**1. Introduction**

438 Petri Nets – Manufacturing and Computer Science

*Tsinghua University, Beijing, P.R. China* 

the IEEE . 77: 541-580.

Academic Publishers Group.

J. COMPUT. 13(3): 441-449.

international (UK) Ltd.

Fundamenta Informaticae. 47: 325-335.

*Pohang University of Science and Technology, Pohang, Korea* 

flexible manufacturing systems. Automatica. 34(9): 1083-1100.

Conference on Systems, Man, and Cybernatics. 1: 263-268.

Algorithm for Petri nets. SIGACT News. 29(4): 98-110.

Emerging Technologies and Factory Automation: 446-452.

[15] David (1992) Petri net and Grafcet: Prentice Hall International Ltd.

International Journal of Modelling & Simulation. 22(4): 201-212.

[1] Frank L. Lewis, Ayla Gurel, Stjepan Bogdan, Alper Doganalp and Octavian C. Pastravanu (1998) Analysis of deadlock and circular waits using a matrix model for

[2] Tadao Murata (1989) Petri Nets: Properties, Analysis and Applications. Proceedings of

[3] Gi Bum Lee, Han Zandong, Jin S. Lee (2004) Automatic generation of ladder diagram

[4] MengChu Zhou (1995) Petri nets in flexible and agile automation [M]. Boston: Kluwer

[5] Ernst W. Mayr (1984) An algorithm for the general Petri net reachability problem. SIAM

[6] Jeng S. Huang and Tadao Murata (1997) Classifications of Petri Net Transitions and Their Application to Firing Sequence and Reachability Problems. IEEE International

[7] Jorg Desel and Javier Esparza (1995) Free choice Petri nets: Cambridge University Press. [8] Kunihiko Hiraishi (2000) An Efficient Algorithm for Exploring State Spaces of Petri Nets with Large Capacities. IEICE Trans. Fundamentals. E83-A(11): 2188-2195. [9] Karsten Schmidt (2001) Narrowing Petri Net State Spaces Using the State Equation.

[10] Alexander E. Kostin and Svetlana A. Tchoudaikina (1998) Yet Another Reachability

[11] Toshiro ARAKI and Tadao KASAMI (1977) Some Decision Problems Related to the Reachability Problem for Petri nets. Theoretical Computer Science. 3: 85-104. [12] Iko Miyazawa, Haruki Tanaka, and Takashi Sekiguchi (1996) Classification of solutions of matrix equation related to parallel structure of a Petri Net. IEEE Conference on

[13] Tadashi Matsumoto and Yasushi Miyano (1998) Reachability criterion for Petri Nets with known firing count Vectors. IEICE Trans. Fundamentals. E81-A(4): 628-634. [14] Jaegeol Yim, Peter C. Nelson, and Tadao Murata (1994) Predicate-Transition Net

[16] Gi Bum Lee, Jin S. Lee (2002) Conversion of LD program into augmented PN graph.

[17] Gi Bum Lee, Han Zandong, Jin S. Lee (2003) Generalized State Equation of Petri nets

[18] Peterson (1981) Petri net theory and the modeling of systems: London: Prentice Hall

Reachability Testing Using Heuristic Search. T. IEE Japan. 114-C(9): 907-913.

with Priority. International Journal of Intelligent Systems. 18(11): 1145-1153.

with control Petri Net. Journal of Intelligent Manufacturing. 15(2): 245-252.

Han Zandong

**7. References** 

Jin S. Lee

Controller synthesis refers to finding a controller which is running in parallel with the system under study and preventing any violation from the given properties. Such a controller guarantees satisfaction of the desired properties; a controller makes an open-loop system to be closed-loop.

Controller synthesis can also be explained by game theory as a timed game with two players: environment and the controller. The strategy of the game determines the sequence of actions to be executed. In this context, the objective of controller synthesis is to find a strategy such that no matter what action is executed by the environment, the controller wins absolutely the game. Two main questions arise for the controller: the existence and possibility of implementation. The first question, *Control Problem* says given a system S and a property *ϕ*, does a controller *C* exist for the system S such that *C* running in parallel with S satisfies the property *ϕ* (S||*C* |= *ϕ*). And the second one is the *Controller Synthesis Problem*; if the mentioned controller exists, is there a solution to implement it? First, a system should be modeled and then, synthesized regarding the desired property.

Among various models used to describe the behavior of S, Timed Automata (*TA* in short) and Time Petri Nets (*TPN* in short) are the well-known. The properties studied in the TPN and TA for control purposes are classified in two main categories:


Some research has been done to find algorithms to control these kinds of properties for timed models (TA and TPN), such as [10, 11, 20]. Two known methods in the literature are the backward *fix point* method and the backward/forward *on-the-fly* method. Both methods

are based on computing controllable predecessors of abstract states (state zones). This computation involves some expensive operations such as computing differences between abstract states (state zones).

marking *M*� defined by: ∀*p* ∈ *P*, *M*�

*CF*(*M*,*t*) = *t*

, *t*) = {*t*

*θ* → *q*�

i.e.: *tf* ∈ *En*(*M*), *ν*(*tf*) ≥↓ *Is*(*tf*), ∀*p* ∈ *P*, *M*�

initial marking and *Id*0(*t*) = *Is*(*t*), for *t* ∈ *En*(*M*0).

, *Id*�

relation −→ over states is defined as follows:

(*ti*) = 0, if *ti* ∈ *New*(*M*�

progression of *θ* time units, i.e.:

 *t*�∈*En*(*M*)

*tf*

), *ν*�

transition can fire [5].

Let (*M*, *Id*) and (*M*�

enabled in *M*� iff *t*

*tf* ∈ *T*. We write *q*

We write *q*

∀*ti* ∈ *En*(*M*�

*New*(*M*�

denote *New*(*M*�

� ∈ *En*(*M*)|*t*

� ∈ *En*(*M*�

marking (required tokens disappear while produced ones appear).

Let *t* ∈ *En*(*M*) and *M*� the successor marking of *M* by *t*, a transition *t*

, *t*) the set of transitions newly enabled *M*�

)|*t* = *t*

set of transitions enabled for *M*:

(*p*) = *M*(*p*) − *Pre*(*p*, *t*) + *Post*(*p*, *t*). We denote *En*(*M*) the

A Forward On-The-Fly Approach in Controller Synthesis of Time Petri Nets 441

�

, by firing *t* from *M*:

(*p*) − *Post*(*p*, *t*) < *Pre*(*p*, *t*

) + *Pre*(*p*, *t*). (2)

� is said to be newly

�

(*tj*) = *ν*(*tj*) + *θ*. (4)

)}. (3)

*En*(*M*) = *t* ∈ *T*|∀*p* ∈ *P*, *Pre*(*p*, *t*) ≤ *M*(*p*). (1)

For *t* ∈ *En*(*M*), we denote *CF*(*M*,*t*) the set of transitions enabled in *M* but in conflict with *t*:

� ∨ ∃*p* ∈ *P*, *M*�

There are two known characterizations for the TPN state. The first one, based on clocks, associates with each transition *ti* of the model a *clock* to measure the time elapsed since *ti* became enabled most recently. The TPN clock state is a couple (*M*, *ν*), where M is a marking and *<sup>ν</sup>* is a clock valuation function, *<sup>ν</sup>* : *En*(*M*) <sup>→</sup> **<sup>R</sup>**+. For a clock state (*M*, *<sup>ν</sup>*) and *ti* <sup>∈</sup> *En*(*M*), *ν*(*ti*) is the value of the clock associated with transition *ti*. The initial clock state is *q*<sup>0</sup> = (*M*0, *ν*0) where *ν*0(*ti*) = 0, for all *ti* ∈ *En*(*M*0). The TPN clock state evolves either by time progression or by firing transitions. When a transition *ti* becomes enabled, its clock is initialized to zero. The value of this clock increases synchronously with time until *ti* is fired or disabled by the firing of another transition. *ti* can fire, if the value of its clock is inside its static firing interval *Is*(*ti*). It must be fired immediately, without any additional delay, when the clock reaches ↑ *Is*(*ti*). The firing of a transition takes no time, but may lead to another

Let *<sup>q</sup>* = (*M*, *<sup>ν</sup>*) and *<sup>q</sup>*<sup>0</sup> = (*M*0, *<sup>ν</sup>*0) be two clock states of the TPN model, *<sup>θ</sup>* <sup>∈</sup> **<sup>R</sup>**<sup>+</sup> and

*ν*(*t*) + *θ* ≤ ↑ *Id*(*ti*), *M*� = *M*, *and* ∀*tj* ∈ *En*(*M*�

, *tf*), *ν*�

The second characterization, based on intervals, defines the TPN state as a marking and a function which associates with each enabled transition the time interval in which the

The TPN state is defined as a pair (*M*, *Id*), where *M* is a marking and *Id* is a firing interval function (*Id* : *En*(*M*) <sup>→</sup> **<sup>Q</sup>**<sup>+</sup> <sup>×</sup> (**Q**<sup>+</sup> ∪ {∞})). The initial state is (*M*0, *Id*0) where *<sup>M</sup>*<sup>0</sup> is the

, also denoted *q* + *θ*, iff state *q*� is reachable from state *q* after a time

(*ti*) = *ν*(*ti*) otherwise.

) be two states of the TPN model, *<sup>θ</sup>* <sup>∈</sup> **<sup>R</sup>**<sup>+</sup> and *<sup>t</sup>* <sup>∈</sup> *<sup>T</sup>*. The transition

→ *q*� iff state *q*� is immediately reachable from state *q* by firing transition *tf* ,

), *ν*�

(*p*) = *M*(*p*) − *Pre*(*p*, *tf*) + *Post*(*p*, *tf*), and

� = *t* ∨ ∃*p* ∈ *P*, *M*(*p*) < *Pre*(*p*, *t*

� is not enabled in the intermediate marking (i.e., *M* − *Pre*(., *t*)) or *t*� = *t*. We

In this chapter, we discuss an efficient approach to check whether a safety / reachability controller in time Petri nets exists or not [13]. Our approach is a completely forward on-the-fly algorithm based on the state class graph method. Unlike approaches proposed in [10, 11, 20] based on the state zone graph method, our approach does not need to compute controllable predecessors. It consists of exploring the state class graph while extracting sequences leading to undesired states and determining subclasses to be avoided. The state class graph is a suitable choice for the forward on-the-fly exploration. Using the state class graph method, the exploration algorithm converges fast and does not need any over-approximation operation to enforce the convergence.

This chapter is organized as follows: The definition of time Petri nets and its semantics as well as the state graph method come in Section 2. In Section 3, after a short survey on the control theory, previous algorithms and related work are discussed. The algorithm proposed in this chapter is developed in Section 4. Finally, Section 5 presents the conclusion and future work.
