Petri Nets
Click here to load reader
-
Upload
scarlett-parker -
Category
Documents
-
view
93 -
download
2
description
Transcript of Petri Nets
2
Outline
• Petri nets– Introduction– Examples– Properties– Analysis techniques
3
Petri Nets (PNs)
• Model introduced by C.A. Petri in 1962– Ph.D. Thesis: “Communication with Automata”
• Applications: distributed computing, manufacturing, control, communication networks, transportation…
• PNs describe explicitly and graphically:– sequencing/causality
– conflict/non-deterministic choice
– concurrency
• Asynchronous model (partial ordering)• Main drawback: no hierarchy
4
Petri Net Graph• Bipartite weighted directed graph:
– Places: circles– Transitions: bars or boxes– Arcs: arrows labeled with weights
• Tokens: black dots
t1p1
p2
t2
p4
t3
p3
2
3
5
Petri Net• A PN (N,M0) is a Petri Net Graph N
– places: represent distributed state by holding tokens• marking (state) M is an n-vector (m1,m2,m3…), where mi is the non-
negative number of tokens in place pi.
• initial marking (M0) is initial state
– transitions: represent actions/events• enabled transition: enough tokens in predecessors
• firing transition: modifies marking
• …and an initial marking M0. t1p1
p2 t2
p4
t3p3
2
3Places/Transition: conditions/events
6
Transition firing rule• A marking is changed according to the following rules:
– A transition is enabled if there are enough tokens in each input place
– An enabled transition may or may not fire
– The firing of a transition modifies marking by consuming tokens from the input places and producing tokens in the output places
22
3
2 2
3
7
Concurrency, causality, choice
t1
t
2
t3 t4
t5
t6
8
Concurrency, causality, choice
Concurrency
t1
t
2
t3 t4
t5
t6
9
Concurrency, causality, choice
Causality, sequencing
t1
t
2
t3 t4
t5
t6
10
Concurrency, causality, choice
Choice,
conflict
t1
t
2
t3 t4
t5
t6
11
Concurrency, causality, choice
Choice,
conflict
t1
t
2
t3 t4
t5
t6
12
Communication Protocol
P1
Send msg
Receive Ack
Send Ack
Receive msg
P2
13
Communication Protocol
P1
Send msg
Receive Ack
Send Ack
Receive msg
P2
14
Communication Protocol
P1
Send msg
Receive Ack
Send Ack
Receive msg
P2
15
Communication Protocol
P1
Send msg
Receive Ack
Send Ack
Receive msg
P2
16
Communication Protocol
P1
Send msg
Receive Ack
Send Ack
Receive msg
P2
17
Communication Protocol
P1
Send msg
Receive Ack
Send Ack
Receive msg
P2
18
Producer-Consumer Problem
Produce
Consume
Buffer
19
Producer-Consumer Problem
Produce
Consume
Buffer
20
Producer-Consumer Problem
Produce
Consume
Buffer
21
Producer-Consumer Problem
Produce
Consume
Buffer
22
Producer-Consumer Problem
Produce
Consume
Buffer
23
Producer-Consumer Problem
Produce
Consume
Buffer
24
Producer-Consumer Problem
Produce
Consume
Buffer
25
Producer-Consumer Problem
Produce
Consume
Buffer
26
Producer-Consumer Problem
Produce
Consume
Buffer
27
Producer-Consumer Problem
Produce
Consume
Buffer
28
Producer-Consumer Problem
Produce
Consume
Buffer
29
Producer-Consumer Problem
Produce
Consume
Buffer
30
Producer-Consumer Problem
Produce
Consume
Buffer
31
Producer-Consumer Problem
Produce
Consume
Buffer
32
Producer-Consumer with priority
Consumer B can
consume only if
buffer A is empty
Inhibitor arcs
A
B
33
PN properties
• Behavioral: depend on the initial marking (most interesting)– Reachability
– Boundedness
– Schedulability
– Liveness
– Conservation
• Structural: do not depend on the initial marking (often too restrictive)– Consistency
– Structural boundedness
34
Reachability
• Marking M is reachable from marking M0 if there exists a sequence of firings M0 t1 M1 t2 M2… M that transforms M0 to M.
• The reachability problem is decidable.
t1p1
p2t2
p4
t3p3
= (1,0,1,0)M = (1,1,0,0)
= (1,0,1,0) t3
M1 = (1,0,0,1) t2
M = (1,1,0,0)
35
• Liveness: from any marking any transition can become fireable– Liveness implies deadlock freedom, not viceversa
Liveness
Not live
36
• Liveness: from any marking any transition can become fireable– Liveness implies deadlock freedom, not viceversa
Liveness
Not live
37
• Liveness: from any marking any transition can become fireable– Liveness implies deadlock freedom, not viceversa
Liveness
Deadlock-free
38
• Liveness: from any marking any transition can become fireable– Liveness implies deadlock freedom, not viceversa
Liveness
Deadlock-free
39
• Boundedness: the number of tokens in any place cannot grow indefinitely– (1-bounded also called safe)
– Application: places represent buffers and registers (check there is no overflow)
Boundedness
Unbounded
40
• Boundedness: the number of tokens in any place cannot grow indefinitely– (1-bounded also called safe)
– Application: places represent buffers and registers (check there is no overflow)
Boundedness
Unbounded
41
• Boundedness: the number of tokens in any place cannot grow indefinitely– (1-bounded also called safe)
– Application: places represent buffers and registers (check there is no overflow)
Boundedness
Unbounded
42
• Boundedness: the number of tokens in any place cannot grow indefinitely– (1-bounded also called safe)
– Application: places represent buffers and registers (check there is no overflow)
Boundedness
Unbounded
43
• Boundedness: the number of tokens in any place cannot grow indefinitely– (1-bounded also called safe)
– Application: places represent buffers and registers (check there is no overflow)
Boundedness
Unbounded
44
Conservation
• Conservation: the total number of tokens in the net is constant
Not conservative
45
Conservation
• Conservation: the total number of tokens in the net is constant
Not conservative
46
Conservation
• Conservation: the total number of tokens in the net is constant
Conservative
2
2
47
Analysis techniques
• Structural analysis techniques– Incidence matrix
– T- and S- Invariants
• State Space Analysis techniques– Coverability Tree
– Reachability Graph
48
Incidence Matrix
• Necessary condition for marking M to be reachable from initial marking M0:
there exists firing vector v s.t.:
M = M0 + A v
p1 p2 p3t1t2
t3A=A=
-1-1 00 0011 11 -1-100 -1-1 11
t1 t2 t3
p1
p2
p3
49
State equations
p1 p2 p3t1
t3
A=A=-1-1 00 0011 11 -1-100 -1-1 11
• E.g. reachability of M =|0 0 1|T from M0 = |1 0 0|T
but also vbut also v2 2 = | 1 1 2 |= | 1 1 2 |TT or any v or any vk k = | 1 (k) = | 1 (k) (k+1) |(k+1) |TT
t2
110000
++-1-1 00 0011 11 -1-100 -1-1 11
000011
==110011
vv1 1 ==110011
50
Necessary Condition only
22
Firing vector:
(1,2,2)
t1
t2
t3
Deadlock!!
51
State equations and invariants
• Solutions of Ax = 0 (in M = M0 + Ax, M = M0)
T-invariants– sequences of transitions that (if fireable) bring back to original marking
– periodic schedule in SDF
– e.g. x =| 0 1 1 |T
p1 p2 p3t1
t3
A=A=-1-1 00 0011 11 -1-100 -1-1 11
t2
52
Application of T-invariants
• Scheduling– Cyclic schedules: need to return to the initial state
i *k2 +
*k1
Schedule: i *k2 *k1 + o
T-invariant: (1,1,1,1,1)
o
53
State equations and invariants
• Solutions of yA = 0
S-invariants– sets of places whose weighted total token count does not
change after the firing of any transition (y M = y M’)
– e.g. y =| 1 1 1 |T
p1 p2 p3t1
t3
AATT==-1-1 11 0000 11 -1-100 -1-1 11
t2
54
Application of S-invariants
• Structural Boundedness: bounded for any finite initial marking M0
• Existence of a positive S-invariant is CS for structural boundedness – initial marking is finite
– weighted token count does not change
55
Summary of algebraic methods
• Extremely efficient (polynomial in the size of the net)
• Generally provide only necessary or sufficient information
• Excellent for ruling out some deadlocks or otherwise dangerous conditions
• Can be used to infer structural boundedness
56
Coverability Tree
• Build a (finite) tree representation of the markings
Karp-Miller algorithm• Label initial marking M0 as the root of the tree and tag it as new
• While new markings exist do:– select a new marking M
– if M is identical to a marking on the path from the root to M, then tag M as old and go to another new marking
– if no transitions are enabled at M, tag M dead-end
– while there exist enabled transitions at M do:• obtain the marking M’ that results from firing t at M
• on the path from the root to M if there exists a marking M’’ such that M’(p)>=M’’(p) for each place p and M’ is different from M’’, then replace M’(p) by for each p such that M’(p) >M’’(p)
• introduce M’ as a node, draw an arc with label t from M to M’ and tag M’ as new.
57
Coverability Tree• Boundedness is decidable
with coverability tree
p1 p2 p3
p4
t1t2
t3
1000
58
Coverability Tree• Boundedness is decidable
with coverability tree
p1 p2 p3
p4
t1t2
t3
1000
0100t1
59
Coverability Tree• Boundedness is decidable
with coverability tree
p1 p2 p3
p4
t1t2
t3
1000
0100
0011
t1
t3
60
Coverability Tree• Boundedness is decidable
with coverability tree
p1 p2 p3
p4
t1t2
t3
1000
0100
0011
t1
t3
0101
t2
61
Coverability Tree• Boundedness is decidable
with coverability tree
p1 p2 p3
p4
t1t2
t3
1000
0100
0011
t1
t3
t2010
62
Coverability Tree• Is (1) reachable from (0)?
t1 p1 t2
t1
0
t1
0
t1
p1 t22 2
63
Coverability Tree• Is (1) reachable from (0)?
t1 p1 t2
t1
0
t1
0
t1
p1 t22 2
(0) (1) (2)…
64
Coverability Tree• Is (1) reachable from (0)?
• Cannot solve the reachability problem
t1 p1 t2
t1
0
t1
0
t1
p1 t22 2
(0) (1) (2)…
(0) (2) (0)…
65
Reachability graph
p1 p2 p3t1t2
t3
100
• For bounded nets the Coverability Tree is called Reachability Tree since it contains all possible reachable markings
66
Reachability graph
p1 p2 p3t1t2
t3
100
010t1
• For bounded nets the Coverability Tree is called Reachability Tree since it contains all possible reachable markings
67
Reachability graph
p1 p2 p3t1t2
t3
100
010
001
t1
t3
• For bounded nets the Coverability Tree is called Reachability Tree since it contains all possible reachable markings
68
Reachability graph
p1 p2 p3t1t2
t3
100
010
001
t1
t3t2
• For bounded nets the Coverability Tree is called Reachability Tree since it contains all possible reachable markings
69
Subclasses of Petri nets• Reachability analysis is too expensive• State equations give only partial information • Some properties are preserved by reduction rules
e.g. for liveness and safeness
• Even reduction rules only work in some cases• Must restrict class in order to prove stronger results
70
PNs Summary
• PN Graph: places (buffers), transitions (actions), tokens (data)
• Firing rule: transition enabled if there are enough tokens in each input place
• Properties– Structural (consistency, structural boundedness…)
– Behavioral (reachability, boundedness, liveness…)
• Analysis techniques– Structural (only CN or CS): State equations, Invariants
– Behavioral: coverability tree
• Reachability
• Subclasses: Marked Graphs, State Machines, Free-Choice PNs
2
71
Subclasses of Petri nets: MGs• Marked Graph: every place has at most 1 predecessor
and 1 successor transition• Models only causality and concurrency (no conflict)
NO
YES
72
Subclasses of Petri nets: SMs
• State machine: every transition has at most 1 predecessor and 1 successor place
• Models only causality and conflict – (no concurrency, no synchronization of parallel activities)
YES NO
73
Free-Choice Petri Nets (FCPN)
Free-Choice (FC)
Extended Free-Choice Confusion (not-Free-Choice)
t1
t2
Free-Choice: the outcome of a choice depends on the value of a token (abstracted non-deterministically) rather than on its arrival time.
every transition after choice
has exactly 1 predecessor place
74
Free-Choice nets
• Introduced by Hack (‘72)• Extensively studied by Best (‘86) and Desel and
Esparza (‘95)• Can express concurrency, causality and choice without
confusion• Very strong structural theory
– necessary and sufficient conditions for liveness and safeness, based on decomposition
– exploits duality between MG and SM
75
MG (& SM) decomposition• An Allocation is a control function that chooses which
transition fires among several conflicting ones ( A: P T).
• Eliminate the subnet that would be inactive if we were to use the allocation...
• Reduction Algorithm– Delete all unallocated transitions
– Delete all places that have all input transitions already deleted
– Delete all transitions that have at least one input place already deleted
• Obtain a Reduction (one for each allocation) that is a conflict free subnet
76
• Choose one successor for each conflicting place:
MG reduction and cover
77
• Choose one successor for each conflicting place:
MG reduction and cover
78
• Choose one successor for each conflicting place:
MG reduction and cover
79
• Choose one successor for each conflicting place:
MG reduction and cover
80
• Choose one successor for each conflicting place:
MG reduction and cover
81
MG reductions• The set of all reductions yields a cover of MG
components (T-invariants)
82
MG reductions• The set of all reductions yields a cover of MG
components (T-invariants)
83
Hack’s theorem (‘72)
• Let N be a Free-Choice PN:– N has a live and safe initial marking (well-formed)
if and only if• every MG reduction is strongly connected and not empty, and
the set of all reductions covers the net
• every SM reduction is strongly connected and not empty, and
the set of all reductions covers the net
84
Hack’s theorem
• Example of non-live (but safe) FCN
85
Hack’s theorem
• Example of non-live (but safe) FCN
86
Hack’s theorem
• Example of non-live (but safe) FCN
87
Hack’s theorem
• Example of non-live (but safe) FCN
88
Hack’s theorem
• Example of non-live (but safe) FCN
89
Hack’s theorem
• Example of non-live (but safe) FCN
90
Hack’s theorem
• Example of non-live (but safe) FCN
91
Hack’s theorem
• Example of non-live (but safe) FCN
92
Hack’s theorem
• Example of non-live (but safe) FCN
93
Hack’s theorem
• Example of non-live (but safe) FCN
94
Hack’s theorem
• Example of non-live (but safe) FCN
95
Hack’s theorem
• Example of non-live (but safe) FCN
96
Hack’s theorem
• Example of non-live (but safe) FCN
97
Hack’s theorem
• Example of non-live (but safe) FCN
98
Hack’s theorem
• Example of non-live (but safe) FCN
99
Hack’s theorem
• Example of non-live (but safe) FCN
Deadlock
100
Summary of LSFC nets
• Largest class for which structural theory really helps
• Structural component analysis may be expensive (exponential number of MG and SM components in the
worst case)
• But… – number of MG components is generally small
– FC restriction simplifies characterization of behavior
101
Petri Net extensions
• Add interpretation to tokens and transitions– Colored nets (tokens have value)
• Add time– Time/timed Petri Nets (deterministic delay)
• type (duration, delay)• where (place, transition)
– Stochastic PNs (probabilistic delay)– Generalized Stochastic PNs (timed and immediate
transitions)
• Add hierarchy– Place Charts Nets
102
Summary of Petri Nets
• Graphical formalism• Distributed state (including buffering)• Concurrency, sequencing and choice made
explicit• Structural and behavioral properties• Analysis techniques based on
– linear algebra – structural analysis (necessary and sufficient only for
FC)
103
References
• T. Murata Petri Nets: Properties, Analysis and Applications
• http://www.daimi.au.dk/PetriNets/• Cortadella, J.; Kishinevsky, M.; Lavagno, L.; Yakovlev, A.
Synthesizing Petri nets from state-based models. 1995 IEEE/ACM International Conference on Computer-Aided Design. Digest of Technical Papers
104
Outline
• Part 3: Models of Computation– FSMs– Discrete Event Systems – CFSMs– Petri Nets – Data Flow Models– The Tagged Signal Model
105
Data-flow networks
• Kahn Process Networks• Dataflow Networks
– actors, tokens and firings
• Static Data-flow– static scheduling
– code generation
– buffer sizing
• Other Data-flow models– Boolean Data-flow
– Dynamic Data-flow
106
Data-flow networks
• Powerful formalism for data-dominated system specification
• Partially-ordered model (no over-specification)• Deterministic execution independent of
scheduling• Used for
– simulation
– scheduling
– memory allocation
– code generation
for Digital Signal Processors (HW and SW)
107
A bit of history
• Karp computation graphs (‘66): seminal work • Kahn process networks (‘58): formal model• Dennis Data-flow networks (‘75): programming
language for MIT DF machine• Several recent implementations
– graphical:• Ptolemy (UCB), Khoros (U. New Mexico), Grape (U. Leuven)• SPW (Cadence), COSSAP (Synopsys)
– textual:• Silage (UCB, Mentor)• Lucid, Haskell
108
Kahn Process networks
• Network of sequential processes running concurrently and communicating through single-sender single-receiver unbounded FIFOs.
• Process: mapping from input sequences to output sequences (streams)
• Blocking read: process attempting to read from empty channel stalls until the buffer has enough tokens
• Determinacy: the order in which processes are fired does not affect the final result
• Difficult to schedule– Dataflow Networks
…
Send();
…
…
Wait();
…
109
Determinacy
• Process: “continuous mapping” of input sequence to output sequences
• Continuity: process uses prefix of input sequences to produce prefix of output sequences. Adding more tokens does not change the tokens already produced
• The state of each process depends on token values rather than their arrival time
• Unbounded FIFO: the speed of the two processes does not affect the sequence of data values
Fx1,x2,x3… y1,y2,y3…
110
Scheduling
• Multiple choices for ordering process execution• Dynamic scheduling• Context switching overhead• Data-driven scheduling
– run processes as soon as data is available– boundedness
• Demand-driven scheduling– run a process when its output is needed as input by another process
• Bounded scheduling [Parks96]– define bounds on buffers, if program deadlocks extend capacity
A C
B
A
B
C
…
111
Data-flow networks
• A Data-flow network is a collection of actors which are connected and communicate over unbounded FIFO queues
• Actors firing follows firing rules– Firing rule: number of required tokens on inputs
– Function: number of consumed and produced tokens
• Breaking processes of KPNs down into smaller units of computation makes implementation easier (scheduling)
• Tokens carry values – integer, float, audio samples, image of pixels
• Network state: number of tokens in FIFOs
+
112
Intuitive semantics
• At each time, one actor is fired
• When firing, actors consume input tokens and produce output tokens
• Actors can be fired only if there are enough tokens in the input queues
113
Filter example
• Example: FIR filter– single input sequence i(n)– single output sequence o(n)– o(n) = c1 i(n) + c2 i(n-1)
* c1
+ o
i * c2
i(-1)
114
Filter example
• Example: FIR filter– single input sequence i(n)– single output sequence o(n)– o(n) = c1 i(n) + c2 i(n-1)
* c1
+ o
i * c2
i(-1)
i
115
Filter example
• Example: FIR filter– single input sequence i(n)– single output sequence o(n)– o(n) = c1 i(n) + c2 i(n-1)
* c1
+ o
i * c2
i(-1)
i i
116
Filter example
• Example: FIR filter– single input sequence i(n)– single output sequence o(n)– o(n) = c1 i(n) + c2 i(n-1)
* c1
+ o
i * c2
i(-1)
i i *c1
117
Filter example
• Example: FIR filter– single input sequence i(n)– single output sequence o(n)– o(n) = c1 i(n) + c2 i(n-1)
* c1
+ o
i * c2
i(-1)
i i *c1 *c2
118
Filter example
• Example: FIR filter– single input sequence i(n)– single output sequence o(n)– o(n) = c1 i(n) + c2 i(n-1)
* c1
+ o
i * c2
i(-1)
i i *c1 *c2 *c1
119
Filter example
• Example: FIR filter– single input sequence i(n)– single output sequence o(n)– o(n) = c1 i(n) + c2 i(n-1)
* c1
+ o
i * c2
i i *c1 *c2 *c1 +
120
Filter example
• Example: FIR filter– single input sequence i(n)– single output sequence o(n)– o(n) = c1 i(n) + c2 i(n-1)
* c1
+ o
i * c2
i i *c1 *c2 *c1 + *c2
121
Filter example
• Example: FIR filter– single input sequence i(n)– single output sequence o(n)– o(n) = c1 i(n) + c2 i(n-1)
* c1
+ o
i * c2
i i *c1 *c2 *c1 + *c2 +
122
Filter example
• Example: FIR filter– single input sequence i(n)– single output sequence o(n)– o(n) = c1 i(n) + c2 i(n-1)
* c1
+ o
i * c2
i i *c1 *c2 *c1 + *c2 + o
123
Filter example
• Example: FIR filter– single input sequence i(n)– single output sequence o(n)– o(n) = c1 i(n) + c2 i(n-1)
* c1
+ o
i * c2
i i *c1 *c2 *c1 + *c2 + o o
124
Examples of Data Flow actors
• SDF: Synchronous (or, better, Static) Data Flow
• fixed number of input and output tokens per invocation
• BDF: Boolean Data Flow• control token determines consumed and produced tokens
+
1
11
FFT1024 1024 10 1
select switchT FFT
TTTF TTTF
125
Static scheduling of DF
• Number of tokens produced and consumed in each firing is fixed
• SDF networks can be statically scheduled at compile-time – no overhead due to sequencing of concurrency– static buffer sizing
• Different schedules yield different – code size– buffer size– pipeline utilization
126
Static scheduling of SDF
• Based only on process graph (ignores functionality)• Objective: find schedule that is valid, i.e.:
– admissible
(only fires actors when fireable)
– periodic (cyclic schedule)
(brings network back to initial state firing each actor at least once)
• Optimize cost function over admissible schedules
127
Balance equations
• Number of produced tokens must equal number of consumed tokens on every edge
• Repetitions (or firing) vector vS of schedule S: number of firings of each actor in S
• vS(A) np = vS(B) nc
must be satisfied for each edge
np nc
A B
128
Balance equations
B C
A3
1
1
1
22
11
• Balance for each edge:– 3 vS(A) - vS(B) = 0
– vS(B) - vS(C) = 0
– 2 vS(A) - vS(C) = 0
– 2 vS(A) - vS(C) = 0
129
Balance equations
• M vS = 0
iff S is periodic• Full rank (as in this case)
• no non-zero solution
• no periodic schedule
(too many tokens accumulate on A->B or B->C)
3 -1 00 1 -12 0 -12 0 -1
M =
B C
A3
1
1
1
22
11
130
Balance equations
• Non-full rank• infinite solutions exist (linear space of dimension 1)
• Any multiple of q = |1 2 2|T satisfies the balance equations
• ABCBC and ABBCC are minimal valid schedules• ABABBCBCCC is non-minimal valid schedule
2 -1 00 1 -12 0 -12 0 -1
M =
B C
A2
1
1
1
22
11
131
Static SDF scheduling
• Main SDF scheduling theorem (Lee ‘86):– A connected SDF graph with n actors has a periodic
schedule iff its topology matrix M has rank n-1– If M has rank n-1 then there exists a unique smallest
integer solution q to
M q = 0• Rank must be at least n-1 because we need at least
n-1 edges (connected-ness), providing each a linearly independent row
• Admissibility is not guaranteed, and depends on initial tokens on cycles
132
Admissibility of schedules
• No admissible schedule:BACBA, then deadlock…
• Adding one token on A->C makesBACBACBA valid
• Making a periodic schedule admissible is always possible, but changes specification...
B C
A1
2
1
3
2
3
133
From repetition vector to schedule
• Repeatedly schedule fireable actors up to number of times in repetition vector q = |1 2 2|T
• Can find either ABCBC or ABBCC • If deadlock before original state, no valid schedule
exists (Lee ‘86)
B C
A2
1
1
1
22
11
134
From schedule to implementation
• Static scheduling used for:– behavioral simulation of DF (extremely efficient)– code generation for DSP – HW synthesis (Cathedral by IMEC, Lager by UCB, …)
• Code generation by code stitching(chaining custom code for each actor)
• Issues in code generation– execution speed (pipelining, vectorization)– code size minimization– data memory size minimization (allocation to FIFOs)
135
Code size minimization
• Assumptions (based on DSP architecture):– subroutine calls expensive
– fixed iteration loops are cheap (“zero-overhead loops”)
• Absolute optimum: single appearance schedulee.g. ABCBC -> A (2BC), ABBCC -> A (2B) (2C)
• may or may not exist for an SDF graph…
• buffer minimization relative to single appearance schedules
(Bhattacharyya ‘94, Lauwereins ‘96, Murthy ‘97)
136
• Assumption: no buffer sharing• Example:
q = | 100 100 10 1|T
• Valid SAS: (100 A) (100 B) (10 C) D• requires 210 units of buffer area
• Better (factored) SAS: (10 (10 A) (10 B) C) D• requires 30 units of buffer areas, but…• requires 21 loop initiations per period (instead of 3)
Buffer size minimization
C D1 10
A
B10
10
1
1
137
Dynamic scheduling of DF
• SDF is limited in modeling power – no run-time choice
– cannot implement Gaussian elimination with pivoting
• More general DF is too powerful– non-Static DF is Turing-complete (Buck ‘93)
– bounded-memory scheduling is not always possible
• General case: thread-based dynamic scheduling (Parks ‘96: may not terminate, but never fails if feasible)
138
Summary of DF networks
• Advantages:– Easy to use (graphical languages)– Powerful algorithms for
• verification (fast behavioral simulation)• synthesis (scheduling and allocation)
– Explicit concurrency
• Disadvantages:– Efficient synthesis only for restricted models
• (no input or output choice)
– Cannot describe reactive control (blocking read)
139
Quasi-Static Scheduling of Embedded Software Using
Free-Choice Petri Nets
Marco Sgroi, Alberto Sangiovanni-Vincentelli
Luciano Lavagno
University of California at Berkeley
Cadence Berkeley Labs
Yosinori WatanabeCadence Berkeley Labs
140
Outline
• Motivation
• Scheduling Free-Choice Petri Nets
• Algorithm
141
Embedded Software Synthesis
• System specification: set of concurrent functional blocks(DF actors, CFSMs, CSP, …)
• Software implementation: (smaller) set of concurrent software tasks
• Two sub-problems:
– Generate code for each task (software synthesis)
– Schedule tasks dynamically (dynamic scheduling)
• Goal: minimize real-time scheduling overhead
142
Petri Nets Model
143
Petri Nets Model
Schedule: t12, t13, t16...
a = 5c = a + b
t12 t13t16
144
Petri Nets Model
Shared Processor+ RTOS
Task 1
Task 2
Task 3
145
Classes of Scheduling
• Static: schedule completely determined at compile time
• Dynamic: schedule determined at run-time
• Quasi-Static: most of the schedule computed at compile time, some scheduling decisions made at run-time (but only when necessary)
146
Embedded Systems Specifications
Static
Quasi-Static
Dynamic
Specification Scheduling
Data-dependent Control(if ..then ..else, while ..do)
Real-time Control(preemption, suspension)
Data Processing (+, -, *...)
147
An example
i k2 + o
k1
Static Data Flow network
Example: 2nd order IIR filter o(n) = k2 i(n) + k1 o(n-1)
148
Data Processing
i *k2 + o
*k1
Schedule: i, *k2, *k1, +, o
IIR 2nd order filtero(n)=k1 o(n-1) + k2 i(n)
Schedule: i, *k1, *k2, +, o
149
Data computation (Multirate)
o
Fast Fourier Transform
i FFT o256 256
Schedule: ii…i FFT oo…. o
256 256i
Sample rate conversion
Multirate Data Flow network Petri Net
A B C D E2 7 73 82
F5
Schedule: (147A) (147B) (98C) (28D) (32E) (160F)
150
Data-dependent Control
i o>0
*2
/2
Schedule: i, if (i>0) then{ /2} else{ *2}, o
• Petri Nets provide a unified model for mixed control and data processing specifications• Free-Choice (Equal Conflict) Nets: the outcome of a choice depends on the value of a token (abstracted non-deterministically) rather than on its arrival time
151
Existing approaches• Lee - Messerschmitt ‘86
– Static Data Flow: cannot specify data-dependent control
• Buck - Lee ‘94
– Boolean Data Flow: scheduling problem is undecidable
• Thoen - Goossens - De Man ‘96
– Event graph: no schedulability check, no minimization of number of tasks
• Lin ‘97
– Safe Petri Net: no schedulability check, no multi-rate
• Thiele - Teich ‘99
– Bounded Petri Net: partial schedulability check, complex (reachability-based) algorithm
152
Scheduling FC Petri Nets
• Petri Nets provide a unified model for mixed control and dataflow specification
• Most properties are decidable
• A lot of theory available
• Abstract Dataflow networks by representing if-then-else structures as non-deterministic choices
• Non-deterministic actors (choice and merge) make the network non-determinate according to Kahn’s definition
• Free-Choice: the outcome of a choice depends on the value of a token (abstracted non-deterministically) rather than on its arrival time
153
Bounded scheduling (Marked Graphs)
• A finite complete cycle is a finite sequence of transition firings that returns the net to its initial state
• Bounded memory• Infinite execution
• To find a finite complete cycle solvef() D = 0
t1 t2 t3
T-invariant f() = (4,2,1)
2 22
t1t2
t3
No schedule
D =1 0-2 1 0 -2 f() D = 0 has no solution
154
Bounded scheduling (Marked Graphs)
• Existence of a T-invariant is only a necessary condition
• Verify that the net does not deadlock by simulating the minimal T-invariant [Lee87]
t1 t2 t3
T-invariant f() = (4,2,1)
2 2
t1 t22 3
23t3
T-invariant f() = (3,2,1)
Deadlock(0,0) (0,0) t1t1t1t1t2t2t4
= t1t1t1t1t2t2t4
Not enough initial tokens
155
Free-Choice Petri Nets (FCPN)
Marked Graph (MG)
Free-Choice Confusion (not-Free-Choice)
Free-Choice: choice depends on token value rather than arrival timeeasy to analyze (using structural methods)
156
t1 t2 t3 t5 t6
Bounded scheduling (Free-Choice Petri Nets)
t1 t2t3
t4
t5 t6
t7
t1 t2 t3 t5 t6
• Can the “adversary” ever force token overflow?
157
t1 t2 t4 t7
Bounded scheduling (Free-Choice Petri Nets)
t1 t2t3
t4
t5 t6
t7
t1 t2 t4 t7
• Can the “adversary” ever force token overflow?
158
Bounded scheduling (Free-Choice Petri Nets)
t1 t2t3
t4
t5t7
t6
• Can the “adversary” ever force token overflow?
159
Bounded scheduling (Free-Choice Petri Nets)
t1 t2t3
t4
t5t7
t6
• Can the “adversary” ever force token overflow?
160
Bounded scheduling (Free-Choice Petri Nets)
t1 t2t3
t4
t5t7
t6
• Can the “adversary” ever force token overflow?
161
Schedulability (FCPN)
• Quasi-Static Scheduling • at compile time find one schedule for every
conditional branch
• at run-time choose one of these schedules according to the actual value of the data.
={(t1 t2 t4),(t1 t3 t5)}
162
Bounded scheduling (Free-Choice Petri Nets)
• Valid schedule• is a set of finite firing sequences that return the net
to its initial state • contains one firing sequence for every combination
of outcomes of the free choices
t3
t2t1
t5
t4
Schedulable={(t1 t2 t4),(t1 t3 t5)}
t3
t2t1
t5
t4(t1 t2 t4)
t3
t2t1
t5
t4
(t1 t3 t5)
163
How to check schedulability
• Basic intuition: every resolution of data-
dependent choices must be schedulable
• Algorithm:
– Decompose (by applying the Reduction Algorithm) the
given Equal Conflict Net (FCPN with weights) into as
many Conflict-Free components as the number of
possible resolutions of the non-deterministic choices.
– Check if every component is statically schedulable
– Derive a valid schedule, i.e. a set of finite complete
cycles one for each conflict-free component
164
Allocatability(Hack, Teruel)
• An Allocation is a control function that chooses which transition fires among several conflicting ones ( A: P T).
• A Reduction is the Conflict Free Net generated from one Allocation by applying the Reduction Algorithm.
• A FCPN is allocatable if every Reduction generated from an allocation is consistent.
• Theorem: A FCPN is schedulable iff
– it is allocatable and
– every Reduction is schedulable (following Lee)
165
Reduction Algorithm
t6t1
t5
t4t2
t7
t6
t7
t1
t4t2
t4t2t6t1
t1
t5
t4
t7
t2t6
t6
t7
t1
t4t2
t1
t3 t5
t4t6
t2
t7
T-allocation A1={t1,t2,t4,t5,t6,t7}
166
How to find a valid schedule
t1
t2 t4
t5
t6
t7 t9
t8 t10
t3
Conflict Relation Sets:{t2,t3},{t7,t8}
T-allocations:
A1={t1,t2,t4,t5,t6,t7,t9,t10
}A2={t1,t3,t4,t5,t6,t7,t9,t10
}A3={t1,t2,t4,t5,t6,t8,t9,t10
}A4={t1,t3,t4,t5,t6,t8,t9,t10
}
167
Valid schedulet1 t2 t4
t5
t6
t7t9
t1
t3 t5
t6
t7t9
t1 t2 t4
t6t8 t10
t1
t3t5
t6t8 t10
(t1 t2 t4 t6 t7 t9 t5) (t1 t3 t5 t6 t7 t9 t5)(t1 t2 t4 t6 t8 t10) (t1 t3 t5 t6 t8 t10)
1086531
1086421
5976531
5976421
tttttt
tttttt
ttttttt
ttttttt
168
C code implementation
={(t1 t2 t1 t2 t4 t6 t7 t5) (t1 t3 t5 t6 t7 t5)}
t1
t3 t5
t4t22
t6 t7
Task 1:{ t1; if (p1) then{ t2; count(p2)++; if (count(p2) = 2) then{ t4; count(p2) = count(p2) - 2;} else{ t3; t5;} }}
Task 2:{ t6; t7; t5;}
p1
p3
p4
p2
169
Application example:ATM Switch
Input cells: accept?
Output cells: emit?
Internal buffer
Clock (periodic)
Incoming cells (non-periodic)
Outgoing cells
• No static schedule due to:– Inputs with independent rates
(need Real-Time dynamic scheduling) – Data-dependent control
(can use Quasi-Static Scheduling)
170
Petri Nets Model
171
Functional decomposition
4 Tasks
Accept/discard cell
Output time selector
Output cell enablerClock divider
172
Decomposition with min # of tasks
2 Tasks
Input cell processing
Output cell processing
173
Real-time scheduling of independent tasks
+ RTOS
Shared Processor
Task 1
Task 2
174
ATM: experimental results
Sw Implementation QSS Functional partitioning
Number of tasks 2 5
Lines of C code 1664 2187
Clock cycles 197526 249726
Functional partitioning (4+1 tasks) QSS (2 tasks)
175
Conclusion
• Advantages of Quasi-Static Scheduling:QSS minimizes run-time overhead with respect to Dynamic
Scheduling by
Automatic partitioning of the system functions into a minimum number of concurrent tasks
The underlying model is FCPN: can check schedulability before code generation
• Related work– Larger PN classes
– Code optimizations