The Analysis of Resource Constrained Workﬂows

using Petri Nets

Oana Otilia Prisecaru

Faculty of Computer Science, ”Al. I. Cuza” University

Gen. Berthlot St, No 16, 740083 Iasi, Romania

Abstract. A workﬂow describes a complex process that takes place inside an

organization. A workﬂow can be structured into several perspectives. In order to

model both the process and the resouce perspective of workﬂows, a Petri net

model based on nested Petri nets has been proposed: resource workﬂow nets

(RWF-nets). Unlike other models, RWF-nets permit a clear distinction between

the perspectives, modelling efﬁciently their interaction, and ensure the ﬂexibility

of the system. A case (or workﬂow instance) is the subject of the operations in

the workﬂow. RWF-nets permit the handling of one case at a time. This paper ex-

tends the deﬁnition of RWF-nets in order to allow the handling of multiple cases

at a time, deﬁnes a notion of behavioural correctness for RWF-nets, k-soundness,

and proves the decideability of this property for a special class of RWF-nets.

1 Introduction

A workﬂow is a complex process, consisting of activities organized in order to accom-

plish some goal. A workﬂow is structured into several perspectives, among which we

mention: the process perspective - speciﬁes which tasks need to be executed and in

what order; the resource perspective - speciﬁes the population in which the workﬂow

is executed (the resources) and the existing roles (resource classes based on organiza-

tional or functional aspects). A workﬂow management system (WFMS) is a software

system that supports the modelling and execution of workﬂows. WFMS’s can use dif-

ferent modelling languages for the deﬁnition of workﬂows. A formal method which

has been successfully used for workﬂow modelling is Petri nets. Most of the current

research has focused on the modelling of the process perspective of workﬂows. A Petri

net model for workﬂows, which includes resources, can be found in [3,4] where special

places are used for representing resources in the process perspective. While no alloca-

tion mechanisms are represented, this approach deﬁnes and studies a soundness notion

for workﬂows. A more detailed view on the resource perspective is offered in papers

like [10,14], where coloured Petri nets are used in order to model a work distribution

system. The approach in [7] allows the modelling of resources and the handling of sev-

eral cases; In [13], resource-extended stochastic workﬂow nets allow the performance

analysis of the workﬂows. None of these approaches study the logical correctness of

the workﬂows. Thus, the existing approaches either model the resource perspective in a

simplistic manner, or they fail to solve veriﬁcation problems for workﬂows. Also, there

Otilia Prisecaru O.

The Analysis of Resource Constrained Workﬂows using Petri Nets.

DOI: 10.5220/0003014900500059

In Proceedings of the 8th International Workshop on Modelling, Simulation, Veriﬁcation and Validation of Enterprise Information Systems (ICEIS 2010), page

ISBN: 978-989-8425-12-6

is an unclear mixture of perspectives, which can make workﬂow speciﬁcations difﬁcult

to understand, analyze and work with. In order to tackle these problems, in [11, 12], we

proposed a special class of nested Petri nets - Resource Workﬂow Nets (RWF-nets), for

the integrated modelling of the process and of the resource perspective of workﬂows.

Nested Petri nets ([8]) are a special class of the Petri net model, in which tokens may

be nets themselves (object-nets). RWF-nets are deﬁned as a special case of two-level

nested Petri nets, in which the two perspectives are modelled as two separate object-

nets: one object-net is a Petri net which models the resource perspective and the other is

a Petri net which models the process perspective. The process perspective is modelled

using extended workﬂow nets, an extension of workﬂow nets, introduced in [1]. The

resource perspective is modelled using resource nets, a Petri net model which describes

the existing resources and roles, the allocation of resources to speciﬁc roles (accord-

ing to predeﬁned rules) and the release of resources from roles. The two object-nets

synchronize whenever a task from the workﬂow net uses a role of the resource net and

they behave independently otherwise. A RWF-net describes the handling of one case

at a time, where a case is the subject of the operations in the workﬂow . A notion of

behavioural correctness was deﬁned and proved decidable for RWF-nets.

In workﬂow management systems several instances of a workﬂow (cases) are exe-

cuted simultaneously, hence it is important to verify if the soundness criteria are also

met in this situation. In this paper we extend the deﬁnition of RWF-nets in order to

allow the handling of several cases at a time and we deﬁne the notion of k-soundness

in order to describe the correct behaviour of RWF-nets for this situation. We prove that

in the case the resource net is live, the k-soundness of the RWF-net is equivalent with

the k-soundness of the extended workﬂow net and thus, decidable.

The remainder of the paper is organized as follows: Section 2 introduces the def-

inition of resource nets and RWF-nets, Section 3 deﬁnes and studies the k-soundness

property for RWF-nets and Section 4 concludes the paper.

2 The Modelling of the Resource Perspective using Petri Nets

2.1 Preliminaries

In what follows we will give the basic terminology and notation concerning workﬂow

nets, a Petri net formalism which has been used for modelling the process perspective

of workﬂows (for details the reader is referred to [1]). We assume the reader is familiar

with the Petri net terminology and notation. A workﬂow net (WF-net) is a Petri net

which has two special places: one source place, i, and one sink place, o. The marking in

which there are k tokens in the source place represents the beginning of the processing

for k cases (the initial marking of the net, denoted by i.k). The marking in which there

are k tokens in the sink place, represents the end of the processing for the k cases (and

the ﬁnal marking of the net, denoted by o.k). An additional requirement is that every

element of the workﬂow net should be on a path from i to o.

A Petri net PN=(P,T,F) is a WF-net iff: (1) PN has a source place i and a sink place

o such that •i = ∅ and o• = ∅. (2) If we add a new transition t

∗

to PN such that

•t

∗

= {o} and t

∗

• = {i}, then the resulting Petri net is strongly connected.

A marking of a Petri net (and of a WF-net) is a multiset m : P → IN (where IN

denotes the set of natural numbers). We write m = 1

′

+ 2

′

for a marking m with

m(p

) = 1, m(p

) = 2 and m(p) = 0, ∀p ∈ P − {p

, p

}. The empty marking is

denoted by 0.

We will present the Petri net model used for describing the resource perspective,

deﬁned in [11, 12]. The resource perspective deﬁnes the existing resources and their

interaction with the process perspective. A task that needs to be executed for a speciﬁc

case is called a work item. Each work item should be performed by a resource suited

for its execution. In order to facilitate the better allocation of resources to work items,

resources are grouped into roles. Thus, instead of assigning work items directly to re-

sources, work items will be assigned to certain roles. This way (pattern) of representing

and using resources is called ”role-based allocation” ([6,9, 14]).

A role, also referred to as a resource class, is a group of resources with similar

characteristics. We consider that each resource has a general type. A resource can have

more roles (at different moments in time) and each role can be performed by several

resources of different types ([6]).

In our model, for each role one must specify the set of resource types that can be

mapped onto that role. Based on these rules (which are speciﬁed at design time), the

system will be able to allocate dynamically resources to the appropriate roles. Thus, a

speciﬁcation for the resource perspective consists in the following elements:

- A set of resource basic types: RT = {T ype

, . . . , T ype

}. For each type T ype

, i ∈

{1, 2, . . . , n} there is a number n

of resources of that type.

- A set of roles, RO = {Rol e

, Role

, . . . , Role

- For each role r ∈ RO, res(r) represents the resource types which can be assigned to

the role (res(r) ⊆ RT ).

Given the elements above, a resource net RN = (P

, T

, F

) can be deﬁned

as follows:

– P

= P

∪ P

ROLE

∪ P

′

where: P

= RT , P

ROLE

= RO and P

′

= {R

|Role

∈

RO, T ype

∈ res (Role

)}.

– T

= {assign

, release

|Role

∈ RO, T ype

∈ res(Role

)} ∪ T

Rem

, where T

Rem

is a set of transitions which can remove resources.

– F

= {(T ype

, assign

), (assign

, Role

), (assign

, R

), (R

, release

(Rol e

, release

), (release

, T ype

)|Role

∈ RO, T ype

∈ res(Role

)} ∪ F

Rem

where F

Rem

⊆ P

× T

Rem

In the resource net, P

corresponds to the set of resource types and P

ROLE

corre-

sponds to the set of roles. For each role Role

and for each resource type T yp e

∈

res (Role

) the following elements are added to the net (see Fig. 1): a place R

, which

will be used for the proper release of resources; a transition assign

which moves a

resource from T ype

to role Role

; a transition release

which releases the resources

of type T ype

, assigned to Role

, when they are not needed any longer. In the initial

marking of the net, in every place T ype

, there will be a number of tokens equal to

the number of resources of that type. The transitions in the set T

Rem

can model the

situation in which certain resources become permanently unavailable in the workﬂow.

One can notice that the Petri net model we propose abstracts from the interaction

with the process perspective. In the Petri net model which integrates both perspectives,

Type_k

release_ik

R_ki

exec_task

Role_iassign_ki

t_rem

Fig.1. A resource workﬂow net in its initial marking.

for every task in the workﬂow that needs the role Role

for its execution, a new transi-

tion will be added to the resource net (transition exec task in Fig. 1).

Let W F = (P, T, F ) be a WF-net. The extended WF-net is W F

′

= (P, T

′

, F

′

where: T

′

= T ∪ {t

′

} and F

′

= F ∪ {(o, t

′

)}.

2.2 Resource Workﬂow Nets

In what follows we will deﬁne resource workﬂow nets (RWF-nets). We will extend our

approach from [11, 12], in order to allow the handling of several cases simultaneously

in the workﬂow. RWF-nets will be deﬁned as a special class of nested Petri nets, in

which there exist only two object-nets, together with a function Role. Nested Petri nets

are Petri nets which can have as tokens ordinary Petri nets. A nested Petri net consists

of a system net (a high level Petri net with expressions on arcs) and object Petri nets.

Deﬁnition 1. A Resource Workﬂow Net is a two-level nested Petri net together with a

function Role: RW F N = (V ar, Lab, (W F

′

, i.k), (RN, rm

), SN, Λ, Role):

1. V ar = {x, y} is a set of variables.

2. Lab = Lab

∪ Lab

is a set of net labels such that Lab

= {e, e}.

3. (W F

′

, i.k), (RN, rm

) are object-nets: (W F

′

, i.k) is an extended WF-net with its

initial marking and (RN, m

) is an extended resource net with its initial marking.

4. SN = (N, W, M

) is the system net of RWFN, such that:

- N= (P

, T

, F

) is a high level Petri net such that:

- P

= {I, p, O} , where O is a place such that O• = ∅ and I

is a place such that •I = ∅.

- T

= {end}.

- F

= {(I, end), (p, end), (end, p), (end, O)}.

- M

is the initial marking of the net, in which there exist k atomic tokens in place

I, place p contains the pair ((W F

′

, i.k), (RN, m

)) and place O is empty.

- W is the arc labelling function: W (I, end) = 1, W (p, end) = W (end, p) =

(x, y), W (end, O) = 1.

5. Λ is a partial function which assigns to certain transitions from the nets W F

′

, RN,

SN, a label from the set Lab, and: Λ(end) = e, Λ(t

′

) = e. For any transition t

in W F

′

, t 6= t

′

, such that Λ(t) is deﬁned, there is a transition t

∈ T

such that

Λ(t) = Λ(t

) ∈ Lab

6. Role is a partial function which assigns to every labelled transition t from W F

′

(t 6= t

′

) a role from RN such that: if Λ(t) = l and Role(t) = Role

then there

exists t

∗

in RN with Λ(t

∗

) = l and (t

∗

, Role

), (Role

, t

∗

) are arcs in RN .

There are two object-nets in a RWFN-net: (W F

′

, i.k) is an extended WF-net which

models the process perspective and (RN, rm

) describes the resource perspective: RN

is a resource net to which some labelled transitions are added in order to ensure the

interaction with the process perspective. Variables x and y will be assigned certain

values at runtime: the possible values for these variables are the object-nets (in certain

markings). x has the net type W F

′

and y has the net type RN . In SN, the places I

and O will hold atomic tokens, while p will hold a pair of net-tokens. There is only

one constant, 1, for the arcs (I, end), (end, O), which is interpreted as an atomic token.

Role is a partial function which assigns to every task (labelled transition) t in W F , a

role Role

from RN . This function designates the role that can execute this task. Λ is

a partial function which labels the transitions of the object-nets and of the system-net.

If t is a labelled transition in W F

′

, t 6= t

′

and t needs a role Role

for its execution

(i.e. Role(t) = Role

), then there exists a corresponding transition in RN , connected

to Role

with the same label as t. Also, t

′

and end have complementary labels.

A workﬂow is modelled using RWF-nets in the following manner: ﬁrst, the pro-

cess perspective is modelled using an extended WF-net. The resource perspective is

modelled separately using a resource net. For each task that needs a certain role for its

execution, a new transition is connected with the place corresponding to that role, in the

resource net. The task and the added transition have the same label.

We denote by A

net

the set of net-tokens (marked object-nets): A

net

= {(EN, m)|

EN ∈ {W F

′

, RN }, m is a marking of EN}. A marking of a resource workﬂow net

can be represented as a vector M = (M (I), M (p), M(O)), where M (I), M (O) ∈ N

and M(p) ∈ N

net

. A binding b for the transition end is a function b : {x, y} → A

net

b assigns net-tokens to the variables of the net. Transition end from the system net SN

of a RWF-net is enabled in a marking M w.r.t. a binding b if I contains at least an

atomic token and W (p, end)(b) = (x, y)(b) = (b(x), b(y)) ∈ M(p).

The steps that can occur in resource workﬂow nets are those deﬁned for two-level

nested nets ([8]): The ﬁring of am unlabelled transition, which is enabled in the mark-

ing of RN or of W F

′

, represents an object-autonomous step; A labelled transition

enabled in the marking of W F

′

should ﬁre at the same time with a transition with

the same label enabled in the marking of RN . The simultaneous ﬁring of these two

transitions represents a horizontal synchronization step. In the resulting marking of the

RWF-net, both the marking of W F

′

and R N will change; If end is enabled in SN w.r.t.

a binding b and t

′

is enabled in W F

′

, the synchronous ﬁring of end and t

′

represents

a vertical synchronization step. The ﬁring of the vertical synchronization step in a cer-

tain binding b (b(x) = (W F

′

, m), b(y) = (RN, rm)) removes the pair of net-tokens

((W F

′

, m), (RN, rm)) from place p and then adds back to p the pair of net-tokens :

((W F

′

, m

′

), (RN, rm)), where m

′

is the marking obtained in W F

′

by ﬁring the tran-

sition t

′

. An atomic token will be added to place O.

The set of all steps in a RWF-net is denoted by Y.

The example in Fig. 2 presents a RWF-net modelling a workﬂow which processes

admission applications for a college. There are two types of resources (assistants and

professors) and two possible roles: secretary (S) and commission member (CM). A S

role can be performed by an assistant and a CM role can be performed by a profes-

sor. The speciﬁcation for the resource perspective is: RT = { assistants ,professors},

release_CM

t’

end

send_answer

assign_CM

exec2

exec3

exec1

assign_S

exec4

( )

reject

WF’

assistants

release_S

register_application

(x,y)

professors

Fig.2. A resource workﬂow net in its initial marking.

RO = {S, CM }, res(S)={assistants}, res(CM)={professors}. The function Role de-

scribes which roles must execute the tasks of the workﬂow and it is deﬁned as follows:

Role(register application)=S,Role(accept)=CM, Role(reject)=CM, Role(send answer)

=S. The marking m

for RN is: m

= 1

′

assistants + 1

′

prof essors. In the initial

marking of the RWF-net, M

(I) = 1, M

(p) = ((W F

′

, i.1), (RN, m

)). In M

, tran-

sition register application from W F

′

cannot ﬁre, although it is enabled in (W F

′

, i.1):

it can only ﬁre simultaneously with transition exec1 in RN , which is not enabled. As-

sume the object-autonomousstep (; as sign S) ﬁres ﬁrst. The new marking of the RWF-

net is M

= (1, ((W F

′

, i.1), (RN, m

)), 0), where m

= 1

′

S +1

′

prof essors.

The step (register application, e xec 1) is enabled in M

, producing a new marking

(see Fig. 2) M

= (1, ((W F

′

, m

′

), (RN, m

)), 0), where m

′

= 1

′

and m

. The system remains blocked (no other task in the process is executed) until re-

sources (assistants) are allocated for the CM role. Transition assign CM can ﬁre in-

dependently in RN. The resulting marking is M

= (1, ((W F

′

, m

′

), (RN, m

)), 0),

where m

= 1

′

S + 1

′

CM + 1

′

+ 1

′

. In M

, the step (accept,exec2) can ﬁre

and the resulting marking is M

= (1, ((W F

′

, m

′

), (RN, m

)), 0) where m

′

= 1

′

and m

= m

. Next, the step (send answer,exec4) can ﬁre producing the marking

= (1, ((W F, m

′

), (RN, m

)), 0) where m

= m

and m

′

= 1

′

o. The verti-

cal synchronization step Y = (end; t

′

) is enabled in marking M

with the binding b:

b(x) = (W F, m

′

), b(y) = (RN, m

) and the ﬁring of this step produces the marking

(0, ((W F

′

, 0 ), (RN, m

), 1)) which corresponds to the correct processing of the case.

3 The k-Soundness of Resource Workﬂow Nets

In this section we will introduce a notion of k-soundness for RWF-nets.

A notion of k-soundness was deﬁned for WF-nets, expressing the minimal condi-

tions a correct workﬂow should satisfy ([3,5]). We consider that an extended workﬂow

net W F

′

is sound if the underlying WF-net is sound.

A workﬂow net W F = (P, T, F ) is k-sound iff: (1) for every marking m reach-

able from the initial marking i.k, there exists a ﬁring sequence leading from m to the

ﬁnal marking o.k (termination condition): (∀m)((i[∗im) =⇒ (m[∗io)); (2) All the

transitions in W F are quasi-live:(∀t ∈ T )(∃m, m

′

)(i.k[∗im[tim

′

It was proven ([5]) that, if W F is k-sound: (m ∈ [i.ki) ∧ m ≥ o.k) ⇒ (m = o.k).

The following result can be easily proven:

Lemma 1. Let RW F N be a RWF-net and M ∈ [M

i a reachable marking. Then

M = (k

, ((W F

′

, m), (RN, rm)), k

), where m is a reachable marking in W F

′

and

rm is a reachable marking in RN .

Let RW F N be a RWF-net. If the initial marking is M

, the set of ﬁnal markings for

RW F N is: M

= {(0, ((W F

′

, 0 ), (RN, rm)), k)|rm is a reachable marking of RN}.

We will consider that a RWF-net is k-sound if: (1) W F

′

is k-sound, (2) for any

reachable marking of the RWF-net, M ∈ [M

i, there is a ﬁring sequence that leads to

a ﬁnal marking M

(the termination property) and (3) all the steps in the RWF-net are

quasi-live.

Deﬁnition 2. A RWF-net RW F N is k-sound if and only if:

1. (W F

′

, i.k) is a k-sound extended workﬂow net.

2. For every marking M reachable from the initial marking M

, there exists a ﬁring

sequence leading from M to a ﬁnal marking M

(∀M)((M

[∗iM ) =⇒ (M[∗iM

, M

∈ M

3. RW F N is quasi-live: ∀Y ∈ Y, there exists a marking M ∈ [M

i such that M [Y i.

First, we consider the workﬂow is k-sound if the WF-net describing the process is k-

sound (abstracting from resources). A ﬁnal marking of the RWF-net is reached if the

vertical synchronization step ﬁres k times. This implies that transition t

′

can ﬁre k times

in W F

′

, which happens if and only if the ﬁnal marking of the WF-net can be reached.

Thus, condition (2) states that the workﬂow is k-sound if the termination condition still

holds in the WF-net, when the ﬁring of tasks is restricted by the resource perspective.

Lemma 2. Let RW F N be a RWF-net such that W F

′

is k-sound. The markings in

are the only markings reachable from M

which contain k tokens in place O:

(∀M)((M

[∗iM ) ∧ M (O ) = k) =⇒ (M ∈ M

)).

Proof. Let M ∈ [M

i with M(O) = k. Tokens can be added to place O only by the

ﬁring of the vertical synchronizationstep (end; t

′

). In order to produce k tokens in place

O, this step has to ﬁre k times. Since M

[∗iM , then m ∈ [i.ki

W F

′

and rm ∈ [rm

(Lemma 1). Thus, ∃ σ ∈ T

′∗

such that i.k[σim. t

′

has k occurrences in σ. Since

o• = {t

′

}, the order in which the transitions t

′

appears in σ is not important. Thus, we

can write σ = σ

′

)

, σ

′

∈ T

∗

. Hence, i.k[σ

′

[(t

′

)

im. m

′

(o) = k. Since W F

is k-sound, the only reachable marking with k tokens in o is o.k . If o.k[(t

′

)

im, then

m = 0. Also, because M(I) + M(O) = k and M(O) = k, it results that M (I) = 0.

Thus, M ∈ M

Lemma 3. Let RW F N = (V ar, Lab, (W F

′

, i.k), (RN, rm

), SN, Λ, Role) be a RWF-

net such that W F

′

is k-sound and (RN, rm

) is live. Then, for every reachable mark-

ing m ∈ [i .ki in W F

′

, there is a reachable marking M ∈ [M

i in RW F N such that

M = (k

, ((W F

′

, m), (RN, rm)), k

), where rm ∈ [rm

Proof. Let m ∈ [i.ki be a reachable marking in W F

′

. Then, there is a sequence of tran-

sitions in W F

′

, σ ∈ T

′∗

, such that i.k[σim. Let |σ| = n. We will prove, by induction

on n, that there exists a sequence of steps in RW F N , σ

′

∈ Y

∗

, such that M

[σ

′

and M = (k

, ((W F

′

, m), (RN, rm)), k

), where rm is a reachable marking in RN.

Base. If n = 0, then m = i.k. If we consider σ

′

the empty sequence of steps in

RW F N , then M

[σ

′

, M

= (k, ((W F

′

, i.k), (RN, rm

)), 0).

Step. Assume the property holds for n and we prove it for n + 1: If i.k[t

. . . t

′

n+1

im, for the sequence i.k[t

. . . t

′

, there is a sequence of steps in RW F N

such that M

. . . Y

′

, where M

′

= (k

′

, ((W F

′

, m

′

), (RN, rm

′

)), k

′

) and rm

′

∈

[rm

(1) If t

n+1

is an unlabelled transition in W F

′

: the result follows easily, considering

then the object-autonomous step Y = (; t

n+1

) in RW F N from the marking M

′

(2)If t

n+1

6= t

′

is a labelled transition in W F

′

, then there exists t

′

n+1

in RN

such that λ(t

n+1

) = λ(t

′

n+1

). If t

′

n+1

is not enabled in rm

′

in RN , because t

′

n+1

is live, there exists rm

′′

∈ [rm

′

i such that: rm

′

. . . t

′

irm

′′

′

n+1

irm. We can as-

sume there are no labelled transitions in this sequence (the labelled transitions do not

have any effect on markings so they can be removed from the sequence). We can con-

sider the following steps: Y

′

= (; t

′

), . . . , Y

′

= (; t

′

). Thus, M

′

. . . Y

′

′′

where M

′′

= (k

′

, ((W F

′

, m

′

), (RN, rm

′′

)), k

′

). Y = (t

n+1

; t

′

n+1

) is enabled in M

′′

. . . Y

i M

′

. . . Y

′

i M

′′

[Y iM , where M = (k

′

, ((W F

′

, m), (RN, rm)), k

′

)

and rm ∈ [rm

(3) If t

n+1

= t

′

, t

′

is enabled in marking m

′

in W F

′

. We prove that the verti-

cal synchronization step Y = (end[b]; t

′

) is enabled in M

′

with the binding b(x) =

(W F

′

, m

′

), b(y) = (RN, rm

′

). In order to show that transition end is enabled in M

′

we will prove that M

′

(I) > 0. Assume M

′

(I) = 0. Then, it results that M

′

(O) = k.

From Lemma 2, it results that m

′

= 0, which contradicts the fact that t

′

is enabled in

W F

′

. Thus, M

. . . Y

i(k

′

, ((W F

′

, m

′

), (RN, rm

′

)), k

′

)[(end[b]; t

′

− 1, ((W F

′

, m), (RN, rm

′

)), k

′

+ 1).

Let (W F

′

, i.k) be a k-sound extended WF-net together with its initial marking. It

can be easily proven that all the transitions in W F

′

are quasi-live.

Lemma 4. Let RW F N be a RWF-net such that W F

′

is k-sound and (RN, rm

) is

live. All the steps in RW F N are quasi-live: ∀Y ∈ Y, ∃M ∈ [M

i such that M[Y i.

Proof. W F

′

is k-sound, so all the transitions in W F

′

are quasi-live. (RN, m

) is live

hence, all the transitions in RN are quasi-live. Let Y be a step in R W F N . We consider

the following cases:

(1)Y is an object-autonomous step: then Y = (; t) and t is an unlabelled transition

from W F

′

or RN. If t is an unlabelled transition from RN: since t is live in RN , there

is rm ∈ [rm

i such that: rm

. . . t

irm[ti. We can consider that t

, . . . , t

are

unlabelled in RN . The following object-autonomous steps can ﬁre in RW F N from

the initial marking: Y

= (; t

), . . . , Y

= (; t

): M

. . . Y

iM, where M =

(k, ((W F

′

, i.k), (RN, rm)), 0). The step Y = (; t) is enabled in M , because rm[ti in

RN . If t is an unlabelled transition from W F

′

: similar to the previous case.

(2)Y is a horizontal synchronization step: similar to (1).

(3) If Y is the vertical synchronization step: Y = (end; t

′

). t

′

is quasi-live in

W F

′

, so there is m ∈ [i.ki such that m[t

′

i. For m ∈ [i.ki, there exists M ∈ [M

M = (k

, ((W F

′

, m), (RN, rm)), k

). Also, M (I) 6= 0 (otherwise, from Lemma 2,

M ∈ M

and m = 0 ). Now, if we consider the binding b with b(x) = (W F

′

, m) and

b(y) = (RN, rm), then end is enabled in marking M w.r.t. binding b and M[en d(b); t

′

The following theorem shows that in a RWF-net in which the resource net RN is

live, the k-soundness is equivalent with the k-soundness of its workﬂow net, which is a

decidable property ([3,4]):

Theorem 1. LetRW F N = (V ar, Lab, (W F

′

, i), (RN, rm

), SN, Λ, Role) be a RWF-

net such that (RN, rm

) is a live resource net. Then, RW F N is k-sound if and only if

W F

′

is k-sound.

Proof. (=⇒) If RW F N is k-sound, W F

′

is k-sound.

(⇐=) If W F

′

is k-sound, the ﬁrst condition in the deﬁnition of soundness for RWF-

net takes place.Also, RW F N is quasi-live: because (RN, rm

) is live and W F

′

k-sound, using Lemma 4, it results that RW F N is quasi-live.

We will show that the second condition in the deﬁnition of RWF-nets also takes

place: Assume M ∈ [M

i, M = (k

, ((W F

′

, m), (RN, rm)), k

). There exists τ ∈

Y such that M

[τiM . k

is the number of ocurrances of the vertical step (end; t

′

)

in τ . k

+ k

= k. We can write τ = τ

′

(end; t

′

)

and M

[τ

′

[(end; t

′

)

iM.

′

= (k, ((W F

′

, m

′

), (RN, rm)), 0) and m = m

′

− o.k

. Using Lemma 1, it results

that there exists a transition sequence σ in W F

′

such that i.k[σim

′

(σ does not contain

the transition t

′

). Because W F

′

is k-sound, there is a transition sequence σ

′

such that

′

[σ

′

io.k. σ

′

does not contain t

′

and σ

′

can also ﬁre from m = m

′

− o.k

(o does not

haveoutput transitions in σ

′

). m[σ

′

i(o.k−o.k

). Let σ

′

= t

. . . t

and t

6= t

′

. We show

there exists a sequence of steps such that M

′

= (k, ((W F

′

, m

′

), (RN, rm)), 0)[∗ i

(k, ((W F

′

, o.k), (RN, rm)), 0). Let Y = (t, t

∗

), with λ(t) = λ(t

∗

). If t

∗

is not en-

abled in r m , since (RN, rm

) is live, there exists a sequence of transitions rt

. . . rt

such that rm[rt

. . . rt

irm

′

∗

irm

. The steps Y

= (; rt

), . . . Y

= (; rt

) are

enabled in M

′

and M

′

. . . Y

′′

[Y i. Thus, for every transitions t

∈ σ

′

from

W F we can obtain a corresponding sequence of steps in RW F N. Finally, we can

obtain a sequence of transitions π such that M

′

[πi (k, ((W F

′

, o.k), (RN, rm

∗

)), 0).

No vertical synchronization step ﬁres in π and π does not remove tokens from o. Also,

no transitions remove tokens from o except t

′

. Thus, π can ﬁre from M and M =

, ((W F

′

, m

′

−o.k

), (RN, rm)), k

)[πi(k

, ((W F

′

, o.k −o.k

), (RN, rm

∗

)), k

Now, the vertical synchronization step can ﬁre k − k

times producing the ﬁnal marking

(0, ((W F

′

, 0 ), (RN, rm)), k).

4 Conclusions

This paper presented a special class of nested Petri nets used to model both the re-

source perspective and the process perspective for a workﬂow, allowing the handling

of k cases at a time. The two perspectives are represented as two independent object-

nets. The advantage of this approach is that it integrates both perspectives but it keeps

a clear difference between them: unlike other approaches that use Petri nets ([3, 4,10,

14,7, 13]), resources and roles are not represented in the same Petri net as the process.

A notion of k-soundness was introduced in order to study the logical correctness of

workﬂows: even if the workﬂow is 1-sound, when k cases are processed, it is possi-

ble that some cases could not be handled due to insufﬁcient resources. We proved that

k-soundness is decidable for a special class of RWF-nets.

References

1. W. M. P. van der Aalst: The Application of Petri nets to Workﬂow Management, The journal

of Circuits, Systems and Computers, 8(1): pp. 21- 66, Eindhoven University of Technology,

The Netherlands, 1998.

2. W. M. P. van der Aalst: Veriﬁcations of Workﬂow Nets. P. Azema and G. Balbo, editors,

Application and Theory of Petri nets 1997, volume 1248 of Lecture Notes in Computer

Science, pp. 407-426, SpringerVerlag, Berlin, 1997.

3. K. Barkaoui, L. Petrucci: Structural analysis of workﬂow nets with shared resources. Work-

ﬂow management: Net-based Concepts, Models, Techniques and Tools (WFM’98), volume

98/7 of Computing science reports, pp. 82-95, Eindhoven University of Technology, 1998.

4. K. van Hee, N. Sidorova, M. Voorhoeve: Resource-Constrained Workﬂow Nets. Lindemann,

Burkhard, Czaja, Skowron, Schlingloff, Suraj (Eds.): Proc. of the International Workshop

on Concurrency, Speciﬁcation and Programming (CS & P) 2004, pp. 166-177, Informatik-

Berichte der Humboldt-Universitat zu Berlin, Nr. 170, September 2004.

5. K. Hee, N. Sidorova and M. Voorhoeve: Generalised Soundness of Workﬂow Nets Is Decid-

able. In Application and Theory of Petri Nets 2004, vol. 3099 of Lecture Notes in Computer

Science, pages 8295. Springer-Verlag, Berlin, 2004 .

6. A. Kumar, W.M.P. van der Aalst, H.M.W. Verbeek: Dynamic Work Distribution in Workﬂow

Management Systems: How to balance quality and performance?. Journal of Management

Information Systems, 18(3), pp.157-193, 2002.

7. J. Li, Y. Fan, and M. Zhou. Performance modeling and analysis of workﬂow. IEEE Transac-

tions on Systems, Man, and Cybernetics, Part A: Systems and Humans, 34:229242, 2004

8. I.A. Lomazova: Nested Petri Nets - a Formalism for Speciﬁcation and Veriﬁcation of Multi -

Agent Distributed Systems. Fundamenta Informaticae 43 pp. 195-214, 2000.

9. M. zur M¨uhlen. Resource modeling in workﬂow applications. Proceedings of the 1999 Work-

ﬂow Management Conference (November 1999), pp. 137-153, 1999.

10. M. Netjes, W.M.P. van der Aalst, H.A. Reijers. Analysis of resource-constrained processes

with colored petri nets. In K. Jensen, Proc. of the 6th Workshop and Tutorial on Practical

Use of Coloured Petri nets and the CPN Tools (CPN’05), pp. 251-265, 2005

11. O. Prisecaru. Resource workﬂow nets:a Petri Net Formalism for Workﬂow Modelling. In

Proc. of MSVVEIS 2007, pages 1121, 2007.

12. O. Prisecaru. Resource workﬂow nets: an approach to workﬂow mod- elling and analysis.

Enterprise Information Systems, 2:101120, 2008.

13. H. A. Reijers. Design and Control of Workﬂow Processes. Business Process Management for

the Service Industry, volume 2617 of LNCS. Springer-Verlag, Berlin, 2003.

14. I.T.P. Vanderfeesten, W.M.P. van der Aalst, H.A. Reijers. Modelling a product based work-

ﬂow system in CPN Tools. In K. Jensen, Proc. of the 6th Workshop and Tutorial on Practical

Use of Coloured Petri Nets and the CPN Tools, pp. 99-118, Aarhus, Denmark: University of

Denmark, 2005.