Safety Slicing Petri Nets

We define a safety slice as a subnet of a marked Petri net Σ that approximates Σ’s temporal behavior with respect to a set of interesting places Crit. This safety slice can be used to verify and falsify stutter-invariant linear-time safety properties when Crit is the set of places referred to by the safety property. By construction it is guaranteed that the safety slice’s state space is at most as big as that of the original net. Results on a benchmark set demonstrate effective reductions on several net instances. Therefore safety slicing as a net preprocessing step may achieve an acceleration for model checking stutter-invariant linear-time safety properties. Slicing is a technique to syntactically reduce a model in such a way that at best the reduced model contains only those parts that may influence the property the model is analyzed for. It originated as a method for program debugging[16] but has found applications in many other domains. We here introduce a slicing approach tailored to Petri nets as a means to alleviate the state space explosion problem for model checking Petri nets. We present a safety slicing algorithm that determines what parts of a marked Petri net Σ can be sliced away (i.e. discarded) so that the remaining net is equivalent to the original w.r.t. a stutter-invariant linear-time safety property ψ. The remaining net is called safety slice Σ and is built for a so called slicing criterion Crit. We will formally show that safety slices allow for verification and falsification of stutter-invariant linear-time safety properties. Hence when one wants to examine whether a marked Petri net Σ satisfies a stutter-invariant linear-time safety property ψ, the safety slice may be examined instead. The safety slice may have a substantially smaller state space, yielding an acceleration in model checking. As the safety slicing algorithm is linear in the size of the net Σ (not its state space!), even when slicing does not accelerate model checking, the overhead will usually be insignificant. In [11] we presented a more conservative slicing algorithm. There we introduced CTL-X slices, which preserve CTL ∗ -X properties assuming a weak fairness assumption on the original net Σ. By definition a safety slice for Crit is a subnet of the CTL-X slice for Crit, so that safety slicing offers the potential to generate smaller slices than the CTL-X preserving algorithm but sacrifices the preservation of liveness properties. ⋆ This work is partly supported by the German Research Foundation (DFG) as part of the Transregional Collaborative Research Center “Automatic Verification and Analysis of Complex Systems”.