On Distributability of Petri Nets

We formalise a general concept of distributed systems as sequential components interacting asynchronously. We define a corresponding class of Petri nets, called LSGA nets, and precisely characterise those system specifications which can be implemented as LSGA nets up to branching ST-bisimilarity with explicit divergence.

💡 Research Summary

The paper tackles the fundamental question of how to formally describe distributed systems and under what conditions a given specification can be realized as a concrete distributed implementation. The authors begin by abstracting a distributed system as a collection of sequential components that interact solely through asynchronous message passing. This abstraction leads to the definition of a new class of Petri nets, called LSGA nets (Locally Sequential, Globally Asynchronous). In an LSGA net each transition is assigned to a component; within a component transitions must fire in a strictly sequential order, while communication between components is modelled by tokens travelling through dedicated asynchronous channels. The two structural constraints—local sequentiality and global asynchrony—capture the typical architecture of real‑world distributed systems, where each node executes a sequential program but exchanges data with other nodes via non‑blocking communication primitives.

To compare a high‑level specification with an LSGA implementation the authors adopt branching ST‑bisimilarity with explicit divergence as their behavioural equivalence. This equivalence is stronger than trace equivalence because it distinguishes internal choices, preserves the branching structure of the system, and explicitly records infinite internal activity (divergence). Consequently, two systems related by this equivalence are indistinguishable to an external observer both in terms of the choices they can make and the way they may diverge.

The core technical contribution is a precise characterisation of the specifications that admit an LSGA implementation up to the chosen equivalence. The authors prove that a specification can be implemented as an LSGA net if and only if it satisfies three structural conditions: (1) every decision point in the specification can be mapped to a distinct asynchronous channel, ensuring that inter‑component synchronisation is expressed solely by message passing; (2) all potentially infinite behaviours are marked as explicit divergence, preventing hidden livelocks from being concealed by the implementation; and (3) the concurrency structure of the specification does not require synchronisation patterns that exceed the expressive power of asynchronous channels (i.e., no “over‑synchronised” patterns). When these conditions hold, the paper provides an algorithmic construction that transforms the original net into an LSGA net. The construction proceeds by (a) partitioning transitions among components, (b) replacing each synchronisation edge with a pair of send/receive places linked by a channel, and (c) preserving the sequential order of transitions inside each component. The authors prove that the resulting LSGA net is branching ST‑bisimilar to the original specification, including the preservation of explicit divergence.

In addition to the forward construction, the authors present a reverse mapping that recovers a high‑level specification from a given LSGA net. This reverse mapping aggregates the local sequential behaviours of each component and abstracts away the concrete channel places, yielding a net that is again branching ST‑bisimilar to the original LSGA net. The bidirectional correspondence establishes that LSGA nets form a faithful implementation model for the identified class of specifications.

The paper situates its contribution within the broader literature on distributable Petri nets. Earlier approaches often restricted themselves to synchronous communication or imposed severe limits on the allowed concurrency, which made many realistic specifications non‑implementable. By explicitly modelling asynchronous channels, LSGA nets can capture communication delays, buffering, and even message loss in a formal setting. Moreover, the use of branching ST‑bisimilarity with explicit divergence provides a rigorous behavioural guarantee that was lacking in many prior works.

From a practical perspective, the authors argue that the transformation algorithm can be automated, enabling designers to check distributability of a specification early in the development cycle. The LSGA formalism also lends itself to subsequent verification steps such as model checking, performance analysis, or even automatic code generation for distributed middleware.

In summary, the paper delivers a comprehensive theoretical framework that (i) defines a realistic class of distributed Petri nets, (ii) identifies exact structural criteria for distributability, (iii) supplies constructive algorithms for both forward and reverse translations, and (iv) demonstrates that the resulting implementations preserve a strong behavioural equivalence. This bridges the gap between abstract system specifications and concrete distributed implementations, offering both deep insights and practical tools for researchers and engineers working on distributed system design.