A simple Suboptimal siphon-based control model of a well-known S3PR

Asian Journal of Control, Vol. 14, No. 1, pp. 163 172, January 2012Published online 23 December 2010 in Wiley Online Library (wileyonlinelibrary.com) DOI: 10.1002/asjc.292

A SIMPLE SUBOPTIMAL SIPHON-BASED CONTROL MODEL OF A

WELL-KNOWN S3PR

Daniel Chao and Guan Jun Liu

ABSTRACT

Siphon-based deadlock control suffers from reaching fewer states thanthe maximally permissive one. We report an alternative control to reach thesame good states as that based on the theory of regions, but with fewer moni-tors, by refining some monitors into several monitors with smaller controllerregions. More states can be reached since the controller region is less disturbedby covering only a place in a subregion where only one place is marked atany reachable marking. Formal proof of the correctness is provided.

Key Words: Petri nets, deadlock, control, siphon, optimization.

I. INTRODUCTION

The flexible manufacturing system (FMS) [1–30]has emerged over the past twenty years as a new type ofmanufacturing system. Deadlocks may occur during itsoperation, which are undesirable phenomena in a highlyautomated FMS [1].

Ezpeleta et al. pioneer a class of Petri net(PN) called systems of simple sequential processeswith resources (S3PR) [2]. Liveness can be enforced byadding a control place to each emptiable siphon toprevent it from becoming unmarked. However, thismethod generally requires adding too many controlplaces.

Furthermore, to avoid the generation of newsiphons, Ezpeleta et al. [2] move all output (calledType-2, or source) arcs of each control place to theoutput (called source) transition of the entry (calledthe idle place) of input raw materials to limit their

Manuscript received July 13, 2009; revised October 30, 2009;accepted August 16, 2010.Daniel Yuh Chao (corresponding author) is with the Depart-

ment of Management Information Systems, National ChengchiUniversity, 64 Chih-Nan Road, Sec. 2, Taipei City 116, Taiwan(e-mail: [email protected]).Guan Jun Liu is with the School of Electronic and

Informational Engineering, Department of Computer Scienceand Technology, Tongji University, Shanghai, China (e-mail:[email protected]).

rate of input into the system, called the strict minimalsiphon (SMS)-less approach. This may overly constrainthe system so that many reachable states are nolonger attainable.

Li and Zhou [3, 4, 19–22] propose simpler Petrinet controllers using the concept of elementary siphonsto minimize the number of control places. They add acontrol place for each elementary siphon without gener-ating new siphons, while controlling dependent siphonstoo. This leads to much fewer control places to be suit-able for large Petri nets. However, the number of goodstates for the S3PR in Fig. 1 is only around one third ofthat in [5, 6].

Li and Zhou propose [7] a two-stage approach.First, they find siphons (and add monitors) that needto be controlled using a mixed integer programming(MIP) method to avoid complete siphon enumeration.Second, they rearrange the output arcs of the monitorsproviding that liveness is still preserved. Experimen-tally, it is more efficient and results in more permissiveand structurally simpler liveness-enforcing supervisorsthan existing ones.

All output arcs of a monitor in the first stage areadded to the source transitions of the plant net modelto avoid generation of new siphons (and the associatedcontrol elements). However, in the worst case, all prob-lematic siphons may need monitors. Furthermore, MIPis NP-hard. Also, the number of good states for thewell-known S3PR in Fig. 1 is only 15 999, less than thenear optimal one in [7]. Hence, it is desirable to reduce

q 2010 John Wiley and Sons Asia Pte Ltd and Chinese Automatic Control Society

164 Asian Journal of Control, Vol. 14, No. 1, pp. 163 172, January 2012

Fig. 1. A well-known S3PR in [2].

the number of MIP iterations by as many as possiblewhile making it maximally permissive.

Uzam [8] develops a method to synthesize optimalliveness-enforcing supervisors for FMS based on thetheory of regions. Although such an optimal super-visor, if existing, can always be achieved it needs toperform complete state enumeration and solve the NP-hard integer linear programming problem. In addition,some monitors are redundant.

Uzam and Zhou [10, 11] apply region analysis(RA) to the S3PR in Fig. 1. The benchmark reaches26 750 states, where 21 581 are good states. Thereare 5299 elements in the set of marking/transitionseparation instances, denoted by �. This implies that5299 linear programming problems (LPPs) have to besolved to find an optimal liveness-enforcing supervisorwith 21 581 reachable states in the controlled system.However, |�| (cardinality of �) grows exponentiallywith respect to the size of a plant model and initialmarking. It is clearly infeasible to solve |�| LPPs foreither a sizable net or a small net with a sizable initialmarking.

To relieve this problem, Uzam and Zhou proposein [10] an iterative way with less computational cost.They divide a reachability graph into a deadlock-zone(DZ) and a deadlock-free zone (DFZ). A first-metbad marking (FBM) is selected from the DZ at each

iteration, then a control place is added to prevent thebad marking from being reached by constructing aplace invariant (PI) of the Petri net. Uzam and Zhou[10] further improve the approach in [11] in two aspectsby: (i) reducing a net model [12] to construct the reach-ability graph with less computational overhead; and(ii) proposing a simplification for the invariant-basedcontrol approach.

Although easy to use and straightforward, thismethod cannot guarantee the optimality in general. Itreaches 21 562 states, 19 states short of the optimalone, representing 0.088%. It is interesting (as we willpropose in this paper) to construct a siphon-basedcontrolled model with the same 21 562 states withoutthe need to compute the reachability graph.

Piroddi et al. [5, 6] develop a selective siphoncontrol approach to get maximally permissive super-visors for the well-known S3PR in Fig. 1. A set ofsiphons is selected by solving a set covering problemduring each iteration which explores the relationsbetween uncontrolled siphons and critical markings(under which at least one siphon is empty). By control-ling the selective siphons, all the critical markings areforbidden to make all uncontrolled siphons controlled.They claim that it is maximally permissive and employsminimal number of monitors for the well-known S3PRin Fig. 1. However, the computation is expensive.


D. Chao and G. J. Liu: A Simple Suboptimal Siphon-Based Control Model of a Well-Known S3PR 165

Table I. Control elements for the S3PR in Fig. 1.

Vi∗Vi Vi∗ M0(Vi ) S

1 t10t16 t9t15 2 basic (S1)2 t5t10t13t17 t3t8t11t15 5 basic (S4)3 t4t13 t3t11 2 basic (S10)4 t10t17 t8t15 3 compound (S15)5 t9t17 t8t16 2 basic (S16)6 t3t8t19 t1t17 5 basic (S17)7 t8t18 t7t17 2 basic (S18)8 t8t17 t7t16 3 control SMS9 t10t17 t7t15 4 new SMS10 t5t8t13t17 t7t3t11t15 6 new SMS11 t5t10t19 t1t15 9 new SMS

∗Basic (S1, S4, S10, S16, S17, S18) and compound (S15) siphons are shown in Tables I & II in [15].

Although they have improved the performanceusing MIP and LPP to reduce the time to enumerateminimal siphons, the MIP used remains NP-hardand a number of iterations are required, and duringeach iteration redundant monitors must be identifiedbased on the method in [13], which entails exponen-tial time complexity. Thus, the computational burdenremains high.

Furthermore, unlike that in [10, 11], quite a fewcontrol arcs are weighted rendering the net to be ageneral Petri net (GPN). The traditional MIP methodcannot be extended to GPN. Hence, Piroddi et al. trans-form weighted arcs into ordinary ones, which some-times may cause unnecessary deadlocks as mentionedin [5, 6].

In an earlier paper [14], we show that any strictminimal siphon (SMS) can be synthesized from astrongly connected resource subnet (called a coresubnet). We also propose to synthesize elementary(resp. dependent) siphons from resource, called basiccircuits (resp. subnets). They are also called basic (resp.compound) siphons. Several basic siphons make up acompound siphon. It [14] has been shown that basicand compound siphons correspond to elementary anddependent siphons, respectively when the above basiccircuits intersect at a single resource place. We propose[17] to add monitors to each basic siphon built fromelementary resource circuits [14] and find conditionsfor a compound siphon built from compound resourcecircuits to be already controlled. We show that ifwe assign monitors to basic siphons first, then manycompound siphons are already controlled and needno monitors. The converse is not true; even thougha compound siphon is controlled; all basic siphonsremain uncontrolled and monitors are needed for eachof them. This avoids some redundant monitors andbecomes more permissive.

The presence of control places may induce newemptiable (called control) siphons. From these controlsiphons, one can derive mixture siphons. In [25], wecategorize emptiable siphons into basic, compound,control and mixture siphons and derive their controlla-bility. If one carefully selects a sequence of emptiablesiphons to add monitors, the number of monitorsrequired can be reduced.

Thismethoddoesnotneed toenumerateallminimalsiphons, nor to compute the reachability graph. Also noiterations are required and there is no need to removeredundant monitors. Hence, the computation burden ismuch less than thosebyUzamandZhouaswell asPiroddiet al. In addition, no control arcs are weighted.

Furthermore, Lemma 4 in [18] indicates that it isrelatively easy to identify elementary resource (calledbasic) circuits cb between two neighboring workingprocesses (WP). This plus Lemma 6 (all places in anycb must be resource places) in [18] simplifies the searchfor cb. There is no need to search circuits containingfar-away resource places. Furthermore, it is easy to findcb (normally formed among adjacent sharing resourceplaces) when resource places between two adjacentworking processes (WP) are arranged in reverse order.

However, the resulting model (Table I) of theS3PR in Fig. 1 reaches fewer (21 363) states than theone (21 562) in [10, 11], but with 11 monitors and 54control arcs fewer than 19 monitors and 112 controlarcs reported in [10] (reduced to 17 monitors in [13]).This paper proposes a technique to refine a monitorinto three monitors with smaller controller regions toreach the same 21 562 states stated above.

The rest of this paper is organized as follows.Section II presents the approach, followed by the theorypresented in Section III for dependence or redundantrelationships. The near optimal controlled model ispresented in Section IV. Section V concludes the paper.



II. APPROACH

A P-invarant Y is a place vector where the sumof tokens in the set (denoted by ‖Y‖, the support ofY ) of places with Y (p) �=0 (assuming these Y (p)=1to simplify discussion) is a constant for ordinary Petrinets. The complementary set of a siphon S (denotedby S) plus S form the support of a P-invarant Y in anS3PR; i.e., S∪[S]=‖Y‖. When S becomes empty oftokens (M(S)=0), all tokens initially in S (denotedby M0(S)) have moved to [S]. If [S] is covered by(a subset of) the support of another P-invarant Y ′(i.e., [S]⊂‖Y ′‖) and M0(S)>M0(‖Y ′‖), then maxM([S])<M0(‖Y ′‖)<M0(S), or M(S)>0 and S cannever become empty. Otherwise, some tokens in [S]may be blocked in [S]\‖Y ′‖ and stay outside ‖Y ′‖. Sremains empty and the invariant Y ′ fails to control S.

‖Y ′‖ includes a monitor place, denoted by VS , anda subset of operation places in the original controllednet N , denoted by [VS] so that VS plus [VS] equals ‖Y ′‖.Adding monitor VS to N , disturbs the net behavior andcauses some states to be no longer reachable. [VS] isset to [S] to disturb N the least.

This method (called Method I) adds exactly onemonitor for each problematic siphon. To reach morestates, one may add more than one monitor (calledMethod II) for each SMS S since the token distributionin [S] (when M(S)=0) may be affected by the monitorsadded earlier. In this case, [VS] no longer covers [S] asa subset. Instead, [VS]⊂[S]. But as said earlier, when[VS]⊂[S], S may not be controlled. We will resolvethis dilemma in Section IV.

MIP is NP-hard and it is desired to reduce thenumber of MIP iterations as many as possible, whilemaking it maximally permissive. To do so, the orig-inal uncontrolled model should be disturbed as little aspossible and each SMS S be allowed to reach its limitstate; i.e., Mmin(S)=1.

Our approach is based on the concept of basic(Table I) and compound siphons (Table II) in [14] builtfrom elementary and compound circuits. It is easierto find basic (synthesized from elementary resourcecircuits) siphons than compound ones (synthesized fromcompound resource circuits). Two tiny basic siphonsmay compose a compound one that is larger than eachbasic one by having more places. The controller regionof each basic siphon is less disturbed than that of thecompound siphon. That is, let N be a net with siphons S1and S2 and |S1|> |S2|; i.e., S1 has more places than S2.Then, most likely, |[S1]|> |[S2]|. Since [V ]=[S], onehas that |[V1]|> |[V2]| and hence S2 is less disturbed.

By assigning monitors to basic siphons first, manycompound siphons may be already controlled. The

converse does not hold. Thus the sequence of addingmonitors [25] is important to avoid redundant monitors.

For the S3PR (with different initial markings) inFig. 1, there are 18 SMS and one may get 18 monitors(versus 19 for the one in [10, 11]) in the worst case,even though no new SMS is generated.

In conclusion, we need a better way to derive thecorrect sequence of unmarked minimal siphons. It isbetter to derive all basic siphons before any compoundsiphon. Thus, nomatter what, monitors for basic siphonsare always needed, while those for compound siphonsmay be redundant. Thus, we will always assign moni-tors to basic siphons first, and assign monitors tocompound siphons only if needed.

Afterwards, wemay run anMIP test to find and addmonitors for unmarked siphons until no more unmarkedones. However, it may not reach as many states as theoptimal one. It can be increased by refining some moni-tors V into more than one new monitor. The controllerregion of each such new monitor is smaller than that ofV . Thus, it is less disturbed and can reach more states.

III. REDUNDANT CONDITION

We propose the theory below to decide whether amonitor to a compound siphon is redundant. Each basicsiphon needs a monitor since it has been shown in [14]that each basic siphon is an elementary one. Recall thatthe controller region should be as small as possible. Itis easy to see that basic siphons synthesized from basiccircuits create a smaller controller region than that fromcompound siphons. In the sequel, we assume such andderive simplified dependent conditions.

Definition 1. A resource circuit in an S3PR is a circuitwhere all places are resource ones. An elementaryresource circuit (defined as basic circuit, denoted by cb)is an elementary and also a resource circuit. The siphonconstructed from cb is called a basic siphon. The set ofresource places in cb is denoted by Rb. A compoundcircuit c0 is a circuit consisting of multiply intercon-nected elementary circuits c1,c2, . . . ,cn (denoted byc0=c1oc2o . . .ocn) such that ci ∩c j ={r}, r ∈ R (i.e., ciand c j intersect at a resource place r ) iff |i− j |=1.

Definition 2 ([17]). Let S0 (resp. S1, S2, . . ., andSn) be a compound siphon (resp. basic siphons)built from compound circuit c0 (resp. basic circuitsc1,c2, . . ., and cn) in an S3PR. S0 is said to dependon S1, S2, . . ., and Sn , denoted by S0= S1oS2, . . . ,oSn ,iff c0=c1oc2o . . .ocn . Siphon S is said to be limit-controlled if M0 for the control place of S is set toM0(p)=M0(S)−1 such that Mmin(S)=1.



Lemma 1 ([17]). For S0, S1, S2, . . . , and Sn in Def.2 that satisfies [S0]=[S1]∪[S2]∪ . . .∪[Sn] and [Si ]∩[S j ]=� ∀i, j ∈{1,2, . . . ,n}, i �= j , (1) Mmax ([S0])=∑n

i=1 Mmax ([Si ]). (2) S0 is limit-controlled, iffM0(S0)−∑n

i=1(M0(Si )−1)=1.

Theorem 1 ([17]). Let S0= S1oS2, . . . ,oSn , [S0]=[S1]∪[S2]∪ . . .∪[Sn] and [Si ]∩[S j ]=� ∀i ∈{1,2, . . . ,n}, Si is limit-controlled by adding Monitor VSi ,bi =M0(ri ), and Si ∩Si+1={ri } (i �=n). S0 is limit-controlled without adding a monitor iff bi =M0(ri )=1,∀i ∈{1,2, . . . ,n−1}.

Please see Fig. 1(a) in [26] for an example. Notethat once all basic siphons (S1, S2, . . . , Sn) are identified,so will be all compound ones since S0= S1oS2, . . . ,oSnand any compound siphon S′ is of the form S′ =SioSi+1, . . . ,oS j−1oS j , which can be easily computedusing the method in [18] as all Si , Si+1, . . . , , S j−1, S jhave been found.

Furthermore, we have developed theory to effi-ciently extract SMS incrementally rather than thetraditional global approach. Only a linear number ofbasic siphons needs to be searched. Adding and deletingcommon sets of places from existing ones (called thecomposition method), one can derive the compoundsiphons with much reduced search time.

Consider the well-known S3PR in Fig. 1. V1−V7(except V4) in Table I are monitors added for the basicsiphons. Let Si, j = SioS j , bi, j =M0(r), Si ∩S j ={r}.We have bi, j =1, i �= j for all basic siphons Si and S jexcept for S1,16= S15, b1,16=2; we add a monitor VS15.Now, all Si, j are controlled and for all the rest compoundsiphons, let Si, j,k = SioS joSk = Si, j oSk , bi, j,k =M0(r),Si, j ∩Sk ={r}. We have bi, j,k =1, for all basic siphonsSi , S j and Sk , i �= j �=k, i �=k. Thus, they are alreadycontrolled and need no control elements since both Si, jand Sk are controlled and the condition in Theorem 1holds for n=2. Afterwards we perform MIP tests tofind emptiable siphons and add control elements.

Definition 3. An n-compound siphon is a compoundsiphon depending on n basic siphons.

In general, we add a monitor for each basic siphon.Then we add a monitor for each 2-compound siphon ifit does not satisfy the condition in Theorem 1.

IV. CONTROLLED MODEL

We first define the partial controlled model wherewe add monitors such that all basic siphons and

dependent siphons are controlled based on the theorypresented in the last section.

Definition 4. Let (N ,M0) be a marked S3PR (P∪P0∪PR,T,F,W ). The net (NA,M0A)=(P∪P0∪PR∪PA,T,F∪FA,W ∪WAM0A) is the partial-controlled system of (N ,M0) iff: (i) PA={VS|VSis a monitor to a basic or a dependent siphon} is theset of monitor places such that all basic siphons anddependent siphons are controlled; (ii) FA⊆(PA×T )∪(T ×PA) is the set of control arcs; and (iii) ∀VS ∈ PA,WA(t,VS)=1, ∀t ∈[S]•\•[S], WA(VS, t)=1, ∀t ∈•[S]\[S]•, and (WA(t,VS)=WA(VS, t)=0), for allother t ∈T .

M0A is defined as follows:

(a) ∀p∈ P∪P∪PR , M0A(p)=M0(p)(b) ∀VS ∈ PA, M0(VS)=M0(S)−1

The introduction of control places may createnew unmarked siphons. We perform MIP tests upon thepartial-controlled system of (N ,M) to find emptiablesiphons and add control elements and the processcontinues until no siphon can become unmarked. MIPis NP-hard implying that the problem is decidable; thatis it can be solved and hence the solution process isconverging to end after some iterations.

Alternatively, we may add monitors to new SMSsynthesized from new control circuits (all places in thecircuits are control ones) created due to the introductionof control places in the partial-controlled model. Theset of such new SMS can be judiciously selected so thatall the rest new SMS also get controlled.

The resulting model is shown in Table I where wehave added 11 monitors and 54 control arcs. It reaches21 363 (slightly less than 21 562 in [10]) good states.

The last column in Table I shows the siphoncontrolled by the monitor. There are four new monitors(Table II) associated with the new problematic siphonsgenerated by monitors V1−V8 and their control arcs.Table II lists the corresponding circuits and siphons forthe four new monitors. V8 is a (called control) siphonbuilt from two adjacent monitor places V5 and V7,which are built also from two adjacent resource places.There are other control siphons built from two adjacentmonitor places, but they are already controlled andhence need no monitors. The corresponding theory hasbeen discussed in [25].

We further propose to refine or expand somecontrol place (Method II) into several smaller monitorones to reach more states. In this method, it no longerholds that [S]⊆[VS] (Method I). Rather, [VS]⊂[S].Upon the completion of each MIP iteration, we select[VS] to be exactly of the set (denoted by A) of



Table II. Circuits and siphons for the 4 new problematic siphons in Table I.

V C Sn

8 [t8 V7 t17 V5 t8] {V7,V5, p12, p17}9 [t8 V7 t17 V4 t8] {V7,V8, p22,V4, p17, p10}10 [t8 V8 t16 p22 t5 p24 t4 p21 t8] {V8, p2, p4, p21, p22, p24, p18, p10}11 [t8 V6 t17 V2 t8] {V2,V8,V6, p2 p3, p10, p15, p20, p22, p23, p25}

marked operation places. As a result, [VS]⊂[S] (resp.[VS]=[S]) at later (resp. initial) stages of the MIPiteration. However, as mentioned earlier, this may makeS unmarked. We shall prove later that this is not thecase. We first employ the invariant approach by settingup a set of equations. Afterwards, we will prove ittheoretically and make it intuitively clear.

Monitor V9 controls siphon Sa ={V7,V8 (or p26 orV5), p22,V4, p17, p10} associated with control circuitc=[t8 V7 t17 V4 t8]. Next c is capped with TP-handle[t17V8 (or p26 or V5) t16 p22 t10 V4] to become �[25]. Performing the handle-construction procedure, Sa

(called a capping siphon) is obtained with complemen-tary siphon [Sa]={p11, p12, p13, p18, p19}. Dependingon which place of V8, p26, and V5 is included in theabove TP-handle, a slightly different Sa is obtained.All these three Sa share the same complementarysiphon [Sa].

In order to empty Sa , all places in � must beemptied; we have

M(p11)=2, M(p19)=1, M(V4)=0,

M(V7)=0, and

M([Sa])=M(p11)+M(p12)+M(p13)+M(p19)

+M(p18)=5.

(1)

Based on these equations, p12 and p13 cannot besimultaneously marked. Otherwise, M(p18)=0 andnone of V8, p26, and V5 is unmarked and hence none ofthe three Sa is unmarked. Thus, M(p12)+M(p13)≤1and controller region [Sa] can be separated intothree smaller regions: SG1={p11, p18, p19}, SG2={p11, p12, p18, p19} and SG3={p11, p13, p18, p19} toreach more states. Note that there is no need to adda monitor for SG1 since SG1⊂SG2 and M0(Sa)>M(SG2)≥M(SG1) for any reachable marking M . As aresult, Monitor V9 is refined into two newmonitors V9−1and V9−2; •V9−1={t9 t17}, V ′•

9−19={t7 t15}, •V ′′9−2=

{t8 t10 t17} and V •9−2={t7 t9 t15}. After adding V9,

maxM([Sa]) = M(p11)+M(p12)+M(p13)+M(p19)

+M(p18)=M0(V9)=4 (2)

Monitor V11 controls siphon Sb={V2,V6,V8 (orp26 or V5), p10, p15, p20, p22, p23} associated withresource circuit c=[t8 V6 t17 V2t8]. Next, c is expandedby adding path [V2t3V6] to become c′. Now c′is capped (or added upon) with two TP-handles:[t3 p23 t2 p20 t19 V6] and [t17 V8 (or p26 or V5)t16 p22 t10 V2] to become �. Performing the handle-construction procedure, Sb is obtained with comple-mentary siphon [Sb]={p6, p7, p8, p9, p11, p12, p13,p16, p17, p18, p19}. Depending on which place of V8,p26, and V5 is included in the above TP-handle, aslightly different Sb is obtained. All these three Sb

share the same complementary siphon [Sa].In order to empty Sb, all places in � must be

emptied, we have

M(V2) = 0,M(V6)=0,M(p7)=2,M(p6)=1,

and M(p19)=1 (3)

where

(a) M(V2)=0 implies M([V2])=M0(V2)=5 or

M(p6)+M(p7)+M(p11)+M(p16)+M(p17)

=M0(V2)=5 (4)

(b) M(V6)=0 implies M([V6])=M0(V6)=5 or

M(p8)+M(p9)+M(p12)+M(p13)+M(p19)

+M(p18)=M0(V6)=5 (5)

Based on these equations, p16 and p17 cannotbe simultaneously marked. Otherwise, M(p11)=0[from (4)] and M(p25)=1 since M(p25)+M(p11)+M(p16)=M0(p25)=2, M(p16)=M(p17)=1 [M(p16)+M(p17)≤2 from (4)]. Now t18 is enabled violating thefact that the net is dead.

Also, in order to reach more states, set (Mmax([Sa])=M(p11)+M([Sa]\{p11}))=4. Thus, either(a) M(p11) is reduced from 2 to 1 [From (1),M([Sa]\{p11})=3, when M([Sa])=5 and M(p11)=2] or (b) M([Sa]\{p11})) is reduced from 3 to 2.Only a) [i.e., M(p11)=1] affects the marking in[Sb]\[Sa]. Now from (3) and (4), M(p6)+M(p7)+



Table III. Refined controlled model for the S3PR in Fig. 1.

Vi∗Vi Vi∗ M0(Vi ) S

1 t10t16 t9t15 2 basic (S1)2 t5t10t13t17 t3t8t11t15 5 basic (S4)3 t4t13 t3t11 2 basic (S10)4 t10t17 t8t15 3 compound (S15)5 t9t17 t8t16 2 basic (S16)6 t3t8t19 t1t17 5 basic (S17)7 t8t18 t7t17 2 basic (S18)8 t8t17 t7t16 3 control SMS9 t9t17 t7t15 4 new SMS10 t8t10t17 t7t9t15 4 new SMS11 t5t8t13t17 t7t3t11t15 6 new SMS12 t5t8t10t18 t1t9t15 9 new SMS13 t5t8t10t17t19 t1t9t15t18 9 new SMS14 t5t9t17t19 t1t15t18 9 new SMS

∗Basic (S1, S4, S10, S16, S17, S19) and compound (S15) siphons are shown in Tables I & II in [14].

M(p11) + M(p16) + M(p17) = 1+ 2+1+M(p16)+M(p17) = 5 ⇒ M(p16)+M(p17)=1⇒M(p16)+M(p17)≤1. Hence, again p16 and p17 cannot be simul-taneously marked.

Similar to that for V9, one can also derivethat p12 and p13 cannot be simultaneously marked.Thus, we have three controller subregions: SG1={p12, p16}, SG2={p13, p16}, and SG3={p13, p17}[note {p12, p17} is eliminated since p12, p17 cannot bemarked at the same time because M(p8)+M(p12)+M(p17)�M0(p21)=1]. Their common controllersubregion is CG={p6, p7, p8, p9, p11, p18, p19}. Thus,controller region [Sb] can be refined and separated intothree smaller regions: {p6, p7, p8, p9, p11, p12, p16, p18,p19}=SG1+CG, {p6, p7, p8, p9, p11, p13, p16, p18,p19}=SG2+CG and {p6, p7, p8, p9, p11, p13, p17, p18,p19}=SG3+CG to reach more states. As a result,Monitor V11 is refined into three new monitors V ∗

11,V11−1 and V11−2

•V ∗11={t5, t9, t17, t19}, V ∗•

11 ={t1, t15,t18}, •V11−1={t5, t8, t10, t17, t19}, V •

11−1={t1, t9, t15,t18}, •V11−2={t5, t8, t10, t18} and V •

11−2={t1, t9, t15}.The above refining operation results from the inter-

action between Sb and Sa . The token trapping in [Sb] isinterfered by that in [Sa] since [Sb]⊃[Sa]. The resultingrefined controlled model is shown in Table III with 14monitors and 78 control arcs versus 19 (or 17 in [13])monitors and 112 control arcs in [10, 11] but with thesame 21 562 good states.

This is alternatively explained below. Let [V ′S] be

a subset of [VS]. If M(V ′S)=1 under any reachable

marking, then Method II is applicable and S cannotbecome unmarked. Using Method II ([VS]=[VS]2), anet is less disturbed than using Method I ([VS]=[VS]1)since [VS]1=[S]⊃[VS]2. Hence, the net (by Method II)can reach more states. However, applying Method II

in the initial stages of adding monitors may result indeadlocks.

In general, large PN models of FMS suffer fromreaching fewer states than themaximally permissive onedue to interaction between siphons. Refining controllerregion into some smaller sub-controller regionshelp reach more states. We have demonstrated onesuch case.

We now formally prove the correctness of MethodII. That is, siphon S remains marked even though thenumber of reachable states is increased.

Theorem 2. Let �⊂[S] and VS the monitor placeadded for controlling siphon S. i) If whenever S isunmarked, so is �, then S is controlled by adding amonitor VS with [VS]=[S]\� ([VS] does not includeany place in �). ii) If M(�)=1 whenever S is unmarked(under M), then S is controlled by adding a monitor[Vp]=([S]\�)∪{p}([Vp] includes only one place in �to reach more states) ∀p∈�.

Proof. (i) Let [S]=�∪�’. [VS]=�′ and M([S])=M(�′)=M([VS]) since M(�)=0. Let Mmax ([S]) be themaximum marking of [S] where S is unmarked. SetM0(VS)=Mmax ([S])−1 so that Mmax ([S]) cannot bereached and S is controlled. Note that Mmax ([VS])=M0(VS)=Mmax ([S])−1. (2) Let Vp =�′ ∪{p} andM(p)=1. We need to prove that S never becomesunmarked. Assume contrarily that S is unmarkedunder M . Then M([S])=Mmax ([S])=M(�′)+M(�)=M(�′)+1 since M(�)=1. M(�′)=Mmax ([S])−1. ButM(�′)=M(Vp)P−M(p)=M(Vp)−1=Mmax ([S]) −1⇒M(Vp)=Mmax ([S]) which is impossible sinceMmax (Vp)=M0(Vp)=Mmax ([S])−1. Thus, S neverbecomes unmarked. �



Lemma 2. Let S be an SMS in an S3PR, �1⊂�⊂[S]. M , M1∈ R(N ,M0) such that M(�)=M1 (�1)=Mmax ([S]), V and V1 be two monitors added suchthat M0(V )=M0(V1)=Mmax ([S])−1 and [V ]=�,[V1]=�1. Then V1 is redundant.

Proof. For any reachable marking M ′ ∈ R(N ,M0) suchthat M ′(S)=0, M ′(�1)≤M ′(�)≤Mmax ([S])−1⇒M ′(�1)≤Mmax ([S])−1 even when V1 is absent. Thus,M1 is no longer reachable since M1(�1)=Mmax ([S]).Hence, V1 is redundant. �

Theorem 3. Let �⊂[S] and for any reachable markingM ∈ R(N ,M0) such that M(S)=0, � is exclusivelymarked; i.e., at most one place in � is marked, then tocontrol S, for each place p in any �, there is a monitorVp =([S]\�)∪{p}; i.e., Vp includes only one place in� to reach more states.

Proof. There are two cases: i) Exactly one place p in �is marked. The proof is similar to Theorem 2; ii) Nonein � is marked. The corresponding monitor is redundantby Lemma 2. Thus, S never becomes unmarked. �

Method II reachesmore states (since [VS]⊂[S], thenet is less disturbed) but usesmoremonitors. Recall that:

1. For Monitor V9. M(p12)+M(p13)≤1 for thenet in Fig. 1. Thus p12 and p13 are exclusivelymarked, �′ ={p11, p18, p19} and �={p12, p13}.By Theorem 3, we have two refined monitors asmentioned earlier.

2. For Monitor V11, M(p16)+M(p17)≤1. Hence,p16 and p17, in addition to the pair of p12 and p13are also exclusively marked for the net in Fig. 1.The combinatorial of these two sets leads to threerefined monitors as mentioned earlier.

In practice, an MIP test may add a redundantmonitor prior to a refined monitor. In this case, we mayapply Lemma 2 to remove the redundant one. The pres-ence of a redundant monitor may induce new SMS andprolong the MIP test.

V. CONCLUSION

We propose an approach (taking less computationtime than the one in [10, 11, 13] since no reachabilityanalysis is required) to reach the same number of statesas the near optimal model in [10, 11, 13] for a well-known S3PR. This is achieved by refining one monitorinto three with smaller controller regions. The same ideacan be extended to more complicated resource allocatedsystems such as ES3PR, S2LSPR, and S3PMR [15] aswell.

REFERENCES

1. Visvanadham, N., Y. Nahari, and T. L. Johnson,“Deadlock prevention and deadlock avoidance inflexible manufacturing systems using Petri netmodels,” IEEE Trans. Robot. Autom., Vol. 6, No. 6,pp. 713–723 (1990).

2. Ezpeleta, J., J. M. Colom, and J. Martinez,“A Petri net based deadlock prevention policyfor flexible manufacturing systems,” IEEE Trans.Robot. Autom., Vol. 11, pp. 173–184 (1995).

3. Li, Z. and M. Zhou, “Elementary siphons of Petrinets and their application to deadlock preventionin Flexible Manufacturing Systems,” IEEE Trans.Syst. Man Cybern. Part A, Vol. 34, No. 1, pp. 38–51(2004).

4. Li, Z. W. and M. C. Zhou, “Clarifications on thedefinitions of elementary siphons in Petri nets,”IEEE Trans. Syst. Man Cybern. Part A, Vol. 36, No.6, pp. 1227–1229 (2006).

5. Piroddi, L., R. Cordone, and I. Fumagalli, “Selectivesiphon control for deadlock prevention in Petrinets,” IEEE Trans. Syst. Man Cybern. Part A, Vol.38, No. 6, pp. 1337–1348 (2008).

6. Piroddi, L., R. Cordone, and I. Fumagalli,“Combined siphon and marking generation fordeadlock prevention in Petri nets,” IEEE Trans. Syst.Man Cybern. Part A, Vol. 39, No. 3, pp. 650–661(2009).

7. Li, Z. W. and M. C. Zhou, “Two-stage methodfor synthesizing liveness-enforcing supervisors forflexible manufacturing systems using Petri nets,”IEEE Trans. Ind. Inform., Vol. 2, No. 4, pp. 313–325(2006).

8. Uzam, M., “An optimal deadlock prevention policyfor flexible manufacturing systems using Petri netmodels with resources and the theory of regions,”Int. J. Adv. Manuf. Technol., Vol. 19, No. 3, pp.192–208 (2002).

9. Liu, G. J., C. J. Jiang, and M. C. Zhou, “Twosimple deadlock prevention policies for S3PRbased on key-resource/operation-place pairs,” IEEETrans. Autom. Sci. Eng., DOI: 10.1109/TASE.2010.2050059 (2010).

10. Uzam, M. and M. C. Zhou, “An improvediterative synthesis approach for liveness enforcingsupervisors of flexible manufacturing systems,” Int.J. Prod. Res., Vol. 44, No. 10, pp. 1987–2030(2006).

11. Uzam, M. and M. C. Zhou, “An iterative synthesisapproach to Petri net based deadlock preventionpolicy for flexible manufacturing systems,” IEEE



Trans. Syst. Man Cybern. Part A, Vol. 37, pp. 362–371 (2007).

12. Uzam, M., “The use of Petri net reduction approachfor an optimal deadlock prevention policy forflexible manufacturing systems,” Int. J. Adv. Manuf.Technol., Vol. 23, No. 3–4, pp. 204–219 (2004).

13. Uzam, M., Z. W. Li, andM. C. Zhou, “Identificationand elimination of redundant control places in Petrinet based liveness enforcing supervisors of FMS,”Int. J. Adv. Manuf. Technol., Vol. 35, pp. 150–168(2007).

14. Chao, D. Y., “Computation of elementary siphonsin Petri nets for deadlock control,” Comput. J., Vol.49, No. 4, pp. 470–479 (2006).

15. Huang, Y. S., M. D. Jeng, X. L. Xie, and D. H.Chung, “Siphon-based deadlock prevention policyfor flexible bmanufacturing systems,” IEEE Trans.Syst. Man Cybern. Part A, Vol. 36, No. 6, pp. 1248–1256 (2006).

16. Zhong, C.-F. and Z.-W. Li, “Design of liveness-enforcing supervisors via transforming plant petrinet models of FMS” Asian J. Control, Vol. 6, No.2, pp. 270–280 (2004).

17. Chao, D. Y., “Technical Note—MIP iteration-reductions for deadlock prevention of flexiblemanufacturing systems,” Int. J. Adv. Manuf.Technol., Vol. 41, No. 3, pp. 343–346 (2009).

18. Chao, D. Y., “An incremental approach to extractminimal bad siphons,” J. Inf. Sci. Eng., Vol. 23, No.1, pp. 203–214 (2007).

19. Li, Z. W. and M. C. Zhou, Deadlock Resolution inAutomated Manufacturing Systems: A Novel PetriNet Approach, Springer-Verlag, London, UK,(2009).

20. Li, Z. W. and M. C. Zhou, “Control of elementaryand dependent siphons in Petri nets and theirapplication,” IEEE Trans. Syst. Man Cybern. PartA, Vol. 38, No. 1, pp. 133–148 (2008).

21. Li, Z. W. and M. C. Zhou, “On controllabilityof dependent siphons for deadlock prevention ingeneralized Petri nets,” IEEE Trans. Syst. ManCybern. Part A, Vol. 38, No. 2, pp. 369–384(2008).

22. Li, Z. W., J. Zhang, and M. Zhao, “Liveness-enfor-cing supervisor design for a class of generalizedPetri net models of flexible manufacturingsystems.,” IEE Proc. Control Theory Appl., Vol. 1,No. 4, pp. 955–967 (2007).

23. Li, Z. W., M. C. Zhou, and M. D. Jeng, “Amaximally permissive deadlock prevention policyfor FMS based on Petri net siphon control and thetheory of regions,” IEEE Trans. Autom. Sci. Eng.,Vol. 5, No. 1, pp. 182–188 (2008).

24. Li, Z.W. andM. C. Zhou, “A survey and comparisonof Petrinet-based deadlock prevention policy forflexible manufacturing systems,” IEEE Trans. Syst.,Man Cybern. Part C, Vol. 38, No. 2, pp. 172–188(2008).

25. Shih, Y.-Y. and D. Chao, “Sequence ofcontrol in S3PMR,” Comput. J., DOI: 10.1093/comjnl/bxp081.

26. Xing, K., M. C. Zhou, X. Yang, and F. Tian,“Optimal Petri net-based polynomial-complexitydeadlock avoidance policies for automated manu-facturing systems,” IEEE Trans. Syst. Man Cybern.Part A, Vol. 39, No. 1, pp. 188–199 (2009).

27. Xing, K., M. C. Zhou, K. Shi, and L. Ren,“Enumeration algorithms for maximal perfect-resource- transition circuits and strict minimalsiphons in S3PR,” 17th IFAC World Cong., Seoul,Korea, pp. 14490–14495 (2008).

28. Guo, J. and Z. Li, “A deadlock prevention approachfor a class of timed Petri nets using elementarysiphons,” Asian J. Control, Vol. 12, No. 3, pp. 347–363 (2010).

29. Boer, E. R. and T. Murata, “Generating basissiphons and traps of Petri nets using the signincidence matrix,” IEEE Trans. Circuits Syst. PartI—Fund. Theory Appl., Vol. 41, No. 3, pp. 266–271(1994).

30. Chao, D. Y., “Improved controllability test fordependent siphons in S3PR based on elementarysiphons,” Asian J. Control, Vol. 12, No. 3, pp. 377–391 (2010).

Daniel Chao receive his Ph.D.degree from in electrical engi-neering and computer sciencefrom the University of California,Berkeley in 1987. From 1987–1988, he worked at Bell Labora-tories. Since 1988, he joined thecomputer and information sciencedepartment of New Jersey Insti-tute. Since 1994, he joined theMIS

department of NCCU as an associate professor. SinceFeburary, 1997, he has been promoted to a full professor.His research interest is in the application of Petri netsto the design and synthesis of communication proto-cols and the CAD implementation of a multi-functionPetri net graphic tool. He is now working on theoptimal control of flexible manufacturing systems. Hehas published 110 (including 45 journal) papers in thearea of communication protocols, Petri nets, DQDB,networks, FMS, data flow graphs and neural networks.He has been a distinguished professor since 2004.



Guan Jun Liu received his B.S.degree from Qufu Normal Univer-sity, Qufu, China, in 2001, andhis M.S. degree from Shan-dong University of Science andTechnology, Qingdao, China, in

2006. He is currently a Ph.D. student in the Depart-ment of Computer Science and Technology at TongjiUniversity, Shanghai, China. His research interestsinclude discrete event system, formal language andautomata theory, Petri nets, and service-orientedcomputing.


Documents

A simple Suboptimal siphon-based control model of a well-known S3PR