[Paper] Eventizing Traditionally Opaque Binary Neural Networks as 1-safe Petri net Models

Source: arXiv - 2602.13128v1

Overview

Binary Neural Networks (BNNs) promise ultra‑low power inference by restricting weights and activations to ±1, but their discrete, highly non‑linear dynamics make them a black box for engineers who need to certify safety‑critical systems. This paper proposes a novel way to “eventize” a BNN—translating its forward‑ and backward‑pass operations into a 1‑safe Petri net model—so that the network’s causal flow can be inspected, reasoned about, and formally verified.

Key Contributions

• Petri‑net‑based abstraction: Introduces a systematic mapping from BNN primitives (binary activation, XNOR‑based convolution, gradient computation, weight update) to modular 1‑safe Petri net components.
• Compositional modeling: Provides a blueprint for wiring component nets into a full‑system model that mirrors the execution order of a real BNN training/inference pipeline.
• Formal guarantees: Proves key properties—1‑safeness, deadlock‑freeness, mutual exclusion, and correct causal sequencing—through reachability and structural analysis.
• Scalability assessment: Uses the Workcraft toolchain to automatically measure token flow, place/transition counts, and state‑space growth at segment, component, and system levels.
• Open‑source artefacts: Supplies reusable PN templates and scripts, enabling other researchers and developers to plug‑in their own BNN architectures for verification.

Methodology

1. Component extraction – The authors start by dissecting a typical BNN layer into elementary operations (binary convolution, batch‑norm, sign activation, back‑propagation steps).
2. Eventization – Each operation is expressed as a transition in a Petri net, while data items (binary tensors, gradients, weight matrices) become places that hold at most one token (the 1‑safe constraint).
3. Modular composition – Individual component nets are linked via shared places, preserving the natural data‑dependency ordering (e.g., forward pass must finish before the backward pass starts).
4. Verification pipeline – The assembled net is fed into Workcraft, which automatically checks structural properties (e.g., absence of deadlocks) and performs reachability analysis to confirm that every intended state (e.g., weight update) is reachable exactly once.
5. Scalability measurement – Token counts, transition firing rates, and state‑space size are recorded for increasingly larger BNNs (from a single layer up to a multi‑layer network) to evaluate how the model grows.

The whole process stays high‑level enough for developers: think of each Petri net transition as a “function call” that fires only when its input tokens (data) are ready, and the net’s safety guarantees ensure that no two calls corrupt the same data simultaneously.

Results & Findings

• Correctness: The PN model reproduces the exact forward‑ and backward‑pass behavior of a reference PyTorch BNN implementation, verified by matching intermediate tensor values token‑by‑token.
• 1‑safety & deadlock‑freeness: Formal analysis shows that at any moment each place holds at most one token, eliminating race conditions; the net never reaches a deadlocked state even under concurrent layer execution.
• Mutual exclusion: Weight update transitions are mutually exclusive, guaranteeing that no two updates interfere—a crucial property for hardware accelerators that may parallelize BNN layers.
• Scalability: State‑space explosion is modest for typical BNN sizes (e.g., a 4‑layer network yields ~10⁴ reachable markings), thanks to the modular design. Workcraft’s automated metrics indicate linear growth in places/transitions with respect to layer count.

Practical Implications

• Safety‑critical AI: Engineers building BNN‑based controllers for drones, medical devices, or automotive systems can now generate a formal model that certifies causal ordering and absence of race conditions, satisfying standards like ISO 26262 or IEC 61508.
• Hardware verification: Chip designers can map the PN model directly onto hardware description languages (HDL) to verify that custom BNN accelerators respect the same 1‑safe execution semantics, reducing costly post‑silicon debugging.
• Debugging & Explainability: The token flow visualizations act as a step‑by‑step execution trace, helping developers pinpoint why a binary activation behaved unexpectedly or why a gradient vanished.
• Tool integration: Because the authors release the PN templates and Workcraft scripts, teams can embed the eventization step into CI pipelines—automatically checking that any change to the BNN architecture preserves the verified properties.

Limitations & Future Work

• Model granularity: The current abstraction treats each tensor as a single token, which hides intra‑tensor parallelism that may be relevant for high‑throughput hardware.
• Scalability ceiling: While linear growth holds for modest networks, extremely deep BNNs (e.g., > 50 layers) begin to stress the state‑space analysis tools, suggesting a need for hierarchical abstraction or compositional verification techniques.
• Training dynamics: The paper focuses on a single training iteration; extending the PN to capture full‑epoch training loops, learning‑rate schedules, and stochastic mini‑batch effects remains an open challenge.
• Broader architectures: Applying the same eventization to mixed‑precision or ternary networks, or to non‑convolutional BNNs (e.g., graph neural networks), is left for future exploration.

Bottom line: By turning the opaque, bit‑wise operations of a BNN into a transparent, event‑driven Petri net, the authors give developers a practical pathway to formally reason about, verify, and ultimately trust binary neural models in the kinds of safety‑critical applications where every bit truly counts.

Authors

• Mohamed Tarraf
• Alex Chan
• Alex Yakovlev
• Rishad Shafik

Paper Information

• arXiv ID: 2602.13128v1
• Categories: cs.LG
• Published: February 13, 2026
• PDF: Download PDF