Compliance validation and diagnosis of business data constraints in business processes at runtime

Business processes involve data that can be modified and updated by various activities at any time. The data involved in a business process can be associated with flow elements or data stored. These data must satisfy the business compliance rules associated with the process, where business compliance rules are policies or statements that govern the behaviour of a company. To improve and automate the validation and diagnosis of compliance rules based on the description of data semantics (called Business Data Constraints), we propose a framework where dataflow variables and stored data are analyzed. The validation and diagnosis process is automated using Constraint Program-ming, to permit the detection and identification of possibly unsatisfiable Business Data Constraints, even if the data involved in these constraints are not all instantiated. This implies that the potential errors can be determined in advance. Furthermore, a language to describe Business Data Constraints is proposed, for the improvement of user-oriented aspects of the business process description. This language allows a business expert to write Business Data Constraints that will be automatically validated in run-time, without the support of an information technology expert.Junta de Andalucía P08-TIC-04095Ministerio de Ciencia y Tecnología TIN2009-1371

Predictive Monitoring of Business Processes

Modern information systems that support complex business processes generally maintain significant amounts of process execution data, particularly records of events corresponding to the execution of activities (event logs). In this paper, we present an approach to analyze such event logs in order to predictively monitor business goals during business process execution. At any point during an execution of a process, the user can define business goals in the form of linear temporal logic rules. When an activity is being executed, the framework identifies input data values that are more (or less) likely to lead to the achievement of each business goal. Unlike reactive compliance monitoring approaches that detect violations only after they have occurred, our predictive monitoring approach provides early advice so that users can steer ongoing process executions towards the achievement of business goals. In other words, violations are predicted (and potentially prevented) rather than merely detected. The approach has been implemented in the ProM process mining toolset and validated on a real-life log pertaining to the treatment of cancer patients in a large hospital

Runtime Monitoring of Data-Aware business rules with Integer Linear Programming

Käitusaegne seire (Runtime Compliance Monitoring) on oluline osa äriprotsesside halduse elutsüklis, mittevastavuse õigeaegses avastamises, samuti vastumeetmete korraldamises ja ennetamises. Täpsemalt on see seotud operatiivse otsuse toega, mille eesmärgiks on laiendada protsessikaeve tehnikat sidusrežiimis, käitada protsessi isendeid nii, et kõrvalekaldeid on võimalik avastada, ning on võimalik soovitada, mida võiks järgmiseks teha, ning samuti ennustada, mis hakkab juhtuma tulevaste juhtumite täitmisel. Antud magistritöö keskendub käitusaegse seire andmeteadlikele ärireeglitele. Töös kasutatakse varajaste rikkumiste tuvastamiseks lineaarset täisarvulist planeerimist (Integer Linear Programming (ILP)), mida rakendatakse kahe või enama kitsenduse koosmõjul. Töökorras toepakkujas on rakendatud protsessikaeve raamistikku ProM ja meetod on valideeritud kasutades sünteetilisi ja reaalseid logisid.Runtime Compliance Monitoring is vital building block in the Business Process Management lifecycle, in timely detection of non-compliance as well as provision of responsive and proactive countermeasures. In particular, it is linked to operational decision support, which aims at extending the application of process mining techniques to on-line, running process instances, so that deviations can be detected and it is possible to recommend what to do next and predict what will happen in the future instance execution. \n\r\n\rIn this thesis, we focus on Runtime Compliance Monitoring of data-aware business rules. In particular, we use Integer Linear Programming (ILP) for early detection of violations that occur from interplay of two or more constraints. An operational support provider has been implemented as part of process mining framework ProM and the approach has been validated using synthetic and real life logs

Multi-criteria decision analysis for non-conformance diagnosis: A priority-based strategy combining data and business rules

Business process analytics and verification have become a major challenge for companies, especially when process data is stored across different systems. It is important to ensure Business Process Compliance in both data-flow perspectives and business rules that govern the organisation. In the verification of data-flow accuracy, the conformance of data to business rules is a key element, since essential to fulfil policies and statements that govern corporate behaviour. The inclusion of business rules in an existing and already deployed process, which therefore already counts on stored data, requires the checking of business rules against data to guarantee compliance. If inconsistency is detected then the source of the problem should be determined, by discerning whether it is due to an erroneous rule or to erroneous data. To automate this, a diagnosis methodology following the incorporation of business rules is proposed, which simultaneously combines business rules and data produced during the execution of the company processes. Due to the high number of possible explanations of faults (data and/or business rules), the likelihood of faults has been included to propose an ordered list. In order to reduce these possibilities, we rely on the ranking calculated by means of an AHP (Analytic Hierarchy Process) and incorporate the experience described by users and/or experts. The methodology proposed is based on the Constraint Programming paradigm which is evaluated using a real example. .Ministerio de Ciencia y Tecnología RTI2018–094283-B-C3

Designing compliant business processes with obligations and permissions. Business process management workshops.

The sequence and timing constraints on the activities in business processes are an important aspect of business process compliance. To date, these constraints are most often implicitly transcribed into control-flow-based process models. This implicit representation of constraints, however, complicates the verification, validation and reuse in business process design. In this paper, we investigate the use of temporal deontic assignments on activities as a means to declaratively capture the control-flow semantics that reside in business regulations and business policies. In particular, we introduce PENELOPE, a language to express temporal rules about the obligations and permissions in a business interaction, and an algorithm to generate compliant sequence-flow-based process models that can be used in business process design.

On Enabling Integrated Process Compliance with Semantic Constraints in Process Management Systems

Key to broad use of process management systems (PrMS) in practice is their ability to foster and ease the implementation, execution, monitoring, and adaptation of business processes while still being able to ensure robust and error-free process enactment. To meet these demands a variety of mechanisms has been developed to prevent errors at the structural level (e.g., deadlocks). In many application domains, however, processes often have to comply with business level rules and policies (i.e., semantic constraints) as well. Hence, to ensure error-free executions at the semantic level, PrMS need certain control mechanisms for validating and ensuring the compliance with semantic constraints. In this paper, we discuss fundamental requirements for a comprehensive support of semantic constraints in PrMS. Moreover, we provide a survey on existing approaches and discuss to what extent they are able to meet the requirements and which challenges still have to be tackled. In order to tackle the particular challenge of providing integrated compliance support over the process lifecycle, we introduce the SeaFlows framework. The framework introduces a behavioural level view on processes which serves a conceptual process representation for constraint specification approaches. Further, it provides general compliance criteria for static compliance validation but also for dealing with process changes. Altogether, the SeaFlows framework can serve as formal basis for realizing integrated support of semantic constraints in PrMS

Prognosing the Compliance of Declarative Business Processes Using Event Trace Robustness

Several proposals have studied the compliance of execution of business process traces in accordance with a set of compliance rules. Unfortunately, the detection of a compliance violation (diagnosis) means that the observed events have already violated the compliance rules that describe the model. In turn, the detection of a compliance violation before its actual occurrence would prevent misbehaviour of the business processes. This functionality is referred to as proactive management of compliance violations in literature. However, existing approaches focus on the detection of inconsistencies between the compliance rules or monitoring process instances that are in a violable state. The notion of robustness could help us to prognosticate the occurrence of these inconsistent states in a premature way, and to detect, depending on the current execution state of the process instance, how “close” the execution is to a possible violation. On top of being able to possibly avoid violations, a robust trace is not sensitive to small changes. In this paper we propose the way to determine whether a process instance is robust against a set of compliance rules during its execution at runtime. Thanks to the use of constraint programming and the capacities of super solutions, a robust trace can be guaranteed

Explaining the Incorrect Temporal Events during Business Process Monitoring by Means of Compliance Rules and Model-Based Diagnosis

Sometimes the business process model is not known completely, but a set of compliance rules can be used to describe the ordering and temporal relations between activities, incompatibilities, and existence dependencies in the process. The analysis of these compliance rules and the temporal events thrown during the execution of an instance, can be used to detect and diagnose a process behaviour that does not satisfy the expected behaviour. We propose to combine model-based diagnosis and constraint programming for the compliance violation analysis. This combination facilitates the diagnosis of discrepancies between the compliance rules and the events that the process generates as well as enables us to propose correct event time intervals to satisfy the compliance rules.Austrian Science Fund (FWF):I743Ministerio de Ciencia y Tecnología TIN2009-1371

Conformance Checking Based on Multi-Perspective Declarative Process Models

Process mining is a family of techniques that aim at analyzing business process execution data recorded in event logs. Conformance checking is a branch of this discipline embracing approaches for verifying whether the behavior of a process, as recorded in a log, is in line with some expected behaviors provided in the form of a process model. The majority of these approaches require the input process model to be procedural (e.g., a Petri net). However, in turbulent environments, characterized by high variability, the process behavior is less stable and predictable. In these environments, procedural process models are less suitable to describe a business process. Declarative specifications, working in an open world assumption, allow the modeler to express several possible execution paths as a compact set of constraints. Any process execution that does not contradict these constraints is allowed. One of the open challenges in the context of conformance checking with declarative models is the capability of supporting multi-perspective specifications. In this paper, we close this gap by providing a framework for conformance checking based on MP-Declare, a multi-perspective version of the declarative process modeling language Declare. The approach has been implemented in the process mining tool ProM and has been experimented in three real life case studies