Evaluation of resource allocation policies in a production line using Petri nets

Evaluation of resource allocation policies in a production line using Petri nets

~ Vol. 10, No. 6, pp. 413-422,1993 Copyright© 1994ElsevierScienceLtd Printedin GreatBritain.All rightsreserved 0736-5845/93S7.00+0.00 Robotics & Com...
Download PDF
864KB Sizes 2 Downloads 11 Views
Report

~

Vol. 10, No. 6, pp. 413-422,1993 Copyright© 1994ElsevierScienceLtd Printedin GreatBritain.All rightsreserved 0736-5845/93S7.00+0.00

Robotics & Computer-lnteorated Manufacturing,

)Pergamon

0736-5845(94)E0007-U



Paper EVALUATION OF RESOURCE ALLOCATION POLICIES IN A PRODUCTION LINE USING PETRI NETS* E. MESSINA and

A. SCIOMACHEN~"

Universit~ degli Studi di M i l a n o , D i p a r t i m e n t o di Scienze d e l r l n f o r m a z i o n e , Milano, Italy

We analyse the flow of workpieces in Petri net models of production lines, depending on different control policies and resource assignments. In particular, we show how an invariant-based algorithm can be used for detecting and avoiding potential deadlocks in the system under consideration while reducing the number of states of its reuchability graph. A detailed description oftbe proposed methodology is given along with a case study whose possible deadlock situations are determined, and all the resource allocation policies, which have to be modified in order to avoid their occurrence, are analysed.

1. INTRODUCTION AND PROBLEM DEFINITION In the design and validation phases of production systems, typically characterized by concurrent and conflicting processes~ particular attention has to be paid to resource allocation, operation sequencing and performance evaluation. These days the configuration of manufacturing systems is characterized by an ever increasing flexibility that can greatly improve the performance of the system but, on the other hand, also increases the competition among the different processes, and hence the risk of deadlocks occurring. The main aim of this paper is to determine resource assignments and control policies such that deadlocks, due to non-synchronization between different components of the system, are avoided. In particular, we evaluate the flow of workpieces in a production line depending on different resource allocation policies by analysing its Petri net (PN) model. Many solutions to this problem have been recently proposed in the literature. The most common ones are based either on the structural analysis of the system in an algebraic form or on the direct simulation of the system under consideration, evaluating, at each simulation run, any feasible operations sequencing with respect to different numbers of workpieces and resource allocation policies (see, for example, Ref. 1). Unfortunately, the structural analysis in an algebraic form is usually strictly limited to conflict-free systems

and hence not applicable to the case of manufacturing systems (see, for example, Refs 6, 7, 18). On the other hand, direct simulation does not necessarily allow the detection of all the possible deadlock situations, since some states may be not generated within a simulation run due to the non-deterministic behaviour inherent in manufacturing systems. Other approaches, recently proposed by Banaszak and Krogh 5 and Valavanis, 17 are characterized by the definition and application of a priori rules in the construction of extended PN models of deadlock-free production systems. Another PN-based algorithm has been proposed by Taubner; 15 it provides a distributed software solution for deadlock problems, imposing some a priori control policies for resource allocation. However, this approach has the shortcoming of slowing down the execution process even when the number of available resources is such that control rules are not required. Furthermore, an extention of the PN model aimed at deadlock avoidance has been introduced by Hanish, 8 who applies to timed PN models the concept of timed arcs, i.e. each arc, from a place to a transition, is labelled with a time interval that describes the permeability of the arc, and each place is associated with a clock denoting the age of its marking. The transitions are thus possible, depending on the marking and the local clocks. Although this method is very suitable for determining dynamic control strategies it assumes that the set of transitions which may never be possible is known in advance, hence ensuring deadlock avoidance but not deadlock detection. On the other hand, many reduction rules, which map the original PN model into a reduced one while maintaining the structural properties, have been successfully applied in order to solve the deadlock

Acknowledgement--The authors are grateful to both anony-

mous referees for their useful comments which greatly contributed to the improvement of this paper. *This paper is partially supported by the Italian MURST 40% project on "Flexible Manufacturing Systems". tAuthor to whom correspondence should be addressed. 413

414

Robotics & Computer-Integrated Manufacturing • Volume 10, Number 6, 1993

detection problem. 14'16 In this case, however, once deadlock states have been detected, further analysis is required in order to determine deadlock avoidance strategies and to evaluate the performance of the system under consideration. In this paper, we propose a methodology aimed at solving both the deadlock detection and avoidance problems. In particular, we show how it is possible to verify whether operation sequencing in a manufacturing system would prevent deadlocks by analysing the structural properties of the corresponding PN model together with its reachability graph. We refer to the reachability graph of a PN as the digraph G = (V, E), where V, of size K, is the set of markings M i, i = 0 . . . K - 1, representing all the states of the system, and E is the set of arcs (i,j) representing the firing of the transition that moves the net from Mi to Mj. In order to verify the basic structural properties of a PN, like properness, liveness, boundness and conservativeness,9.12 its incidence matrix C is required, where the elements co, i = 1 . . . m,j = 1 . . . n, are such that c~j= uj ifp~ is an output place to transition t j, c i j = - v j if p~ is an input place to tj, and cij=O otherwise; ui is the number of tokens required for the firing of tj and viis the number of tokens in place p~ after the firing of transition tj. Desirable qualitative attributes of production systems, like absence of deadlocks, are related to the concept of the reproducibility of a set of events, i.e. transition firings, and to the weighted sum of tokens in selected places in the net. In the present literature such attributes depend on the initial marking M o and on the place capacity. The verification of these attributes is based on the computation of the place/transition invariants of the net. Formally, 9 a place-invariant (p-invariant) can be defined as an m-dimensional rowvector X such that X C = 0 and a transition-invariant (t-invariant) can be defined as an n-dimensional column vector Y such that C Y = 0 , where C is the incidence matrix of the net. In Section 2 we show how an invariant-based algorithm can prevent the generation of deadlocks in a production system while reducing the number of states in its reachability graph. Moreover, a recovery approach from unsuccessful resource allocations is proposed. Our approach is presented in more detail in Section 3 through the analysis of two production systems and their related PN models. The possibility of using p-invariants for detecting resource allocation policies is briefly mentioned in Section 4. Some conclusions are derived in Section 5.

deadlocks in timed PN models of production systems, in which liveness is generally not satisfied due to the complex interactions among the concurrent processes which characterize them. The analysis of such models is performed by exploring their reachability graphs and investigating the properties related to their p/t-invariants. In particular, we make use of the invariants in order to establish priority rules whenever conflicting situations arise. In fact, conflicting situations in a PN model are characterized by a marking, say Mi, in which more than one transition is enabled and the firing of one of them disables the others. Conflicts reflect the nondeterministic behaviour inherent to production systems, where the next operation to be performed could be selected according to a probability function depending on the state of the system (see, for example, Ref. 3). One of the major problems in the validation of production systems is, hence, to select the best resource allocation policy in terms of both performance indices and deadlock avoidance. This problem can be more easily solved by analysing the reachability graph G of the system; unfortunately, the exhaustive analysis of the state space is limited by its exponential growth. In order to overcome this problem, we use the structural properties of the system for determining those states in which an unsuitable control rule can imply deadlocks; thus, we reduce the analysis of G to the analysis of the critical states of the system under consideration. Hence, our goal consists of determining, among different alternatives, those resource allocation policies which prevent some transitions from firing. Before introducing in details our approach, let us derive its applicability conditions. Let us consider the reachability graph G of a PN; generally, terminal nodes of G represent either successful completion of all the system activities or the premature freezing of the system due to unsuitable resource control policies. As a first condition, since we are interested in the analysis and evalution of the steady-state behaviour of production systems, it is not too restrictive to assume that the PN model is reinitializable, i.e. the successful termination states coincide with the initial marking. Note that this condition is satisfied by a wide class of discrete event dynamic systems, in particular by finitestate Markov chains that have been shown to be strongly related to PN models; Molloy 11 shows that stochastic PN models are isomorphic to continous Markov chains. Moreover, we assume that the following conditions hold:

2. A PN DEADLOCK D E T E C T I O N A P P R O A C H Let us describe an algorithm, first introduced in Ref. 4, that allows the identification of deadlocks in production systems modelled by PNs. It is well known that liveness in a PN is a sufficient condition for the corresponding system to be deadlock-free. 9 The main aim of our algorithm is to detect, and hence to prevent,

(2.1) The system must be "closed", i.e. the number of processes circulating in the system has to be consant. From an algebraic point of view this condition implies that each row and each column of the incidence matrix C must have at least one positive and one negative component. (2.2) The PN representing the system must be

Evaluation of resource allocation policies • E. MI~SSlNAand A. SCIOMACHEN

bounded, i.e. there is an upper bound on the number of tokens in each place of the PN. Note that boundedness in a PN model of a production system allows the determination of the maximum system capacity, for example in terms of buffer sizes. Boundedness can be verified through the computation of the p-invariants. 2 (2.3) The PN must be completely described by its incidence matrix; this means that it cannot have any loop, i.e. transitions having the same place both as input and output. In PN models of production systems loops are related either to the acknowledgement of some event or to the verification of some conditions required for synchronizing some activities (see, for example, Ref. 1). Since condition 2.3 is easily implemented by introducing in each loop of the PN a dummy place and a dummy transition, let us consider more carefully conditions 2.1 and 2.2 that apparently seem to be too strong for real systems. Usually, in modelling production systems by PN one place representing the I/O storage location where workpieces/jobs/processes wait for starting their production cycle is used (see, for example, Refs 1,9, 19 and 20). Generally, this I/O place can easily assure condition 2.1 by guaranteeing that tokens representing completed jobs do not leave the system and go back to the I/O storage. Furthermore, since places that accumulate tokens during the system evolution, consequently violating condition 2.2, are generally used as counters, they can be easily replaced by counting the number of transition firings that would move tokens in those places (PN simulation softwares are generally enabled to accomplish this featurel3). Note that conditions 2.1-2.3 are verified if and only if each place and transition of the PN belong to at least one invariant, i.e. there exist a p-invariant X and a t-invariant Ywith all positive components. ~2 In fact, if there exists a p-invariant with all positive components then the system is bounded, i.e. condition 2.2 is verified, while the existence of at least one t-invariant with all positive components is a necessary condition for the reproducibility of the initial state of the system, i.e. for the regenerativeness property related to condition 2.1. Hence, if conditions 2.1-2.3 are satisfied the reproducibility of the states that do not drive to deadlocks is assured; that is, there exists a strongly connected component in G, which includes the initial marking Mo .4 It follows that deadlock states, in which no transition is possible, coincide with terminal nodes in G, i.e. nodes without outgoing arcs. Therefore, it is possible to say that all the markings originating deadlocks belong to paths to terminal nodes, while the markings belonging to the strongly connected component in G, including M o, correspond to states of the system from which all the processes can be successfully completed. The deadlock detection approach that we are going

415

to consider demonstrates the link between deadlocks in a production system and the invariants of the corresponding PN. In Ref. 4 it has been verified that, if a system satisfies conditions 2.1-2.3, each process is associated with a t-invarient, that is, each operation of a process Pi has a corresponding transition in the associated t-invariant Y~. Therefore, since starting from any marking MkY ~ represents a sequence of operations of a process Pi, in order to verify whether P~ can be completed without any deadlock occurrence it is both necessary and sufficient that all the transitions associated with the positive components of Y~are able to be fired. By applying this control procedure during the generation of the digraph G, i.e. as soon as a new state of the system is generated, we can avoid adding to G those states from which it is not possible to enable all the transitions associated with at least one t-invariant of the PN. In this way, we obtain a strongly connected subgraph of G, denoted by L = (E', V'), whose node set V' c V, such that M o ~ V' does not contain deadlocks. The reproducibility of the set of events related to the completion of the manufacturing processes is hence ensured. In order to explain in more detail our approach, let us assume that each arc (i,j)eE is labelled with the transition, say tk, whose firing drives the system from M i to M r and that an integer vector F(M~)=f l . . . . . fm is associated with the path from Mo to M~; each component fk denotes the number of arcs of the path labelled with tk. Let 17be the set of nodes that do belong to G but not to L, i.e. V'c~17=~ and V'u17~ V, and set 17=~. Moreover, let F(M~) denote the set of markings reachable from Mi; then during the generation of G a control procedure is applied to each new marking M i as follows:

VMj~r(M,): --if Mj~ V' then E' =E'u(i,j) else --if Mie 17 then stop. --V YRset W= Yk-- F(Mj) and check if starting from M~ there exists a transition sequence associated with W originating a path, say H, to any Mk~L; --if H exists then add to V' all nodes and all arcs belonging to 17; otherwise, 17-- Vu{Mj}, thus avoiding the control procedure VMk ~ F(Mi). For further details of the algorithm see Ref. 4. 3. DETECTING SAFE RESOURCE ALLOCATION POLICIES The proposed methodology can be applied to production systems in order to determine dynamic control rules aimed at avoiding deadlock during a simulation run. In this paper we consider a simple production system for describing in more detail the procedure of deadlock detection and avoidance. Further considerations are pointed out along with the analysis of a flexible manufacturing system cell, whose PN model is

Robotics & Computer-Integrated Manufacturing • Volume 10, N u m b e r 6, 1993

416

presented in Refs 19 and 20. The structural analysis and the performance evaluation obtained applying the proposed methodology to a manufacturing system, located in an Italian IBM plant, have been examined in Ref. 10.

The resources are allocated one at a time and are released all together as soon as a process is completed. Furthermore, suppose that the system is closed. The P N model representing such a system is shown in Fig. 1, where places and transitions have the following meaning:

3.1. A simple case study

Pl: resources of type Rx currently available; P2: resources of type R 2 currently available; P3: process/'1; P,: process P2; Ps: resources of type R 2 currently allocated t o / 1 ; P6: resources of type R~ currently allocated to P:; P7: resources of type R2 currently allocated to/'2; Ps: resources of type Rt currently allocated to P2; P9, P 1o, P ~ , P~2: resource allocation acknowledgement; P13: process PI in progress; P~,: process P2 in progress; tt: allocation of one resource of type R~ to Pt; t2: allocation of one resource of type R 2 to Pt; t3: allocation of one resource of type R2 to P2; t4: allocation of one resource of type Rt to Pz; ts: beginning of P1; t6: beginning of/'2; tT, t 8 , t 9 , t l o : sending the resource allocation acknowledgment; tl 1: processing time of P1; t12: processing time of P2.

Let us consider a production system in which n processes Pj, j = 1 . . . n, requiring m different types of resources R i, i = 1 . . . m, are to be executed according to a given production plan. Let D be the m x n matrix, called capacity allocation matrix, such that dii gives the maximum number of resources of type R~ that can be allocated to Pj. Let us suppose that preemption is not allowed in the system. If the number of resources R i that can be required simultaneously is greater than the number of available ones, i.e.

IR,I

(3.1)

j=l

for some index i, then a deadlock can be originated. In order to verify whether it occurs, let Atk~ be the state allocation matrix associated with M k, where a~ ) is the number of resources R~ currently allocated to Pj in the state Mk; theft a deadlock cannot occur if the relation

d i j - u-itjk-) I<

R . ,I - -

~, aij~k~ V i

(3.2)

j=l

is satisfied for at least one j, j = I . . . n. That is, in any state at least one process has enough resources to be completed. In order to better understand our methodology, let us consider a simple but meaningful example, presented in Ref. 7 and also reported in Ref. 6, consisting of a system in which two processes Px and P2 share two different types of resources R~ and R 2. Process P1 needs four units of types R~ and three units of type R2, while process P2 requires three and four units of Rt and R2, respectively, that is

The incidence matrix C of the P N model depicted in Fig. 1 is the following:

C=

--1 0 0 -1 0 - 1 --1 0 -I -1 0 0 0 0 -1 -1 0 1 0 0-3 l 0 0 0-4 0 0 1 0 0 0 0 1 l 0 0 0 0 0 0 1 0 1 0 0 0 0 1 0 0 0 0 0 0 0 0 0

0 0 0 0

0-4 0-3 0 0 0 0 1 0

0 0 0 0 0 0

0-1 0 0 0 0 1

0 0 1 0 0 0 0 0 0 0 0 0 0

0 0 0 1 0 0 0 0 0 -1 0-1 0 0 0

0 0 1 0 0 0 0 0 0 0

0 0 0 1 0 0 0 0 0 0 0 0 -1 0 0-1 0 0

4 3 0 0 0 0 0 0 0 0 0 0

34 0 0 0 0 0 0 0 0 0 0 0

0-1-

Consider as the initial state of the system four available resources of type R 1 and five available

~"

~L~

@, Fig. 1.

I

tlO

Evaluation of resource allocation policies • E. MESSINAand A. SCIOMACHEN

resources of type R 2, i.e. IRll = 4 and IR I = 5; then the initial marking is M 0 = (4, 5, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0). Moreover, let us suppose that the maximum capacity for each place of the PN is (4, 5, 1, 1, 3, 4, 4, 3, 1, 1, 1, 1, 1, 1). Note that the PN invariants are completely independent from bounds on the number of tokens in a given place; hence, they do not affect the PN model structure but only the system evolution. By computing the p/t-invariants of the PN, for example by using the algorithm proposed in Ref. 2, we obtain four p-invariants X~, i= 1 . . . 4, corresponding to processes P~ and PE and resources of types R 1 and R E, respectively. In more detail the components of the p-invariants are the following. XI=(0, 1, 0, 0, 1,0, 1 , 0 , 0 , 0 , 0 , 0 , 3 , 4 ) associated with R2; ) ( 2 = ( 1 , 0 , 0 , 0 , 0 , 1,0, 1 , 0 , 0 , 0 , 0 , 4 , 3 ) associated with R1; X3=(0, 0, 1 , 0 , 0 , 0 , 0 , 0 , 1,0, 1 , 0 , 0 , 0 ) associated with P1; )(4=(0,0,0, 1, 0, 0, 0, 0, 0, 1,0, 1, 0, 0) associated with P2; We also obtained the following two t-invariants, related to Pt and P2, respectively: ]11=(4,3,0,0, 1 , 0 , 4 , 0 , 3 , 0 , 1,0); I12=(0,0,4, 3,0, 1 , 0 , 3 , 0 , 4 , 0 , 1). By computing the p- and t-invariants it is possible to analyse the structural properties of the PN; in the present case, it can be easily verified that the PN is both bounded and conservative; moreover, the necessary

condition for properness 9'12 is assured. Nevertheless, the sufficient condition (3.1) for guaranteeing the absence of deadlocks is not satisfied. It is important to observe that for this example relations (3.1) and (3.2) can be evaluated by considering the distribution of tokens in the PN. In fact, the capacity allocation matrix D is given by the maximum capacity of places Pl, i=5, 6, 7, 8; the maximum n u m b e r [Ril of available resources of type R i equals Mo(i ), i= 1, 2; the allocation matrix AIk~is completely defined by considering Mk(i ), i = 5, 6, 7, 8, and, finally, the number of resources currently available, given by the right-hand side of (3.2), equals Mk(i ), i= 1, 2. Generally, since each process is associated with several places, the relation of the allocation matrix with places is not immediately deducible. In this last case it is necessary to evaluate the possibility of deadlock generation directly using the problem data or through the analysis of the structural properties and/or reachability graph. Since conditions 2.1-2.3 are satisfied by the PN of Fig. 1, it is possible to apply our methodology for generating L and identifying all the critical markings. By performing this analysis it can be verified that the system is not deadlock-free; in fact, in the PN there are 81 critical markings, as reported in Appendix A. This means that there are 81 states of the system starting from which only deadlocks can be generated. Figure 2 shows the paths in G from M o obtained by the subsequent firings of the transitions belonging to I11 and Y2, respectively. It is easy to see that these two paths are circuits, i.e.

3-t10

tS-tl 1

Mo

Fig. 2.

417

418

Robotics & Computer-IntegratedManufacturing • Volume 10, Number 6, 1993

closed paths, in G. In this particular case, they represent all the activities related to the production processes P~ and P2, respectively, when they are performed independently. Analogously, starting from any marking Mg in L it is possible to identify circuits in G associated with the t-invariants of the PN. These circuits, defined in Ref. 4 as fundamental ones, represent the sequence of activities that lead to the completion of the processes associated with the t-invariants when the resource allocation matrix A~k~ associated with M k is considered. Note that the markings involved in the two paths of Fig. 2 are (see Appendix B): Mo--(4,5,1, 1,0,0,0,0,0,0,0,0,0,0) M 2 = ( 3 , 5 , 1, 1 , 0 , 1 , 0 , 0 , 0 , 0 , 0 , 0 , 0 , 0 ) 3 / , = ( 4 , 4 , 1 , 1,0,0, 1 , 0 , 0 , 0 , 0 , 0 , 0 , 0 ) M6=(2,5,1, 1,0,2,0,0,0,0,0,0,0,0) M13=(4,3,1, 1,0,0,2,0,0,0,0,0,0,0) M16=(1,5,1, 1,0,3,0,0,0,0,0,0,0,0) M3o=(4, 2, 1, 1, 0, 0, 3 , 0 , 0 , 0 , 0 , 0 , 0 , 0 ) M34=(0,5, 1 , 1 , 0 , 4 , 0 , 0 , 0 , 0 , 0 , 0 , 0 , 0 ) M55=(4,1, 1, 1 , 0 , 0 , 4 , 0 , 0 , 0 , 0 , 0 , 0 , 0 ) M59=(0, 4, 1, 1, l, 4, 0, 0, 0, 0, 0, 0, 0, 0) Msz=(3, 1 , 1 , 1 , 0 , 0 , 4 , 1 , 0 , 0 , 0 , 0 , 0 , 0 ) Ms5=(0,3, 1,1,2,4,0,0,0,0,0,0,0,0) Mlo4=(2, 1 , 1 , 1 , 0 , 0 , 4 , 2 , 0 , 0 , 0 , 0 , 0 , 0 ) M l o 7 = (0, 2, 1, 1, 3, 4, 0, 0, 0,,0, 0, 0, 0, 0) M l t 9 = ( 1 , 1, 1 , 1 , 0 , 0 , 4 , 3 , 0 , 0 , 0 , 0 , 0 , 0 ) The size of the set V in the original teachability graph G is K=238 while L is such that IV'I = 128. The list of markings belonging to L is reported in Appendix B. Since the reduction in size between IF~ and IV' I is noticeable it is possible to evaluate the performance indices of the system by analysing L and using the structural simulation, as proposed in Ref. 10. The basic idea of the structural simulation is to perform a simulation run directly on a PN, in which the transitions that lead to any critical marking are not included in the event list, i.e. they are not allowed to fire. As an example, let us consider the following markings of the PN, depicted in Fig. !, which belong to L: M6=(2,5 , 1,1,0,2,0,0,0,0,0,0,0,0)

M22=(2,4, 1, l, 1, 1,0, l, 0, 0, 0,0, 0, 0) M 6 represents the state in which two resources of type R 1 have been already allocated to Pz [note that M6(6 ) = 2], i.e.

Starting from M 6, reachable from M o through the firing of tl twice (see Fig. 2), the firing of t 4 will move the PN to marking CM57, in the set of critical markings reported in Appendix A, where one resource of type R 1 has been allocated to P1, CM57(7)= 1, thus resulting in the allocation matrix

,1,00] It is easy to verify that in CMsv relation (3.2) is not satisfied for any process Pj, j = 1, 2. It follows that starting from CMs7 neither P~ nor P2 can be completed. In fact, note that for i = 1 relation (3.2) is not satisfied for a n y j = 1, 2, since only one resource of type R 1 is available CM57(1 ) = 1, while both Pi and P2 need two machines of this type, respectively; thus, a deadlock situation will surely occur. For this reason, during a structural simulation run whenever M 6 is generated, t 4 is not included in the set of enabled transitions and CM57, which does not belong to L, will never be generated. This means that if the production system is in state M 6 the allocation of a resource of type R 2 to P2 is forbidden. It is also possible that in a given marking more than one transition must be prevented from firing. This is, for instance, the case of M22 (see Appendix B) starting from which only P2 can be completed if two units ofR 1 and four units of R 2 are allocated to it. This condition is made always satisfiable by the structural simulation since it does not include both t I and t z in the set of enabled transitions in Mz2, so that no more resources can be allocated to P~. Hence, while executing a simulation run, if a transition that drives to a deadlock state is enabled in the current state, say M~, it is not included in the event list of M i. It follows that the control rule for the resource allocation is automatically selected. 3.2. A flexible manufacturing system cell Let us now consider a manufacturing system (proposed in Ref. 20) consisting of two main components: a handling conveyor system consisting of four carts with fixture mounted on each, two transfer tables and dual conveyors which transport materials to each workstation, and a milling machine. In Ref. 20 the system has been modelled through a progressive synthesis and has been decomposed in two submodels, one for each component. Recalling that a deadlock in a submodule compromises the performance of the whole model, let us address our attention to the model for the milling machine with deadlock occurrences. The PN model for the milling machine is given in Fig. 3. Note that tlo, P14 and tl~ are added to check this subnet for its properties, where P14 can be considered as the I/O place guaranteeing condition (2.1) (see Section 2). The PN model in Fig. 3 has the following t-invariants: (1, 1, l, 1, 1, 0, l, 0, 1, 1, 1) (1, l, l, 1, 0, 1, 0, 1, 1, l, l) It is possible to verify that, given Mo(i)=0 , i= 9, Mo(i)= 1, i = 1 0 , . . . , 14, as initial marking, the system is live. In fact, applying our algorithm we obtained L = G, i.e. G is strongly connected (Fig. 4) 1.....

Evaluation of resource allocation policies • E. MESSINAand A. SCIOMACHEN

":2

419

initially allowed to have two tokens. In this case the net is only bounded. 2° Performing the procedure described in Section2 with M o ( 1 ) = l , Mo(i)=0 , i = 2 . . . . . 9, M o ( i ) = l , i = 1 0 . . . . . 14, we detect the following critical states:

tl

(1,0, I, 0, 0, 0, 0, 0, 0, 1,0, I, 1,0) (0,0, 1,0, 1, 0, 0, 0, 0, 1, 0, 0, 1,0) in which transitions tl and t 3 drive the system to deadlock states: l

B

(0, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1,0) (0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 1, 0, 1, 0), respectively. Note that these deadlocks are reachable directly from the above critical markings and L is not greatly reduced with respect to G; it is easy to verify that I/,1 = 31 while Iv'l = 29. Obviously, this is not a general rule as in the previous example and as described for the system considered Ref. 10.

pl~

Fig. 3.

~t"000000000111 l~q

oooooo o oooooo o~'~i

4, t2 oo o o o o 1 ~

oo,oooo,,,o

-

1

't5

oo,oooo,

I ooooo,o

oooooo,,,,-i-

"'

Fig. 4.

and no control rule for deadlock avoidance is required during the simulation. However, the net is not live when the I/O place is

4. ROLE O F p-INVARIANTS FOR D E T E R M I N I N G RESOURCE A L L O C A T I O N POLICIES As a further result, in the evaluation phase of the proposed approach we have verified that, if the t-invariants of a PN are such that Yic~Yj = ~ , V i #j, then any marking M in L belongs to at least a fundamental circuit, 4 i.e. starting from M at least one process P~ can continue without waiting for the availability of the required resources. However, it is possible that Yin Y j # ~ for some i, j, i#j; such a situation occurs when the processes of the system interact each other and share some common operations/activities identified by the common components between Y~ and Yj. These situations often occur in manufacturing systems where resource and process synchronization are essential problems. Assembly lines are typical examples in which synchronization aspects must be properly taken into account. Note that a fundamental circuit in L can contain arcs corresponding to transitions that belong to more than one t-invariant. These situations reflect unsuitable resource synchronization that can result in possible delays between two subsequent operations of a process. In this case any time a state of the system is reached where some process is waiting (temporary blocked) for the required resource(s), due to the lack of synchronization, it is possible to detect which resource causes the delay by using the p-invariants of the PN. It is important to recall that in a PN model the p-invariants are associated with the resources of the system and that the p-invariant related to a given resource identifies the set of places in which the sum of tokens is constant for each marking (state) of the system. This implies that a p-invariant identifies the set of places associated with the working cycle of the related resource, i.e. idle, working process and release. Moreover, note that shared resources among different processes are represented by common input places to different transitions. Hence, in order to allow a process

420

Robotics & Computer-Integrated Manufacturing • Volume 10, Number 6, 1993

tO be completed, the flow of tokens in the places identified by the corresponding p-invariant must continue, i.e. at least one of the required resource must become available. 5. C O N C L U S I O N S In this paper we have shown how different resource allocation policies in production systems can be evaluated by analysing the structural invariants and the reachability graph G of its P N model. Our approach allows to detect potential deadlocks and to identify those critical resources for which control rules are required. Following this approach we are also able to compute a strongly connected component of G that does not contain any deadlock. The examples presented here show how a methodology that combines structural analysis in an algebraic form and direct simulation of P N models can be very useful for preventing deadlocks, detecting the corresponding critical resources and consequently computing the main performance indices. Based on the experimental results, we believe that approaches such as the one given here are practical ways to analyse real-life production systems.

REFERENCES 1. Abraham, C. T., Sciomachen, A.: Planning for automatic guided vehicle systems by Petri nets. IBM Research Report RC 12218, T.J. Watson Research Center, Yorktown Heights, NY, 1986. 2. Alaiwan, H., Toudic, J. M.: Recherce des semiflots, des verrous et des trappes dans reseaux de Petri. Techq. Sci. inf. 4: 104-112, 1985. 3. Archetti, F., Gaivoronski, A., Sciomachen, A.: Sensitivity analysis and optimization of stochastic Petri nets. Discrete Event dyn. Systems: Theory Applic. 3: 5-37, 1993. 4. Archetti, F., Messina, E., Sciomachen, A.: A graph theoretical approach to the performance analysis of highly concurrent systems. J. Combinatorics Inf. System Sci. (to appear). 5. Banaszak, Z., Krogh, B. H.: Deadlock avoidance in flexible manufacturing systems with concurrently competing process flow. IEEE Trans. Robotics Automn (to appear). 6. Coffman, A. G., Elphick, M., Shoshani, A.: System deadlocks. Computing Surv. 3(2): 67-78, 1971.

7. Haberman, A. N.: Prevention of system deadlocks. Commun. ACMI2(7): 373-385, 1969. 8. Hanish, H.-M.: Analysis of place/transition nets with timed arcs and its application to bath process control. In Lecture Notes in Computer Science, Application and Theory of Petri Nets. 1993, pp. 282-299. 9. Kamath, M., Viswanadham, N.: Applications of Petri net based models in the modeling and analysis of flexible manufacturing systems. In Proceedings oflECON, IEEE Catalogue No. CH2282-2-86. 1986, pp. 312-317. 10. Messina, E., Sciomachen, A.: Optimal sequencing via structural simulation. In Proceedings of ANIPLA Conference "Automazione 92", Vol. 3. 1992, pp. 197-210. 11. Molloy, M. K.: Performance analysis using stochastic Petri nets. IEEE Trans. Computers C31(9): 913-917, 1982. 12. Narahara, Y., Viswanadham, N.: Analysis and synthesis of flexible manufacturing systems using Petri nets. In Proceedings of the First ORSA TIMS Conference on Flexible Manufacturing Systems, Ann Arbor, MI. 1984, pp. 347-358. 13. Sciomachen, A.: A software environment for modelling and simulation of manufacturing systems. In Proceedings of the IV International Conference on CAD/CAM Robotics and Factories of the Future, Vol. 2, Juneia, Pujara and Sagar (Eds), TATA McGraw-Hill. 1989, pp. 557-565. 14. Shantz, S. M., Shenker, B., Murata, T.: Detection of ADA static deadlock using Petri net invariant. IEEE Trans. Software Engng 15(3): 314, 1990. 15. Taubner, D.: On implementation of Petri nets. In Advances in Petri Nets, Rozenberg, G. (Ed.). 1988, pp. 418-439. 16. Tu, S., Shatz, S. M., Murata, T.: Applying Petri net reduction to support ada-tasking deadlock detection. In Proceedings of X IEEE Conference on "Distributed Computing Systems". 1990. 17. Valavantis, K. P.: On the hierarchical modeling analysis and simulation of flexible manufacturing systems with extended Petri nets. IEEE Trans. Systems Man Cybernetics 20(l): 94-110, 1990. 18. Wilson, R. C.: Deadlocking in material handling systems. Technical Report 85-13, Department of Industrial and Operations Engineering, University of Michigan, Ann Arbor, MI, 1985. 19. Zhou, M. C., DiCesare, F.: Parallel and sequential mutual exclusion for Petri net modeling for manufacturing systems with shared resources. IEEE Trans. Robotics Automn 7(7): 515-527, 1991. 20. Zhou, M. C., McDermott, K., Petal, P. A.: Petri net synthesis and analysis of a flexible manufacturing system cell. IEEE Trans. Systems Man Cybernetics 23(2): 1993.

0

0 0 0 0 0 0

0 0

0 0 0 0 0 0

0 0

0

0 0

0 0

0 0

0 0

0 0

0 0

0 0

0 0

0 0

0

0

0 0

0 0

0 0

0 0

0 0

0

0

0 0

0 0

0 0

0 0

0 0

0

0

0 0

0 0

0 0

0 0

0 0

0

0

0 0

0 0

0 0

0 0

0 0

0

0

0 0

0 0

0 0

0 0

0 0

0

0

0 0

0 0

0 0

0 0

0 0

0

0

0 0

0 0

0 0

0 0

0 0

0

0

0 0

0 0

0 0

0 0

0 0

0

0

0 0

0 0

0 0

0 0

0 0

0

0

0 0

0 0

0 0

0 0

0 0

0

0

0 0

0 0

0 0

0 0

0 0

0

0

0 0

0 0

0 0

0 0

0 0

0

0

0 0

0 0

0 0

0 0

0 0

0

0

0 0

0 0

0 0

0 0

0 0

0

0

0 0

0 0

0 0

0 0

0 0

0

0

0 0

0 0

0 0

0 0

0 0

0

0

0 0

0 0

0 0

0 0

0 0

0

0

0 0

0 0

0 0

0 0

0 0

0

0

0 0

0 0 0 0 0

0 0 0

0 0 0

0 0

0

0

~

0

0 0

0

0 0

0

0

0 0

0

0 0

0

0

0 0

0

0 0 0 0

0

0 0

0

0

0 0

0

0 0

0

0

0 0

0

0 0

0

~

0 0

0

0 0

0

0

0

0 0

0

0 0

0

0

0 0

0

0 0

0

0

0 0

0

0 0

0 0

0

0 0

0

0

0 0

0

0 0

0

0

0 0

0

0 0

0

0

0 0

0

0 0

0

0

0

0 0

0

0 0

0

0

0 0

0

0 0

0

0

0 0

0

0 0

o,

Z

¢3

r~ ¢'1

Z

@

Q

0

_~.

0

0

0

0

0

0

~

0

0

~

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0 0

0

0

0

0

0

0

0

0 0

0

0

~

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

~

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

~

0

0

0

0

0

0

0

0

0

0

0

0

0

~

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

~

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

~

0

0

0

0

0

0

0

0

0

0

0

0

0

~

0

0

0

0

0

0

0

0

0

0

0

0

0

0 0

0 0

0

0

0

0

0

~

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

~

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

~

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

~

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

~

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

~

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

~

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

~

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

~

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

0

o

oo

P

z

.< o

CIQ

E