The 4C spectrum of fundamental behavioral relations for concurrent systems

The design of concurrent software systems, in particular process-aware information systems, involves behavioral modeling at various stages. Recently, approaches to behavioral analysis of such systems have been based on declarative abstractions defined as sets of behavioral relations. However, these relations are typically defined in an ad-hoc manner. In this paper, we address the lack of a systematic exploration of the fundamental relations that can be used to capture the behavior of concurrent systems, i.e., co-occurrence, conflict, causality, and concurrency. Besides the definition of the spectrum of behavioral relations, which we refer to as the 4C spectrum, we also show that our relations give rise to implication lattices. We further provide operationalizations of the proposed relations, starting by proposing techniques for computing relations in unlabeled systems, which are then lifted to become applicable in the context of labeled systems, i.e., systems in which state transitions have semantic annotations. Finally, we report on experimental results on efficiency of the proposed computations

On the expressive power of behavioral profiles

Behavioral profiles have been proposed as a behavioral abstraction of dynamic systems, specifically in the context of business process modeling. A behavioral profile can be seen as a complete graph over a set of task labels, where each edge is annotated with one relation from a given set of binary behavioral relations. Since their introduction, behavioral profiles were argued to provide a convenient way for comparing pairs of process models with respect to their behavior or computing behavioral similarity between process models. Still, as of today, there is little understanding of the expressive power of behavioral profiles. Via counter-examples, several authors have shown that behavioral profiles over various sets of behavioral relations cannot distinguish certain systems up to trace equivalence, even for restricted classes of systems represented as safe workflow nets. This paper studies the expressive power of behavioral profiles from two angles. Firstly, the paper investigates the expressive power of behavioral profiles and systems captured as acyclic workflow nets. It is shown that for unlabeled acyclic workflow net systems, behavioral profiles over a simple set of behavioral relations are expressive up to configuration equivalence. When systems are labeled, this result does not hold for any of several previously proposed sets of behavioral relations. Secondly, the paper compares the expressive power of behavioral profiles and regular languages. It is shown that for any set of behavioral relations, behavioral profiles are strictly less expressive than regular languages, entailing that behavioral profiles cannot be used to decide trace equivalence of finite automata and thus Petri nets

Discovering mapping between artifact-centric business process models and execution logs

Klassikaliselt on kirjeldatud töövoogusi protsessidele orienteeritud kujul, kus keskendutakse tervele töövoole ja tegevustele selles. Hiljuti on esile kerkinud uudne, artefakti keskne modelleerimine, kus on oluliseks just äriobjektid ning nende vahelised seosed. Artefakti põhised meetodid nõuavad ka muudatusi protsessianalüüsi tehnikates. Üks võimalik protsesside analüüsi meetod on käivituslogide vastavuse kontrollimine protsessi mudeliga, mille abil saab tuvastada kas süsteem käitub nii nagu planeeritud. Mudeli ja logide vastavuse kontrollimiseks on vaja teada, millised sündmused logides vastavad millistele tegevustele mudelis. Töö eemärgiks on automaatselt tuvastada seosed artefakti põhiste protsessimudelites olevate tegevuste ja töövoosüsteemi logides olevate sündmuste vahel. Selline seose tuvastamine pole triviaalne, kuna võib esineda, et sündmuste nimed logides ja tegevuste nimed mudelis ei ole vastavuses. Näiteks ei jälgita samasid standardeid nimetamisel. Samuti on vaja seoste automaatne tuletamine, kui on teada, et logide ja mudeli vahel on mittesobivused ning kõiki sündmuseid ja tegevusi ei saagi vastavusse viia. Automaatne tuvastamine aitab lihtsustada kasutaja tööd. Lahenduseks pakutud meetod kasutab sisendina Procleti põhist mudelit ja käivituslogi süsteemist. Et leida seos mudeli ja logide vahel, viiakse mõlemad graafi kujule. Seosed leitakse iga artefakti kohta eraldi ning ei kasutata infot nende omavahelise suhtluse kohta. Iga artefakti kohta eraldatakse nende Petri võrk ning koostatakse käitumisrelatsioonid, mis väljendavad kuidas on tegevused antud artefaktis omavahel seotud. Sellest koostatakse graaf, mille tippudeks saavad tegevused ning kaarteks tippude vahel käitumisseosed nende vahel. Analoogselt koostatakse graaf iga logis esinenud olemi kohta. Kasutaja poolt sisestatud olemite ja artefaktide tüüpide vahelise seoste abil leitakse iga vastava olemi ja artefakti isendi tegevuste ja sündmuste vahelised seosed. Seoste leidmine taandub kahe graafi vaheliste tippude kujutuse leidmisele. Seoste leidmiseks esmalt arvutatakse sarnasused tegevuste nimede vahel ning selle põhjal leitakse kujutus, mis minimiseeriks teisenduskaugust graafide vahel antud kujutuse põhjal. Kujutuse leimiseks kasutatakse ahnet algoritmi. Praktilise eksperimendina testiti meetodit erinevate mudelite ja logide kombinatsioonidel. Tulemused näitavad, et meetod on võimeline seoseid leidma, kuid tulemuste kvaliteet sõltub palju tegevuste ja sündmuste nimede sarnasusest ja vähem struktuurilisest sarnasustest

Verification of Structured Processes: A Method Based on an Unsoundness Profile

The verification of business processes has been widely studied in the last two decades achieving significant results. Despite this, existing verification techniques based on state space exploration suffer, for large processes, the state space explosion problem. New techniques improved verification performance by structuring processes as trees. However, they do not support complex constructs for advanced synchronization and exception management. To cope with this issue we propose the definition of an unsoundness profile of a given process language, which specifies all possible combinations of control flow constructs that can lead to errors in the behavior of structured processes defined with such a language. In addition, we introduce the sequential and hierarchical soundness properties, which make use of this profile to determine soundness of a structured process with complex constructs in polynomial time. As an example, we defined an unsoundness profile for a subset of the BPMN language and verified the behavior of a BPMN process model.Sociedad Argentina de Informática e Investigación Operativa (SADIO

Foundations of Software Science and Computation Structures

This open access book constitutes the proceedings of the 22nd International Conference on Foundations of Software Science and Computational Structures, FOSSACS 2019, which took place in Prague, Czech Republic, in April 2019, held as part of the European Joint Conference on Theory and Practice of Software, ETAPS 2019. The 29 papers presented in this volume were carefully reviewed and selected from 85 submissions. They deal with foundational research with a clear significance for software science

Anonymization Techniques for Privacy-preserving Process Mining

Process Mining ermöglicht die Analyse von Event Logs. Jede Aktivität ist durch ein Event in einem Trace recorded, welcher jeweils einer Prozessinstanz entspricht. Traces können sensible Daten, z.B. über Patienten enthalten. Diese Dissertation adressiert Datenschutzrisiken für Trace Daten und Process Mining. Durch eine empirische Studie zum Re-Identifikations Risiko in öffentlichen Event Logs wird die hohe Gefahr aufgezeigt, aber auch weitere Risiken sind von Bedeutung. Anonymisierung ist entscheidend um Risiken zu adressieren, aber schwierig weil gleichzeitig die Verhaltensaspekte des Event Logs erhalten werden sollen. Dies führt zu einem Privacy-Utility-Trade-Off. Dieser wird durch neue Algorithmen wie SaCoFa und SaPa angegangen, die Differential Privacy garantieren und gleichzeitig Utility erhalten. PRIPEL ergänzt die anonymiserten Control-flows um Kontextinformationen und ermöglich so die Veröffentlichung von vollständigen, geschützten Logs. Mit PRETSA wird eine Algorithmenfamilie vorgestellt, die k-anonymity garantiert. Dafür werden privacy-verletztende Traces miteinander vereint, mit dem Ziel ein möglichst syntaktisch ähnliches Log zu erzeugen. Durch Experimente kann eine bessere Utility-Erhaltung gegenüber existierenden Lösungen aufgezeigt werden.Process mining analyzes business processes using event logs. Each activity execution is recorded as an event in a trace, representing a process instance's behavior. Traces often hold sensitive info like patient data. This thesis addresses privacy concerns arising from trace data and process mining. A re-identification risk study on public event logs reveals high risk, but other threats exist. Anonymization is vital to address these issues, yet challenging due to preserving behavioral aspects for analysis, leading to a privacy-utility trade-off. New algorithms, SaCoFa and SaPa, are introduced for trace anonymization using noise for differential privacy while maintaining utility. PRIPEL supplements anonymized control flows with trace contextual info for complete protected logs. For k-anonymity, the PRETSA algorithm family merges privacy-violating traces based on a prefix representation of the event log, maintaining syntactic similarity. Empirical evaluations demonstrate utility improvements over existing techniques