Basis Coverability Graph for Partially Observable Petri Nets with Application to Diagnosability Analysis

. Petri nets have been proposed as a fundamental model for discrete-event systems in a wide variety of applications and have been an asset to reduce the computational complexity involved in solving a series of problems, such as control, state estimation, fault diagnosis, etc. Many of those problems require an analysis of the reachability graph of the Petri net. The basis reachability graph is a condensed version of the reachability graph that was introduced to eﬃciently solve problems linked to partial observation. It was in particular used for diagnosis which consists in deciding whether some fault events occurred or not in the system, given partial observations on the run of the system. However this method is, with very speciﬁc exceptions, limited to bounded Petri nets. In this paper, we introduce the notion of basis coverability graph to remove this requirement. We then establish the relationship between the coverability graph and the basis coverability graph. Finally, we focus on the diagnosability and stochastic diagnosability problems: we show how the basis coverability graph can be used to get eﬃcient algorithms when such problems are decidable.


Introduction
The marking reachability problem is a fundamental problem of Petri nets (PNs) which can be stated as follows: Given a net system N, M 0 and a marking M , determine if M belongs to the reachability set R(N, M 0 ). It plays an important role since many other properties of interest can be solved by reduction to this problem. The marking reachability problem has been shown to be decidable in [19] and was shown to be EXPSPACE-hard in [23].
In the case of bounded PNs, i.e., net systems whose reachability set is finite, a straightforward approach to solve this problem consists in constructing the reachability graph, which provides an explicit representation of the net behavior, i.e., its reachability set and the corresponding firing sequences of transitions. However, albeit finite, the reachability graph may have a very large number of nodes due to the so called state space explosion that originates from the combinatorial nature of discrete event systems. For this reason, practically efficient approaches, which do not require to generate the full state space, have been explored. We mention, among others, partial order reduction techniques, such as the general approaches based on stubborn sets [28] and persistent sets [13] or the Petri net approaches based on unfolding [21] and maximal permissive steps [4].
In the case of unbounded PNs, whose reachability set is infinite, the authors of [16] have shown that a finite coverability graph may be constructed which provides a semi-decision procedure (necessary conditions) for the marking reachability problem. It provides an over-approximation of both the reachability set and the set of firing sequences. As was the case for the reachability graph, this approach is not efficient and improvements to the basic algorithm have later been proposed [22].
Recently some of us have proposed a quite general approach that exploits the notion of basis marking to practically reduce the computational complexity of solving the reachability problem for bounded nets. This method has originally been introduced to solve problems of state estimation under partial observation [12] but has later been extended to address fault diagnosis [6], state-based opacity [27] and general reachability problems [17].
The approach in [17] considers a partition of the set of transitions T = T e ∪ T i : T e is called set of explicit transitions and T i is called set of implicit transitions. The main requirement is that the subnet containing only implicit transitions be acyclic. The firing of implicit transitions is abstracted and only the firing of explicit transitions need to be enumerated. The advantage of this technique is that only a subset of the reachability space -i.e., the set of the so-called basis markings -is enumerated. All other markings are reachable from a basis marking by firing only implicit transitions and can be characterized by the integer solutions of a system of linear equations. In a certain sense, this hybrid approach combines a behavioral analysis (limited to the the firing of transitions in T e ) with a structural analysis (which describes the firing of transitions in T e ).
The objective of this paper is twofold. First, we show that the approach of [17] can be generalized to unbounded nets and we define a basis coverability graph where the firing of implicit transitions is abstracted, thus reducing the number of nodes of the standard coverability graph. In addition, we show how this approach can be applied to study the diagnosability of Petri nets in the logic framework of [24] and in the stochastic framework of [2]. In this case, we consider as implicit the set of unobservable transitions. However, since the firing of unobservable faulty transitions need to be recorded, we further extend the approach of [17] by considering that there may exists a subset of implicit transitions (called relevant transitions) which, albeit abstracted, need to be handled with special care. The diagnosis of both bounded and unbounded nets is considered.
The paper is structured as follows. In Section 1, we recall some usual definitions for Petri Nets and their coverability graph. In Section 2, we introduce the notion of basis coverability graph and establish some of its properties. In Section 3 we give the definitions of stochastic Petri nets and of logical/stochastic diagnosability. In Section 4 we show how to use the basis coverability graph to analyse the stochastic diagnosability of bounded Petri nets. Finally in Section 5 we study unbounded Petri nets: we prove the undecidability of the stochastic diagnosability analysis and how to use the basis reachability graph for the logical diagnosability analysis.
Due to space constraints, one of the results presented in the paper is provided without proof. For the convenience of the reviewers, the proof is contained in an appendix which will be removed if the paper is accepted for publication. In the final version a link to a full version on HAL will be provided instead.
1 Background on Petri nets and Coverability Graph

Petri Nets
In this section the formalism used in the paper is recalled. For more details on Petri nets the reader is referred to [20]. Definition 1. A Petri net (PN) is a structure N = (P, T, P re, P ost), where P is a set of m places; T is a set of n transitions; P re : P × T → N and P ost : P × T → N are the pre-and post-incidence functions that specify the arcs. We also define C = P ost − P re as the incidence matrix of the net.
A marking is a vector M : P → N that assigns to each place of a PN a nonnegative integer number of tokens. A net system (NS) N, M 0 is a PN N with an initial marking M 0 . A transition t is enabled at M iff M ≥ P re(· , t) and may fire yielding the marking M = M + C(· , t). One writes M [σ to denote that the sequence of transitions σ = t j1 · · · t j k is enabled at M , and M [σ M to denote that the firing of σ yields M . One writes t ∈ σ to denote that a transition t is contained in σ. The length of the sequence σ (denoted|σ|) is the number of transitions in the sequence, here k.
The set of all sequences that are enabled at the initial marking M 0 is denoted L(N, M 0 ), i.e., L(N, M 0 ) = {σ ∈ T * | M 0 [σ }. Given k ≥ 0, the set of all sequences of length k is written T k , the set of all infinite sequences is written T ω . A marking M is reachable in N, M 0 iff there exists a firing sequence σ such that M 0 [σ M . The set of all markings reachable from M 0 defines the reachability set of N, M 0 and is denoted R(N, M 0 ).
Let π : T * → N n be the function that associates with the sequence σ ∈ T * a vector y ∈ N n , called the firing vector of σ. In particular, y = π(σ) is such that y(t) = k iff the transition t is contained k times in σ.
A PN having no directed circuits is called acyclic. Given k ∈ N, a place p of iff all of its places are bounded (resp. k-bounded).
A sequence is repetitive iff it can be repeated indefinitely (i.e. σ is repetitive in the marking M iff M [σ M with M ≥ M ). There are two kinds of repetitive sequences: a repetitive sequence is stationary if it does not modify the marking (i.e. M [σ M ), it is increasing otherwise. Remark that an NS containing an increasing sequence can not be bounded. Definition 2. Given a net N = (P, T, P re, P ost), and a subset T ⊆ T of its transitions, let us define the T −induced subnet of N as the new net N = (P, T , P re , P ost ) where P re , P ost are the restrictions of P re, P ost to T . The net N can be thought as obtained from N removing all transitions in T \ T . Let us also write N ≺ T N .

Coverability Graph
For a bounded NS N, M 0 , one can enumerate the elements of the reachability set R(N, M 0 ) and establish the transition function between the markings. The resulting graph is called Reachability Graph. If the NS is not bounded, this construction does not terminate. Instead, an usual method is to build the Coverability Graph which is a finite over-approximation of the reachability set and of the net language [16]. We will define in this section the coverability graph of an NS which if the NS is bounded is equal to the reachability graph of this NS.
An ω-marking is a vector from the set of places to N ∪ {ω}, where ω should be thought of as "arbitrarily large": for all k ∈ N, we have k < ω and ω ± k = ω. An ω-marking M is (resp. strictly) covered by an ω-marking M , written M ≤ M (resp. M M ) iff for every place p of the net, M (p) ≤ M (p) (resp. and there exists at least one place p such that M (p) < M (p)). We first define inductively a temporary set M t of pairs of ω-markings and set of ω-markings and the temporary transition function ∆ t by:  The temporary graph built here is equivalent to the coverability tree of [7]. They proved in [16] that the coverability tree (and thus our temporary graph) terminates in a finite number of steps.
Example 2. The coverability graph of the NS in Figure 1 is shown in Figure 2. The firing of t 1 at the initial marking adds a token to the second place, reaching a marking strictly greater than the initial marking in this place and equal everywhere else. Correspondingly in the coverability graph an ω appears in the second component of the marking to show that there is a repetitive sequence enabled by the system which increases the number of tokens in the second place.
A marking M is ω-covered by an ω-marking M ω , denoted M ≤ ω M ω if for every place p such that M ω (p) = ω, M ω (p) = M (p). Using this definition and the coverability graph, we define the coverability set of an NS which is an over-approximation of the reachability set.
The coverability set of the NS in Figure 1 is equal to its reachability set. This is not the case however for the NS in Figure 3 where the reachability set is {(k, 2r) | k, r ∈ N} while the coverability set is {(k, r) | k, r ∈ N}. We however clearly see that the coverability set subsumes the reachability set. We will use the rest of this section to recall a few known applications of the coverability graph and the coverability set. All those results can be found in [7]. First, as claimed earlier, the coverability set subsumes the reachability set.  σ is repetitive ⇒ there exists a directed cycle in the coverability graph whose arcs form σ starting in an ω marking M ω such that M ω ≥ ω M . σ is stationary ⇐ there exists a directed cycle starting in M in the graph that does not pass through markings containing ω and whose arcs form σ.
While the reachability/coverability graph has many applications, one of its downside is its size. For bounded NS, the authors of [6,9] introduced the notion of basis reachability graph which keeps most of the information relevant for partially observed systems of the reachability graph while decreasing, in some cases exponentially, the size of the graph. Their goal at the time was to study diagnosis. They then generalised this approach to study reachability (regardless of labeling on transitions) in [17]. The idea of the basis reachability graph is to select a set of transitions called "implicit" in [17] (and unobservable in [6]) that will be abstracted and to only represent the "explicit" transitions that can be fired (possibly after some implicit transition) in a given marking. In this section, we will describe how to apply this idea to unbounded NS and how to build instead a Basis Coverability Graph (BCG). When the NS is bounded, the BCG is equal to the basis reachability graph. Given a set of transitions T of a PN, we denote T i ⊆ T and T e = T \ T i the sets of implicit and explicit transitions respectively. Let C i (C e ) be the restriction of the incidence matrix to T i (T e ) and n i and n e , respectively, be the cardinality of the above sets of transitions. Given a sequence σ ∈ T * , P i (σ), resp., P e (σ), denotes the projection of σ over T i , resp., T e .
We will sometimes need the following assumptions.

A1:
The T i -induced subnet is acyclic. A2: Every sequence containing only implicit transitions is of finite length.
Remark that for bounded NS, the first assumption, which is an usual requirement for problems such as diagnosis of discrete event systems, implies the second one. When the partition between implicit and explicit transitions is not given, one can always choose a partition respecting the two assumptions above (for example T e = T ). The authors of [17] discuss how to choose an appropriate partition for the basis reachability graph and how this choice affects the cardinality of the set of markings of the graph.
Definition 5. Given a marking M and an explicit transition t ∈ T e , let be the set of explanations of t at M , and let be the e-vectors (or explanation vectors), i.e., firing vectors associated with the explanations.
Thus Σ(M, t) is the set of implicit sequences whose firing at M enables t. Among the above sequences we will select those whose firing vector is minimal and those who are minimal while containing a transition among a chosen set T s ⊆ T i which will be called the set of relevant transitions. This second category is used to solve problems where it may be necessary to keep track of a subset of implicit transitions. In particular it will be used in the sections about diagnosis later in this paper. The firing vector of these sequences are called (T s -) minimal e-vectors. Definition 6. Given a marking M , a transition t ∈ T e and a set of relevant

Remark that for two sets of relevant transitions
We will now build the BCG with a construction similar to the one of the coverability graph using minimal explanations instead of transitions. is defined in the following manner. We first define inductively a temporary set M t of pairs of ω-markings and set of ω-markings and the temporary transition function ∆ t by: First, we pick the minimal such i. Then, for every M ∈ B ∪ {M j | j < i} such that M i > M , let p 1 , . . . , p k be the set of places such that for all The markings of the BCG are called basis markings.

Example 4.
We represent the BCG of the NS in Figure 1 For readability the firing vectors on the edges are omitted in the figure) in Figure 2. This BCG has 11 less states than the coverability graph.
As hinted to in the example, the BCG is smaller than the coverability graph. This is formally proved in the following. We will now give some results showing that the BCG can effectively be used in many cases instead of the coverability graph. As a first step, we will show that the BCG can be used to define a set of markings that are an over-approximation of the reachability set. We denote by R i (N, M ) the set of markings reachable from M using only implicit transitions in the Petri net N . Given an ω-marking M ω and a marking M , M ω = ω M iff for every place p such that M ω (p) = ω, M ω (p) = M (p).
This set can be easily computed for NS verifying (A1). For every possible choice of T s , the basis coverability set is an over-approximation of the reachability set. Proof. Let σ be a sequence such that M 0 [σ M in the NS. We will proceed by induction on the length of σ.
If |σ| = 0, M = M 0 which is a marking of the BCG. Given n ∈ N, supposing that the property is true for every marking reached by a path of length at most n. For |σ| = n + 1, σ = σ 1 t. Let M 0 [σ 1 M 1 . By the induction hypothesis there exists a basis marking M b ω and an ω- Since σ t is an explanation of t, there thus exist a minimal explanation σ min such that π(σ min ) ≤ π(σ t ) and a sequence σ e ∈ T * i such that π(σ min ) The inclusion can be strict. Indeed, let us observe the NS of Figure 3 with t 2 implicit. The BCG with T s = ∅ has two basis markings [0, 0] and [ω, 0]. The associated basis coverability set is {[n, 2m] | n, m ∈ N}, which is equal to the reachability set. However, the BCG with T s = {t 2 } has the two previous basis markings plus [ω, ω]. Therefore its basis coverability set is {[n, m] | n, m ∈ N}, which is equal to the coverability set. In fact the basis coverability set is always a better approximation than the coverability set.
. Due to the finite number of basis markings, there exists k, k , k < k , such that M k ω = M k ω . There thus exists a directed cycle starting in M k ω whose arcs, projected on the second component, form P e (σ) k −k .
-Suppose that there exists a directed cycle starting in the basis marking M ω in the BCG that does not pass through markings containing ω and whose arcs, projected on the second component, form σ . Using the Proposition 4, M ω is a marking of CG N,M0 . Moreover due to the construction of the BCG there exists σ such that P e (σ) = σ and a directed cycle starting in M ω in CG N,M0 that does not pass through markings containing ω and whose arcs form σ. Due to Proposition 3, this implies that σ is stationary.

Stochastic Petri Nets and Diagnosability
Probabilities are added to an NS by adding a fire rate to every transition in the following way. = (N, µ) where N is a PN and for all t ∈ T, µ(t) ∈ R + is the rate of firing of transition t.

Definition 9. A Stochastic Petri Net (SPN) is a pair S
In a given marking, a delay is computed for every enabled transition t with an exponential probability distribution function of parameter µ(t). A SPN system has a time semantic [18,15] that is defined according to: (a) a single server policy: each transition can only be fired once by a given marking; (b) a race policy: the transition whose firing delay elapses first is assumed to be the one that will fire next; (c) a resampling memory policy: at the entrance in a marking, the remaining delays associated with all transitions are forgotten.
Similarly to a PN, a Stochastic Net System (SNS) is a pair S, M 0 where S is an SPN and M 0 is an initial marking. Definitions for NS are transposed to SNS. Given a sequence σ ∈ T * , we write C(σ) for the set of infinite sequences prefixed by σ, i.e. C(σ) = {σ ∈ T ω | ∃σ ∈ T ω : σ = σσ }. The set of infinite sequences is the support of a probability measure defined by Caratheodory's extension theorem from the probabilities of the cylinders: the probability of the cylinder starting by the empty sequence ε is equal to 1 and, for σt a sequence, the probability of C(σt) in M 0 , written P(σt), satisfies In the following, we want to use the previous definitions to deal with the problem of fault diagnosis where the goal is to detect the occurrence of a fault under partial observation. To this aim, we associate a well precise physical meaning to implicit, explicit, and relevant transitions. In more detail: -Implicit transitions correspond to transitions that cannot be observed. They are called silent or unobservable and could either model a regular (nominal) behaviour or a faulty behaviour of the system. -Conversely, explicit transitions model transitions that can be observed. Those observable transitions are assumed to be a regular behaviour of the system -The set of faulty transitions is chosent as the set of relevant transitions.
We denote the above three sets as T u , T o , and T f , respectively and choose T e = T o and T i = T u .
In simple words, we may assume that observable transitions model events whose occurrence is detected by the presence of a sensor. On the contrary, unobservable transitions correspond to events to whom no sensor is associated. Note that, in the general case, the same output signal may correspond to different events (different transition firings). This can be easily modelled using the notion of labeling function. L : T → L ∪ {ε} that assigns to each transition t ∈ T either a symbol from a given alphabet of events L (if T ∈ T o ) or the empty string ε (if T ∈ T u ). We extend naturally L to sequences of transitions with L(σt) = L(σ)L(t). The observed word w of events associated with the sequence σ is w = L(σ). Note that the length of a sequence σ is always greater than or equal to the length of the corresponding word w (denoted |w|). In fact, if σ contains k transitions in T u then |σ| = k + |w|. Given a word w ∈ L * , we write P(w) = σ∈P −1 e (w) P(σ). Assuming (A2), this sum is finite. Example 5. Consider again the NS in Figure 1,where the labelling function L is such that L(t 1 ) = b, L(t 2 ) = a, L(t 3 ) = L(t 4 ) = ε and L(t 5 ) = L(t 6 ) = c. Thus, t 3 and t 4 are unobservable. Transition t 5 being observable, the T u −induced subnet is acyclic.
The goal of diagnosis is to detect whether a faulty event occurred in the system. We denote by T f ⊆ T u the set of faulty transitions. A sequence σ is faulty if there exists t ∈ T f such that t ∈ σ, otherwise it is correct. An observed word w is surely faulty (resp. correct) iff every sequence σ with L(σ) = w is faulty (resp. correct) sequences, otherwise it is ambiguous. An N S system is diagnosable iff all faults can be detected after a finite delay.
Definition 10. An NS N, M 0 is diagnosable if for every faulty sequence σ enabled by M 0 , there exists n ∈ N such that for all sequences σ ∈ T n with σσ enabled by M 0 , L(σσ ) is surely faulty.
A similar notion of diagnosability (called FF-diagnosability in [2], A-diagnosability in [26]) can be defined for SNS. In simple words, faults need not to be detected for sure, but need to be detected almost surely. The sequence σ f = t 1 t 2 t 3 (t 1 ) ω is faulty but its observed word is ambiguous, thus this NS is not diagnosable. However any sequence containing more than two a is surely faulty and, adding a rate µ(t) = 1 to every transition t, with probability 1 a faulty sequence will trigger t 5 infinitely often. Therefore the associated SNS is FF-diagnosable.

Diagnosability Analysis of Stochastic Bounded Net Systems
Diagnosability analysis is known to be EXPSPACE-complete for bounded NS. Using the basis reachability graph, the authors of [8] gave an algorithm which, although still EXPSPACE, is far more efficient than the previous ones. Similarly, since FF-diagnosability is PSPACE-complete for Markov chains and one could transform a bounded stochastic Petri net into a Markov chain exponential in the size of the net (in the number of places, transitions and on the maximum number of tokens in the net), FF-diagnosability is in EXPSPACE. Moreover, the proof of EXPSPACE-hardness of diagnosability from [1] can be directly used for FF-diagnosability as the Petri net they build is diagnosable iff it is FF-diagnosable. Thus we can state the following result.

Theorem 1. The FF-diagnosability analysis is EXPSPACE-hard.
As for diagnosability analysis, the BCG can be used to reduce the computation cost. The system being bounded here, the BCG reduces in fact to the basis reachability graph. The rest of this section will be devoted to explaining how to use the BCG to analyse the FF-diagnosability of an NS.
Our first step is to define the belief automaton [14] associated with a BCG. The state of the belief automaton, called belief, reached after an observation w contains the set of basis markings reachable with a sequence of observations w. Moreover, those markings are paired with a tag expressing the following properties: -F tags the basis markings which were reached using a faulty transition, -C marks the others.
The belief automaton is deterministic and exponential in the size of the BCG. It is similar to a form of determinisation of the nondeterministic automaton obtained from the reachability graph labeling the arcs with transition labels (as opposed to labeling the arcs with transitions) which, in the context of Discrete Event Systems, is called "observer" [10]. In other words, C is "ambiguous" (i.e. contains markings tagged by F and markings tagged by C) and there is a marking associated with B which, once reached, implies that the rest of the run will have its belief remain in C. Such a pair (M, B) is called a witness of the terminality of C.
We can now characterise FF-diagnosability based on the belief automaton. Proof. Suppose there exists a terminal ambiguous SCC C with witness (M, B). Let σ = σ 1 t 1 . . . σ n t n be a faulty sequence in the BCG such that M 0 [σ M and L(σ) leads to B in B G . Let σ be a sequence such that σσ is enabled by M 0 . Let B be the state of the belief automaton reached from B by observing L(σ ), then B contains an element of the form (M , C) as B is reachable from B due to the terminality of the SCC. Therefore, by definition of the belief automaton, there exists a correct sequenceσ such that L(σ) = L(σσ ). Thus L(σσ ) is not surely faulty. As this is true for every sequence extending σ, we have lim n− →∞ P({σ ∈ T n | L(σσ ) is not surely faulty}) ≥ P(σ) > 0 which implies that the SNS is not FF-diagnosable.
Conversely, suppose that there is no terminal ambiguous SCC. Let σ = σ 1 t 1 . . . σ n t n be a faulty sequence of the SNS with σ i sequences of unobservable transitions and t i observable. Let M be the marking such that M 0 [σ M , B the belief reached in B G by observing L(σ) and C the maximal SCC B belongs to. B G contains a marking (M B , F ) as M is reached by a faulty sequence which fault is prior to the last observation. Indeed, supposing for simplicity (possible because the NS verifies (A1)) that the σ i are minimal explanation, then as σ is faulty, one of them belongs to Σ T f min . If B does not contain a marking (M B , C) then L(σ) is surely faulty. Else, as C is not terminal ambiguous, for any markingM reached by a sequence which observation ends in C, there is a sequence σM such that observing L(σM ) exits C. As there is a finite number of pairs of marking and belief due to the NS being bounded, the minimum probability of such a sequence has a non null lower bounder. Therefore, the set of sequences extending σ and which observation stays in C has probability 0. In other words, any maximal SCC in which a positive measure of sequences extending σ stays infinitely only contains belief with no marking tagged by C. Thus those sequences are surely faulty. Hence lim n− →∞ P({σ ∈ T n | L(σσ ) is not surely faulty}) = 0, the PN is FF-diagnosable. Proof. We will explain now how to check the characterisation given by Lemma 1 is in EXPSPACE in the following way: -We first guess a belief B containing at least one marking tagged by C and one marking tagged by F and a marking M . We will now check if this pair (M, B) is a witness of the terminality of an SCC. -We verify that M is reachable by unobservable transitions from a basis marking of B tagged by F by guessing the unobservable path. -We will now verifies that the SCC B belongs to is terminal once M is reached. This is done by guessing a belief B that would be outside of this SCC and a (at most doubly exponential) sequence σ enabled by M such that L(σ) leads from B to B . We then verify that this belief B is indeed outside the SCC by guessing a sequence σ such that σσ is enabled by M and L(σ ) leads from B to B. If σ can be found, B was a wrong guess and therefore B belongs indeed to a terminal SCC.
Every guess is removed using the theorem of Savitch [25] at every step. The algorithm is EXPSPACE as it only needs to keep one belief in memory while visiting the graph with a sequence which is at most doubly exponential. In practice, one could also build the full graph which would allow to remove the guesses, but doing so would technically raise the complexity to 2-EXPTIME. As B can be checked to be part of a terminal ambiguous SCC in EXPSPACE and its reachability in B G can also be verified in EXPSPACE, the given algorithm is EXPSPACE. Therefore according to the characterisation of Lemma 1, the FF-diagnosability analysis can be done in EXPSPACE.
The notion of terminal ambiguity could be removed by making the product of B G with the reachability graph and checking the ambiguity of the faulty ambiguous bottom SCC (SCC from which no other SCC is reachable) of the product. This would be closer to the techniques used for Markov chains for example in [2] but would require the construction of the entire reachability graph (although we would still retain most of the efficiency as only the BCG is used for the exponential construction of B G ).

Diagnosability Analysis of Unbounded Net Systems
We now focus on unbounded systems for which the BCG was developped. Unfortunately, the basis coverability graph can not be used to decide FFdiagnosability. In fact, we will show here that for unbounded stochastic Petri nets, FF-diagnosability is undecidable. To do so we will reduce the problem of the language inclusion for Petri nets, namely: given two NS N 1 , M 1 0 and N 2 , M 2 0 does L(L(N 1 , M 1 0 )) ⊆ L(L(N 2 , M 2 0 )) hold? This problem is known to be undecidable [11].
Theorem 3. The FF-diagnosability analysis of unbounded SNS is undecidable.
Proof. See Appendix.
FF-diagnosability was also shown undecidable for probabilistic pushdown automata [3] which are another probabilistic model representing infinite state systems. However, there is a known restriction for which the problem becomes decidable [3]: probabilistic visibly pushdown automata for which the set of observations is divided into those corresponding to an action adding an element to the stack, those removing one and those that do not modify the size of the stack, unobservable actions can not modify the size of the stack. This way, an observer knows at all time the size (but not the content) of the stack. Mimicking this restriction for unbounded NS would require that the labelling function allows to know at all time how many tokens are in the system. This is the case in the reduction realised in the proof of the previous result however, thus such a restriction for unbounded NS would remain undecidable.
Diagnosability on the contrary was proven decidable [5,1]. To do so, the authors of [5] gave a characterisation of diagnosability using a tool called Verifier Net. The verifier net is obtained by a composition (related to a parallel composition of the studied NS and its T \ T f -induced subnet with synchronisation on the observable transitions.

Theorem 4 ([5]
). An NS N, M 0 verifying Assumption (A1) is diagnosable iff there does not exist any cycle in the coverability graph of the VN which (1) starts from an ω-marking reachable by a faulty sequence and (2) is associated with a repetitive sequence in the associated VN.
We will now use this characterisation to formulate a similar one using the BCG instead of the coverability graph. A sequence of the BCG is called faulty if one of the minimal explanations used belong to Σ Proof. We will show that the existence of such a cycle in the BCG is equivalent to the existence of this cycle in the coverability graph.
Supposing there exists a cycle associated with a firable repetitive sequence σ ∈ T * in the associated VN that starts from a basis marking M ω reached by a faulty sequence in the BCG with relevant set of transition T f of the VN, then by Proposition 4, M ω is an ω-marking of the coverability graph and by construction of the BCG, there exists a directed cycle starting in M ω in the coverability graph whose arcs form σ. Now suppose that there is a firable repetitive sequence σ = σ 1 t 1 . . . σ n t n in the VN that is associated to a cycle starting from an ω-marking reached by a faulty sequence in the coverability graph of the VN. There thus exists a marking M of the VN such that σ is repetitive starting in M . Because of the assumption (A2), σ contains at least one observable transition. According to Proposition 9, there thus exists a basis marking M ω and an ω-marking M u such that M u ∈ R i (N, M ω ), M u ≥ ω M and there is a k ∈ N and a directed cycle starting in M ω whose arcs, projected on the second component, form P o (σ) k . Moreover, as M is reached by a faulty sequence σ = σ 1 t 1 . . . σ n t n σ n+1 , one can choose M ω to be reached by a sequence that used a minimal explanation from Σ

Conclusion
In this paper, we introduced the notion of basis coverability graph which provides an abstracted representation of the coverability graph. We established multiple properties of the basis coverability graph, especially how it can be used to approximate the reachability set efficiently. We then focused on diagnosability and stochastic diagnosability, showed how the basis reachability graph can be employed to solve some of those problems and showed undecidability when it can not be used. The logical next step would be to implement the algorithms obtained and compare their efficiency with other algorithms ([1] for example) on case studies.

A Appendix
This appendix contains the proof of undecidability of the FF-diagnosability analysis for unbounded Petri nets in order to help the reviewing process. it will be omitted in the final version, however a HAL link to this proof will be given.
Proof. Let N 1 , M 1 0 and N 2 , M 2 0 be two PN over alphabet Σ. For simplicity we will suppose the initial marking M i 0 to have a single token on a place p i 0 for i = 1, 2, that every transition is observable and that the number of tokens in the system to be equal to the length of the sequence plus 1 which can be done without loss of generality.
We build the SN ( N, M 0 , µ) (represented in Figure 4) where: , 2}, p ∈ P i , t ∈ T i , P re(p, t) = P re i (p, t) and P re(p i run , t) = 1, P re(p 0 , t i in ) = 1, P re(p i emp , t i ) = 1, P re(p i run , t i resn ) = 1, P re(p i err , t i rese ) = 1, for a ∈ Σ, P re(p i err , t i a ) = 1, P re(p, t p emp ) = P re(p i emp , t p emp ) = 1, P re(p, t p err ) = P re(p i emp , t p err ) = 1. When undefined, P re(p, t) = 0. for i ∈ {1, 2}, p ∈ P i , t ∈ T i , P ost(p, t) = P ost i (p, t) and P ost(p i run , t) = 1, P ost(p i 0 , t i in ) = P ost(p i run , t i in ) = 1, P ost(p i run , t i ) = P ost(p i 0 , t i ) = 1, P ost(p i emp , t i resn ), P ost(p i emp , t i rese ), for a ∈ Σ, P ost(p i err , t i a ) = P ost(p i 0 , t i a ) = 1, P ost(p i emp , t p emp ) = 1, P ost(p i 0 , t p err ) = 2, P ost(p i err , t p err ) = 1. When undefined, P ost(p, t) = 0.
-We suppose the observation function, L, defined on N 1 and N 2 we extend it on N by, for p ∈ P 1 ∪ P 2 , i ∈ {1, 2}, a ∈ Σ, L(t i in ) = ε, L(t i ) = L(t p err ) = L(t i rese ) = L(t i resn ) = , L(t i a ) = a, L(t p emp ) = .
Moreover, t 1 in is a faulty transition.  Fig. 4. Reduction from language inclusion. The Figure 5 represents the content of the box Box 1 , it is similar for Box 2 . Informally, on the first transition the system randomly activates one of the two box represented in the Figure 4, the first one being reached by a faulty transition. If we reach the box i, a word w ∈ L(L(N i , M i 0 )) is observed followed by a then we observe a certain number of followed by another . If the number of is equal to the length of w, then we repeat the operation as a new word of L(L(N i , M i 0 )) is observed. If there is less (there can not be more), then there are leftover tokens in the net when the second is fired. This allows the net to read any word w ∈ Σ * before starting to empty the net again. In other words, we learn informations on the system iff it emptied itself correctly before a is read. We will show here that the system is FF-diagnosable iff L(L(N 1 , M 1 0 )) ⊆ L(L(N 2 , M 2 0 )). First remark that the set of observed words of the infinite sequences of the SNS starting by the transition t i in , denoted L i , contains exactly the words of the form w 1 n1 . . . w k n k . . . where for all 1 ≤ j ≤ k, (1) w j ∈ Σ * , (2) ). Let σ be a finite faulty sequence. As σ is faulty, it initially fired t 1 in , thus L(σ) ∈ L 1 . Thanks to the above remark on the languages L i , and as L(L(N 1 , M 1 0 )) ⊆ L(L(N 2 , M 2 0 )), L(σ) ∈ L 2 , therefore there exists a sequence σ starting by the transition t 2 in with same observation as σ. Moreover this transition is not faulty as it did not fire t 1 in initially and can not fire it after the first transition. Therefore L(σ) is not surely faulty. As this is true for every faulty sequence, the system is not FF-diagnosable.
Suppose now that L(L(N 1 , M 1 0 )) ⊆ L(L(N 2 , M 2 0 )). There thus exists a word w such that w ∈ L(L(N 1 , M 1 0 )) \ L(L(N 2 , M 2 0 )). The observed words of L 1 of the form w 1 n1 . . . w k where k−1 m=1 |w m | = k−1 m=1 n m and w k = w are surely faulty as they do not belong into L 2 . We denote SL 1 the set of those observed words. Let us show that with probability 1 an infinite faulty sequence is prefixed by a sequence whose observation belongs to SL 1 .
Due to the choice of the rates µ, the system is more likely to remove a token than to add one in the PN N 1 . Therefore, with probability 1, a faulty sequence will infinitely often trigger t 1 while there is no token in P 1 . Therefore with probability 1, the observation of a faulty sequence will be of the form w 1 n1 . . . w k n k · · · ∈ L 1 with infinitely many j ∈ N such that j−1 m=1 |w m | + 1 = j−1 m=1 n m . There is a probability p > 0 that for any such j, w j = w as w ∈ L(L(N 1 , M 1 0 )). Therefore with probability 1, there exists j ∈ N such that w j = w. Hence with probability 1 an infinite faulty sequence will have a prefix whose observation belongs to SL 1 . This implies that the SNS is FF-diagnosable.