An Automated Framework for BPMN Model Verification Achieving Branch Coverage

BPMN model is used in software development process that the procedural logics of software are described in term of graphical representation. Formal verification using colored Petri net (CPN) can be used to prove whether a designed BPMN model is frees of undesirable properties such as deadlock and unreachable task, and meets user requirements or not. Although there are many researches providing the transformation rules and frameworks for automating and verifying the CPN model, the CPN markings determination covering all execution paths is quite cumbersome. This paper proposes an automated BPMN verification framework that integrates the BPMN modeling tool and the CPN model checker together. The designed BPMN model is transformed into a CPN model and control flow graph (CFG). The CFG is used to create the execution paths and to find the interleaved activities. The interleaved activities are then considered for creating the CPN port places and markings by an applying of the branch coverage testing technique. Behaviors of the CPN model are analyzed by using a state space analysis based on the CPN model and automated markings. Our framework has been implemented as an Eclipse BPMN modeler plugin, and it is tested with the five case studies. The results show that our framework is practical. It can automate the CPN models from the BPMN model and guide the designers regarding the CPN markings determination to achieve branch coverage criteria

Robuste und kontextbezogene Ausführung mobiler Aktivitäten in Prozessumgebungen

IT-Trendanalysten sehen das Thema "Mobilität" als eine wichtige Säule nachhaltiger IT-Lösungen. Der Trend in Richtung mobiler IT-Anwendungen wird maßgeblich durch Millenials getrieben, d.h. Menschen die mit dem digitalen Zeitalter aufgewachsen sind. Diese erwarten insbesondere auch eine Integration von Smart-Mobilgeräten in bestehende IT-Lösungen. In Bezug auf Prozess-Management-Technologie bedeutet dieser Trend, dass Smart-Mobilgeräte in IT-gestützte Arbeits- bzw. Prozessabläufe nahtlos integriert werden können müssen. Insbesondere sollten sowohl einzelne Aktivitäten (d.h. Prozessschritte) als auch ganze Prozessfragmente (d.h. Ausschnitte eines Prozesses) auf Smart-Mobilgeräten ausführbar sein. Die vorliegende Arbeit adressiert eine solche Integration von Prozess-Management-Technologie und Smart-Mobilgeräten. Konkret wird untersucht, wie ausgewählte Aktivitäten eines Prozesses robust und kontextbezogen auf Smart-Mobilgeräten ausgeführt werden können und welche weitergehenden Anforderungen sich für mobil ausgeführte Aktivitäten im Vergleich zur Ausführung von Aktivitäten auf stationären Systemen ergeben. Da Smart-Mobilgeräte beschränkte Ressourcen besitzen und das Risiko eines Ausfalls höher als bei stationären Systemen ist, erfordern diese Aspekte tiefergehende Untersuchungen. Darüber hinaus erfordert die Unterstützung mobiler Aktivitäten eine technische Umgebung, in der Prozesse ausgeführt werden (sog. Prozessumgebung). Die Arbeit zeigt, dass die nahtlose Integration von Smart-Mobilgeräten in eine Prozessumgebung einen mobilen Kontext (d.h. Attribute wie z.B. Ausführungsort, Geräteeigenschaften und Netzverbindung) erfordert. Auf dessen Basis wird ein umfassendes Rahmenwerk eingeführt, mit dem sich mobile Aktivitäten robust und kontextbezogen in einer Prozessumgebung ausführen lassen. Das Rahmenwerk fußt auf fünf technischen Säulen, deren Konzepte die robuste und kontextbezogene Ausführung bewerkstelligen. Darüber hinaus wird gezeigt, wie sich die vorgestellte Lösung in existierende Prozess-Management-Technologie integrieren lässt. Insgesamt eröffnet eine robuste und kontextbezogene Ausführung mobiler Aktivitäten in einer Prozessumgebung neue Perspektiven für die Einbindung von Endanwendern in ihre Prozesse

Tools and techniques for analysing the impact of information security

PhD ThesisThe discipline of information security is employed by organisations to protect the confidentiality, integrity and availability of information, often communicated in the form of information security policies. A policy expresses rules, constraints and procedures to guard against adversarial threats and reduce risk by instigating desired and secure behaviour of those people interacting with information legitimately. To keep aligned with a dynamic threat landscape, evolving business requirements, regulation updates, and new technologies a policy must undergo periodic review and change. Chief Information Security Officers (CISOs) are the main decision makers on information security policies within an organisation. Making informed policy modifications involves analysing and therefore predicting the impact of those changes on the success rate of business processes often expressed as workflows. Security brings an added burden to completing a workflow. Adding a new security constraint may reduce success rate or even eliminate it if a workflow is always forced to terminate early. This can increase the chances of employees bypassing or violating a security policy. Removing an existing security constraint may increase success rate but may may also increase the risk to security. A lack of suitably aimed impact analysis tools and methodologies for CISOs means impact analysis is currently a somewhat manual and ambiguous procedure. Analysis can be overwhelming, time consuming, error prone, and yield unclear results, especially when workflows are complex, have a large workforce, and diverse security requirements. This thesis considers the provision of tools and more formal techniques specific to CISOs to help them analyse the impact modifying a security policy has on the success rate of a workflow. More precisely, these tools and techniques have been designed to efficiently compare the impact between two versions of a security policy applied to the same workflow, one before, the other after a policy modification. This work focuses on two specific types of security impact analysis. The first is quantitative in nature, providing a measure of success rate for a security constrained workflow which must be executed by employees who may be absent at runtime. This work considers quantifying workflow resiliency which indicates a workflow’s expected success rate assuming the availability of employees to be probabilistic. New aspects of quantitative resiliency are introduced in the form of workflow metrics, and risk management techniques to manage workflows that must work with a resiliency below acceptable levels. Defining these risk management techniques has led to exploring the reduction of resiliency computation time and analysing resiliency in workflows with choice. The second area of focus is more qualitative, in terms of facilitating analysis of how people are likely to behave in response to security and how that behaviour can impact the success rate of a workflow at a task level. Large amounts of information from disparate sources exists on human behavioural factors in a security setting which can be aligned with security standards and structured within a single ontology to form a knowledge base. Consultations with two CISOs have been conducted, whose responses have driven the implementation of two new tools, one graphical, the other Web-oriented allowing CISOs and human factors experts to record and incorporate their knowledge directly within an ontology. The ontology can be used by CISOs to assess the potential impact of changes made to a security policy and help devise behavioural controls to manage that impact. The two consulted CISOs have also carried out an evaluation of the Web-oriented tool. vii