Fairness Verification of BOM-based composed models using Petri Nets Imran Mahmood, Rassul Ayani, Vladimir Vlassov KTH Royal Institute of Technology Stockholm, Sweden {imahmood, ayani, vladv}@kth.se Farshad Moradi Swedish Defense Research Agency (FOI) Stockholm, Sweden farshad@foi.se Abstract—Model reuse is a promising and appealing convention for effective development of simulation systems. However it poses daunting challenges to various issues in research such as Reusability and Composability in model integration. Various methodological advances in this area have given rise to the development of different component reusability frameworks such as BOM (Base Object Model). However, lack of component matching and support for composability verification and validation makes it difficult to achieve effective and meaningful reuse. For this reason there is a need for adequate methods to verify and validate composability of a BOM based composed model. A verified composed model ensures the satisfaction of desired system properties. Fairness, as defined in section II, is an important system property which ensures that no component in a composition is delayed indefinitely. Fairness in a composed model guarantees the participation of all components in order to achieve the desired objectives. In this paper we focus on verification and propose to transform a composed BOM into a Petri Nets model and use different analysis techniques to perform its verification. We propose an algorithm to verify fairness property and provide a case study of a manufacturing system to explain our approach. Keywords—Model Verification;Composability;BOM framework; Petri Nets Analysis; Fairness; Manufacturing System. I. INTRODUCTION In the last two decades, the defense industry has invested significant resources in technologies and methods for making independently developed simulations work together [1]. The defense industry gained substantial experiences in interconnecting various simulation systems and the simulation research community has developed some supportive theories under the rubric of simulation composability [1]. The main driving factors behind composability are to enable reuse of existing solutions, cost reductions and cross-domain solutions [2]. The recent discussion on concepts of composability was reignited by Petty's and Weisel's publications on theory of composability [3] according to which, “Composability is the capability to select and assemble simulation components in various combinations into simulation systems to satisfy specific user requirements”. Component-based software engineering has been identified as a key enabler in the construction of composable simulations [4]. At the level of an abstract model, composability is the creation of a complex model from a collection of basic reusable model components [5]. Composability is an effective way to achieve reusability therefore at the model level reuse relies on a composition framework that provides features for both composability and the mapping of composite models into executable form. Base Object Model (BOM) is a component architecture based on these specifications. It contributes to conceptual modeling by providing the needed formalism and influence the ability to develop and compose model components [6] [7]. BOM is a Simulation Interoperability Standards Organization (SISO) standard. BOM encapsulates information needed to describe a simulation model using XML notation. BOM was introduced as a conceptual modeling framework for HLA (High Level Architecture) which is an IEEE standard for distributed simulations. In BOM different elements such as entities, events, actions and state-machines of the components are defined. Entities, events and actions represent the structural information about the real world objects that are being modeled, whereas State-machine is an essential part of BOM that provides means to formalize the component behavior and is our focus in this paper. Without the loss of generality we assume in this paper that a BOM component represents one entity. For details interested readers should refer to [8] [9]. The BOM framework poses an adequate potential for effective model composability and reuse; however it lacks means to express necessary elements of semantic accordance (agreement on the understanding of mutual communication) and behavioral coherency (having an interaction consistent with the common goals) between the composed components, which are essential for reasoning about the validity of the composition [10]. This fact leads us to the investigation of external methods for the matching and verification of BOM composability. In modeling and simulation, verification is typically defined as the process of determining whether the model has been implemented correctly [11]. Actually, verification is concerned with the accuracy of transforming the model’s requirements into a conceptual model and the conceptual model into an executable model [12]. We focus on the former part and assume that the behavioral correctness is a part of the model’s requirements. In our case the conceptual model is represented by a composed BOM. Our task is to verify that the BOM based composed model satisfies the behavioral requirements such as avoiding deadlock and live-lock or guaranteeing fairness. These requirements are defined in form of system properties and may also include specific reachability properties representing certain desirable or undesirable incidences in the system. All these properties can generally be grouped as Safety or Liveness requirements. In Composability Verification we assess that the model components are correctly assembled such that they satisfy the given requirement specification and their combined behavior is suitable to reach given objectives. Fairness property as defined in the next section, has a significant place in requirement specifications, and the motivation behind the notion of verifying fairness in a composed model is to disallow infinite executions of some components due to which others are unable to proceed or make progress [13]. It is possible that a deadlock-free composed model makes progress but it cannot guarantee the fulfillment of desired objectives because one of the