77 research outputs found

    A Temporal Abductive Diagnostic Process for Runtime Properties Violations

    Get PDF
    Monitoring the operation of complex softare systems at runtime can detect violations of certain properties of interest but cannot always provide diagnostic information which is significant for understanding the cause of the violation and the adoption of appropriate countermeasures against it. In this paper, we describe a process for diagnosing runtime violations of security and dependability properties that we have developed as part of a general runtime monitoring framework that is based on Event Calculus. The diagnosis generation process is based on a combination of abductive, temporal and evidential reasoning over violations of system properties

    Diagnosing runtime violations of security and dependability properties

    Get PDF
    Monitoring the preservation of security and dependability (S&D) properties of complex software systems is widely accepted as a necessity. Basic monitoring can detect violations but does not always provide sufficient information for deciding what the appropriate response to a violation is. Such decisions often require additional diagnostic information that explains why a violation has occurred and can, therefore, indicate what would be an appropriate response action to it. In this thesis, we describe a diagnostic procedure for generating explanations of violations of S&D properties developed as extension of a runtime monitoring framewoek, called EVEREST. The procedure is based on a combination of abductive and evidential reasoning about violations of S&D properties which are expressed in Event Calculus.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

    Compliance of Semantic Constraints - A Requirements Analysis for Process Management Systems

    Get PDF
    Key to the use of process management systems (PrMS) in practice is their ability to facilitate the implementation, execution, and adaptation of business processes while still being able to ensure error-free process executions. Mechanisms have been developed to prevent errors at the syntactic level such as deadlocks. In many application domains, processes often have to comply with business level rules and policies (i.e., semantic constraints). Hence, in order to ensure error-free executions at the semantic level, PrMS need certain control mechanisms for validating and ensuring the compliance with semantic constraints throughout the process lifecycle. In this paper, we discuss fundamental requirements for a comprehensive support of semantic constraints in PrMS. Moreover, we provide a survey on existing approaches and discuss to what extent they meet the requirements and which challenges still have to be tackled. Finally, we show how the challenge of life time compliance can be dealt with by integrating design time and runtime process validation

    Ensuring Compliance of Distributed and Collaborative Workflows

    Get PDF
    Automated workflows must comply with domain-specific regulations, standards and rules. So far, compliance issues have been mainly addressed in the context of intra-organizational workflows. In turn, there exists only little work dealing with compliance of distributed and collaborative workflows. As opposed to intra-organizational workflows, for distributed and collaborative workflows compliance must be addressed at different levels. This includes local compliance rules of a particular partner as well as global compliance rules to be obeyed by multiple partners collaborating in the distributed workflow. As a particular challenge, the private elements of a particular partner workflow are hidden to the partners and hence not known by them. Accordingly, only limited information is available when checking compliance of distributed and collaborative workflows. This paper introduces techniques enabling compliance checking for distributed and collaborative workflows, taking these privacy constraints into account. Hence it enables ensuring compliance of distributed and collaborative workflows at design time

    Enabling Multi-Perspective Business Process Compliance

    Get PDF
    A particular challenge for any enterprise is to ensure that its business processes conform with compliance rules, i.e., semantic constraints on the multiple perspectives of the business processes. Compliance rules stem, for example, from legal regulations, corporate best practices, domain-specific guidelines, and industrial standards. In general, compliance rules are multi-perspective, i.e., they not only restrict the process behavior (i.e. control flow), but may refer to other process perspectives (e.g. time, data, and resources) and the interactions (i.e. message exchanges) of a business process with other processes as well. The aim of this thesis is to improve the specification and verification of multi-perspective process compliance based on three contributions: 1. The extended Compliance Rule Graph (eCRG) language, which enables the visual modeling of multi-perspective compliance rules. Besides control flow, the latter may refer to the time, data, resource, and interaction perspectives of a business process. 2. A framework for multi-perspective monitoring of the compliance of running processes with a given set of eCRG compliance rules. 3. Techniques for verifying business process compliance with respect to the interaction perspective. In particular, we consider compliance verification for cross-organizational business processes, for which solely incomplete process knowledge is available. All contributions were thoroughly evaluated through proof-of-concept prototypes, case studies, empirical studies, and systematic comparisons with related works

    A Visual Language for Modeling Business Process Compliance Rules

    Get PDF
    A fundamental challenge for enterprises is to ensure compliance of their business processes with imposed compliance rules stemming from various sources, e.g., corporate guidelines, best practices, standards, and laws. In general, a compliance rule may refer to multiple process perspectives including control flow, time, data, resources, and interactions with business partners. On one hand, compliance rules should be comprehensible for domain experts who must define, verify and apply them. On the other, these rules should have a precise semantics to avoid ambiguities and enable their automated processing. Providing a visual language is advantageous in this context as it allows hiding formal details and offering an intuitive way of modeling the compliance rules. However, existing visual languages for compliance rule modeling have focused on the control flow perspective so far, but lack proper support for the other process perspectives. To remedy this drawback, this paper introduces the extended Compliance Rule Graph language, which enables the visual modeling of compliance rules with the support of multiple perspectives. Overall, this language will foster the modeling and verification of compliance rules in practice
    • …
    corecore