The following papers describe how CP-nets and the CPN tools were used to design and validate a security system and an access control system. For the access control system the implementation was done by a fully automatic extraction of the CPN code used in the CPN simulator.

• J.L. Rasmussen, M. Singh: Designing a Security System by Means of Coloured Petri Nets. In J. Billington and W. Reisig (eds.): Application and Theory of Petri Nets 1996. Proceedings of the 17th International Petri Net Conference, Osaka 1996, Lecture Notes in Computer Science Vol. 1091, Springer-Verlag 1996, 400-419.

• K.H. Mortensen: Automatic Code Generation from Coloured Petri Nets for an Access Control System. In K.Jensen (ed.): Proceedings of the 2nd Workshop on Practical Use of Coloured Petri Nets and Design/CPN, Aarhus 1999, Department of Computer Science, University of Aarhus, PB-541, 41-58.
• K.H. Mortensen: Automatic Code Generation Method Based on Coloured Petri Net Models Applied on an Access Control System. In M. Nielsen, D. Simpson (eds.): Application and Theory of Petri Nets 2000. Proceedings of the 21st International Petri Net Conference, Aarhus, Denmark 2000, Lecture Notes in Computer Science Vol. 1825, Springer-Verlag 2000, 367-386.

The first of the two projects is also described in Chapter 1 of:

• K. Jensen: Coloured Petri Nets. Basic Concepts, Analysis Methods and Practical Use. Volume 3, Practical Use. Monographs in Theoretical Computer Science, Springer-Verlag, 1997. ISBN: 3-540-62867-3.

This paper presents a model-based approach to requirements engineering for reactive systems, and more specifically to controllers. The approach suggests the creation of a CPN model based on several diagrams, for validating the functional requirements of the system under development. The paper proposes a generic structure for the CPN model to address the modelling of the controller, the physical entities which the controller interacts with, and the human users that operate the system. The CPN modules for modelling the behaviour of the human users and the controller are instances of a generic module that is able to interpret scenario descriptions specified in CPN ML.

• J.M. Fernandes, S. Tjell, and J.B. Jørgensen: Requirements Engineering for Reactive Systems with Coloured Petri Nets: the Gas Pump Controller Example. In K. Jensen (ed.): Proceedings of the Eighth Workshop and Tutorial on Practical Use of Coloured Petri Nets and the CPN Tools, October 2007, Department of Computer Science, University of Aarhus, PB-584, 207-222.

The following paper deals with the modelling and analysis of a simple mechatronic, hybrid system at the research laboratories of Peugeot-Citroën, France. The long term goal of this line of research is to be able to use CP-nets for dependability analysis of car systems, such as automatic gear boxes, active suspensions, and ABS brakes. The kind of problems encountered during this project is typical for the area of rare events simulation. The paper presents three different models. The first CPN model is easy to understand and close to the concepts used by the designers of the system. It updates the system state with very short intervals, calculating the new values of the system variables from the old ones by means of a set of mathematical formulas describing the physical properties of the continuous parts of the hybrid system. The second CPN model is much more abstract. It describes the system state by specifying a start situation and the way in which the state is progressing. This means that it is sufficient to recalculate the state when certain discrete events occur, e.g., when a certain threshold is reached. Hence, the simulations become much more efficient. The third model is a stand-alone program in the functional language Standard ML. It is a recursive function obtained from the abstract CPN model in a semi-automatic way by reusing the data structures and the functions in the CPN model. All three models were investigated by means of lengthy simulations. Moreover, state spaces were used to investigate the different ways in which failures can lead to feared events.

• G. Moncelet, S. Christensen, H. Demmou, M. Paludetto, J. Porras: Analysing a Mechatronic System with Coloured Petri Nets. International Journal on Software Tools for Technology Transfer, 2 (1998), Springer-Verlag, 160-167.

The following paper describes how CP-nets and the CPN tools were used to model parts of the new European train control system. The work was done at the Institute for Control and Automation Engineering at the Technical University of Braunschweig, Germany within a project for the German railways.

• L. Jansen, M. Meyer zu Hörste, E. Schnieder: Technical Issues in Modelling the European Train Control System. In K.Jensen (ed.): Proceedings of the Workshop on Practical Use of Coloured Petri Nets and Design/CPN, Aarhus 1998, Department of Computer Science, University of Aarhus, PB-532, 103-115.

The following paper describes how CP-nets and the CPN tools have been used to model the communication mechanisms used in a flowmeter system produced by Danfoss, which is one of the largest Danish industrial companies.

• L. Lorentsen, L.M. Kristensen: Modelling and Analysis of a Danfoss Flowmeter System using Coloured Petri Nets. In M. Nielsen and D. Simpson (eds.): Proceedings of ICATPN'2000, volume 1825 of Lecture Notes in Computer Science, pages 346-366. Springer-Verlag, 2000.

The following paper describes how CP-nets and the CPN tools were used to design and visualise the behaviour of a traffic control systems.

• A. Perkusich, L.M. de Araújo, R. de S. Coelho, K.C. Gorgônio, A.J.P. Lemos: Design and Animation of Colored Petri Nets Models for Traffic Signals. In K.Jensen (ed.): Proceedings of the 2nd Workshop on Practical Use of Coloured Petri Nets and Design/CPN, Aarhus 1999, Department of Computer Science, University of Aarhus, PB-541, 99-118.

The following paper presents a method for the description and validation of control procedures for multipurpose chemical batch plants (which in many respects are similar to flexible manufacturing systems). The method is based on the use of recipes, which is a standardised concept used by the big chemical companies. The recipes and plant description are transformed into CP-nets, which are investigated by simulation and by state space analysis to find desired or critical behaviour, e.g., resource conflicts and deadlocks.

• H.J. Genrich, H.-M. Hanisch, K Wöllhaf: Verification of Recipe-Based Control Procedures by Means of Predicate/Transition Nets. In: R. Valette (ed.): Application and Theory of Petri Nets 1994. Proceedings of the 15th International Petri Net Conference, Zaragoza 1994, Lecture Notes in Computer Science Vol. 815, Springer-Verlag 1994, 278-297.

The project is also described in Chapter 18 of:

• K. Jensen: Coloured Petri Nets. Basic Concepts, Analysis Methods and Practical Use. Volume 3, Practical Use. Monographs in Theoretical Computer Science, Springer-Verlag, 1997. ISBN: 3-540-62867-3.

The following paper describes the design of a CPN model for a rather complex model train system. The purpose is to teach graduate computer science students net modelling and analysis techniques, and the systematic conversion of non-trivial net models into fully operational real systems.

• W. Hielscher, L. Urbszat, C. Reinke, W. Kluge: On Modelling Train Traffic in a Model Train System. In K.Jensen (ed.): Proceedings of the Workshop on Practical Use of Coloured Petri Nets and Design/CPN, Aarhus 1998, Department of Computer Science, University of Aarhus, PB-532, 83-101.

The following papers describes a teaching experience with a group of twenty graduate students, during their second year in engineer school. The purpose is to teach the application of specification and validation techniques in a control system for a model railway. Design/CPN is one of the tools used by the students.

• G. Berthelot, L. Petrucci: Specication and Validation of a Concurrent System: An Educational Project. International Journal on Software Tools for Technology Transfer, 3(4), 2001, Springer-Verlag, 372-381.

• G. Berthelot, L. Petrucci: Specication and Validation of a Concurrent System: An Educational Project. In: K. Jensen (ed.): Proceedings of the Workshop on Practical Use of High-level Petri Nets, Aarhus 2000, Department of Computer Science, University of Aarhus, PB-547, 55-72.

The following paper describes how CPN can be used to enhance a traditional software specifications document for an elevator controller. Based on the given specification a CPN model is built, which is a coherent description that ties together different pieces of the given specification. The CPN model is used to argue for the correctness of the specification. Using simulation, a number of scenarios are investigated. For each scenario, it is checked that if a controller is implemented in compliance with the specification, it will ensure the desired effects in the subject domain.

• J.B. Jørgensen: CPN Models as Enhancement to a Traditional Software Specification for an Elevator Controller. In: D. Moldt (ed.): Proceedings of the Third Workshop on Modelling of Objects, Components, and Agents, October 2004, Department of Computer Science, University of Aarhus, PB-571, 99-116.