Discrete time stochastic and deterministic Petri box calculus
Igor V. Tarasyuk

TL;DR
This paper introduces an extended Petri calculus with deterministic timing for multiactions, combining stochastic and deterministic models, and analyzes their semantics and performance through probabilistic and Markov chain methods.
Contribution
It extends discrete time stochastic Petri calculus with deterministic timing, providing new semantics and performance analysis tools.
Findings
Semantics are consistent between operational and denotational models.
Performance evaluation is achieved through semi-Markov and Markov chain analysis.
The extended calculus captures both stochastic and deterministic timing behaviors.
Abstract
We propose an extension with deterministically timed multiactions of discrete time stochastic and immediate Petri box calculus (dtsiPBC), previously presented by I.V. Tarasyuk, H. Maci\`a and V. Valero. In dtsdPBC, non-negative integers specify multiactions with fixed (including zero) time delays. The step operational semantics is constructed via labeled probabilistic transition systems. The denotational semantics is defined on the basis of a subclass of labeled discrete time stochastic Petri nets with deterministic transitions. The consistency of both semantics is demonstrated. In order to evaluate performance, the corresponding semi-Markov chains and (reduced) discrete time Markov chains are analyzed.
| Rules | State change | Time progress | Activities execution |
|---|---|---|---|
| Inaction rules | |||
| Action rules | |||
| (stochastic or waiting multiactions) | |||
| Action rules | |||
| (immediate multiactions) | |||
| Empty move rule |
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsPetri Nets in System Modeling · Formal Methods in Verification · Business Process Modeling and Analysis
Discrete time stochastic and deterministic Petri box calculus††thanks: The work was partially supported by
Deutsche Forschungsgemeinschaft (DFG) under grant BE 1267/14-1
Igor V. Tarasyuk
A.P. Ershov Institute of Informatics Systems,
Siberian Branch of the Russian Academy of Sciences,
Acad. Lavrentiev pr. 6, 630090 Novosibirsk, Russian Federation
Abstract
We propose an extension with deterministically timed multiactions of discrete time stochastic and immediate Petri box calculus (dtsiPBC), previously presented by I.V. Tarasyuk, H. Macià and V. Valero. In dtsdPBC, non-negative integers specify multiactions with fixed (including zero) time delays. The step operational semantics is constructed via labeled probabilistic transition systems. The denotational semantics is defined on the basis of a subclass of labeled discrete time stochastic Petri nets with deterministic transitions. The consistency of both semantics is demonstrated. In order to evaluate performance, the corresponding semi-Markov chains and (reduced) discrete time Markov chains are analyzed.
Keywords: stochastic Petri net, stochastic process algebra, Petri box calculus, discrete time, deterministic multiaction, transition system, operational semantics, deterministic transition, dtsd-box, denotational semantics, Markov chain, reduction, performance evaluation.
1 Introduction
Algebraic process calculi like CSP [26], ACP [5] and CCS [43] are well-known formal models for specification of computing systems and analysis of their behaviour. In such process algebras (PAs), systems and processes are specified by formulas, and verification of their properties is accomplished at a syntactic level via equivalences, axioms and inference rules. In recent decades, stochastic extensions of PAs were proposed, such as MTIPP [23], PEPA [25] and EMPA [7]. Unlike standard PAs, stochastic process algebras (SPAs) do not just specify actions which can occur (qualitative features), but they associate with the actions the distribution parameters of their random time delays (quantitative characteristics).
1.1 Petri box calculus
PAs specify concurrent systems in a compositional way via an expressive formal syntax. On the other hand, Petri nets (PNs) provide a graphical representation of such systems and capture explicit asynchrony in their behaviour. To combine the advantages of both models, a semantics of algebraic formulas via PNs was defined.
Petri box calculus (PBC) [8, 10, 9] is a flexible and expressive process algebra developed as a tool for specification of the PNs structure and their interrelations. Its goal was also to propose a compositional semantics for high level constructs of concurrent programming languages in terms of elementary PNs. Formulas of PBC are combined not from single (visible or invisible) actions and variables, like in CCS, but from multisets of elementary actions and their conjugates, called multiactions (basic formulas). The empty multiset of actions is interpreted as the silent multiaction specifying some invisible activity. In contrast to CCS, synchronization is separated from parallelism (concurrent constructs). Synchronization is a unary multi-way stepwise operation, based on communication of actions and their conjugates. This extends the CCS approach with conjugate matching labels. Synchronization in PBC is asynchronous, unlike that in Synchronous CCS (SCCS) [43]. Other operations are sequence and choice (sequential constructs). The calculus includes also restriction and relabeling (abstraction constructs). To specify infinite processes, refinement, recursion and iteration operations were added (hierarchical constructs). Thus, unlike CCS, PBC has an additional iteration operation to specify infinite behaviour when the semantic interpretation in finite PNs is possible. PBC has a step operational semantics in terms of labeled transition systems, based on the rules of structural operational semantics (SOS). The operational semantics of PBC is of step type, since its SOS rules have transitions with (multi)sets of activities, corresponding to simultaneous executions of activities (steps). A denotational semantics of PBC was proposed via a subclass of PNs equipped with an interface and considered up to isomorphism, called Petri boxes. For more detailed comparison of PBC with other process algebras and the reasoning about importance of non-interleaving semantics see [8, 9].
The extensions of PBC with a deterministic, a nondeterministic or a stochastic model of time were presented.
1.2 Time extensions of Petri box calculus
To specify systems with time constraints, deterministic (fixed) or nondeterministic (interval) delays are used.
A time extension of PBC with a nondeterministic time model, called time Petri box calculus (tPBC), was proposed in [28]. In tPBC, timing information is added by associating time intervals (the earliest and the latest firing time) with instantaneous actions. Its denotational semantics was defined in terms of a subclass of labeled time Petri nets (LtPNs), based on tPNs [42] and called time Petri boxes (ct-boxes). tPBC has a step time operational semantics in terms of labeled transition systems.
Another time enrichment of PBC, called Timed Petri box calculus (TPBC), was defined in [38, 39], it accommodates a deterministic model of time. In contrast to tPBC, multiactions of TPBC are not instantaneous, but have time durations. Additionally, in TPBC there exist no “illegal” multiaction occurrences, unlike tPBC. The complexity of “illegal” occurrences mechanism was one of the main intentions to construct TPBC though this calculus appeared to be more complicated than tPBC. The denotational semantics of TPBC was defined in terms of a subclass of labeled Timed Petri nets (LTPNs), based on TPNs [49] and called Timed Petri boxes (T-boxes). TPBC has a step timed operational semantics in terms of labeled transition systems. tPBC and TPBC differ in ways they capture time information, and they are not in competition but complement each other.
The third time extension of PBC, called arc time Petri box calculus (atPBC), was constructed in [47, 48], and it implements a nondeterministic time. In atPBC, multiactions are associated with time delay intervals. Its denotational semantics was defined on a subclass of labeled arc time Petri nets (atPNs), based of those from [11, 21], where time restrictions are associated with the arcs, called arc time Petri boxes (at-boxes). atPBC possesses a step time operational semantics in terms of labeled transition systems.
tPBC, TPBC and atPBC, all adopt the discrete time approach, but TPBC has no immediate (multi)actions.
1.3 Stochastic extensions of Petri box calculus
The set of states for the systems with deterministic or nondeterministic delays often differs drastically from that for the timeless systems, hence, the analysis results for untimed systems may be not valid for the time ones. To solve this problem, stochastic delays are considered, which are the random variables with a (discrete or continuous) probability distribution. If the random variables governing delays have an infinite support then the corresponding SPA can exhibit all the same behaviour as its underlying untimed PA.
A stochastic extension of PBC, called stochastic Petri box calculus (sPBC), was proposed in [33, 30]. In sPBC, multiactions have stochastic delays that follow (negative) exponential distribution. Each multiaction is equipped with a rate that is a parameter of the corresponding exponential distribution. The instantaneous execution of a stochastic multiaction is possible only after the corresponding stochastic time delay. The calculus has an interleaving operational semantics defined via transition systems labeled with multiactions and their rates. Its denotational semantics was defined in terms of a subclass of labeled continuous time stochastic PNs, based on CTSPNs [40, 2] and called stochastic Petri boxes (s-boxes). In sPBC, performance of the processes is evaluated by analyzing their underlying continuous time Markov chains (CTMCs). In [31], a number of new equivalence relations were proposed for regular terms of sPBC to choose later a suitable candidate for a congruence. sPBC was enriched with immediate multiactions having zero delay in [32]. We call such an sPBC extension generalized sPBC or gsPBC. An interleaving operational semantics of gsPBC was constructed via transition systems labeled with stochastic or immediate multiactions together with their rates or probabilities. A denotational semantics of gsPBC was defined via a subclass of labeled generalized stochastic PNs, based on GSPNs [40, 2, 3] and called generalized stochastic Petri boxes (gs-boxes). The performance analysis in gsPBC is based on the semi-Markov chains (SMCs).
PBC has a step operational semantics, whereas sPBC has an interleaving one. In step semantics, parallel executions of activities (steps) are permitted while in interleaving semantics, we can execute only single activities. Hence, a stochastic extension of PBC with a step semantics was needed to keep the concurrency degree of behavioural analysis at the same level as in PBC. As mentioned in [44, 45], in contrast to continuous time approach (used in sPBC), discrete time approach allows for constructing models of common clock systems and clocked devices. In such models, multiple transition firings (or executions of multiple activities) at time moments (ticks of the central clock) are possible, resulting in a step semantics. Moreover, employment of discrete stochastic time fills the gap between the models with deterministic (fixed) time delays and those with continuous stochastic time delays. As argued in [1], arbitrary delay distributions are much easier to handle in a discrete time domain. In [36, 37, 34], discrete stochastic time was preferred to enable simultaneous expiration of multiple delays.
In [51, 52, 53, 54], a discrete time stochastic extension dtsPBC of finite PBC was presented. In dtsPBC, the residence time in the process states is geometrically distributed. A step operational semantics of dtsPBC was constructed via labeled probabilistic transition systems. Its denotational semantics was defined in terms of a subclass of labeled discrete time stochastic PNs (LDTSPNs), based on DTSPNs [44, 45] and called discrete time stochastic Petri boxes (dts-boxes). The performance evaluation in dtsPBC is accomplished via the underlying discrete time Markov chains (DTMCs) of the algebraic processes. Since dtsPBC has a discrete time semantics and geometrically distributed sojourn time in the process states, unlike sPBC with continuous time semantics and exponentially distributed delays, the calculi apply two different approaches to the stochastic extension of PBC, in spite of some similarity of their syntax and semantics inherited from PBC. The main advantage of dtsPBC is that concurrency is treated like in PBC having step semantics, whereas in sPBC parallelism is simulated by interleaving, obliging one to collect the information on causal independence of activities before constructing the semantics.
In [55, 56, 57, 58, 59], we presented an enhanced calculus dtsiPBC, an extension with immediate multiactions of dtsPBC. Immediate multiactions increase the specification capability: they can model logical conditions, probabilistic branching, instantaneous probabilistic choices and activities whose durations are negligible in comparison with those of others. They are also used to specify urgent activities and the ones that are not relevant for performance evaluation. Thus, immediate multiactions can be considered as a kind of instantaneous dynamic state adjustment and, in many cases, they result in a simpler and more clear system representation.
1.4 Our contributions
In this paper, we present dtsiPBC, extended with deterministic multiactions, called discrete time stochastic and deterministic Petri box calculus (dtsdPBC). In dtsdPBC, besides the probabilities from the real-valued interval that are used to calculate discrete-time delays of stochastic multiactions, also non-negative integers are used to specify fixed time delays of deterministic multiactions (including zero delay, which is the case of immediate multiactions). To resolve conflicts among deterministic multiactions, they are additionally equipped with positive real-valued weights. As argued in [61, 62], a combination of deterministic and stochastic delays fits well to model technical systems with constant (fixed) durations of the regular non-random activities and probabilistically distributed (stochastic) durations of the randomly occurring activities. The step operational semantics of dtsdPBC is constructed with the use of labeled probabilistic transition systems. The denotational semantics of dtsdPBC is defined in terms of a subclass of labeled discrete time stochastic and deterministic Petri nets (LDTSPNs with deterministic transitions, LDTSDPNs), based on the extension of DTSPNs with transition labeling and deterministic transitions, called dtsd-boxes. The consistency of both semantics is demonstrated. The corresponding stochastic process, which is a semi-Markov chain (SMC), is constructed and investigated, with the purpose of performance evaluation, which is the same for both semantics. In addition, the alternative solution methods are developed, based on the underlying discrete time Markov chain (DTMC) and its reduction (RDTMC) by eliminating vanishing states with zero sojourn (residence) times. The theory developed is illustrated with a series of the interesting and non-trivial examples that include the travel system case study, used to demonstrate application of the performance analysis methods within dtsdPBC.
Thus, the main contributions of the paper are the following.
- •
New powerful and expressive discrete time SPA with deterministic activities called dtsdPBC.
- •
Step operational semantics of dtsdPBC in terms of labeled probabilistic transition systems.
- •
Petri net denotational semantics of dtsdPBC via discrete time stochastic and deterministic Petri nets.
- •
Performance analysis via underlying semi-Markov chains and (reduced) discrete time Markov chains.
1.5 Structure of the paper
The paper is organized as follows. In Section 2, the syntax of the extended calculus dtsdPBC is presented. In Section 3, we construct the operational semantics of the algebra in terms of labeled probabilistic transition systems. In Section 4, we propose the denotational semantics based on a subclass of LDTSDPNs. In Section 5, the corresponding stochastic process is defined and analyzed. Finally, Section 6 summarizes the results obtained and outlines research perspectives in this area.
2 Syntax
In this section, we propose the syntax of dtsdPBC. First, we recall a definition of multiset that is an extension of the set notion by allowing several identical elements.
Definition 2.1
Let be a set. A finite multiset (bag) over is a mapping such that , i.e. it can contain a finite number of elements only.
We denote the set of all finite multisets over a set by . Let . The cardinality of is defined as . We write if and if . We define and . When can be interpreted as a proper set and denoted by . The set of all subsets (powerset) of is denoted by .
Let be the set of elementary actions. Then is the set of conjugated actions (conjugates) such that and . Let be the set of all actions, and be the set of all multiactions. Note that , this corresponds to an internal move, i.e. the execution of a multiaction that contains no visible action names. The alphabet of is defined as .
A stochastic multiaction is a pair , where and is the probability of the multiaction . This probability is interpreted as that of independent execution of the stochastic multiaction at the next discrete time moment. Such probabilities are used to calculate those to execute (possibly empty) sets of stochastic multiactions after one time unit delay. The probabilities of stochastic multiactions are required not to be equal to to avoid extra model complexity, since in this case one should assign with them weights, needed to make a choice when several stochastic multiactions with probability can be executed from a state. The difficulty is that when the stochastic multiactions with probability occur in a step (parallel execution), all other with the less probabilities do not. In this case, the conflicts resolving requires a special attention, as discussed in [44, 45] within SPNs. This decision also allows us to avoid technical difficulties related to conditioning events with probability [math]. The probability is left for (implicitly assigned to) waiting multiactions (positively delayed deterministic multiactions, to be defined later), which are delayed for at least one time unit before their execution and have weights to resolve conflicts with other waiting multiactions. On the other hand, there is no sense to allow probability [math] of stochastic multiactions, since they would never be performed in this case. Let be the set of all stochastic multiactions.
A deterministic multiaction is a pair , where is the non-negative integer-valued (fixed) delay and is the positive real-valued weight of the multiaction . This weight is interpreted as a measure of importance (urgency, interest) or a bonus reward associated with execution of the deterministic multiaction at the current discrete time moment. Such weights are used to calculate the probabilities to execute sets of deterministic multiactions at the same moment of time. An immediate multiaction is a deterministic multiaction with the delay [math] while a waiting multiaction is a deterministic multiaction with a positive delay. In case of no conflicts among waiting multiactions, whose remaining times to execute (RTEs, to be explained later in more detail) are equal to one time unit, they are executed with probability at the next time moment. Deterministic multiactions have a priority over stochastic ones, and there is also difference in priorities between immediate and waiting multiactions. One can assume that all immediate multiactions have (the highest) priority and all waiting multiactions have (the intermediate) priority , whereas all stochastic multiactions have (the lowest) priority [math]. This means that in a state where all kinds of multiactions can occur, immediate multiactions always occur before waiting ones that, in turn, are always executed before stochastic ones. Different types of multiactions cannot participate together in some step (parallel execution), i.e. just the steps consisting only of immediate multiactions or waiting ones, or those including only stochastic multiactions, are allowed. Let be the set of all deterministic multiactions, be the set of all immediate multiactions and be the set of all waiting multiactions. Obviously, we have .
Let us note that the same multiaction may have different probabilities, (fixed) delays and weights in the same specification. An activity is a stochastic or a deterministic multiaction. Let be the set of all activities. The alphabet of an activity is defined as . The alphabet of a multiset of activities is defined as . For an activity , we define its multiaction part as and its probability or weight part as if ; or if . The multiaction part of a multiset of activities is defined as .
Activities are combined into formulas (process expressions) by the following operations: sequential execution ;, choice , parallelism , relabeling of actions, restriction over a single action, synchronization on an action and its conjugate, and iteration with three arguments: initialization, body and termination.
Sequential execution and choice have a standard interpretation, like in other process algebras, but parallelism does not include synchronization, unlike the corresponding operation in CCS [43].
Relabeling functions are bijections preserving conjugates, i.e. . Relabeling is extended to multiactions in the usual way: for we define . Relabeling is extended to activities: for , we define . Relabeling is extended to the multisets of activities as follows: for we define .
Restriction over an elementary action means that, for a given expression, any process behaviour containing or its conjugate is not allowed.
Let be two multiactions such that for some elementary action we have and , or and . Then, synchronization of and by is defined as , where
[TABLE]
In other words, we require that , i.e. we remove one exemplar of and one exemplar of from the multiset sum , since the synchronization of and produces . Activities are synchronized with the use of their multiaction parts, i.e. the synchronization by of two activities, whose multiaction parts and possess the properties mentioned above, results in the activity with the multiaction part . We may synchronize activities of the same type only: either both stochastic multiactions or both immediate ones, since immediate multiactions have a priority over stochastic ones, hence, stochastic and immediate multiactions cannot be executed together (note also that the execution of immediate multiactions takes no time, unlike that of stochastic ones). Synchronization by means that, for a given expression with a process behaviour containing two concurrent activities that can be synchronized by , there exists also the process behaviour that differs from the former only in that the two activities are replaced by the result of their synchronization.
In the iteration, the initialization subprocess is executed first, then the body is performed zero or more times, and finally, the termination subprocess is executed.
Static expressions specify the structure of processes. As we shall see, the expressions correspond to unmarked LDTSDPNs (LDTSDPNs are marked by definition). Remember that a marking is the allocation of tokens in the places of a PN and markings are used to describe dynamic behaviour of PNs in terms of transition firings.
We assume that every waiting multiaction has a countdown timer associated, whose value is the discrete time amount left till the moment when the waiting multiaction can be executed. Therefore, besides standard (unstamped) waiting multiactions in the form of , a special case of the stamped waiting multiactions should be considered in the definition of static expressions. Each (time) stamped waiting multiaction in the form of has an extra superscript assigned that specifies a time stamp indicating the latest value of the countdown timer associated with that multiaction. The standard waiting multiactions have no time stamps, to demonstrate irrelevance of the timer values for them (for example, their timers have not yet started or have already finished their operation). The notions of the alphabet, multiaction part, weight part for (the multisets of) stamped waiting multiactions are defined, respectively, like those for (the multisets of) unstamped waiting multiactions.
By reasons of simplicity, we do not assign the timer value superscripts to immediate multiactions, which are a special case of deterministic multiactions with the delay in the form of , since their timer values can only be equal to [math]. Analogously, the superscript might be omitted for the waiting multiactions with the delay in the form of , since the corresponding timer can only have a single value . Nevertheless, to maintain syntactic uniformity among waiting multiactions, we leave the timer value superscripts for those that are -delayed.
Definition 2.2
Let and . A static expression of dtsdPBC is defined as
[TABLE]
Let denote the set of all static expressions of dtsdPBC.
To make the grammar above unambiguous, one can add parentheses in the productions with binary operations: . However, here and further we prefer the PBC approach and add them to resolve ambiguities only.
To avoid technical difficulties with the iteration operator, we should not allow any concurrency at the highest level of the second argument of iteration. This is not a severe restriction though, since we can always prefix parallel expressions by an activity with the empty multiaction part. Later on, in Example 4.3, we shall demonstrate that relaxing the restriction can result in nets which are not safe. Alternatively, we can use a different, safe, version of the iteration operator, but its net translation has six arguments. See also [9] for discussion on this subject. Remember that a PN is -bounded () if for all its reachable (from the initial marking by the sequences of transition firings) markings there are at most tokens in every place, and a PN is safe if it is -bounded.
Definition 2.3
Let and . A regular static expression of dtsdPBC is defined as
[TABLE]
Let denote the set of all regular static expressions of dtsdPBC.
Let be a regular static expression. The underlying timer-free regular static expression of is obtained by removing from it all timer value superscripts.
Further, the set of all stochastic multiactions (from the syntax) of is . The set of all immediate multiactions (from the syntax) of is . The set of all waiting multiactions (from the syntax) of is . Thus, the set of all deterministic multiactions (from the syntax) of is and the set of all activities (from the syntax) of is .
Dynamic expressions specify the states of processes. As we shall see, the expressions correspond to LDTSDPNs (which are marked by default). Dynamic expressions are obtained from static ones, by annotating them with upper or lower bars which specify the active components of the system at the current moment of time. The dynamic expression with upper bar (the overlined one) denotes the initial, and that with lower bar (the underlined one) denotes the final state of the process specified by a static expression .
For every overlined stamped waiting multiaction in the form of , the superscript specifies the current value of the running countdown timer associated with the waiting multiaction. That decreasing discrete timer is started with the initial value (equal to the delay of the waiting multiaction) at the moment when the waiting multiaction becomes overlined. Then such a newly overlined stamped waiting multiaction may be seen similar to the freshly overlined unstamped waiting multiaction . Such similarity will be captured by the structural equivalence, to be defined later.
While the stamped waiting multiaction stays overlined with the specified process execution, the timer decrements by one discrete time unit with each global time tick until the timer value becomes . This fact indicates that one unit of time remains till execution of that multiaction (the remaining time to execute, RTE, equals one) that should follow in the next moment with probability , in case the stamped waiting multiaction is still overlined and there are no conflicting with it waiting multiactions, whose RTEs equal to one.
Definition 2.4
Let and . A dynamic expression of dtsdPBC is defined as
[TABLE]
Let denote the set of all dynamic expressions of dtsdPBC.
Let be a dynamic expression. The underlying static (line-free) expression of is obtained by removing from it all upper and lower bars. Note that if the underlying static expression of a dynamic one is not regular, the corresponding LDTSDPN can be non-safe (though, it is -bounded in the worst case [9]).
Definition 2.5
A dynamic expression is regular if its underlying static expression is regular.
Let denote the set of all regular dynamic expressions of dtsdPBC.
Let be a regular dynamic expression. The underlying timer-free regular dynamic expression of is obtained by removing from it all timer value superscripts.
Further, the set of all stochastic multiactions (from the syntax) of is . The set of all immediate multiactions (from the syntax) of is . The set of all waiting multiactions (from the syntax) of is . Thus, the set of all deterministic multiactions (from the syntax) of is and the set of all activities (from the syntax) of is .
3 Operational semantics
In this section, we define the step operational semantics in terms of labeled transition systems.
3.1 Inaction rules
The inaction rules for dynamic expressions describe their structural transformations in the form of which do not change the states of the specified processes. The goal of those syntactic transformations is to obtain the well-structured resulting expressions called operative ones to which no inaction rules can be further applied. As we shall see, the application of an inaction rule to a dynamic expression does not lead to any discrete time tick or any transition firing in the corresponding LDTSDPN, hence, its current marking stays unchanged.
Thus, an application of every inaction rule does not require any discrete time delay, i.e. the dynamic expression transformation described by the rule is accomplished instantly.
In Table 1, we define inaction rules for regular dynamic expressions being overlined and underlined static ones. In this table, and . The first inaction rule suggests that the timer value of each newly overlined waiting multiaction is set to the delay of that waiting multiaction.
In Table 2, we introduce inaction rules for regular dynamic expressions in the arbitrary form. In this table, and . By reason of brevity, two distinct inaction rules with the same premises are collated in some cases, resulting in the inaction rules with double conclusion.
Example 3.1
Let . The following inferences by the inaction rules are possible from :
[TABLE]
Definition 3.1
A regular dynamic expression is operative if no inaction rule can be applied to it.
Let denote the set of all operative regular dynamic expressions of dtsdPBC.
Note that any dynamic expression can be always transformed into a (not necessarily unique) operative one by using the inaction rules.
In the following, we consider regular expressions only and omit the word “regular”.
Definition 3.2
The relation is a structural equivalence of dynamic expressions in dtsdPBC. Thus, two dynamic expressions and are structurally equivalent, denoted by , if they can be reached from each other by applying the inaction rules in a forward or a backward direction.
Let be some set. We denote the Cartesian product by . Let be an equivalence relation on . Then the equivalence class (with respect to ) of an element is defined by . The equivalence partitions into the set of equivalence classes .
Let be a dynamic expression. Then is the equivalence class of with respect to the structural equivalence, called the (corresponding) state. Next, is an initial dynamic expression, denoted by , if . Further, is a final dynamic expression, denoted by , if .
Let be a dynamic expression and . The set of all enabled stochastic multiactions of is , i.e. it consists of all stochastic multiactions that, being overlined, are the subexpressions of some operative dynamic expression from the state . Analogously, the set of all enabled immediate multiactions of is . The set of all enabled waiting multiactions of is , i.e. it consists of all waiting multiactions that, being superscribed with the values of their timers and overlined, are the subexpressions of some operative dynamic expression from the state . The set of all newly enabled waiting multiactions of is , i.e. it consists of all waiting multiactions that, being superscribed with the initial values of their timers (delays of those waiting multiactions) and overlined, are the subexpressions of some operative dynamic expression from the state .
Thus, the set of all enabled deterministic multiactions of is and the set of all enabled activities of is defined as . As we shall see, is an algebraic analogue of the set of all transitions enabled at the initial marking of the LDTSDPN corresponding to . Note that the activities, resulted from synchronization, are not present explicitly in the syntax of the dynamic expressions. Nevertheless, their enabledness status can be recovered by observing that of the pair of synchronized activities from the syntax (they both should be enabled for enabling their synchronized product), even if they are affected by restriction after the synchronization. An activity is said to be affected by restriction, if it is within the scope of a restriction operation with the argument action, such that it or its conjugate is contained in the multiaction part of that activity.
Definition 3.3
An operative dynamic expression is saturated (with the values of timers), if each enabled waiting multiaction of , being (certainly) superscribed with the value of its timer and possibly overlined, is the subexpression of .
Let denote the set of all saturated operative dynamic expressions of dtsdPBC.
Proposition 3.1
Any operative dynamic expression can be always transformed into the saturated one by using the inaction rules.
Proof. Let be a dynamic expression, and there exists that contains a subexpression . Then all operative dynamic expressions from contain a subexpression or , i.e. the (possibly overlined) enabled waiting multiaction with the (non-initial) timer value superscript . Note that the timer value superscript is the same for all such structurally equivalent operative dynamic expressions. Indeed, all inaction rules, besides the first one, do not change the values of timers, but those rules just modify the overlines and underlines of dynamic expressions. The first inaction rule just sets up the timer of each overlined waiting multiaction with the initial value , equal to the delay of that waiting multiaction, as follows: . Then the remaining inaction rules can shift out the overline of that enabled waiting multiaction before setting up its timer, which results in a non-overlined enabled waiting multiaction without timer value superscript . Thus, for , it can happen that a subexpression of some and is a subexpression of a different .
Let now be an operative dynamic expression that is not saturated. By the arguments above, the saturation can be violated only if contains as a subexpression at least one newly enabled waiting multiaction of that is not superscribed with the timer value. By the definition of the new-enabling, there exists such that is a subexpression of . Since , there is a sequence of the inaction rules applications (in a forward or a backward direction) that transforms into . Then the reverse sequence transforms into . Let us remove from that reverse sequence the following backward application of the first inaction rule: . Then such a reduced reverse sequence will turn into , obtained from by replacing with .
Let us start from and apply the above procedure to the remaining not superscribed with the timer values newly enabled waiting multiactions of (which are also those of such kind of ). After repeated application of the mentioned procedure for all non-superscribed newly enabled waiting multiactions of , we shall get from it the saturated operative dynamic expression . Note that the presented transformation of into does not change the enabling, since it does not change any overlines or underlines in the syntax of the traversed operative dynamic expressions, but only iteratively assigns the timer value superscripts to all newly enabled waiting multiactions of . Hence, .
Thus, any dynamic expression can be always transformed into a (not necessarily unique) saturated operative one by using the inaction rules.
Example 3.2
Let be from Example 3.1. Consider the sequence of inaction rules, applied (in a forward or a backward direction) in the following transformation of a non-saturated with the non-superscribed with the timer value (unstamped) enabled waiting multiaction into (a saturated) , in which is stamped:
[TABLE]
The reduced reverse sequence of inaction rules induces the following transformations of that result in a saturated , in which is stamped:
[TABLE]
Let be a saturated operative dynamic expression. Then is written for the timer decrement operator , applied to . It denotes a saturated operative dynamic expression, obtained from via decrementing by one time unit all greater than values of the timers associated with all (if any) stamped waiting multiactions from the syntax of . Thus, each such stamped waiting multiaction changes its timer value from in to in , where . More formally, the timer decrement operator affects the (possibly overlined) stamped waiting multiactions being the subexpressions of as follows. The overlined stamped waiting multiaction is replaced with while the stamped waiting multiaction without overline or underline is replaced with .
Note that when , we have , hence, the timer value may remain unchanged for a stamped waiting multiaction that is not executed by some reason at the next time moment, but stays stamped. For example, that stamped waiting multiaction may be affected by restriction. If the timer values cannot be decremented with a time tick for all stamped waiting multiactions (if any) from then and we obtain so-called empty loop transition that will be formally defined later.
Observe that the timer decrement operator keeps stamping of the waiting multiactions, since it does not change any overlines or underlines, but it may only decrease their timer values, so that the stamped enabled waiting multiactions stay stamped (with their timer values, possibly decremented by one).
Example 3.3
Let be from Example 3.1. We have and . The following one time unit timer decrements are possible from the saturated operative dynamic expressions belonging to :
[TABLE]
Note that, similar in [28], we are mainly interested in the dynamic expressions, derived from the overlined static expressions, such that no stamped waiting multiaction is a subexpression of them, to ensure that time proceeds uniformly. Therefore, we consider a dynamic expression as “illegal” and that as “legal”, since the latter is obtained from the overlined static expression without timer value superscripts after one time tick. On the other hand, is “illegal” only when it is intended to specify a complete process, but it may become “legal” as a part of such complete specification, like , since after two time ticks from , the timer values cannot be decreased further when approaching the value . Thus, we should allow the dynamic expressions like , by assuming that they are incomplete specifications, to be further composed.
Let be a dynamic expression. Then is the timer valuation function of the waiting multiactions of , defined as follows. For , let , if and or is a subexpression of . We let , if , where ‘’ denotes the undefined value. The definition is correct by the argumentation from the proof of Proposition 3.1. Indeed, for each waiting multiaction of , its timer value superscript (if any) is the same for every , in which that waiting multiaction, possibly being superscribed with the value of its timer and overlined or underlined, is a subexpression.
Let . Then for all , we have .
3.2 Action and empty move rules
The action rules are applied when some activities are executed. With these rules we capture the prioritization among different types of multiactions. We also have the empty move rule which is used to capture a delay of one discrete time unit when no immediate or waiting multiactions are executable. In this case, the empty multiset of activities is executed. The action and empty move rules will be used later to determine all multisets of activities which can be executed from the structural equivalence class of every dynamic expression (i.e. from the state of the corresponding process). This information together with that about probabilities or delays and weights of the activities to be executed from the current process state will be used to calculate the probabilities of such executions.
The action rules with stochastic (immediate or waiting, respectively) multiactions describe dynamic expression transformations in the form of ( or , respectively) due to execution of non-empty multisets of stochastic ( of immediate or of waiting, respectively) multiactions. The rules represent possible state changes of the specified processes when some non-empty multisets of stochastic (immediate or waiting, respectively) multiactions are executed. As we shall see, the application of an action rule with stochastic (immediate or waiting, respectively) multiactions to a dynamic expression leads in the corresponding LDTSDPN to a discrete time tick at which some stochastic or waiting transitions fire (or to the instantaneous firing of some immediate transitions) and possible change of the current marking. The current marking stays unchanged only if there is a self-loop produced by the iterative execution of a non-empty multiset, which must be one-element, i.e. a single stochastic (immediate or waiting, respectively) multiaction. The reason is the regularity requirement that allows no concurrency at the highest level of the second argument of iteration.
The empty move rule (applicable only when no immediate or waiting multiactions can be executed from the current state) describes dynamic expression transformations in the form of , called the empty moves, due to execution of the empty multiset of activities at a discrete time tick. When no timer values are decremented within with the empty multiset execution at the next moment (for example, if contains no enabled waiting multiactions), we have . In such a case, the empty move from is in the form of , called the empty loop. As we shall see, the application of the empty move rule to a dynamic expression leads to a discrete time tick in the corresponding LDTSDPN at which no transitions fire and the current marking is not changed, but the timer values of the waiting transitions enabled at the marking (if any) are decremented by one. This is a new rule that has no prototype among inaction rules of PBC, since it represents a time delay, but no notion of time exists in PBC. The PBC rule from [10, 9] in our setting would correspond to the rule that describes staying in the current state when no time elapses. Since we do not need the latter rule to transform dynamic expressions into operative ones and it can even destroy the definition of operative expressions, we do not introduce it in dtsdPBC.
Thus, an application of every action rule with stochastic or waiting multiactions or the empty move rule requires one discrete time unit delay, i.e. the execution of a (possibly empty) multiset of stochastic or (non-empty) multiset of waiting multiactions leading to the dynamic expression transformation described by the rule is accomplished instantly after one time unit. An application of every action rule with immediate multiactions does not take any time, i.e. the execution of a (non-empty) multiset of immediate multiactions is accomplished instantly at the current moment of time.
Note that expressions of dtsdPBC can contain identical activities. To avoid technical difficulties, such as the proper calculation of the state change probabilities for multiple transitions, we can always enumerate coinciding activities from left to right in the syntax of expressions. The new activities, resulted from synchronization will be annotated with concatenation of numberings of the activities they come from, hence, the numbering should have a tree structure to reflect the effect of multiple synchronizations. We now define the numbering which encodes a binary tree with the leaves labeled by natural numbers.
Definition 3.4
The numbering of expressions is defined as , where .
Let denote the set of all numberings of expressions.
Example 3.4
The numbering encodes the binary tree depicted in Figure 1(a) with the root labeled by . The numbering corresponds to the binary tree depicted in Figure 1(b) without internal nodes and with two leaves labeled by and . The numbering represents the binary tree depicted in Figure 1(c) with one internal node, which is the root for the subtree , and three leaves labeled by and .
The new activities resulting from synchronizations in different orders should be considered up to permutation of their numbering. In this way, we shall recognize different instances of the same activity. If we compare the contents of different numberings, i.e. the sets of natural numbers in them, we shall be able to identify the mentioned instances.
The content of a numbering is
[TABLE]
After the enumeration, the multisets of activities from the expressions will become the proper sets. In the following, we suppose that the identical activities are enumerated when needed to avoid ambiguity. This enumeration is considered to be implicit.
Definition 3.5
Let . We now define the set of all non-empty multisets of activities which can be potentially executed from , denoted by . Let and .
If then . 2. 2.
If and , then . 3. 3.
If and or , then . 4. 4.
If and , then . 5. 5.
If then . 6. 6.
If and then . 7. 7.
If and are different activities such that , then
- (a)
* if ;* 2. (b)
* if .*
When we synchronize the same multiset of activities in different orders, we obtain several activities with the same multiaction and probability or delay and weight parts, but with different numberings having the same content. Then we only consider a single one of the resulting activities to avoid introducing redundant ones.
For example, the synchronization of stochastic multiactions and in different orders generates the activities and . Similarly, the synchronization of deterministic multiactions and in different orders generates the activities and . Since , in both cases, only the first activity (or, symmetrically, the second one) resulting from synchronization will appear in a multiset from .
Note that if then by definition of , we have .
Let and . Obviously, if there are only stochastic (immediate or waiting, respectively) multiactions in the multisets from then these stochastic (immediate or waiting, respectively) multiactions can be executed from . Otherwise, besides stochastic ones, there are also deterministic (immediate and/or waiting) multiactions in the multisets from . By the note above, there are non-empty multisets of deterministic multiactions in as well, i.e. . In this case, no stochastic can be executed from , even if contains non-empty multisets of stochastic multiactions, since deterministic multiactions have a priority over stochastic ones, and should be executed first. Further, if there are no stochastic, but both waiting and immediate multiactions in the multisets from , then, analogously, no waiting multiactions can be executed from , since immediate multiactions have a priority over waiting ones (besides that over stochastic ones).
When there are only waiting and, possibly, stochastic multiactions in the multisets from then, from above, only waiting ones can be executed from . Then just maximal non-empty multisets of waiting multiactions can be executed from , since all non-conflicting waiting multiactions cannot wait anymore and they should occur at the next time moment with probability . The next definition formalizes these requirements.
Definition 3.6
Let . The set of all non-empty multisets of activities which can be executed from is
[TABLE]
Consider an operative dynamic expression . The expression is s-tangible (stochastically tangible), denoted by , if . In particular, we have , if . The expression is w-tangible (waitingly tangible), denoted by , if . The expression is tangible, denoted by , if or , i.e. . Again, we particularly have , if . Otherwise, the expression is vanishing, denoted by , and in this case .
For a (possibly non-operative) dynamic expression , we write ( or , respectively), if , we have ( or , respectively). We write , if or . Note that the operative dynamic expressions from may have different types in general. The following example demonstrates two operative dynamic expressions and with , such that , but .
Example 3.5
*Let and . Then ,
since for , but and . Clearly, we have and . The executions like that of (and all multisets including it) from and must be disabled using preconditions in the action rules, since immediate multiactions have a priority over stochastic ones, hence, the former are always executed first.*
Let and . Then , since for , but and . We have , but . To make the action rules correct under structural equivalence, the executions like that of from must be disabled using preconditions in the action rules, since immediate multiactions have a priority over stochastic ones, hence, the choices between them are always resolved in favour of the former.
In Table 3, we define the action and empty move rules. In the table, and Further, and . Moreover, and .
We use the following abbreviations in the names of the rules from the table: “E” for “Empty move”, “B” for “Basis case”, “S” for “Sequence”, “C” for “Choice”, “P” for “Parallel”, “L” for “reLabeling”, “R” for “Restriction”, “I” for “Iteraton” and “Sy” for “Synchronization”. The first rule in the table is the empty move rule E. The other rules are the action rules, describing transformations of dynamic expressions, which are built using particular algebraic operations. If we cannot merge the rules with stochastic, immediate ans waiting multiactions in one rule for some operation then we get the coupled action rules. In such cases, the names of the action rules with stochastic multiactions have a suffix ‘s’, those with immediate multiactions have a suffix ‘i’, and those with waiting multiactions have a suffix ‘w’. To make presentation more compact, the action rules with double conclusion are combined from two distinct action rules with the same premises.
Almost all the rules in Table 3 (excepting E, Bw, P2s, P2i, P2w, Sy2s, Sy2i and Sy2w) resemble those of gsPBC, but the former correspond to execution of multisets of activities, not of single activities, as in the latter, and our rules have simpler preconditions (if any), since all immediate multiactions in dtsdPBC have the same priority level, unlike those of gsPBC.
The preconditions in rules E, Cs, P1s, and I2s are needed to ensure that (possibly empty) multisets of stochastic multiactions are executed only from s-tangible saturated operative dynamic expressions, such that all dynamic expressions structurally equivalent to them are s-tangible as well. For example, if in rule Cs then for some static expression and . Hence, it should be guaranteed that , which holds iff . The case is treated similarly. In rule P1s, assuming that , it should be guaranteed that and , which holds iff . The precondition in rule I2s is analogous to that in rule Cs.
Analogously, the preconditions in rules Cw, and I2w are needed to ensure that non-empty multisets of waiting multiactions are executed only from tangible saturated operative dynamic expressions, such that all dynamic expressions structurally equivalent to them are tangible as well. This requirement (about tangible expressions) means that only (possibly empty) multisets of stochastic multiactions or non-empty multisets of waiting multiactions, and no immediate multiactions, can be executed from the subprocess that is composed alternatively (in choice) with the subprocess . Hence, the multiset of waiting multiactions, executed from , can also be executed from the composition of and , since immediate multiactions cannot occur from . Otherwise, it would prevent the execution of from in the composite process, by disregarding the alternative choice of the branch specified by , due to the zero delays and priority (captured by all action rules) of immediate multiactions over all other multiaction types.
The precondition in rule P1w is an exception from the above, and is needed to ensure that non-empty multisets of waiting multiactions are executed only from s-tangible saturated operative dynamic expressions, such that all dynamic expressions structurally equivalent to them are s-tangible as well. This stricter requirement (about s-tangible, instead of just tangible, expressions) means that only (possibly empty) multisets of stochastic multiactions, and no immediate or waiting multiactions, can be executed from the subprocess that is composed concurrently (in parallel) with the subprocess . Hence, the multiset of waiting multiactions, executed from , is also a maximal (by the inclusion relation) multiset that can be executed from the parallel composition of and . The reason is that only the timers decrement by one time unit (by applying rule E) is actually possible in while executing from , due to priority (captured by all action rules) of waiting multiactions over stochastic ones. Thus, taking the rule precondition instead of preserves maximality of the steps consisting of waiting multiactions while applying parallel composition.
In rules P1s and P1w, the timer value decrementing by one , applied to the s-tangible saturated operative dynamic expression that is composed in parallel with , from which stochastic multiactions are executed at the next time tick, is used to maintain the time progress uniformity in the composite expression. Although rules P1s and P1w can be merged, we have not done it, aiming to emphasize the exceptional precondition in rule P1w.
In rules Cs, Ci and Cw, the timer values discarding , applied to the static expression that is composed in choice with , from which activities are executed, signifies that the timer values of the non-chosen subexpression (branch) become irrelevant in the composite expression and thus may be removed. Analogously, in rules I2s, I2i and I2w, the timer values discarding is applied to the static expression that is an alternative to , from which activities are executed, since the choice is always made between the body and termination subexpressions of the composite iteration expression (between the second and third arguments of iteration).
Rule E corresponds to one discrete time unit delay (passage of one unit of time) while executing no activities and therefore it has no analogues among the rules of gsPBC that adopts the continuous time model. Rule E is a global one, i.e. it is applied only to the whole (topmost level of) expressions, rather than to their parts. The reason is that all other action rules describe dynamic expressions transformations due to execution of non-empty multisets of activities. Hence, the actionless time move described by rule E cannot “penetrate” with action rules through the expressions structure. This guarantees that time progresses uniformly in all their subexpressions.
Rule Bw differs from the more standard ones Bs and Bi that both resemble rule B in gsPBC. The reason is that in Bw, the overlined waiting multiaction has an extra superscript ‘’, indicating that one time unit is remained until the multiaction’s execution (RTE equals one) that should follow in the next moment.
Rules P2s, P2i and P2w have no similar rules in gsPBC, since interleaving semantics of the algebra allows no simultaneous execution of activities. On the other hand, P2s, P2i and P2w have in PBC the analogous rule PAR that is used to construct step semantics of the calculus, but the former two rules correspond to execution of multisets of activities, unlike that of multisets of multiactions in the latter rule. Rules P2s, P2i and P2w cannot be merged, since otherwise simultaneous execution of different types of multiactions would be allowed.
Rules Sy2s, Sy2i and Sy2w differ from the corresponding synchronization rules in gsPBC, since the probability or the weight of synchronization in the former rules and the rate or the weight of synchronization in the latter rules are calculated in two distinct ways. Rules Sy2i and Sy2w cannot be merged, since otherwise synchronous execution of immediate and waiting multiactions would be allowed.
Rule Sy2s establishes that the synchronization of two stochastic multiactions is made by taking the product of their probabilities, since we are considering that both must occur for the synchronization to happen, so this corresponds, in some sense, to the probability of the independent event intersection, but the real situation is more complex, since these stochastic multiactions can also be executed in parallel. Nevertheless, when scoping (the combined operation consisting of synchronization followed by restriction over the same action [9]) is applied over a parallel execution, we get as final result just the simple product of the probabilities, since no normalization is needed there. Multiplication is an associative and commutative binary operation that is distributive over addition, i.e. it fulfills all practical conditions imposed on the synchronization operator in [24]. Further, if both arguments of multiplication are from then the result belongs to the same interval, hence, multiplication naturally maintains probabilistic compositionality in our model. Our approach is similar to the multiplication of rates of the synchronized actions in MTIPP [23] in the case when the rates are less than . Moreover, for the probabilities and of two stochastic multiactions to be synchronized we have , i.e. multiplication meets the performance requirement stating that the probability of the resulting synchronized stochastic multiaction should be less than the probabilities of the two ones to be synchronized. While performance evaluation, it is usually supposed that the execution of two components together require more system resources and time than the execution of each single one. This resembles the bounded capacity assumption from [24]. Thus, multiplication is easy to handle with and it satisfies the algebraic, probabilistic, time and performance requirements. Therefore, we have chosen the product of the probabilities for the synchronization. See also [13, 12] for a discussion about binary operations producing the rates of synchronization in the continuous time setting.
In rules Sy2i and Sy2w, we sum the weights of two synchronized immediate (waiting, respectively) multiactions, since the weights can be interpreted as the rewards [50], thus, we collect the rewards. Moreover, we express that the synchronized execution of immediate (waiting) multiactions has more importance than that of every single one. The weights of immediate and waiting (i.e. deterministic) multiactions can also be seen as bonus rewards associated with transitions [6]. The rewards are summed during synchronized execution of immediate (waiting) multiactions, since in that case all the synchronized activities can be seen as participated in the execution. We prefer to collect more rewards, thus, the transitions providing greater rewards will have a preference and they will be executed with a greater probability. In particular, since execution of immediate multiactions takes no time, we prefer to collect in a step (parallel execution) as many synchronized immediate multiactions as possible to get more significant progress in behaviour. Under behavioural progress we understand an advance in executing activities, which does not always imply a progress in time, as in the case when the activities are immediate multiactions. This aspect will be used later, while evaluating performance via analysis of the embedded discrete time Markov chains (EDTMCs) of expressions. Since every state change in EDTMC takes one unit of (its local) time, greater advance in operation of the EDTMC allows one to calculate quicker many performance indices. As for waiting multiactions, only the maximal multisets of them, executable from a state, occur with a time tick. The reason is that each waiting multiaction has a probability to occur in the next moment, when the remaining time of its timer (RTE) equals one and there exist no conflicting waiting multiactions. Hence, all waiting multiactions with the RTE being one that are executable together from a state must participate in a step from that state. Since there may exist different such maximal multisets of waiting multiactions, a probabilistic choice among all possible steps is made, imposed by the weights of those multiactions. Thus, the steps of waiting multiactions always produce maximal overall weights, but they are mainly used to calculate the probabilities of alternative maximal steps rather than the cumulative bonus rewards.
We do not have self-synchronization, i.e. synchronization of an activity with itself, since all the (enumerated) activities executed together are considered to be different. This allows us to avoid rather cumbersome and unexpected behaviour, as well as many technical difficulties [9].
Notice that the timers of all waiting multiactions that lose their overlines when a state change occurs become inactive (turned off) and their values become irrelevant while the timers of all those preserving their overlines continue running with their stored values. Hence, we adopt the enabling memory memory policy [41, 1, 2, 3] when the process states are changed and the overlining of deterministic multiactions is possibly modified (remember that immediate multiactions may be seen as those with the timers displaying a single value [math], so we do not need to store their values). Then the timer values of waiting multiactions are taken as the enabling memory variables.
In Table 4, inaction rules, action rules (with stochastic or immediate, or waiting multiactions) and empty move rule are compared according to the three questions about their application: whether it changes the current state, whether it leads to a time progress, and whether it results in execution of some activities. Positive answers to the questions are denoted by the plus sign while negative ones are specified by the minus sign. If both positive and negative answers can be given to some of the questions in different cases then the plus-minus sign is written. Notice that the process states are considered up to structural equivalence of the corresponding expressions, and time progress is not regarded as a state change.
3.3 Transition systems
We now construct labeled probabilistic transition systems associated with dynamic expressions. The transition systems are used to define the operational semantics of dynamic expressions.
Let be a dynamic expression and . The set of all multisets of activities executable in is defined as . Here is an inference by the rules from Table 3.
It can be proved by induction on the structure of expressions that implies . The reverse statement does not hold in general, as the next example shows.
Example 3.6
Let be from Example 3.5 and . We have and . Since only rules Ci and Bi can be applied to while no action rule can be applied to , we get . Then, for and , we obtain .
The state is s-tangible (stochastically tangible) if . For an s-tangible state we always have by rule E, hence, we may have . The state is w-tangible (waitingly tangible) if . The state is tangible if it is s-tangible or w-tangible, i.e. . Again, for tangible states we may have and . Otherwise, the state is vanishing, and in this case .
Note that if and then by rules P2s, P2i, Sy2s, Sy2i and definition of , we have .
Since the inaction rules only distribute and move upper and lower bars along the syntax of dynamic expressions, all have the same underlying static expression . Process expressions always have a finite length, hence, the number of all (enumerated) activities and the number of all operations in the syntax of are finite as well. The action rules Sy2s, Sy2i and Sy2w are the only ones that generate new activities. They result from the handshake synchronization of actions and their conjugates belonging to the multiaction parts of the first and second constituent activity, respectively. Since we have a finite number of operators \ {\sf sy}\ in and all the multiaction parts of the activities are finite multisets, the number of the new synchronized activities is also finite. The action rules contribute to (in addition to the empty set, if rule E is applicable) only the sets consisting both of activities from and the new activities, produced by Sy2s, Sy2i and Sy2w. Since we have a finite number of all such activities, we get . Thus, summation and multiplication by elements from the finite set are well-defined. Similar reasoning can be used to demonstrate that for all dynamic expressions (not just for those from ), is a finite set.
Definition 3.7
The derivation set of a dynamic expression , denoted by , is the minimal set such that
- •
;
- •
if and then .
The set of all s-tangible states from is denoted by , and the set of all w-tangible states from is denoted by . The set of all tangible states from is denoted by . The set of all vanishing states from is denoted by . Obviously, , where denotes disjoint union.
Let now be a dynamic expression and .
Let . The probability that the multiset of stochastic multiactions is ready for execution in or the weight of the multiset of deterministic multiactions which is ready for execution in is
[TABLE]
In the case and we define
[TABLE]
If and then can be interpreted as a joint probability of independent events (in a probability sense, i.e. the probability of intersection of these events is equal to the product of their probabilities). Each such an event consists in the positive or the negative decision to be executed of a particular stochastic multiaction. Every executable stochastic multiaction decides probabilistically (using its probabilistic part) and independently (from others), if it wants to be executed in . If is a multiset of all executable stochastic multiactions which have decided to be executed in and then is ready for execution in . The multiplication in the definition is used because it reflects the probability of the independent event intersection. Alternatively, when can be interpreted as the probability to execute exclusively the multiset of stochastic multiactions in , i.e. the probability of intersection of two events calculated using the conditional probability formula in the form of . The event consists in the execution of in . The event consists in the non-execution in of all the executable stochastic multiactions not belonging to . Since the mentioned non-executions are obviously independent events, the probability of is a product of the probabilities of the non-executions: . The conditioning of by makes the executions of the stochastic multiactions from independent, since all of them can be executed in parallel in by definition of . Hence, the probability to execute under condition that no executable stochastic multiactions not belonging to are executed in is a product of probabilities of these stochastic multiactions: . Thus, the probability that is executed and no executable stochastic multiactions not belonging to are executed in is the probability of conditioned by multiplied by the probability of : . When can be interpreted as the probability not to execute in any executable stochastic multiactions, thus, . When only the empty multiset of activities can be executed in , i.e. , we take , since we stay in in this case. Note that for we have , hence, we can stay in at the next time moment with a certain positive probability.
If then could be interpreted as the overall (cumulative) weight of the deterministic multiactions from , i.e. the sum of all their weights. The summation here is used since the weights can be seen as the rewards which are collected [50]. This means that concurrent execution of the deterministic multiactions has more importance than that of every single one. The weights of deterministic multiactions can also be interpreted as bonus rewards of transitions [6]. The rewards are summed when deterministic multiactions are executed in parallel, because all of them participated in the execution. In particular, since execution of immediate multiactions takes no time, we prefer to collect in a step (parallel execution of activities) as many parallel immediate multiactions as possible to get more progress in behaviour. This aspect will be used later, while while evaluating performance on the basis of the EDTMCs of expressions. Concerning waiting multiactions, only the maximal multisets of them executable from a state occur in the next moment. Therefore, the steps of waiting multiactions produce maximal overall weights, which are used to calculate probabilities of alternative maximal steps rather than the cumulative bonuses. Note that this reasoning is the same as that used to define the weight of synchronized immediate (waiting, respectively) multiactions in the rules Sy2i and Sy2w.
Note that the definition of (as well as the definitions of other probability functions which we shall present) is based on the enumeration of activities which is considered implicit.
Let . Besides , some other multisets of activities may be ready for execution in , hence, a kind of conditioning or normalization is needed to calculate the execution probability. The probability to execute the multiset of activities in is
[TABLE]
If then can be interpreted as the conditional probability to execute in calculated using the conditional probability formula in the form of . The event consists in the exclusive execution of in , hence, . The event consists in the exclusive execution of any set (including the empty one) in . Thus, , where are mutually exclusive events (in a probability sense, i.e. intersection of these events is the empty event) and . We have , because summation reflects the probability of the mutually exclusive event union. Since , we have . can also be seen as the potential probability to execute in , since we have only when all sets (including the empty one) consisting of the executable stochastic multiactions can be executed in . In this case, all the mentioned stochastic multiactions can be executed in parallel in and we have , since this sum collects the products of all combinations of the probability parts of the stochastic multiactions and the negations of these parts. But in general, for example, for two stochastic multiactions and executable in , it may happen that they cannot be executed in together, in parallel, i.e. , but . Note that for we have , hence, there is a non-zero probability to stay in the state at the next time moment, and the residence time in is at least discrete time unit.
If then can be interpreted as the weight of the set of deterministic multiactions which is ready for execution in normalized by the weights of all the sets executable in . This approach is analogous to that used in the EMPA definition of the probabilities of immediate actions executable from the same process state [7] (inspired by way in which the probabilities of conflicting immediate transitions in GSPNs are calculated [3]). The only difference is that we have a step semantics and, for every set of deterministic multiactions executed in parallel, we should use its cumulative weight. To get the analogy with EMPA possessing interleaving semantics, we should interpret the weights of immediate actions of EMPA as the cumulative weights of the sets of deterministic multiactions of dtsdPBC.
The advantage of our two-stage approach to definition of the probability to execute a set of activities is that the resulting probability formula is valid both for (sets of) stochastic and deterministic multiactions. It allows one to unify the notation used later while constructing the operational semantics and analyzing performance.
Note that the sum of outgoing probabilities for the expressions belonging to the derivations of is equal to . More formally, . This, obviously, follows from the definition of , and guarantees that it defines a probability distribution.
The probability to move from to by executing any multiset of activities is
[TABLE]
The summation in the definition above reflects the probability of the mutually exclusive event union, since , where for each is the probability of the exclusive execution of in . Note that .
Example 3.7
Let , where . consists of the equivalence classes and . We have . The execution probabilities are calculated as follows. Since , we get and . Then . Thus, and . Further, , hence, and . Finally, .
Let , where . consists of the equivalence classes and . We have and . The execution probabilities are calculated as follows. Since , we get and . Then . Thus, and . Further, , hence, and . Finally, .
Definition 3.8
Let be a dynamic expression. The (labeled probabilistic) transition system of is a quadruple , where
- •
the set of states is ;
- •
the set of labels is ;
- •
the set of transitions is ;
- •
the initial state is .
Example 3.8
Let be from Example 3.1. The next inferences by rule E are possible from the elements of :
[TABLE]
The first and second inferences suggest the empty move transition . The intuition is that the timer of the enabled waiting multiaction is decremented by one time unit in the both cases, whenever it is overlined or not. Later we shall see that in the both cases, the respective waiting transition of the LDTSDPN corresponding to will be enabled at a “common” marking (that also enables a stochastic transition, matched up to ), so its timer should be decreased by one with a time tick while staying at the same marking, and such a time move will lead to a different state of the LDTSDPN.
The definition of is correct, i.e. for every state, the sum of the probabilities of all the transitions starting from it is . This is guaranteed by the note after the definition of . Thus, we have defined a generative model of probabilistic processes, according to the classification from [20]. The reason is that the sum of the probabilities of the transitions with all possible labels should be equal to , not only of those with the same labels (up to enumeration of activities they include) as in the reactive models, and we do not have a nested probabilistic choice as in the stratified models.
The transition system associated with a dynamic expression describes all the steps (parallel executions) that occur at discrete time moments with some (one-step) probability and consist of multisets of activities. Every step consisting of stochastic (waiting, respectively) multiactions or the empty step (i.e. that consisting of the empty multiset of activities) occurs instantly after one discrete time unit delay. Each step consisting of immediate multiactions occurs instantly without any delay. The step can change the current state to a different one. The states are the structural equivalence classes of dynamic expressions obtained by application of action rules starting from the expressions belonging to . A transition will be written as . It is interpreted as follows: the probability to change the state to as a result of executing is .
Note that from every s-tangible state the empty multiset of activities can always be executed by rule E. Hence, for s-tangible states, may be the empty multiset, and its execution only decrements by one the timer values (if any) of the current state (i.e. the equivalence class). Then we may have a transition from an s-tangible state to the tangible (i.e. s-tangible or w-tangible) state . Thus, is the union of the structural equivalence classes of all saturated operative dynamic expressions from , whose timer values have been decremented by one, prior to combining them into the equivalence classes. This corresponds to applying the empty move rule to all saturated operative dynamic expressions from , followed by unifying the structural equivalence classes of all the resulting expressions. We have to keep track of such executions, called the empty moves, because they affect the timers and have non-zero probabilities. The latter follows from the definition of and the fact that the probabilities of stochastic multiactions cannot be equal to as they belong to the interval . When it holds , we obtain by definition of . Then the empty move from is in the form of , called the empty loop. For w-tangible and vanishing states cannot be the empty multiset, since we must execute some immediate (waiting, respectively) multiactions from them at the current (next, respectively) time moment.
The step probabilities belong to the interval , being in the case when we cannot leave an s-tangible state and the only transition leaving it is the empty move one , or if there is just a single transition from a w-tangible or a vanishing state to any other one.
We write if and if .
The first equivalence we are going to introduce is isomorphism which is a coincidence of systems up to renaming of their components or states.
Definition 3.9
Let be dynamic expressions and be their transition systems. A mapping is an isomorphism between and , denoted by , if
* is a bijection such that ;* 2. 2.
.
Two transition systems and are isomorphic, denoted by , if .
Transition systems of static expressions can be defined as well. For , let .
Definition 3.10
Two dynamic expressions and are equivalent with respect to transition systems, denoted by , if .
Let us now present a series of examples that demonstrate how to construct the transition systems of the dynamic expressions that include various compositions of stochastic, waiting and immediate multiactions.
Example 3.9
This example demonstrates a choice between two waiting multiactions with different delays. It shows that the waiting multiaction with a less delay is always executed first, hence, the choice is resolved in favour of it in any case and an absorbing state is then reached, so that the waiting multiaction with a greater delay is never executed.
Let . consists of the equivalence classes
[TABLE]
We have and .
In Figure 2, the transition system is shown. The s-tangible and w-tangible states are depicted in ordinary and double ovals, respectively. For simplicity of the graphical representation, the singleton multisets of activities are written without outer braces.
Example 3.10
This example demonstrates a choice between waiting and stochastic multiactions. It shows that the stochastic multiaction can be executed until the timer value of the waiting multiaction becomes , after which only the waiting multiaction can be executed in the next moment, leading to an absorbing state. Thus, in our setting, a waiting multiaction that cannot be executed in the next time moment and whose timer is still running may be interrupted (preempted) by executing a stochastic multiaction.
Let . consists of the equivalence classes
[TABLE]
We have and .
In Figure 3, the transition system is shown. The s-tangible and w-tangible states are depicted in ordinary and double ovals, respectively.
Example 3.11
This example demonstrates an iteration loop with a waiting multiaction. The iteration initiation is modeled by a (initiating) stochastic multiaction . The iteration body that corresponds to the loop consists of a (looping) waiting multiaction . The iteration termination is represented by a (terminating) stochastic multiaction . The terminating stochastic multiaction can be executed until the timer value of the waiting multiaction becomes , after which only the waiting multiaction can be executed in the next moment. Thus, the iteration termination can either complete the repeated execution of the iteration body or break its execution when the waiting multiaction timer shows some intermediate value (that is less than the initial value, being the multiaction delay, but greater than ). The execution of the waiting multiaction leads to the repeated start of the iteration body. The execution of the terminating stochastic multiaction brings to the final absorbing state of the iteration construction.
Let . consists of the equivalence classes
[TABLE]
We have and .
In Figure 4, the transition system is shown. The s-tangible and w-tangible states are depicted in ordinary and double ovals, respectively.
Example 3.12
This example demonstrates a parallel composition of an immediate and two waiting multiactions with different delays. It shows that the immediate multiaction is always executed before any parallel with it waiting multiaction. Further, from the two parallel waiting multiactions, that with a less delay executed first in any case. Finally, the execution of the waiting multiaction with a greater delay leads to an absorbing state. Thus, in spite of parallelism of those three deterministic multiactions, they are executed sequentially in fact, in the increasing order of their (different) delays. That sequence also includes the empty set, executed after the immediate multiaction, since the waiting multiaction with a less delay will then need a passage of one time unit (one time tick) for its timer value (RTE) become and it can be executed itself. Though the example is not complex, it shows a transition system with all types of states: s-tangible, w-tangible and vanishing.
Let . consists of the equivalence classes
[TABLE]
We have and .
In Figure 5, the transition system is shown. The s-tangible and w-tangible states are depicted in ordinary and double ovals, respectively, and the vanishing ones are depicted in boxes.
Example 3.13
This example demonstrates a parallel composition of waiting and stochastic multiactions. It shows that the stochastic multiaction can be executed until the timer value of the waiting multiaction becomes , after which only the waiting multiaction can be executed in the next moment. The execution of the latter leads to an absorbing state either directly or indirectly, via executing a possible empty loop, followed (via sequential composition) by the stochastic multiaction that has not been executed in the preceding states.
Let . consists of the equivalence classes
[TABLE]
We have and .
In Figure 6, the transition system is shown. The s-tangible and w-tangible states are depicted in ordinary and double ovals, respectively.
Example 3.14
This example demonstrates a parallel composition of two waiting multiactions and , whose multiaction parts are singleton multisets with an action and its conjugate , respectively. The resulting composition is synchronized and then restricted by that action, which (and its conjugate) therefore “disappears” from the composite process behaviour. From the initial state, only the empty multiset of activities is executed that decrements by one the values of the timers. That evolution follows by the execution of a new waiting multiaction with the empty multiaction part, resulted from synchronization of the two waiting multiactions, which leads to an absorbing state.
*Note that the timer values of the two waiting multiactions and that of the new waiting multiaction (being their synchronous product) coincide until all of them remain enabled with the time progress. Thus, it is very useful that the expression syntax preserves such two enabled synchronized waiting multiactions, removed by restriction from the behaviour, since their timer values suggest that of their synchronous product, which is not explicit in the syntax. Thus, the timer values of those two “virtual” enabled waiting multiactions cannot just be marked as undefined in the syntax, provided that one keeps track of the timer value of their synchronous product being only implicit in the syntax. *
If both synchronized waiting multiactions lose their enabledness with the time progress then their synchronous product also loses its enabledness and all of them obviously loose their timer value annotations. It may happen that one of the synchronized waiting multiactions loses its enabledness (for example, when a conflicting waiting multiaction is executed) while the other one keeps its enabledness. Then their synchronous product also loses its enabledness, together with its timer value annotation. In such a case, the timer value of the enabled synchronized waiting multiaction does not suggest anymore that of the synchronous product. That “saved” timer value merely decrements with every time tick unless it becomes equal to , after which either the enabled synchronized waiting multiaction is executed or it cannot be executed by some reason (for example, when affected by restriction) and then the timer value remains unchanged with the time progress. To verify this, recall the empty move rule E from Table 3 and the definition of with when .
Let . consists of the equivalence classes
[TABLE]
We have and .
In Figure 7, the transition system is shown. The s-tangible and w-tangible states are depicted in ordinary and double ovals, respectively.
Example 3.15
This example demonstrates a parallel composition of two subprocesses, synchronized and then restricted by an auxiliary action that (and its conjugate) hereupon “disappears” from the composite process behaviour. The first subprocess is a sequential composition of the waiting and immediate multiactions. The second subprocess is a choice between the immediate and waiting multiactions. The immediate multiactions in the first and second subprocesses are synchronized via an auxiliary action that (and its conjugate) is then removed from the behaviour by the restriction operation. Since those immediate multiactions are within coverage of restriction by the auxiliary action, they cannot be executed. The new immediate multiaction , resulted from that synchronization can only be executed if the waiting multiaction (preceding it via sequential composition) in the first subprocess has occurred and the waiting multiaction (conflicting with it via the choice composition) in the second subprocess has not occurred. Since only maximal multisets of parallel waiting multiactions may be executed, the waiting multiactions in both the subprocesses must occur, thus preventing execution of the new immediate multiaction, generated by synchronization.
Let . consists of the equivalence classes
[TABLE]
We have and .
In Figure 8, the transition system is shown. The s-tangible and w-tangible states are depicted in ordinary and double ovals, respectively.
Example 3.16
This example is a modification of the previous Example 3.15 by replacing all the immediate multiactions with the waiting ones and by setting to the delays of all the waiting multiactions from the syntax. Thus, we examine a compound process, constructed with parallelism, synchronization and restriction operations from the following two subprocesses. The first subprocess is a sequential composition of two waiting multiactions and . The second subprocess is a choice between other two waiting multiactions and . The second waiting multiaction in the first subprocess and the first waiting multiaction in the second subprocess are synchronized via an auxiliary action that (and its conjugate) is then removed from the behaviour by the restriction operation. The new waiting multiaction , resulted from that synchronization has the same delay as the two synchronized waiting multiactions. It can only be executed if the first waiting multiaction (preceding it via sequential composition) in the first subprocess has occurred and the second waiting multiaction (conflicting with it via the choice composition) in the second subprocess has not occurred. Since only maximal multisets of parallel waiting multiactions may be executed, the mentioned (“first in first” and “second in second”) waiting multiactions in both the subprocesses must occur, thus preventing execution of the new waiting multiaction, generated by synchronization.
Note that the overlined second waiting multiaction in the first subprocess is within coverage of restriction by the auxiliary action. Consider the state, reached from the initial state by execution of the empty multiset of activities, followed by the parallel execution of the mentioned (‘first in first” and “second in second”) waiting multiactions. After the empty multiset execution from the considered state, the associated timer value of that overlined waiting multiaction is decremented to . Then an absorbing state is reached, from which only the empty loop is possible, which leaves that timer value unchanged though. To verify this, recall the empty move rule E from Table 3 and the definition of with when .
Let . consists of the equivalence classes
[TABLE]
We have and .
In Figure 9, the transition system is shown. The s-tangible and w-tangible states are depicted in ordinary and double ovals, respectively.
Example 3.17
This example is a modification of the previous Example 3.16 by removing restriction from the syntax. Thus, we examine a compound process, constructed with parallelism and synchronization operations from the two subprocesses being a sequential composition of two waiting multiactions and and a choice between other two waiting multiactions and , respectively. All the four waiting multiactions have the same delay . The second waiting multiaction in the first subprocess and the first waiting multiaction in the second subprocess are synchronized via an auxiliary action . The new waiting multiaction , resulted from that synchronization has the same delay as the two synchronized waiting multiactions. It can only be executed if the first waiting multiaction (preceding it via sequential composition) in the first subprocess has occurred and the second waiting multiaction (conflicting with it via the choice composition) in the second subprocess has not occurred. Since only maximal multisets of parallel waiting multiactions may be executed, the mentioned (“first in first” and “second in second”) waiting multiactions in the subprocesses must occur, thus preventing execution of the new waiting multiaction, generated by synchronization. The alternative maximal multiset of parallel waiting multiactions that may be executed from the same state consists of the “first in first” and “first in second” waiting multiactions in the subprocesses, but the ‘first in second” waiting multiaction is the second of the two synchronized waiting multiactions, whose occurrence also prevents execution of their synchronization product.
Let . consists of the equivalence classes
[TABLE]
We have and .
In Figure 10, the transition system is shown. The s-tangible and w-tangible states are depicted in ordinary and double ovals, respectively.
Example 3.18
Consider the expression specifying the special process that is only able to perform empty loops with probability and never terminates. We could actually use any arbitrary action from and any probability belonging to the interval in the definition of . Note that is analogous to the one used in the examples within sPBC. The latter is a continuous time stochastic analogue of the stop process proposed in [9]. Stop is a discrete time stochastic analogue of the stop.
This example demonstrates an infinite iteration loop. The loop is preceded with the iteration initiation, modeled by a (first) stochastic multiaction . The iteration body that corresponds to the loop consists of the choice between two conflicting waiting multiactions and with the same delay , the second of them followed (via sequential composition) by a (second) stochastic multiaction . Hence, the iteration loop actually consists of the two alternative subloops, such that the first one is a self-loop (one-state loop from a state to itself) with the first waiting multiaction, and the second one is a two-state loop with an intermediate state, reached after the second waiting multiaction has been executed, and from which the second stochastic multiaction is then started. Thus, the iteration generates the self-loop with probability less than one (since the two-state loop from the same state has a non-zero probability) from the states in which only waiting multiactions are executed. The iteration termination demonstrates an empty behaviour, assuring that the iteration does not reach its final state after any number of repeated executions of its body.
Let . consists of the equivalence classes
[TABLE]
We have and .
In Figure 11, the transition system is presented. The s-tangible states are depicted in ovals and the vanishing ones are depicted in boxes.
Example 3.19
This example demonstrates an infinite iteration loop. The loop is preceded with the iteration initiation, modeled by a stochastic multiaction . The iteration body that corresponds to the loop consists of a waiting multiaction , followed (via sequential composition) by the probabilistic choice, modeled via two conflicting immediate multiactions and , followed by different stochastic multiactions and . The iteration termination demonstrates an empty behaviour, assuring that the iteration does not reach its final state after any number of repeated executions of its body.
Let , where and . consists of the equivalence classes
[TABLE]
We have and .
In Figure 12, the transition system is presented. The s-tangible and w-tangible states are depicted in ordinary and double ovals, respectively, and the vanishing ones are depicted in boxes.
4 Denotational semantics
In this section, we construct the denotational semantics in terms of a subclass of labeled discrete time stochastic and deterministic PNs (LDTSDPNs), called discrete time stochastic and immediate Petri boxes (dtsd-boxes).
4.1 Labeled DTSDPNs
Let us introduce a class of labeled discrete time stochastic and deterministic PNs (LDTSDPNs), which are essentially a subclass of DTSPNs [44, 45] (since we do not allow the stochastic transition probabilities to be equal to ) extended with transition labeling and deterministic transitions. LDTSDPNs resemble in part discrete time deterministic and stochastic PNs (DTDSPNs) [61, 62, 64, 65], as well as discrete deterministic and stochastic PNs (DDSPNs) [63]. DTDSPNs and DDSPNs are the extensions of DTSPNs with deterministic transitions (having fixed delay that can be zero), inhibitor arcs, priorities and guards. In addition, while stochastic transitions of DTDSPNs, like those of DTSPNs, have geometrically distributed delays, stochastic transitions of DDSPNs have discrete time phase-type distributed delays. At the same time, LDTSDPNs are not subsumed by DTDSPNs or DDSPNs, by the following reasons. First, in DTDSPNs from [61, 62], both stochastic and deterministic (including immediate) transitions have probabilities and weights associated, but in LDTSDPNs only stochastic transitions have probabilities and only immediate ones have weights, hence, the state change probabilities of the underlying Markov chains for those PN classes are calculated in two different ways. Second, LDTSDPNs have a step semantics while DTDSPNs from [64, 65] and DDSPNs have interleaving one, since in in the first PN class simultaneous transition firings are possible while in the second and third PN classes only firings of single transitions are allowed. LDTSDPNs are somewhat similar to labeled weighted DTSPNs (LWDTSPNs) from [15], but in LWDTSPNs there are no deterministic transitions, all (stochastic) transitions have weights, the transition probabilities may be equal to and only maximal fireable subsets of the enabled transitions are fired.
Stochastic preemptive time PNs (spTPNs) [14] is a discrete time model with a maximal step semantics, where both time ticks and instantaneous parallel firings of maximal transition sets are possible, but the transition steps in LDTSDPNs are not obliged to be maximal (excepting the steps of waiting transitions). The transition delays in spTPNs are governed by static general discrete distributions, associated with the transitions, while the transitions of LDTSDPNs are only associated with probabilities, used later to calculate the step probabilities after one unit (from tangible markings) or zero (from vanishing markings) delay. Further, LDTSDPNs have just geometrically distributed or deterministic zero delays at the markings. Moreover, the discrete time tick and concurrent transition firing are treated in spTPNs as different events while firing every (possibly empty) set of stochastic or waiting transitions in LDTSDPNs requires one unit time delay. spTPNs are essentially a modification and extension of unlabeled LWDTSPNs with additional facilities, such as inhibitor arcs, priorities, resources, preemptions, schedulers etc. However, the price of such an expressiveness of spTPNs is that the model is rather intricate and difficult to analyze.
Note also that guards in DTDSPNs and DDSPNs, inhibitor arcs and priorities in DTDSPNs, DDSPNs and spTPNs, as well as the maximal step semantics of LWDTSPNs and spTPNs make all these models Turing powerful, resulting in undecidability of many important behavioural properties.
First, we present a formal definition (construction, syntax) of LDTSDPNs. The set of all row vectors of elements from a set is defined as .
Definition 4.1
*A labeled discrete time stochastic and deterministic PN (LDTSDPN) is a tuple
, where*
- •
* and are finite sets of places and stochastic and deterministic transitions, respectively, such that and ;*
- •
* is a function providing the weights of arcs between places and transitions;*
- •
* is the transition delay function imposing delays to deterministic transitions;*
An immediate transition is a deterministic transition with the delay [math] while a waiting transition is that with a positive delay. Then consists of the sets of immediate and waiting transitions.
- •
* is the transition probability and weight function such that*
- –
* (it associates stochastic transitions with probabilities);*
- –
* (it associates deterministic transitions with weights);*
- •
* is the transition labeling function assigning multiactions to transitions;*
- •
* is the initial state, where is the initial marking (distribution of tokens in the places) and is the initial timer valuation function of the waiting transitions (in the vector notation, ), where ‘’ denotes the undefined value of inactive timers; we define (each enabled waiting transition is initially valuated with its transition delay) and (each non-enabled waiting transition is initially valuated with the undefined value), where denotes the set of transitions enabled at the marking , to be defined later.*
The graphical representation of LDTSDPNs is like that for standard labeled PNs, but with probabilities or delays and weights written near the corresponding transitions. Square boxes of normal thickness depict stochastic transitions, and those with thick borders represent deterministic transitions. In the case the probabilities or the delays and weights are not given in the picture, they are considered to be of no importance in the corresponding examples. The weights of arcs are depicted with them. The names of places and transitions are depicted near them when needed.
We now consider the semantics of LDTSDPNs.
Let be an LDTSDPN and . The precondition and the postcondition of are the multisets of places defined as and . The precondition and the postcondition of are the multisets of places defined as and . Note that for we have .
Let be an LDTSDPN and be its states.
Deterministic transitions have a priority over stochastic ones, and there is also difference in priorities between immediate and waiting transitions. One can assume that all immediate transitions have (the highest) priority and all waiting transitions have (the intermediate) priority , whereas all stochastic transitions have (the lowest) priority [math]. This means that at a marking where all kinds of transitions can occur, immediate transitions always occur before waiting ones that, in turn, are always executed before stochastic ones.
A transition is enabled at a marking , if . In other words, a transition is enabled at a marking if it has enough tokens in its input places (i.e. in the places from its precondition) at the marking. Let be the set of all transitions enabled at .
Firings of transitions are atomic operations, and transitions can fire in parallel by taking part in steps. We assume that all transitions participating in a step should differ, hence, only the sets (not multisets) of transitions may fire. Thus, we do not allow self-concurrency, i.e. firing of transitions in parallel to themselves. This restriction is introduced to avoid some technical difficulties while calculating probabilities for multisets of transitions as we shall see after the following formal definitions. Moreover, we do not need to consider self-concurrency, since denotational semantics of expressions will be defined via dtsd-boxes which are safe LDTSDPNs (hence, no self-concurrency is possible).
The following definition of fireability respects the prioritization among different types of transitions. A set of transitions is fireable in a state , if (i.e. it has enough tokens in its input places at the substituent marking ), and one of the following holds:
; or 2. 2.
and
- •
,
- •
,
- •
; or 3. 3.
and
- •
.
In other words, a set of transitions is fireable in a state, if has enough tokens in its input places at the substituent marking of the state and the following holds. If consists of immediate transitions then it is enabled, since no additional condition is needed for its fireability. If consists of waiting transitions then the countdown timer value (called remaining time to fire or RTF) of each transition from equals one, is a maximal (by the inclusion relation) set of the enabled at waiting transitions with the RTF equal to one and enough tokens in its input places at , and there exist no immediate transitions enabled at . If is empty or it consists of stochastic transitions then there exist no immediate or waiting transition enabled at . Note that the second condition of item of the above definition means that no waiting transition (from ) with the RTF being one can be added to so that the resulting transition set will still have enough tokens in its input places at . This condition is equivalent to the following maximality requirement (informally mentioned above): . Let be the set of all transition sets fireable in .
By the fireability definition, it follows that or , or (to be convinced of it, check the definition’s items in the reverse order). The state is s-tangible (stochastically tangible), denoted by , if , in particular, if . The state is w-tangible (waitingly tangible), denoted by , if . The state is tangible, denoted by , if or , i.e. , in particular, if . Otherwise, the state is vanishing, denoted by , and in this case . A transition is fireable in a state , denoted by , if . If then a stochastic transition fires with probability when no different stochastic transition in conflict with it is fireable. By definition if fireability, if or then .
Let and . The probability that the set of stochastic transitions is ready for firing in or the weight of the set of deterministic transitions which is ready for firing in is
[TABLE]
In the case and we define
[TABLE]
Let and or and . Besides , some other sets of transitions may be ready for firing in , hence, a kind of conditioning or normalization is needed to calculate the firing probability. The parallel firing of the transitions from changes the state to another state , denoted by , where
; 2. 2.
\forall u\in Tw_{N}\ \widetilde{V}(u)=\left\{\begin{array}[]{ll}*,&u\not\in Ena(\widetilde{M});\\ V_{N}(u),&u\in Ena(\widetilde{M})\setminus Ena(M-{{}^{\bullet}}U);\\ V(u),&(u\in Ena(M-{{}^{\bullet}}U))\wedge(U\subseteq Ti_{N});\\ V(u)-1,&\mbox{otherwise};\end{array}\right. 3. 3.
is the probability that the set of transitions fires in defined as
[TABLE]
Let us explain the definition above in more detail. The first case of the item demonstrates a waiting transition that is not enabled at the marking , regardless of whether it was enabled at the “intermediate” marking (obtained by removing from the input places of all transitions belonging to , and that should be examined, especially when has structural loops), and therefore the transition timer becomes inactive (turned off) and it is set to the undefined value . The second case of the item describes a waiting transition that was not enabled at and has first been enabled at , hence, its timer is restored to the initial value , which is the delay of that transition. The third case of the item explains a waiting transition that was enabled at and, hence, still is enabled at , resulted in an firing of a set of immediate transitions instantly (in zero time), so the transition timer does not decrement and its value stays equal to . The fourth case of the item corresponds to the remaining option, i.e. a waiting transition that was enabled at and, hence, still is enabled at , resulted in an firing of a set of stochastic (waiting) transitions at a time tick (in one time unit), so the transition timer decrements by one and its value becomes .
We do not have to worry that for , such that , where , the value of could become zero or negative, by the following reasons. Note that by the definition of fireability, we have . If then must fire in the next time moment within some maximal (by the inclusion relation) set of the enabled at waiting transitions with the RTF equal to one and enough tokens in the set’s input places at . Then we get , hence, . Therefore, and , which contradicts to . Thus, there exists no transition , such that and . In regard to the transitions with , we have , if , or , if .
Note that when and , we get and \forall u\in Tw_{N}\ \widetilde{V}(u)=\left\{\begin{array}[]{ll}*,&u\not\in Ena(M);\\ V(u)-1,&u\in Ena(M).\end{array}\right.
Notice that the timers of all waiting transitions that are disabled when a marking change occurs become inactive (turned off) and their values become undefined while the timers of all those staying enabled continue running with their stored values. Hence, we adopt the enabling memory policy [41, 1, 2, 3] when the markings are changed and the enabling of deterministic transitions is possibly modified (remember that immediate transitions may be seen as those with the timers displaying a single value [math], so we do not need to store their values). Then the timer values of waiting transitions are taken as the enabling memory variables.
The advantage of our two-stage approach to definition of the probability that a set of transitions fires is that the resulting probability formula is valid both for (sets of) stochastic and deterministic transitions. It allows one to unify the notation used later while constructing the denotational semantics and analyzing performance.
Note that for all states of an LDTSDPN , the sum of outgoing probabilities is equal to . More formally, . This obviously follows from the definition of and guarantees that it defines a probability distribution.
We write if and if .
The probability to move from to by firing any set of transitions is
[TABLE]
Since is the probability for any (including the empty one) transition set to change marking to , we use summation in the definition. Note that .
Definition 4.2
Let be an LDTSDPN. The reachability set of , denoted by , is the minimal set of markings such that
- •
;
- •
if and then .
Definition 4.3
Let be an LDTSDPN. The reachability graph of is a (labeled probabilistic) transition system , where
- •
the set of states is ;
- •
the set of labels is ;
- •
the set of transitions is ;
- •
the initial state is .
The set of all s-tangible markings from is denoted by , and the set of all w-tangible markings from is denoted by . The set of all tangible markings from is denoted by . The set of all vanishing markings from is denoted by . Obviously, .
4.2 Algebra of dtsd-boxes
We now introduce discrete time stochastic and deterministic Petri boxes and the algebraic operations to define a net representation of dtsdPBC expressions.
Definition 4.4
*A discrete time stochastic and deterministic Petri box (dtsd-box) is a tuple
, where*
- •
* and are finite sets of places and transitions, respectively, such that and ;*
- •
* is a function providing the weights of arcs between places and transitions;*
- •
* is the place and transition labeling function such that*
- –
* (it specifies entry, internal and exit places, respectively);*
- –
* (it associates transitions with the relabeling relations on activities).*
Moreover, . In addition, for the set of entry places of , defined as , and for the set of exit places of , defined as , the following conditions hold: and .
A dtsd-box is plain if , where is a constant relabeling that can be identified with the activity . A (marked and timer-)clocked plain dtsd-box is a pair , where is a plain dtsd-box and is its state. Here is the marking of and is the timer valuation function of the waiting transitions of . The set of waiting transitions of is defined as . A plain dtsd-box can be seen as a clocked plain dtsd-box with , where for every waiting transition it holds , i.e. .
We denote , where and is such that for , whereas . We also denote , where . We call and the entry and exit markings of , respectively.
Note that a clocked plain dtsd-box can be interpreted as the LDTSDPN
, where the functions and are defined as follows: if ; or if ; and , where (we say that the transition corresponds to the activity in such a case). Behaviour of the clocked dtsd-boxes follows from the firing rule of LDTSDPNs. A plain dtsd-box is -bounded () if is so, i.e. , and it is safe if it is -bounded. A plain dtsd-box is clean if and , i.e. if there are tokens in all its entry (exit) places then no other places have tokens.
The structure of the plain dtsd-box corresponding to a static expression is constructed like in PBC [10, 9], i.e. we use simultaneous refinement and relabeling meta-operator (net refinement) in addition to the operator dtsd-boxes corresponding to the algebraic operations of dtsdPBC and featuring transformational transition relabelings. Operator dtsd-boxes specify -ary functions from plain dtsd-boxes to plain dtsd-boxes (we have in dtsdPBC). Thus, as we shall see in Theorem 4.1, the resulting plain dtsd-boxes are safe and clean. In the definition of the denotational semantics, we shall apply standard constructions used for PBC. Let denote operator box and denote transition name from the PBC setting.
The relabeling relations are defined as follows:
- •
is the identity relabeling keeping the interface as it is;
- •
is the constant relabeling that can be identified with itself;
- •
;
- •
;
- •
is the least relabeling relation containing such that if and
then
- –
if ;
- –
if .
The plain dtsd-boxes , where , and operator dtsd-boxes are presented in Figure 13. Note that the label i of internal places is usually omitted.
In the case of the iteration, a decision that we must take is the selection of the operator box that we shall use for it, since we have two proposals in plain PBC for that purpose [9]. One of them provides us with a safe version with six transitions in the operator box, but there is also a simpler version, which has only three transitions. In general, in PBC, with the latter version we may generate -bounded nets, which only occurs when a parallel behavior appears at the highest level of the body of the iteration. Nevertheless, in our case, and due to the syntactical restriction introduced for regular terms, this particular situation cannot occur, so that the net obtained will be always safe.
To define a semantic function that assigns a plain dtsd-box to every static expression of dtsdPBC, we introduce the enumeration function , which associates the numberings with transitions of a plain dtsd-box in accordance with those of activities. In the case of synchronization, the function associates with the resulting new transition a concatenation of the parenthesized numberings of the transitions it comes from.
We now define the enumeration function for every operator of dtsdPBC. Let be the plain dtsd-box corresponding to a static expression , and be the enumeration function for . We shall use the analogous notation for static expressions and .
- •
. Since a single transition corresponds to the activity , their numberings coincide:
[TABLE]
- •
. Since we do not introduce new transitions, we preserve the initial numbering:
[TABLE]
- •
. Since we only replace the labels of some multiactions by a bijection, we preserve the initial numbering:
[TABLE]
- •
. Since we remove all transitions labeled with multiactions containing or , this does not change the numbering of the remaining transitions:
[TABLE]
- •
. Note that such that and , the new transition resulting from synchronization of and has the label if is a stochastic transition (); or if is a deterministic one (); and the numbering .
Thus, the enumeration function is defined as
[TABLE]
According to the definition of , the synchronization is only possible when all the transitions in the set are stochastic (immediate or waiting, respectively). If we synchronize the same set of transitions in different orders, we obtain several resulting transitions with the same label and probability or weight, but with the different numberings having the same content. Then, we only consider a single transition from the resulting ones in the plain dtsd-box to avoid introducing redundant transitions.
For example, if the transitions and are generated by synchronizing and in different orders, we have for stochastic transitions () or for deterministic ones (), but , whereas . Then only one transition (or , symmetrically) will appear in .
- •
. Since we do not introduce new transitions, we preserve the initial numbering:
[TABLE]
We now can formally define the denotational semantics as a homomorphism.
Definition 4.5
Let and . The denotational semantics of dtsdPBC is a mapping from into the domain of plain dtsd-boxes defined as follows:
; 2. 2.
; 3. 3.
; 4. 4.
; 5. 5.
.
The dtsd-boxes of dynamic expressions can be defined as well. For , let and . Note that this definition is compositional in the sense that, for any arbitrary dynamic expression, we may decompose it in some inner dynamic and static expressions, for which we may apply the definition, thus obtaining the corresponding plain dtsd-boxes, which can be joined according to the term structure (by definition of ), the resulting plain box being marked in the places that were marked in the argument nets. Importantly, when composing dtsd-boxes of arbitrary dynamic expressions, we should guarantee that the operations correctly propagate the timer values from the clocked to non-clocked operands. For that, we have to respect the time spent in the entry markings.
Let and . For , the clocked plain dtsd-box of is , and analogously for . Next, for , the clocked plain dtsd-box of is (defined by induction on the structure of , as it will be descried below), and similarly for .
Let be a clocked plain dtsd-box, where consists of stochastic, immediate and waiting transitions. The marking age of the state is defined as . The minimal delay of the waiting transitions from the set that are enabled at the marking is defined as . We now inductively define the dtsd-boxes of arbitrary dynamic expressions.
- •
and .
- •
, where , and with :
[TABLE]
Thus, each waiting transition of enabled at the entry marking of it has set its timer to the transition delay (the initial valuation).
- •
, where , and with :
[TABLE]
- •
, where , and with :
[TABLE]
Thus, if is the minimum of the time spent at the the marking of the state and the delays of the waiting transitions from , enabled at that marking, then each waiting transition, enabled at , has set its timer to , where is the delay of that transition. It is guaranteed that the new timer value is not less than , since in case when and we have . In that case, the subnet should “wait” for the subnet by modifying appropriately (via increasing by the difference between the residence time at and minimal delay of transitions from minus ) the timer values of its waiting transitions, enabled at .
Note that does not hold for any dynamic expression, obtained by applying action rules, starting from an overlined static expression without timer value superscripts. The reason is that all the action rules maintain the time progress uniformity, hence, in that case. Further, the inequality may only happen when the , corresponding to , is later affected by restriction, so that the timer of that waiting multiaction stops with the value while the waiting multiaction can never be executed. Thus, if we start from an overlined static expression without time stamps and the waiting multiaction corresponding to is not subsequently affected by restriction then for and for .
The definition of is similar.
- •
, where , and with
:
[TABLE]
Thus, if is the minimum of the times spent at the markings of the states and then each waiting transition, enabled at the marking , has set its timer to , where is the delay of that transition. The idea is to ensure that the time progresses uniformly, for which the timer decrements of all waiting transitions, enabled at , should be synchronized (equalized). Hence, the subnet with the more time spent in its local marking should “wait” for the other subnet by modifying appropriately (via increasing by the difference between residence times at and ) the timer values of its waiting transitions, enabled at .
Note that cannot hold for any dynamic expression, obtained by applying action rules, starting from an overlined static expression without timer value superscripts. The reason is that all the action rules maintain the time progress uniformity, hence, in that case. Further, the inequality may only happen when the , corresponding to , is later affected by restriction, so that the timer of that waiting multiaction stops with the value while the waiting multiaction can never be executed. The same holds for . Thus, if we start from an overlined static expression without time stamps and the waiting multiaction corresponding to is not subsequently affected by restriction then for and for .
The definition of is similar.
- •
, where , and with :
[TABLE]
- •
, where , and with :
[TABLE]
- •
, where , and with :
[TABLE]
Thus, the timer of the synchronous product of the two waiting transitions and of is set to their timer values. Those values coincide, since only waiting transitions with the same delays are synchronized and the time progresses uniformly in every whole dynamic expression.
- •
, where , and with
:
[TABLE]
Thus, each waiting transition of , enabled at the entry marking of it, has set its timer to the transition delay (the initial valuation).
- •
, where , and with
:
[TABLE]
Thus, if is the minimum of the time spent at the the marking of the state and the delays of the waiting transitions from , enabled at that marking, then each waiting transition, enabled at , has set its timer to , where is the delay of that transition. It is guaranteed that the new timer value is not less than , since in case when and we have . In that case, the subnet should “wait” for the subnet by modifying appropriately (via increasing by the difference between the residence time at and minimal delay of transitions from minus ) the timer values of its waiting transitions, enabled at .
The definition of is similar.
Theorem 4.1
For any static expression is safe and clean.
Proof. The structure of the net is obtained as in PBC [10, 9], combining both refinement and relabeling. Consequently, the dtsd-boxes thus obtained will be safe and clean.
Let denote isomorphism between transition systems and reachability graphs that binds their initial states. Note that the names of transitions of the dtsd-box corresponding to a static expression could be identified with the enumerated activities of the latter.
Theorem 4.2
For any static expression ,
[TABLE]
Proof. As for the qualitative (functional) behaviour, we have the same isomorphism as in PBC [10, 9].
The quantitative behaviour is the same by the following reasons. First, the activities of an expression have the probability or delay and weight parts coinciding with the probabilities or delays and weights of the transitions belonging to the corresponding dtsd-box. Second, we use analogous probability or delay and weight functions to construct the corresponding transition systems and reachability graphs.
In general, the proof goes along the same lines as that from [31]. For instance, observe the relationships between the process expressions and their Petri net counterparts in dtsdPBC. Let and . There is the following bijection between and . For a process state , the corresponding net state is with the next properties. First, is the marking of the clocked dtsd-box . Second, for each transition with , we have . Note that each expression can be seen as a “partial” representation of the net marking and state , since possibly not all enabled activities are overlined in . The transition set corresponding to a (multi)set of activities is such that , where . Thus, here we also have a bijection. Notice that the marking is obtained from by firing the sequence of transition sets corresponding to the activities (multi)sets, whose execution from has led to the state . For the corresponding process and net states and , the sets of the enabled activities and transitions are constructed similarly. The sets of the executable activities (multi)sets and fireable transitions sets are analogous as well. At last, the probability functions and are respectively defined in the same way as and , for the corresponding (multi)set of activities and transition set .
Example 4.1
Let be from Examples 3.9–3.18. In Figures 14–23, the clocked dtsd-boxes are presented. Due to the time constraints and since waiting multiactions may be preempted by stochastic ones, some dynamic expressions can have complex transition systems and simple clocked dtsd-boxes (Examples 3.9–3.13), or vice versa (Examples 3.14–3.18).
Example 4.2
Let be from Example 3.19. In Figure 24, the clocked dtsd-box and its reachability graph are presented. Since has a single waiting transition that is enabled only at marking and whose delay is , the timer valuation function is defined as follows: at , and at each of the four different markings. It is easy to see that and are isomorphic.
The following example demonstrates that without the syntactic restriction on regularity of expressions the corresponding clocked dtsd-boxes may be not safe.
Example 4.3
Let . In Figure 25, the clocked dtsd-box and its reachability graph are presented. Since has no waiting transitions, we may consider the substituent markings as the whole states. At the marking there are tokens in the place . Symmetrically, at the marking there are tokens in the place . Thus, allowing concurrency in the second argument of iteration in the expression can lead to non-safeness of the corresponding clocked dtsd-box , though, it is -bounded in the worst case [9]. The origin of the problem is that has as a self-loop with two subnets which can function independently. Therefore, we have decided to consider regular expressions only, since the alternative, which is a safe version of the iteration operator with six arguments in the corresponding dtsd-box, like that from [9], is rather cumbersome and has too intricate PN interpretation. Our motivation was to keep the algebraic and PN specifications as simple as possible.
5 Performance evaluation
In this section we demonstrate how Markov chains corresponding to the expressions and dtsd-boxes can be constructed and then used for performance evaluation.
5.1 Analysis of the underlying SMC
For a dynamic expression , a discrete random variable is associated with every tangible state . The variable captures the residence (sojourn) time in the state. One can interpret staying in a state at the next discrete time moment as a failure and leaving it as a success in some trial series. It is easy to see that is geometrically distributed with the parameter , since the probability to stay in for time moments and leave it at the moment , called the probability mass function (PMF) of the residence time in , is (the residence time is in this case). Hence, the probability distribution function (PDF) of the residence time in is (the probability that the residence time in is less than ). The mean value formula for the geometrical distribution allows us to calculate the average sojourn time in as . The average sojourn time in each vanishing state is . Let .
The average sojourn time in the state is
[TABLE]
The average sojourn time vector of , denoted by , has the elements .
The sojourn time variance in the state is
[TABLE]
The sojourn time variance vector of , denoted by , has the elements .
To evaluate performance of the system specified by a dynamic expression , we should investigate the stochastic process associated with it. The process is the underlying semi-Markov chain (SMC) [50, 29], denoted by , which can be analyzed by extracting from it the embedded (absorbing) discrete time Markov chain (EDTMC) corresponding to , denoted by . The construction of the latter is analogous to that applied in the context of generalized stochastic PNs (GSPNs) in [40, 2, 3], and also in the framework of discrete time deterministic and stochastic PNs (DTDSPNs) in [61, 62, 64, 65], as well as within discrete deterministic and stochastic PNs (DDSPNs) [63]. only describes the state changes of while ignoring its time characteristics. Thus, to construct the EDTMC, we should abstract from all time aspects of behaviour of the SMC, i.e. from the sojourn time in its states. The (local) sojourn time in every state of the EDTMC is deterministic and it is equal to one discrete time unit. It is well-known that every SMC is fully described by the EDTMC and the state sojourn time distributions (the latter can be specified by the vector of PDFs of residence time in the states) [22].
Let be a dynamic expression and . The transition system can have self-loops going from a state to itself which have a non-zero probability. Clearly, the current state remains unchanged in this case.
Let . The probability to stay in due to self-loops is
[TABLE]
Let and . The probability to move from to by executing any multiset of activities after possible self-loops is
[TABLE]
[TABLE]
Here is the self-loops abstraction factor in the state . The self-loops abstraction vector of , denoted by , has the elements . The value in the summation above corresponds to the case when no self-loops occur.
Let . If there exist self-loops from (i.e. if ) then and . Otherwise, if there exist no self-loops from then and . Thus, , hence, . Note that the self-loops from tangible states are of the empty or non-empty type, the latter produced by iteration, since empty loops are not possible from w-tangible states, but they are possible from s-tangible states, while non-empty loops are possible from both s-tangible and w-tangible states.
Let . We have and . If there exist self-loops from then . Otherwise, if there exist no self-loops from then . Note that the self-loops from vanishing states are always of the non-empty type, produced by iteration, since empty loops are not possible from vanishing states.
Note that after abstraction from the probabilities of transitions which do not change the states, the remaining transition probabilities are normalized. In order to calculate transition probabilities , we had to normalize . Then, to obtain transition probabilities of the state-changing steps , we now have to normalize . Thus, we have a two-stage normalization as a result.
Notice that defines a probability distribution, since such that is not a terminal state, i.e. there are transitions to different states after possible self-loops from it, we have .
We decided to consider self-loops followed only by a state-changing step just for convenience. Alternatively, we could take a state-changing step followed by self-loops or a state-changing step preceded and followed by self-loops. In all these three cases our sequence begins or/and ends with the loops which do not change states. At the same time, the overall probabilities of the evolutions can differ, since self-loops have positive probabilities. To avoid inconsistency of definitions and too complex description, we consider sequences ending with a state-changing step. It resembles in some sense a construction of branching bisimulation [19] taking self-loops instead of silent transitions.
Definition 5.1
*Let be a dynamic expression. The embedded (absorbing) discrete time Markov chain
(EDTMC) of , denoted by , has the state space , the initial state and the transitions , if and , where .*
The underlying SMC of , denoted by , has the EDTMC and the sojourn time in every is geometrically distributed with the parameter while the sojourn time in every is equal to [math].
EDTMCs and underlying SMCs of static expressions can be defined as well. For , let and .
Let be a dynamic expression. The elements of the (one-step) transition probability matrix (TPM) for are defined as
[TABLE]
The transient (-step, ) PMF for is calculated as
[TABLE]
where is the initial PMF defined as
[TABLE]
Note also that .
The steady-state PMF for is a solution of the equation system
[TABLE]
where is the identity matrix of order and is a row vector of values is that of values .
Note that the vector exists and is unique if is ergodic. Then has a single steady state, and we have .
The steady-state PMF for the underlying semi-Markov chain is calculated via multiplication of every by the average sojourn time in the state , after which we normalize the resulting values. Remember that for each w-tangible state we have , and for each vanishing state we have .
Thus, the steady-state PMF for is
[TABLE]
Thus, to calculate , we apply abstraction from self-loops to get and then , followed by weighting by and normalization. has no self-loops, unlike , hence, the behaviour of stabilizes quicker than that of (if each of them has a single steady state), since has only zero elements at the main diagonal.
Example 5.1
Let be from Example 3.19. In Figure 26, the underlying SMC is presented. The average sojourn times in the states of the underlying SMC is written next to them in bold font.
The average sojourn time vector of is
[TABLE]
The sojourn time variance vector of is
[TABLE]
The TPM for is
[TABLE]
The steady-state PMF for is
[TABLE]
The steady-state PMF weighted by is
[TABLE]
It remains to normalize the steady-state weighted PMF by dividing it by the sum of its components
[TABLE]
Thus, the steady-state PMF for is
[TABLE]
In the case and we have
[TABLE]
Let be a dynamic expression and . The following standard performance indices (measures) can be calculated based on the steady-state PMF for and the average sojourn time vector of [46, 27].
- •
The average recurrence (return) time in the state (i.e. the number of discrete time units or steps required for this) is .
- •
The fraction of residence time in the state is .
- •
The fraction of residence time in the set of states or the probability of the event determined by a condition that is true for all states from is .
- •
The relative fraction of residence time in the set of states with respect to that in is
.
- •
The exit/entrance frequency (rate of leaving/entering, average number of exits/entrances per unit of time) the state is .
- •
The steady-state probability to perform a step with a multiset of activities is
.
- •
The steady-state execution frequency (throughput) of the activity is
.
- •
The probability of the event determined by a reward function on the states is
, where .
Example 5.2
Let us interpret be from Example 3.19 as a specification of the travel system. A tourist visits regularly new cities. After seeing the sights of the current city, he goes to the next city by the nearest train or bus available at the city station. Buses depart less frequently than trains, but the next city is quicker reached by bus than by train. We suppose that the stay duration in every city (being a constant), the departure numbers of trains and buses, as well as their speeds do not depend on a particular city, bus or train. The travel route has been planned so that the distances between successive cities coincide.
The meaning of actions from the syntax of is as follows. The action corresponds to the system activation (the travel route has been planned) that takes a time, geometrically distributed with the parameter . The action represents the completion of looking round the current city and coming to the city station that takes a fixed time equal to (say, one hour) for every city. The actions and correspond to the urgent getting on bus and train, respectively, and thus model the choice between these two transport facilities. The weights of the two corresponding immediate multiactions suggest that every departures of buses take the same time as departures of trains (), hence, a bus departs with the probability while a train departs with the probability . The actions and correspond to the coming in a city by bus and train, respectively, that takes a time, geometrically distributed with the parameters and , respectively ().
The meaning of states from is the following. The s-tangible state corresponds to staying at home and planning the future travel. The w-tangible state means residence in a city for exactly one time unit (hour). The vanishing state with zero residence time represents instantaneous stay at the city station, signifying that the tourist does not wait there for departure of the transport. The s-tangible states and correspond to going by bus and train, respectively.
Using Example 5.1, we now calculate the performance indices, based on the steady-state PMF for and the average sojourn time vector of .
- •
The average time between comings to the successive cities (mean sightseeing and travel time) is
.
- •
The fraction of time spent in a city (sightseeing time fraction) is .
- •
The fraction of time spent in a transport (travel time fraction) is .
- •
The relative fraction of time spent in a city with respect to that spent in transport (sightseeing relative to travel time fraction) is .
- •
The rate of leaving/entering a city (departure/arrival rate) is .
Let be a LDTSDPN and be its states. Then the average sojourn time , the sojourn time variance , the probabilities , the transition relation , the EDTMC , the underlying SMC and the steady-state PMF for it are defined like the corresponding notions for dynamic expressions.
As we have mentioned earlier, every clocked plain dtsd-box could be interpreted as the LDTSDPN. Therefore, we can evaluate performance with the LDTSDPNs corresponding to dtsd-boxes and then transfer the results to the latter.
Let denote isomorphism between SMCs that binds their initial states, where two SMCs are isomorphic if their EDTMCs are so and the sojourn times in the isomorphic states of the EDTMCs are identically distributed.
Proposition 5.1
For any static expression
[TABLE]
Proof. By Theorem 4.2 and definitions of underlying SMCs for dynamic expressions and LDTSDPNs taking into account the following. First, for the associated SMCs, the average sojourn time in the states is the same, since it is defined via the analogous probability functions. Second, the transition probabilities of the associated SMCs are the sums of those belonging to transition systems or reachability graphs.
Fore instance, observe that the probability functions and can be respectively defined in the same way as and , for the corresponding and , as well as and .
Example 5.3
Let be from Example 3.19. In Figure 27, the underlying SMC is presented. It is easy to see that and are isomorphic. Thus, both the transient and steady-state PMFs for and coincide.
As mentioned in [61, 62], if is useful to consider performance measures over only the markings of DTDSPNs, instead of their whole states, whose second components are the remaining firing time vectors. In the context of dtsdPBC, such markings correspond to those of the dtsd-boxes of dynamic expressions, i.e. to the markings of the respective LDTSDPNs, obtained from their states by abstracting from the second components, which are the timer valuation functions.
Let be a dynamic expression. The underlying timer-free state of a state is defined as for . Since structurally equivalent dynamic expressions obviously remain so after removing their timer value annotations, is unique for each and the previous definition is correct. The timer-free states (i.e. those from ) correspond to the markings of the LDTSDPN . Let and . The average sojourn time vector , sojourn time variance vector and steady-state PMF for over the timer-free states of are defined as follows: and . Then and can be used to calculate the standard performance indices over the timer-free states of (hence, over the markings of ), by analogy with the standard performance indices, defined over the arbitrary states of . Then also the performance measures that are specific for LDTSDPNs can be derived, based on the numbers of tokens in the places of .
5.2 Analysis of the DTMC
Let us consider an alternative solution method, studying the DTMCs of expressions based on the state change probabilities .
Definition 5.2
Let be a dynamic expression. The discrete time Markov chain (DTMC) of , denoted by , has the state space , the initial state and the transitions , where .
DTMCs of static expressions can be defined as well. For , let .
One can see that is constructed from as follows. For each state of , we remove a possible self-loop associated with it and then normalize the probabilities of the remaining transitions from the state. Thus, and differ only by existence of self-loops and magnitudes of the probabilities of the remaining transitions. Hence, and have the same communication classes of states and is irreducible iff is so. Since both and are finite, they are positive recurrent. Thus, in case of irreducibility, each of them has a single stationary PMF. Note that both and or just one of them may be periodic, thus having a unique stationary distribution, but no steady-state (limiting) one. For example, it may happen that is periodic while is aperiodic due to self-loops associated with some states of the latter. The states of are classified using , hence, is irreducible (positive recurrent, aperiodic) iff is so.
Let be a dynamic expression. The elements of (one-step) transition probability matrix (TPM) for are defined as
[TABLE]
The steady-state PMF for is defined like the corresponding notion for .
Let us determine a relationship between steady-state PMFs for and . The following theorem proposes the equation that relates the mentioned steady-state PMFs.
First, we introduce some helpful notation. For a vector , let be a diagonal matrix of order with the elements defined as
[TABLE]
Theorem 5.1
Let be a dynamic expression and be its self-loops abstraction vector. Then the steady-state PMFs for and for are related as follows:
[TABLE]
Proof. Let be a vector with the elements
[TABLE]
By definition of , we have . Further,
[TABLE]
After replacement of by we obtain
[TABLE]
Note that we have
[TABLE]
Hence, . Thus,
[TABLE]
Then, for , we have
[TABLE]
In order to calculate on the basis of , we must normalize it by dividing its elements by their sum, since we should have as a result:
[TABLE]
Thus, the elements of are calculated as follows:
[TABLE]
It is easy to check that is a solution of the equation system
[TABLE]
hence, it is indeed the steady-state PMF for .
The following proposition relates the steady-state PMFs for and .
Proposition 5.2
Let be a dynamic expression, be the steady-state PMF for and be the steady-state PMF for . Then
[TABLE]
Proof. Let . Remember that and .
Then, by Theorem 5.1, we have .
Thus, to calculate , one can only apply normalization to some elements of (corresponding to the tangible states), instead of abstracting from self-loops to get and then , followed by weighting by and normalization. Hence, using instead of allows one to avoid multistage analysis, but the payment for it is more time-consuming numerical and more complex analytical calculation of with respect to . The reason is that has self-loops, unlike , hence, the behaviour of stabilizes slower than that of (if each of them has a single steady state) and is more dense matrix than , since may additionally have non-zero elements at the main diagonal. Nevertheless, Proposition 5.2 is very important, since the relationship between and it discovers will be used in Proposition 5.3 to relate the steady-state PMFs for and the reduced .
Example 5.4
Let be from Example 3.19. In Figure 28, the DTMC is presented.
The TPM for is
[TABLE]
The steady-state PMF for is
[TABLE]
Remember that and . Hence,
[TABLE]
By Proposition 5.2, we have
[TABLE]
Thus, the steady-state PMF for is
[TABLE]
This coincides with the result obtained in Example 5.1 with the use of and .
5.3 Analysis of the reduced DTMC
Let us now consider the method from [18, 16, 17, 41, 2, 4, 3] that eliminates vanishing states from the EMC (EDTMC, in our terminology) corresponding to the underlying SMC of every GSPN . The TPM for the resulting reduced EDTMC (REDTMC) has smaller size than that for the EDTMC. The method demonstrates that there exists a transformation of the underlying SMC of into a CTMC, whose states are the tangible markings of . This CTMC, which is essentially the reduced underlying SMC (RSMC) of , is constructed on the basis of the REDTMC. The CTMC can then be directly solved to get both the transient and the steady-state PMFs over the tangible markings of . In [17], the program and computational complexities of such an elimination method, based on the REDTMC, were evaluated and compared with those of the preservation method that does not eliminate vanishing states and based on the EDTMC. The preservation method for GSPNs corresponds in dtsdPBC to the analysis of the underlying SMCs of expressions.
The elimination method for GSPNs can be easily transferred to dtsdPBC, hence, for every dynamic expression , we can find a DTMC (since the sojourn time in the tangible states from is discrete and geometrically distributed) with the states from , which can be directly solved to find the transient and the steady-state PMFs over the tangible states. We shall demonstrate that such a reduced DTMC (RDTMC) of , denoted by , can be constructed from , using the method analogous to that designed in [41, 2, 4, 3] in the framework of GSPNs to transform EDTMC into REDTMC. Since the sojourn time in the vanishing states is zero, the state changes of occur in the moments of the global discrete time associated with , unlike those of , which happen only when the current state changes to some different one, irrespective of the global time. Therefore, in our case, we can skip the stages of constructing the REDTMC of , denoted by , from , and recovering RSMC of , denoted by , (which is the sought-for DTMC) from , since we shall have .
Let be a dynamic expression and be the TPM for . We reorder the states from such that the first rows and columns of will correspond to the states from and the last ones will correspond to the states from . Let and . The resulting matrix can be decomposed as follows:
[TABLE]
The elements of the submatrix are the probabilities to move from vanishing to vanishing states, and those of the submatrix are the probabilities to move from vanishing to tangible states. The elements of the submatrix are the probabilities to move from tangible to vanishing states, and those of the submatrix are the probabilities to move from tangible to tangible states.
The TPM for is the matrix, calculated as
[TABLE]
where the elements of the matrix are the probabilities to move from vanishing to vanishing states in any number of state changes, without traversal of the tangible states.
If there are no loops among vanishing states then for any vanishing state there exists a value such that every sequence of state changes that starts in a vanishing state and is longer than should reach a tangible state. Thus, and . If there are loops among vanishing states then all such loops are supposed to be of “transient” rather than “absorbing” type, since the latter is treated as a specification error to be corrected, like in [41, 3]. We have earlier required that has a single closed communication (which is also ergodic) class of states. Remember that a communication class of states is their equivalence class w.r.t. communication relation, i.e. a maximal subset of communicating states. A communication class of states is closed if only the states belonging to it are accessible from every its state. The ergodic class cannot consist of vanishing states only to avoid “absorbing” loops among them, hence, it contains tangible states as well. Thus, any sequence of vanishing state changes that starts in the ergodic class will reach a tangible state at some time moment. All the states that do not belong to the ergodic class should be transient. Hence, any sequence of vanishing state changes that starts in a transient vanishing state will some time reach either a transient tangible state or a state from the ergodic class [29]. In the latter case, a tangible state will be reached as well, as argued above. Thus, every sequence of vanishing state changes in that starts in a vanishing state will exit the set of all vanishing states in the future. This implies that the probabilities to move from vanishing to vanishing states in state changes, without traversal of tangible states, will lead to [math] when tends to . Then we have , hence, is a non-singular matrix, i.e. its determinant is not equal to zero. Thus, the inverse matrix of exists and may be expressed by a Neumann series as . Therefore,
[TABLE]
where is the square matrix consisting only of zeros and is the identity matrix, both of order .
For and , let be the elements of the matrix be those of be those of and be those of . By definition, the elements of the matrix are calculated as
[TABLE]
i.e. is the total probability to move from the tangible state to the tangible state in any number of steps, without traversal of tangible states, but possibly going through vanishing states.
Let such that . The probability to move from to in any number of steps, without traversal of tangible states is
[TABLE]
Definition 5.3
Let be a dynamic expression and . The reduced discrete time Markov chain (RDTMC) of , denoted by , has the state space , the initial state and the transitions , where .
RDTMCs of static expressions can be defined as well. For , let .
Let us now try to define as a “restriction” of to its tangible states. Since the sojourn time in the tangible states of is discrete and geometrically distributed, we can see that is a DTMC with the state space , the initial state and the transitions whose probabilities collect all those in to move from the tangible to the tangible states, directly or indirectly, namely, by going through its vanishing states only. Thus, has the transitions , where , hence, we get .
One can see that is constructed from as follows. All vanishing states and all transitions to, from and between them are removed. All transitions between tangible states are preserved. The probabilities of transitions between tangible states may become greater and new transitions between tangible states may be added, both iff there exist moves between these tangible states in any number of steps, going through vanishing states only. Thus, for each sequence of transitions between two tangible states in there exists a (possibly shorter, since the eventual passed through vanishing states are removed) sequence between the same states in and vice versa. If is irreducible then all its states (including tangible ones) communicate, hence, all states of communicate as well and it is irreducible. Since both and are finite, they are positive recurrent. Thus, in case of irreducibility of , each of them has a single stationary PMF. Note that and/or may be periodic, thus having a unique stationary distribution, but no steady-state (limiting) one. For example, it may happen that is aperiodic while is periodic due to removing vanishing states from the former.
Let and . Then the transient (-step, ) PMF for is calculated as
[TABLE]
where is the initial PMF defined as
[TABLE]
Note also that .
The steady-state PMF for is a solution of the equation system
[TABLE]
where is the identity matrix of order and is a row vector of values is that of values .
Note that the vector exists and is unique if is ergodic. Then has a single steady state, and we have .
The zero sojourn time in the vanishing states guarantees that the state changes of occur in the moments of the global discrete time associated with , i.e. every such state change occurs after one time unit delay. Hence, the sojourn time in the tangible states is the same for and . The state change probabilities of are those to move from tangible to tangible states in any number of steps, without traversal of the tangible states. Therefore, and have the same transient behaviour over the tangible states, thus, the transient analysis of is possible to accomplish using .
The following proposition relates the steady-state PMFs for and . It proves that the steady-state probabilities of the tangible states coincide for them.
Proposition 5.3
Let be a dynamic expression, be the steady-state PMF for and be the steady-state PMF for . Then
[TABLE]
Proof. To make the proof more clear, we use the following unified notation. denotes the identity matrices of any size. denotes square matrices and row vectors of any size and length of values [math]. denotes square matrices and row vectors of any size and length of values .
Let be the reordered TPM for and be the steady-state PMF for , i.e. is a solution of the equation system
[TABLE]
Let and . The decomposed and are
[TABLE]
where is the subvector of with the steady-state probabilities of vanishing states and is that with the steady-state probabilities of tangible states.
Then the equation system for is decomposed as follows:
[TABLE]
Further, let be the TPM for . Then is a solution of the equation system
[TABLE]
We have
[TABLE]
where the matrix can have two different forms, depending on whether the loops among vanishing states exist, hence, we consider the two following cases.
There exist no loops among vanishing states. We have and .
Let us right-multiply the first equation of the decomposed equation system for by :
[TABLE]
Taking into account that , we get
[TABLE]
Since and , we obtain
[TABLE]
Let us substitute with in the second equation of the decomposed equation system for :
[TABLE]
Since , we have
[TABLE] 2. 2.
There exist loops among vanishing states. We have and .
Let us right-multiply the first equation of the decomposed equation system for by :
[TABLE]
Taking into account that , we get
[TABLE]
Let us substitute with in the second equation of the decomposed equation system for :
[TABLE]
Since , we have
[TABLE]
The third equation of the decomposed equation system for implies that if has nonzero elements then the sum of the elements of is less than one. We normalize by dividing its elements by their sum:
[TABLE]
It is easy to check that is a solution of the equation system
[TABLE]
hence, it is the steady-state PMF for and we have
[TABLE]
Note that . Then the elements of are calculated as follows:
[TABLE]
By Proposition 5.2, .
Therefore,
[TABLE]
Thus, to calculate , one can just take all the elements of as the steady-state probabilities of the tangible states, instead of abstracting from self-loops to get and then , followed by weighting by and normalization. Hence, using instead of allows one to avoid such a multistage analysis, but constructing also requires some efforts, including calculating matrix powers or inverse matrices. Note that has self-loops, unlike , hence, the behaviour of may stabilize slower than that of (if each of them has a single steady state). On the other hand, is smaller and denser matrix than , since has additional non-zero elements not only at the main diagonal, but also many of them outside it. Therefore, in most cases, we have less time-consuming numerical calculation of with respect to . At the same time, the complexity of the analytical calculation of with respect to depends on the model structure, such as the number of vanishing states and loops among them, but usually it is lower, since the matrix size reduction plays an important role in many cases. Hence, for the system models with many immediate activities we normally have a significant simplification of the solution. At the abstraction level of SMCs, the elimination of vanishing states decreases their impact to the solution complexity while allowing immediate activities to specify a comprehensible logical structure of systems at the higher level of transition systems.
Example 5.5
Let be from Example 3.19. Remember that and . We reorder the states from , by moving the vanishing states to the first positions, as follows: .
The reordered TPM for is
[TABLE]
The result of the decomposing are the matrices
[TABLE]
Since , we have , hence, and there are no loops among vanishing states. Then
[TABLE]
Further, the TPM for is
[TABLE]
In Figure 29, the reduced DTMC is presented. The steady-state PMF for is
[TABLE]
Note that . By Proposition 5.3, we have
[TABLE]
Thus, the steady-state PMF for is
[TABLE]
This coincides with the result obtained in Example 5.1 with the use of and .
Example 5.6
In Figure 30, the reduced underlying SMC is depicted. The average sojourn times in the states of the reduced underlying SMC are written next to them in bold font. In spite of the equality , the graphical representation of differs from that of , since the former is based on the , where each state is decorated with the positive average sojourn time of in it. is constructed from in the similar way as is obtained from . By construction, the residence time in each state of is geometrically distributed. Hence, the associated parameter of geometrical distribution is uniquely recovered from the average sojourn time in the state.
Note that our reduction of the underlying SMC by eliminating its vanishing states, resulting in the reduced DTMC, resembles the reduction from [35] by removing instantaneous states of stochastically discontinuous Markov reward chains. The latter are “limits” of continuous time Markov chains with state rewards and fast transitions when the rates (speeds) of these transitions tend to infinity, making them immediate. By analogy with this work, we could consider DTMCs extended with instantaneous states instead of SMCs with geometrically distributed or zero sojourn time in the states. However, within , we have decided to take SMCs as the underlying stochastic process to be able to consider not only geometrically distributed and zero residence time in the states, but arbitrary fixed discrete time delays as well.
6 Conclusion
In this paper, we have proposed a discrete time stochastic extension dtsdPBC of PBC, enriched with deterministic multiactions. The calculus has a parallel step operational semantics, based on labeled probabilistic transition systems and a denotational semantics in terms of a subclass of LDTSDPNs. A technique of performance evaluation in the framework of the calculus has been presented that explores the corresponding stochastic process, which is a semi-Markov chain (SMC). It has been proven that the underlying discrete time Markov chain (DTMC) or its reduction (RDTMC) by eliminating vanishing states may alternatively and suitably be studied for that purpose. The theory presented has been illustrated with an extensive series of examples, among which is the travel system application example demonstrating performance analysis within dtsdPBC.
The advantage of our framework is twofold. First, one can specify in it concurrent composition and synchronization of (multi)actions, whereas this is not possible in classical Markov chains. Second, algebraic formulas represent processes in a more compact way than PNs and allow one to apply syntactic transformations and comparisons. Process algebras are compositional by definition and their operations naturally correspond to operators of programming languages. Hence, it is much easier to construct a complex model in the algebraic setting than in PNs. The complexity of PNs generated for practical models in the literature demonstrates that it is not straightforward to construct such PNs directly from the system specifications. dtsdPBC is well suited for the discrete time applications, whose discrete states change with a global time tick, such as business processes, neural and transportation networks, computer and communication systems, timed web services [60], as well as for those, in which the distributed architecture or the concurrency level should be preserved while modeling and analysis (remember that, in step semantics, we have additional transitions due to concurrent executions). dtsdPBC is also capable to model and analyze parallel systems with fixed durations of the typical activities (loading, processing, transfer, repair) and stochastic durations of the randomly occurring activities (arrival, failure), including industrial, manufacturing, queueing, computing and network systems. The main advantages of dtsdPBC are the flexible multiaction labels, deterministic multiactions, powerful operations, as well as a step operational and a Petri net denotational semantics allowing for concurrent execution of activities (transitions), together with an ability for analytical and parametric performance evaluation.
Future work will consist in constructing a congruence relation for dtsdPBC, i.e. the equivalence that withstands application of all operations of the algebra. The first possible candidate is a stronger version of defined via transition systems equipped with two extra transitions skip and redo, like those from sPBC. Moreover, recursion operation could be added to dtsdPBC to increase further specification power of the algebra.
The reference list from the paper itself. Each links out to its DOI / PubMed record.
- 1[1] van der Aalst W.M.P., van Hee K.M., Reijers H.A. Analysis of discrete-time stochastic Petri nets. Statistica Neerlandica 54(2) , p. 237–255, The Netherlands Society for Statistics and Operations Research (VVSOR), Wiley Blackwell Publishers, July 2000, http://tmitwww.tm.tue.nl/staff/hreijers/ H.A. Reijers Bestanden/Statistica.pdf , http://onlinelibrary.wiley.com/doi/epdf/10.1111/ 1467-9574.00139 .
- 2[2] Balbo G. Introduction to stochastic Petri nets. Lecture Notes in Computer Science 2090 , p. 84–155, 2001.
- 3[3] Balbo G. Introduction to generalized stochastic Petri nets. Lecture Notes in Computer Science 4486 , p. 83–131, 2007.
- 4[4] Bause F., Kritzinger P.S. Stochastic Petri nets: an introduction to the theory. Vieweg Verlag, 2 n d superscript 2 𝑛 𝑑 2^{nd} edition, 218 p., 2002, http://ls 4-www.cs.tu-dortmund.de/cms/de/home/bause/bause_kritzinger_ spn_book_print.pdf .
- 5[5] Bergstra J.A., Klop J.W. Algebra of communicating processes with abstraction. Theoretical Computer Science 37 , p. 77–121, 1985.
- 6[6] Bernardo M., Bravetti M. Reward based congruences: can we aggregate more? Lecture Notes in Computer Science 2165 , p. 136–151, 2001, http://www.cs.unibo.it/~bravetti/papers/papm 01b.ps .
- 7[7] Bernardo M., Gorrieri R. A tutorial on EMPA: a theory of concurrent processes with nondeterminism, priorities, probabilities and time. Theoretical Computer Science 202 , p. 1–54, July 1998, http://www.sti.uniurb.it/bernardo/documents/tcs 202.pdf .
- 8[8] Best E., Devillers R., Hall J.G. The box calculus: a new causal algebra with multi-label communication. Lecture Notes in Computer Science 609 , p. 21–69, 1992.
