. Skifakis: Pelformance Evaluation oj Systems Using Nets in [17]
Dept. of Information and Computer Science, University of California, Irvine, California
(1974)
[132] S. Ghosh: Some Comments on Time in Petri Nets in [16]
[133] 1. Skifakis: Performance Evaluation oj Systems Using Nets in [17]
[\34] W. M. Zuberek: Timed Petri Nets and Preliminary PerJormance Evaluation. Proceed-
ings of the 7th Annual Symposium on Computer Architecture, May 6 - 8, 1980, La
Baule, France (1980), pp. 88-96.
Further modifications are given in
[135] M. Moalo, 1. Poulou, 1. Skifakis: Synchronized Petri Nets: A Model Jor the Description
oj Non-Autonomous Systems. Mathematical Foundations of Computer Science 1978,
Lecture Notes in Computer Science 64, Springer-Verlag (1978), pp. 374- 384
[136] M. Yoeli, Z. Barzilai: Behavioural Descriptions oj Communication Switching Systems
using Extended Petri Nets. Digital Processes 3 (1977), pp. 307 - 320
[137] H. D. Burkhard: On Priorities oj Parallelism: Petri Nets under the Maximum Firing
Strategy. Logics of Programs and their Applications, Lecture Notes in Computer Science
148 (1982)
[\38] A. Pistorello, C. Romoli, S. Crespi-Reghizzi: Threshold Nets and Cell-Assemblies. Infor-
mation and Control 49 (1982), pp. 239- 264
[139] H. D. Burkhard: Control oj Petri Nets by Finite Automata. Fundamenta Informaticae
Series IV, No.2, Warszawa (1973)
[140] T. Etzion and M. Yoeli: Super Nets and Their Hierarchy. Theoretical Computer Science
25, (2) (1983).
As more general and abstract models one might consider transition systems and subsitu-
tion systems:
[141] R. M. Keller: Vector Replacement Systems: A Formalism Jor Modelling Asynchronous
Systems. Technical Report 117 Computer Science Laboratory, Princeton University,
Princeton, New Jersey (December 1972), revised January 1974
[142] H. 1. Genrich, K Lautenbach, P. S. Thiagarajan: Substitution Systems - A Family oj
System Models based on Concurrency. Mathematical Foundations of Computer Science
1980, Lecture Notes in Computer Science 88, Springer-Verlag (1980), pp. 698 -723
[143] 1. Sifakis: A Unified Approach Jor Studying the Properties oj Transition Systems. Theo-
retical Computer Science 18 (1982), pp. 227 - 258.
14. Applications 155

14. Applications

In this book we presented a few examples of applying nets in system modelling and analysis.
Hints on applications in system modelling are also found in the books [20, 22, 23]. A broader
spectrum of applications and implementations is contained in the second volume of [22]. Ap-
plications are also found in the volumes [17,18,19].
Early applications include R. Shapiro's and H. Saint's translation of Fortran programs
into nets, showing precedence constraints between operations, and J. Noe's net model of the
SCOPE 3.2 operating system:

[144] R. Shapiro, H. Saint: A New Approach to Optimization of Sequential Decisions. An-

nual Review in Automatic Programming. Volume 6, Part 5 (1970), pp. 257- 288.
[145] J. Noe: A Petri Net Modelfor the CDC 6400. Proceedings ACM SIGOPS Workshop on
System Performance Evaluation, New York, ACM (1971), pp. 362- 378.
General remarks on the adequate style of net interpretations are made in
[146] C. A Petri: Interpretations of Net Theory. Gesellschaft fUr Mathematik und Datenver-
arbeitung, Bonn Internal report ISF -75-07 (1975)
[147] C. A Petri: Modelling as a Communication Discipline, in: H. Beilner, E. Gelembe (eds.):
Measuring, Modelling and Evaluation Computer Systems, North-Holland Pub!. Compo
(1977), pp. 435-449
[148] C. A Petri: Concurrency as a Basis of System Thinking. Gesellschaft fUr Mathematik
und Datenverarbeitung, Bonn Internal report ISF -78-06 (178) also in Proceedings from 5th
Scandinavian Logic Symposium, 1979, Aalborg. F. Jensen, 8. Mayoh, K. Moller (eds.),
Universitetsforlag Aalborg (1979), pp. 143 -162
[149] A W. Holt: Net Models of Organizational Systems in Theory and Practice, in [15].
[150] R. M. Shapiro: Towards a Design Methodology for Information Systems, in [15]
[151] c. A Petri: Some Personal Views in Net Theory, in [19].
In the following we survey some of the most prominent application areas of nets:

(a) Hardware
Hardware components are modelled in [125,136] and in the following papers:

[152] S. Wendt: Petri-Netze und asynchrone Schaltwerke. Elektronische Rechenanlagen 16

(1974), pp. 208-216
[153] W. Huen, D. Siewiorek: Intermodule Protocol for Register Transfer Level Modules:
Representation and Analytic Tools. Proceedings of the Second Annual Symposium on Com-
puter Architecture, New York (1975), pp. 56- 62
[154] Kwan Chi Leung, C. Michel, P. Le Beux: Logical Systems Design Using PLAs and Petri
Nets - Programmable Hardwired Systems. Information Processing 77,8. Gilchrist (ed.),
IFlP, North-Holland Pub!. Compo (1977)
[155] J. Grabowski: On the Analysis of Switching Circuits by Means of Petri Nets. Elektro-
nische lnformationsverarbeitung und Kybernetik (ElK) 14, No. 12 (1978), pp. 611- 617
[156] K Zuse: Petri Nets from the Engineer's Viewpoint, in [17]
[157] C. Chaudouard, J. P. Elloy: A Real Time Monitor and its Representation by Petri Nets.
Micro-processing and Microprogramming 7, North-Holland Pub!. Compo (1981), pp.
241-248
[158] M. Morganti: Petri-Net Implementation of Recovery Strategies in a large ESS,
in [18]
156 Further Reading

[159] W. M. Zuberek: Application of Timed Nets to Analysis of Multiprocessor Realizations of

Digital Filters. Proc. 25th Symposium on Circuits and Systems, Houghton, Michigan,
August 1982
[160] W. Kluge, K Lautenbach: The Orderly Resolution of Memory Access Conflicts among
Competing Channel Processes. IEEE-Transactions on Computers, vol. 31 (1982), pp.
194-207

(b) Performance Evaluation

Performance evaluation is considered in [125,133,134] and in the following papers:
[161] 1. Sifakis: Use of Petri Nets for Performance Evaluation, in Measuring, Modelling and
Evaluating Computer Systems, H. Beilner and E. Gelenbe (eds.), North Holland (1977)
pp.75-93
[162] M. Silva: Evaluation des Performances des Applications Temps Reel de Type Logique,
in Eighth International Society for Mini- and Micro-Computers, M. H. Hamza (ed.), Acta
Press, Anaheim, Calgary, Zurich (1979), pp. 152 -157
[163] C. V. Ramamoorthy, G. S. Ho: Performance Evaluation of Asynchronous Concurrent
Systems Using Petri Nets. IEEE Transactions on Software Engineering Vol. SE-6, No.5
(1980), pp. 440-449
[164] 1. Magott: Pelformance Evaluation of Concurrent Systems Using Petri Nets. Information
Processing Letters 18 (1984), pp. 7-13.

(c) Distributed Software Systems

A Distributed Database Scheme is discussed in [10] and in [29]. Further such models are de-
scribed in
[165] K Voss: Using Predicate/Transition-Nets to Model and Analyze Distributed Database
Systems. IEEE Transactions on Software Engineering, Vol. SE-6, No.6 (J 980), pp.
539-544
[166] G. Richter: IML-Inscribed Nets for Modeling Text Processing and Data(base) Manage-
ment Systems. Proceedings of the 7th International Conference on Very Large Data
Bases, Cannes (1981), IEEE, pp. 363-375
[167] K Voss: Nets as a Consistent Formal Tool for the Stepwise Design and Verification of a
Distributed System. IFIP TC-8 Working Conference on Evolutionary Information Systems,
Budapest (1981), 1. Hawgood (ed.): Evolutionary Information Systems North Holland
(1982), pp. 173-191
[168] P. Rolin: Using Petri-Nets in Measurement of a Distributed Data Base System, in [18]
[169] S. Yau, M. U. Caglayan: Distributed Software System Design Representation Using
Modified Petri Nets. IEEE Transactions on Software Engineering Vol. SE-9, No.6 (1983),
pp.733-745

(d) Programming Languages

In the following papers nets are used to describe - at least partially - the semantics of pro-
gramming- and specification-languages.
[170] G. Roucairol: Une Transformation de Programmes Sequentielles en Programmes Paralfe-
les, Colleque sur la programmation, Paris 1974. Lecture Notes in Computer Science 19
(1974), pp. 327 - 349
[171] K Jensen, M. Kyng, O. L. Madsen: Delta Semantics Defined by Petri Nets. University
of Aarhus (Denmark) Internal Report PB-95, ISSN 0105-8517 (1979)
14. Applications 157

[172] P. E. Lauer, P. R. Torrigiani, M. W. Shields: COSY - A System Specification Language

Based on Paths and Processes. Acta Informatica 12 (1979), pp. 109- 158
[173] P. Hruschka, A. Kappatsch, U. Kastens: Net Attributed Grammars. University of Karls-
ruhe (Germany), Institut flir Informatik, Internal Report 16/90 (1980)
[174] K Jensen, M. Kyng: EPSILON, A System Description Language. University of Aarhus
(Denmark), Internal Report DAIMI PB- I 50, ISSN 0105-85 I 7 (1982)
[175] N. D. Hansen, K H. Madsen: Formal Semantics by a Combination of Denotational
Semantics and High Level Petri Nets, in [19]
[176] M. Kyng: Specification and Verification of Networks in a Petri Net Based Language,
in [19]
[177] W. E. Kluge, H. Schli.iter: Petri Net Models for the Evaluation of Applicative Programs
Based on A-Expressions. IEEE-Transactions on Software Engineering, Vol. SE-9, No.4
(1983), pp. 415-427

(e) Communication Protocols

In recent times Petri Nets have been very successfully applied to modelling and analysis of
communication protocols. Some few papers in this area are:
[178] P. Merlin: A Methodology for Design and Implementation of Communication Protocols.
IEEE Transactions on Computers, Vol. 24, 6 (1976)
[179] C. Girault: Proof of protocols in case of failures. Advanced Course on Parallel Pro-
cessing, University of Loughborough, 1980, D-J. Evens (ed.), Parallel Processing Sys-
tems, Press of Cambridge University Press (1980)
[180] J. L. Baer, G. Gardarin, C. Girault, G. Roucairol: The Two Step Commitment Protocol:
Modelling, Specification and Proof Methodology. 5th international Conference an Soft-
ware Engineering, San Diego (1981)
[181] M. Diaz: Modelling and Analysis of Communication and Cooperation Protocols Using
Petri Net Based Models. Tutorial Paper Second International Workshop on Protocol Specifi-
cation, Testing and Verification May 17 - 20, 1982. Idyllwild - Los Angeles
[182] F. J. W. Symons: Representation Analysis and Verification of Communication Protocols.
Telecom Australia Research Laboratories, Victoria, Australia, Report 7380 (1980)
[183] G. Berthelot, R. Terrat: Petri Net Theory for the Correctness of Protocols. IEEE Trans-
actions on Computers, C-30 (1982), pp. 2497 - 2505
[184] P. Estallier, C. Girault: Petri Nets Specification of a New Protocol for Controlling a
Distributed System Organization. Third International Conference on Distributed Com-
puting Systems Miami, Florida (1982)
[185] P. Estallier, C. Girault: Petri Net Specification of Virtual Ring Protocols, in [19].

(1) Further Concepts in Net Applications

There exist applications of nets which are somewhat unexpected, e.g. the net representation of
predicate logic in [45]. The interaction among participants which are involved in a lawsuit is
represented in
[186] J. Meldman, A. Holt: Petri Nets and Legal Systems. Jurimetrics Journal Vol. 12, No.2
(1971), pp. 65-75.
Other applications of this style are:
[187] H. Genrich: The Petri Net Representation of Mathematical Knowledge. Gesellschaft fUr
Mathematik und Informatik, Bonn Internal report SID-76-05 (I976)
158 Further Reading

[188] A W. Holt: Introduction to Occurrence Systems, in: Associative Information Tech-

niques, L. Jacks (ed.), Elsevier Publishing Company (1971)
[189] H. Oberquelle: Nets as a Tool in Teaching and in Terminology Work, in [17]
[190] M. Jantzen: Structured Representation of Knowledge by Petri Nets as an Aidfor Teaching
and Research, in [17]
[191] W. Reisig: A Note on the Representation of Finite Tree Automata. Information Pro-
cessing Letters 8, No.5 (1979), pp. 239 - 240.

15. Implementation and Automatic Analysis of Nets

Early Papers on net implementations are
[192] F. Grandoni, P. Zerbetto: Description and Asynchronous Implementation of Control
Structuresfor Concurrent Systems. International Computing Symposium 1973, A Gunther
eta!. (eds.), North-Holland Pub!. Compo (1974), pp. 151-164
and
[193] H. A Schmid: An Approach to the Communication and Synchronization of Processes.
International Computing Symposium 1973, A Gunther et a!. (eds.), North-Holland Pub!.
Compo (1974), pp. 165-171.
Further methods for implementing Petri Nets are discussed in the following papers:
[194] M. Auguin, F. Boeri, C. Andre: Systematic Method of Realization of Interpreted Petri
Nets. Digital Processes 6 (1980), pp. 55 - 68
[195] A A Torn: Simulation Graphs: A General Tool for Modeling Simulation Designs. Simu-
lation, December 1981, pp. 187 -194
[196] G. Berger, G. Florin, S. Natkin: A Tool for the Dependability and Performance Evalua-
tion of Data Processing Systems. AFCET Symposium on Mathematics for Computer
Science, Paris 1982
[197] J. P. Queille: The CESAR System: An Aided Design and Certification System for Distri-
buted Applications. Second International Conference on Distributed Computing Systems,
Paris 1981, IEEE, Computer Society Press (1981)
[198] R. A Nelson, L. M. Haibt, P. B. Sheridan: Casting Petri Nets into Programs. IEEE
Transactions of Software Engineering, Vo!. SE-9, No.5 (1983), pp. 590 - 602
Currently a lot of software tools for Petri Net analysis are being developed. A survey of
26 such projects is given in Newsletter 16 of the Special Interest Group on Petri Nets and
Related System Models, c.r. [26].
[199] U. Golze, L. Priese: Petri Net Implementation by a Universal Cell Space. Information &
Control 53 (1982), pp. 121-138.

16. Related System Models

Here we give some pointers to system models which are also used, as are Petri Nets, to de-
scribe concurrent systems.
An actual bibliography on this topic is
[200] D. Bell, J. Kerridge, D. Simpson, N. Willis: Parallel Programming - A bibliography.
Monographs in Informatics Series - Wiley Heyden Ltd.

(a) Papers comparing different models

[201] T. Kasai, R. E. Miller: Homomorphisms between Models of Parallel Computation. Jour-
nal of Computer and System Sciences 25 (1982), pp. 285 - 331
16. Related System Models 159

[202] R. 1. Lipton, L. Syndex, Y. Zalcstein: A Comparative Study oj Models oj Parallel Com-

putation. Proceedings of the 15th Annual Symposium on Switching and Automata
Theory, New York, IEEE (1974)
[203] J. Peterson, T. Breth: A Comparison oj Models oj Parallel Computation. Information
Processing 74, Proceedings of the 1974, IFIP Congress, Amsterdam (1974), pp. 466 - 470
[204] J. Baer: A survey oj Some Theoretical Aspects oj Multiprocessing. Computing Surveys 5,
Nr.l (1973)
[205] R. Miller: A Comparison oj Some Theoretical Models oj Parallel Computation. IEEE
Transactions on Computers, Vo!. C-22, Nr. 8 (1973), pp. 710-717
[206] R. Miller: Some Relationships Between Various Models oj Parallelism and Synchroniza-
tion. Report RC-5074 IBM T. J. Watson Research Center, Yorktown Heights (1974)
[207] F. de Cindio, G. de Michelis, L. Pomello, C. Simone: Milner's Communicating Sys-
tems and Petri Nets, in [19]
[208] U. Goltz, M. Mycroft: On the Relationship oj CCS and Petri Nets. ICALP 84 Lecture
Notes in Computer Science 172 (1984), pp. 196 - 208.

(b) Related Models

Quite close to Petri Nets are, of course, the generalizations discussed above in (13). Also, the
papers [33 - 38] describe models which are closely related to nets.
Further Models include:
[209] E. Conry, 1. R. Jump: On Functional Equivalence in a Model Jor Parallel Computation.
Information & Control 41 (1979), pp. 247 - 274
[210] R. Karp, R. Miller: Properties oj a Model Jor Parallel Computation: Determinacy, Ter-
mination and Queuing. SIAM Journal of Applied Mathematics 14, No.6 (1966), pp.
1390-1411
[211] E. W. Dijkstra: Cooperating Sequential Processes, in F. Genuys (editor): Programming
Languages, New York, Academic Press (1968)
[212] R. Keller: Formal Verification oj Parallel Programs. Communications of the ACM, 19,
No.7 (1976), pp. 371- 384
[213] G. Kahn, D. MacQueen: Coroutines and Networks oj Parallel Processes, IFIP 77, In-
formation Processing Conference, B. Gilchrist (editor), North Holland Pub!. Company
(1977), pp. 993-998
[214] C. A. R. Hoare: Communicating Sequential Processes. Communications of the ACM 21,
NO.8 (1978), pp. 666 - 677
[215] R. Milner: A Calculus oj Communicating Systems. Lecture Notes in Computer Science
92 (1980)
[216] A. Maggiolo-Schettini, H. Wedde, J. Winkowski: Modelling a Solution Jor a Control in
Distributed Systems by Restrictions. Theoretical Computer Science 13 (1981), pp. 61- 83
[217] 1. W. de Bakker, 1. 1. Zucker: Processes and the Denotational Semantics oj Concur-
rency. Information and Control 54 (1/2 July/August 1982), pp. 70-120
[218] L. Priese: Automata and Concurrency. Theoretical Computer Science 25 (1983), pp.
221-265
[219] R. Milner: Calculi Jor Synchrony and Asynchrony. Theoretical Computer Science 25
(1983), pp. 267-310
[220] 1. 1. Castellani, P. Franceschi, U. Montanari: Labeled Event Structures: A Model Jor
Observable Concurrency, in: Formal Description of Programming Concepts II, D. Bj0rner
(ed.), North-Holland Pub!. Compo IFIP (1983), pp. 383-399
[221] H. 1. Genrich, P. S. Thiagarajan: Well Formed Flow Charts Jor Concurrent Pro-
gramming, in: Formal Description of Programming Concepts-II, D. Bj0rner (ed.),
North-Holland Pub!. Compo IFIP (1983), pp. 357 - 380.
Index
Page numbers in italics refer to definitions

algebra 114,115,117,129,135-137 equivalence 24,25,27-30,37,39,56,57,

alloca tion 104, 106 119, 122
- cycle free 104, 105, 106 event 2-4,13,16,18,19,21-25,32,37,38,
arc 15,30,41,42,61,64,67,69,70,72,77, 46,48,51-53,55,58,64, 113, 115, 119,
101, 106, 115, 120, 129, 137, 140 122, 123
- detached 19,20
capacity 61,63,64-67,74,83,91-94, - enabled 18,24-26,29,30,56, 116, 119,
127, 134, 137 120
case 3,4,18, 19-25,38,48,55-57, 112, - occurring 4,18, 19,23,32,38,46,48-50,
114,115,116-120,129,136,137 122, 123
- class 22, 23
- graph 18,28,29-32,41,42 fact 55,56,57,59,77,93,94, 119, 120, 121,
causality 2, 32 123, 133-138
coincidence 4, 46, 50 firing rule 61,63,65
complement 25,26,87,90,91 flow relation 15, 38
complementation 26, 27, 31, 38, 65 formula
composition 39, 40 - equivalent 56, 57, 119, 121
concession 18,21-24,29 - of propositional logic 55,56,57
concurrency 1,30,32,33,38,49,50,51,83 - overaP/E-net 119,120
condition 2-4,16,18,21,22,24-26,30,32, - valid 55,56,57, 120, 121
38,48,55,57,61,64, 112 free choice net 61,101, 102-105,107
condition/event-system 18,21,22,23-32,
37,38,42,45,46,48,52,55-58,64,75,77, graph 28,33,66,67,140, 141
93, lll-I13, 117, 119, 120, 121, 128 - isomorphic 29
- complete 25,26-28,38 - of a function 140
contact-free 18,25,27,28, 31,37 -39,41, - strongly connected 28
42,46,47,52-54,57,58,64
- cyclic 23, 24, 25, 28, 54 lifeness 71,73, 74,77,89,98,99, 101-104,
- isomorphic 24, 25 107, 108
- live 23,24, 25,28 line 34,35-37,41,44,50,53
conflict 21,29,32,51
confusion 21, 10 I mapping 140
contact 19, 64 - characteristic 125, 126, 140
coverability graph 61,66,67,68-75 marked graph 61,108, 109
covering sequence 67, 69,70 marking 63, 65,67 -72,76,77,80,83,87,
cut 34, 35-37,39,44 92-95,104-106,124,128,137
cycle 55,108, 109 - dead 72,100
- detached 106, 107
- initial 63,64,66,83,91,92-94, 107, 109,
deadlock 98, 99, 100, 102-107 110,128, 133
decomposition 42, 43, 44 - live 74
- properly reached 106, 107
element 15, 16,23,25,32,33,35,37, 139 - reachable 66,67,69,86,93,94
- isolated 15,22 - reproducable 74,77,95
equation system 77,94 - unordered 69, 70
Index 161

matrix 65,66,74,79,83,92-94, 124, 129, - reflexive 33, 34

131, 132-134, 136, 137,142 - symmetric 33,34
multirelation 126,127,129,130,131 - transitive 33, 140
- positive 12 7 relation net 111,124-126,127, 129,
multiset 126,127,129,130,131 132-134
- empty 127 - schemes 135 - 137
- positive 126
safeness 108, 109
net 14,15,16,21,22,71 S-element 14, 15, 16, 18,32,35 -38,44,48,
- isomorphic 16 52,61, 111,123
- marked 98, 100, 103 self-loop 15,63,91,92
- pure 15,23,65 similarity relation 33, 34,44
- simple 15, 22 S-invariant 77, 79, 80, 81, 83, 86, 87, 91- 94,
node 67,68,71,72 96, 100, 108, 112, 124, 132,133, 134, 136,
normal form 122, 129 138
step 18,19,20,21,22,24,28-30,39,41
occurrence net 32,35, 36,37,39,42,44,47 slice 36,37-41,46,47,54,76
state machine 53
synchronic distance 46,47,48,49-54,
partial order 32-36,140 57-59,61,75
- bounded 3~ 35-37 - weighted 52, 58, 59
- K-dense 35,36,37 system properties I, 71, 77, 82
path 28,30,32,41-44,67,108,141
permutation 42, 43, 44
Petri net I T-element 14,15, 18,32,37,41,42,47,53,
place 2,6,16,61,62,64,68,73,74,77-81, 55-57,61,93, Ill, 113, 119, 120, 134, 137
88,90,91,98,99, 104, 109, 127, 137 term 114,115
place/transition-net 61,62,63-75,77,79, T-invariant 77,94,95,96
80-82,87,88,92-94,98, 128 - realizable 95, 96,97
- bounded 8~ 95,96 token 3,7,16,18,48,61,77-81,83,88,91,
- contact-free 64, 65, 66, 81 94,98, 104, 108, III, 112, 124, 126, 128
- covered by S-invariants 81, 82, 96, 97 - individual 7, 13, III
- - by T-invariants 96 transition 2,6, 16,61,62,65,69,73,77,80,
- live 73, 74, 75, 80-82, 95, 96, 98, 83, 88,9~ 99,102,103,108,125,127,132
108-110 - enabled 63,65,67,68,72,74,81,84,87,
- safe 98, 109, 110 93,99-104,128, 132, 134, 136, 138
postcondition 4, 18,21 - firing 6,61,63,65,66,77-80,84,93,94,
postset 15, 26, 113 98, 101, 104, 124, 131
precondition 4,18,21,38 - live 73,84
predicate 112, 113, 115, 117, 119, 123 - M-dead 72, 75
predicate/event-net 14, Ill, 112, 114,115, trap 98, 99, 100, 102-107
116,117, 119-125, 128, 129
- equivalent 122 unboundedness 71,75,81,89
preset 15,26,98,101,113 - simultaneous 71
process 20,32,37,38-47,50,53,54,57,75 unification 42, 43
- elementary 40,41,43,45
- empty 41
- isomorphic 38, 39,40 valuation 115, 116,119,120,122, 129
variance 46, 47, 76
vector 65,80,81,131-133,138,142
reachability problem 73 - characteristic 79,81,94, 108,142
region 33, 34
relation 2, 139
- complement of a ~ 34 weight 61,63,64,77,78,80
EATCS Monographs on
Theoretical Computer Science
Editors: W. Brauer, G. Rozenberg, A. Salomaa

K.Mehlhorn

Data Structures and

Algorithms 1
Sorting and Searching
1984. 87 figures. XIV, 336 pages.
ISBN 3-540-13302-X

Contents: Foundations. - Sorting. - Sets. - Algo-

rithmic Paradigms. - Appendix. - Bibliography.
- Subject Index.

This three volume work is devoted to data struc-

tures and efficient algorithms, an area which has
gained considerable importance in recent years.
Its in-depth coverage includes
- sorting and searching
- graph algorithms and NP-completeness
- multi-dimensional searching and computa-
tional geometry
to lead the reader to the forefront of computer
science research in these areas. The EATeS
Monographs present the best algorithms known
for a wide range of problems together with the
techniques necessary for their analysis. More-
over, the work introduces the reader to under-
lying concepts and principles and thus enables
Springer-Verlag him to develop efficient algorithms and data
Berlin structures, analyzes their efficiency, and prove
Heidelberg their correctness. The book can be used as a text-
New York book for both coursework and self-study, as well
Tokyo as an authoritative reference source.
EATCS Monographs on
Theoretical Computer Science
Editors: W.Brauer, G.Rozenberg, A.Salomaa

K.Mehlhom

Data Structures and

Algorithms 2
Graph Algorithms and
NP-Completeness
1984. 54 figures. XII, 260 pages.
ISBN 3-540-13641-X

Contents: Algorithms on Graphs. - Path Prob-

lems in Graphs and Matrix Multiplication. - NP-
Completeness. - Algorithmic Paradigms. -
Bibliography. - Subject Index.

K.Mehlhom

Data Structures and

Algorithms 3
Multi-dimensional
Searching and
Computational Geometry
1984. 134 figures. XII, 284 pages.
Springer-Verlag ISBN 3-540-13642-8
Berlin
Heidelberg Contents: Multidimensional Data Structures. -
New York Computational Geometry. - Algorithmic Para-
Tokyo digms. - Bibliography. - Subject Index.

Full Download Algebraic Coding Theory Elwyn R Berlekamp PDF DOCX
100% (8)
Full Download Algebraic Coding Theory Elwyn R Berlekamp PDF DOCX
50 pages
Image Analysis For Biological Sciences - C. A. Glasbey, G. W. Horgan
100% (1)
Image Analysis For Biological Sciences - C. A. Glasbey, G. W. Horgan
211 pages
Hda Process Flow Diagram PDF
50% (2)
Hda Process Flow Diagram PDF
2 pages
DND v1 - Eldritch Wizardry
100% (4)
DND v1 - Eldritch Wizardry
66 pages
Control of Discrete Evente Systems - (Jörg Raisch (Auth.), Carla Seatzu, Manuel Silva
No ratings yet
Control of Discrete Evente Systems - (Jörg Raisch (Auth.), Carla Seatzu, Manuel Silva
487 pages
Petri Nets Theory and The Modeling of Systems
No ratings yet
Petri Nets Theory and The Modeling of Systems
310 pages
Coloured Petri Nets
100% (1)
Coloured Petri Nets
382 pages
The Precious Metals in Pascal's Triangle - Tony Foster
No ratings yet
The Precious Metals in Pascal's Triangle - Tony Foster
12 pages
Wavelets
No ratings yet
Wavelets
220 pages
Y. Ohnuki-Unitary Representations of The Poincare GRP and Relativistic Wave Eqns-World (1998)
100% (1)
Y. Ohnuki-Unitary Representations of The Poincare GRP and Relativistic Wave Eqns-World (1998)
225 pages
Harmonic Analysis, Real Variable Methods Orthogonality & Oscillatory Integrals - Stein
No ratings yet
Harmonic Analysis, Real Variable Methods Orthogonality & Oscillatory Integrals - Stein
354 pages
Entropy Based Subspace Clustering
No ratings yet
Entropy Based Subspace Clustering
95 pages
Petri Net Approaches For Modeling Controlling and Validating FL
No ratings yet
Petri Net Approaches For Modeling Controlling and Validating FL
222 pages
Wave Shaping Synthesis
100% (1)
Wave Shaping Synthesis
12 pages
J.W.S. Cassels An Introduction To Diophantine Approximation 1957 Print
100% (1)
J.W.S. Cassels An Introduction To Diophantine Approximation 1957 Print
178 pages
Encyclopedia Integer Sequences
No ratings yet
Encyclopedia Integer Sequences
16 pages
Ánalisis Funcional
No ratings yet
Ánalisis Funcional
247 pages
Alcuin's Sequence - Wikipedia
No ratings yet
Alcuin's Sequence - Wikipedia
6 pages
What Is Dance
No ratings yet
What Is Dance
16 pages
Interval Analysis Book Hensen
No ratings yet
Interval Analysis Book Hensen
492 pages
Modeling With Petri Nets
No ratings yet
Modeling With Petri Nets
21 pages
Devaney - A 1st Course in Chaotic Dynamical Systems (1992)
No ratings yet
Devaney - A 1st Course in Chaotic Dynamical Systems (1992)
161 pages
Cosmic Topology PDF
No ratings yet
Cosmic Topology PDF
128 pages
Continuum Crowds
No ratings yet
Continuum Crowds
9 pages
The Fractal Flame Algorithm
No ratings yet
The Fractal Flame Algorithm
41 pages
Generalized Convexity Generalized Monotonicity Recent Results 1998
No ratings yet
Generalized Convexity Generalized Monotonicity Recent Results 1998
469 pages
The Murmurator: A Flocking Simulation-Driven Multi-Channel Software Instrument For Collaborative Improvisation
100% (1)
The Murmurator: A Flocking Simulation-Driven Multi-Channel Software Instrument For Collaborative Improvisation
6 pages
1-2-3 of ModularForms
No ratings yet
1-2-3 of ModularForms
272 pages
Genetic Programming: An Introduction
No ratings yet
Genetic Programming: An Introduction
481 pages
(Kluwer Texts in The Mathematical Sciences 12) S. S. Kutateladze (Auth.) - Fundamentals of Functional Analysis (1996, Springer Netherlands) PDF
No ratings yet
(Kluwer Texts in The Mathematical Sciences 12) S. S. Kutateladze (Auth.) - Fundamentals of Functional Analysis (1996, Springer Netherlands) PDF
282 pages
(CBMS-NSF Regional Conference Series in Applied Mathematics 50) Laszlo Lovasz - An Algorithmic Theory of Numbers, Graphs, and Convexity-Society For Industrial and Applied Mathematics (1986)
No ratings yet
(CBMS-NSF Regional Conference Series in Applied Mathematics 50) Laszlo Lovasz - An Algorithmic Theory of Numbers, Graphs, and Convexity-Society For Industrial and Applied Mathematics (1986)
100 pages
William Bragg Ewald - From Kant To Hilbert (Chapter On Kant) PDF
No ratings yet
William Bragg Ewald - From Kant To Hilbert (Chapter On Kant) PDF
22 pages
The Logic of Sexuation in John Donne
No ratings yet
The Logic of Sexuation in John Donne
2 pages
(Algorithms and Computation in Mathematics 1) Manuel Bronstein (Auth.) - Symbolic Integration I - Transcendental Functions (2005, Springer-Verlag Berlin Heidelberg)
No ratings yet
(Algorithms and Computation in Mathematics 1) Manuel Bronstein (Auth.) - Symbolic Integration I - Transcendental Functions (2005, Springer-Verlag Berlin Heidelberg)
330 pages
Iterative Solution of Large Linear Systems
From Everand
Iterative Solution of Large Linear Systems
David M. Young
No ratings yet
Fractals PartI
No ratings yet
Fractals PartI
24 pages
Olychordsto Polya
100% (1)
Olychordsto Polya
177 pages
Combinatorial Designs
No ratings yet
Combinatorial Designs
20 pages
Funciones Espciales
No ratings yet
Funciones Espciales
440 pages
Topics in Random Matrix Theory
No ratings yet
Topics in Random Matrix Theory
342 pages
Image Processing Analysis and and Machine Vision 3
No ratings yet
Image Processing Analysis and and Machine Vision 3
38 pages
Vidia Sagar
No ratings yet
Vidia Sagar
510 pages
Introduction to Mathematical Control Theory
No ratings yet
Introduction to Mathematical Control Theory
276 pages
Optimal Control: Wave Equation
No ratings yet
Optimal Control: Wave Equation
32 pages
Harmonic Analysis
No ratings yet
Harmonic Analysis
452 pages
Category Theory
No ratings yet
Category Theory
10 pages
Prem K. Kythe, Michael R. Schaferkotter. Handbook of Computational Methods For Integration
No ratings yet
Prem K. Kythe, Michael R. Schaferkotter. Handbook of Computational Methods For Integration
604 pages
Basic Proof Theory
No ratings yet
Basic Proof Theory
178 pages
4774.laws of Form by G. Spencer-Brown
No ratings yet
4774.laws of Form by G. Spencer-Brown
84 pages
Vittorino Da Feltre PDF
No ratings yet
Vittorino Da Feltre PDF
274 pages
The Limitation of Conflict _ a Theory of Bargaining and -- Rangarajan, L_ N_ -- New York, New York State, 1985 -- Palgrave Macmillan -- 9780312486754 -- 930ebe7b0c369f6f6a89cb1ec5c8bfbd -- Anna’s Archive
No ratings yet
The Limitation of Conflict _ a Theory of Bargaining and -- Rangarajan, L_ N_ -- New York, New York State, 1985 -- Palgrave Macmillan -- 9780312486754 -- 930ebe7b0c369f6f6a89cb1ec5c8bfbd -- Anna’s Archive
360 pages
Algorithms for Image Processing and Computer Vision
From Everand
Algorithms for Image Processing and Computer Vision
J. R. Parker
3.5/5 (2)
Petri Net Primer Eike Best Raymond Devillers pdf download
No ratings yet
Petri Net Primer Eike Best Raymond Devillers pdf download
84 pages
Lecture Notes On Petrinet Prof. Javier
No ratings yet
Lecture Notes On Petrinet Prof. Javier
119 pages
Free Choice Petri Nets
No ratings yet
Free Choice Petri Nets
256 pages
PetriNets Murata
No ratings yet
PetriNets Murata
40 pages
Petri Nets PDF
No ratings yet
Petri Nets PDF
40 pages
Understanding Petri Nets: Modeling Techniques, Analysis Methods, Case Studies
No ratings yet
Understanding Petri Nets: Modeling Techniques, Analysis Methods, Case Studies
3 pages
(Ebook) Petri Nets: Fundamental Models, Verification and Applications by Michel Diaz ISBN 9781848210790, 1848210795pdf download
100% (4)
(Ebook) Petri Nets: Fundamental Models, Verification and Applications by Michel Diaz ISBN 9781848210790, 1848210795pdf download
54 pages
An Introduction To Petri Nets
100% (1)
An Introduction To Petri Nets
27 pages
Livro Peterson PDF
No ratings yet
Livro Peterson PDF
318 pages
Chapter2 M. USAM
No ratings yet
Chapter2 M. USAM
38 pages
International Standard: Heat-Treatable Steels, Alloy Steels and Free-Cutting Steels - Bright Steel Products
No ratings yet
International Standard: Heat-Treatable Steels, Alloy Steels and Free-Cutting Steels - Bright Steel Products
11 pages
Petri Net Synthesis For Discrete Event Control of Manufacturing Systems (PDFDrive)
No ratings yet
Petri Net Synthesis For Discrete Event Control of Manufacturing Systems (PDFDrive)
247 pages
Concurrent Object-Oriented Programming and Petri Nets Advances in Petri Nets (PDFDrive)
No ratings yet
Concurrent Object-Oriented Programming and Petri Nets Advances in Petri Nets (PDFDrive)
548 pages
Ug 9
No ratings yet
Ug 9
10 pages
MEDUSA4Personal Installation Guide
No ratings yet
MEDUSA4Personal Installation Guide
12 pages
Inspection and Test Plan: ACTIVITY: ITP For Inspection of Embankment With Pond Ash
No ratings yet
Inspection and Test Plan: ACTIVITY: ITP For Inspection of Embankment With Pond Ash
1 page
Theoretical Foundations of Nursing / Nursing Care Management
No ratings yet
Theoretical Foundations of Nursing / Nursing Care Management
16 pages
Civil Engineering Labs
No ratings yet
Civil Engineering Labs
69 pages
Gmo Thesis Statement
100% (3)
Gmo Thesis Statement
6 pages
Track Movement Monitoring Guidelines For Trenchless Pipe Installation Re
No ratings yet
Track Movement Monitoring Guidelines For Trenchless Pipe Installation Re
2 pages
Children Hunger For Their Biological Parents
No ratings yet
Children Hunger For Their Biological Parents
2 pages
JD - Data Science Intern - Accredian - 11092001
No ratings yet
JD - Data Science Intern - Accredian - 11092001
2 pages
CI9C690440D
No ratings yet
CI9C690440D
1 page
Orga - Todo (1) 1 245
No ratings yet
Orga - Todo (1) 1 245
245 pages
CCMS Course - One Day Read-Only
No ratings yet
CCMS Course - One Day Read-Only
11 pages
SCERT C10 Phy Worksheets Level 2 PDF
No ratings yet
SCERT C10 Phy Worksheets Level 2 PDF
52 pages
C680
No ratings yet
C680
22 pages
The Sexual Craft of Self-Love_ Salome's Journey of Healing_A CASE REPORT on on Dev Psych
No ratings yet
The Sexual Craft of Self-Love_ Salome's Journey of Healing_A CASE REPORT on on Dev Psych
11 pages
Forest Science Sustainable Processes And Wood Products Elias Costa De Souza download
100% (1)
Forest Science Sustainable Processes And Wood Products Elias Costa De Souza download
83 pages
Gauss Elimination and Jordan Method
No ratings yet
Gauss Elimination and Jordan Method
26 pages
medicine
No ratings yet
medicine
7 pages
B.Tech (Electronics & Computer Engineering)
No ratings yet
B.Tech (Electronics & Computer Engineering)
6 pages
Interview Prep Guide - Product 2023
No ratings yet
Interview Prep Guide - Product 2023
8 pages
Dimensions of Holistic Health 7 q1
No ratings yet
Dimensions of Holistic Health 7 q1
24 pages
IAAC Final Round
No ratings yet
IAAC Final Round
6 pages
9th Science Guide Unit 1 - EM
No ratings yet
9th Science Guide Unit 1 - EM
30 pages
WH College - E-MBA HRM: Preliminary Discussion
No ratings yet
WH College - E-MBA HRM: Preliminary Discussion
8 pages
Career Guidance Orientation Matrix Final
No ratings yet
Career Guidance Orientation Matrix Final
4 pages
Emergency Operation Checklist For Elevator Maintenance
No ratings yet
Emergency Operation Checklist For Elevator Maintenance
2 pages
ch12 Solutions
No ratings yet
ch12 Solutions
41 pages
Laser: 21/8/1 Fundamentals of Photonics 1
100% (1)
Laser: 21/8/1 Fundamentals of Photonics 1
67 pages
Carl Friedrich Gauss: German Mathematician
No ratings yet
Carl Friedrich Gauss: German Mathematician
2 pages
Sensors I-Business
No ratings yet
Sensors I-Business
101 pages

Petri Nets An Introduction (PDFDrive)

Uploaded by

Petri Nets An Introduction (PDFDrive)

Uploaded by

EATCS

Monographs on Theoretical Computer Science

Editors: W. Brauer G. Rozenberg A. Salomaa

With III Figures

Prof. Dr. Wilfried Brauer

Prof. Dr. Grzegorz Rozenberg

Prof. Dr. Arto Salomaa

Translation of the German original edition: W. Reisig, Petrinetze

Library of Congress Cataloging in Publication Data

ISBN-13: 978-3-642-69970-2 e-ISBN-13: 978-3-642-69968-9

phies of natural sciences, in the classical and non-classical logics, in theoretical

To the English Edition

u.G., D.S., Aachen and Sheffield

Chapter 1. Introductory Examples and Basic Definitions 3

Chapter 2. Nets Consisting of Conditions and Events 18

Chapter 3. Processes of Condition/Event-Systems 32

Chapter 4. Properties of Systems 46

4.4 Synchronic Distances in Cyclic Systems 54

Chapter 5. Nets Consisting of Places and Transitions 62

Chapter 6. Net Invariants 77

Chapter 7. Liveness Criteria for Special Classes of Nets 98

Part 3. Nets with Individual Tokens 111

Chapter 8. Predicate/Event-Nets 112

Chapter 9. Relation Nets 124

9.3 The Translation of P / E- Nets into Relation Nets 129

Appendix. Mathematical Notions and Notation 139

Further Reading 143

1.1 Examples from Different Areas

Fig. 4. The occurrence of an event e

Fig. 5. A system consisting of one producer and two consumers

bottlenecks in manufacturing processes, it may only be the total number of

producer two consumers

Fig. 8. A fragment of an industrial production system

represent active system components. Such components may produce, transport

player 1 moves of player 2 moves of board moves of

player 1 moves of board moves of player 2

1.2 Examples from Logic Circuits and Operating Systems

Fig. 11. A system which calculates x := x /\ y and y := x V y

2 writer processes 4 reader processes

1.3 Non-Sequential Programs

In the area of software engineering, non-sequential programs are required, in

Fig. 13. Two sequential programs for the addition problem

Fig, 14. A non-sequential program for the addition problem

Fig. 15, A non-sequential program for solving the rearrangement problem

one, respectively. In this representation it is explicit that the instructions

1.4 An Example for Systems Analysis

Whenever computers are used for practical applications we have to develop

kerneZ of the Zibrary

Fig. 18. A simple library organization

leading to ej have to be instantiated by suitable items from the input places;

1.5 Some Basic Definitions

In all the constructions described in the previous sections, the underlying

We now make this precise in the following definition:

(a) Definition. A triple N = (S, T; F) is called a net iff

Graphically, we represent S-elements as circles and T-elements as boxes

(c) Definition. Let N be a net.

In particular we have, for x, YEN:

Fig. 19. Graphical representation of a net

(d) Definition. Let Nand N' be two nets.

Graphical representations in which the elements are not named explicitly

1.6 Summary and Overview

Exercises for Chapter 1

1. Represent in Fig. 1 the two conditions

Nets Consisting of Conditions and Events

2.1 Cases and Steps

In the first chapter we have already informally discussed systems consisting of

(a) Definition. Let N = (B, E; F) be a net.

To represent a case c graphically, we draw a dot (a token) in each circle

~el®'~ o. " "

Fig. 20. The change of cases by event occurrences

(b) Definition. Let N = (B, E; F) be a net.

Conversely, if c\c' = ·G then ·G ~ c, and if c'\c = G· then G· n c = 0, hence

Fig. 22. A situation of confusion

1) If a step G s; E is possible in a case C E C, then G leads again to a case

Obviously, the case class C of a C/ E-system 1: is fully determined by an

(b) Notation. Let 1: = (B, E; F, C) be a C / E-system. Analogously to 1.5 (b) we