Presen sew-35-12(beamer)
-
Upload
manuel-capel-tunon -
Category
Technology
-
view
443 -
download
0
description
Transcript of Presen sew-35-12(beamer)
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Automating the Transformation from BPMNModels to CSP+T Specifications
M.I. Capel1 L.E. Mendoza2
1School of Computer Engineeringand Telecommunications
University of Granada (Spain)Email: [email protected]
2Processes and Systems DepartmentSimón Bolívar University
Caracas (Venezuela)Email: [email protected]
35th IEEE Annual Software Engineering Workshop, Heraklion, Crete (Greece) 10/13-2012
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Agenda
1 IntroductionMotivationBusiness Process Modelling notationsPrevious workOur approach to BPMN formalization
2 Formalization of BPMNBusiness Process graphical specificationFormalization of a BPD subset
3 Basic ideas for proofs/implementationProduct–Service Sell case studyBTransformer utilization
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Agenda
1 IntroductionMotivationBusiness Process Modelling notationsPrevious workOur approach to BPMN formalization
2 Formalization of BPMNBusiness Process graphical specificationFormalization of a BPD subset
3 Basic ideas for proofs/implementationProduct–Service Sell case studyBTransformer utilization
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Agenda
1 IntroductionMotivationBusiness Process Modelling notationsPrevious workOur approach to BPMN formalization
2 Formalization of BPMNBusiness Process graphical specificationFormalization of a BPD subset
3 Basic ideas for proofs/implementationProduct–Service Sell case studyBTransformer utilization
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
MotivationBusiness Process Modelling notationsPrevious workOur approach to BPMN formalization
Open issues
Business Process Models’ Analysis:Transformation of BPMN models into executable modelsEnvironmental conditions and non–functional requirementsare influential and decisive to obtain any useful model
BPMN–semantics formalizationThe specification of this notation developed by the BusinessProcess Management Initiative (BPMI) does not include aformal semanticsThe lack of a formal semantics impedes “compiling" BPMNand generating code into a business process executionlanguage (BPEL)
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
MotivationBusiness Process Modelling notationsPrevious workOur approach to BPMN formalization
Validation or verification of business processes?
Formalization of BPMN semantics: opens the way tobusiness process models verification
Verification of Business Processes: supports analysts toimprove the quality of IT target models
BPM validation or verification?: not everyone in theCommunity agrees which one to take on
Strengths and weaknesses of each way
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
MotivationBusiness Process Modelling notationsPrevious workOur approach to BPMN formalization
Different approaches to BPM formalization
Analyser and workflow nets [Verbeek 2001]
PA approach and BPMN formalization [Wong 2007]
UML–activity semantics and verification [Eshuis 2002]
Business Process Model for formal verification [Arias 2008]
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
MotivationBusiness Process Modelling notationsPrevious workOur approach to BPMN formalization
Main objectives
Compositional verification of of non–functionalrequirements,including temporal behaviour of the model
Formal semantics of BPD modelling entities that precludesany ambiguity in business process behaviour specification
Integrate model–checkers or other state-of-the-artverification tools for software
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
MotivationBusiness Process Modelling notationsPrevious workOur approach to BPMN formalization
The proposal
A set of transformation rules:{temporal contructs} ⊆ BPMN → {CSP + T} processcalculus
An easy verification method for BPM task models
Modification of an ideal development cycle of BPMs bymerging the verification of BP properties with the designprocess of the task model
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
MotivationBusiness Process Modelling notationsPrevious workOur approach to BPMN formalization
Fundamental insight of the proposal
We take full advantage of strengths that formalization ofBPMN–constructs can provide to the analysis of businessprocesses properties at design time, which will have an im-portant impact when these models are executed.
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Business Process graphical specificationFormalization of a BPD subset
A specific type of flowchart: the Business ProcessDiagram (BPD)
GatewaysEventsActivitiesFlows
Figure: Example of a BPDCapel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Business Process graphical specificationFormalization of a BPD subset
Denotational semantics of the BPD subset
Type : pgate | xgate | ogate | start | end〈〈N〉〉 | abort〈〈N〉〉 | task〈〈Task〉〉 | link〈〈PName〉〉 |bpmn〈〈BName〉〉 | pool〈〈PlName〉〉 |miseq〈〈Task × N〉〉 | miseqs〈〈| BName × N〉〉 |mipar〈〈Task × N〉〉 | mipars〈〈BName × N〉〉
State =̂ [type : Type; in,out ,error : PTransition;exit : P(N× Transition);send , receive, reply ,accept ,break : PMessage flow ;link : P(Transition × Message flow);depend : P(Message flow × Message flow);loopMax : N]
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Business Process graphical specificationFormalization of a BPD subset
BPMN graphical representation of a state
Type
in
out
error
send
/rec
eive
exit_1exit_2exit_3
links & dependences
Type
N
Figure: Black–box model of a BPMN-entity state.
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Business Process graphical specificationFormalization of a BPD subset
Denotation of a state
Each BPD has a semantic state entity associated to itRepresented by the following semantic function :
[bpmn]bpmn : P Name 7→ Local 7→ Processhide : P Name 7→ Local 7→ PEvent
function name = (Y | [αY ]X )\hide(| S |))Where X = ✷i : αY\hide(fin,abt) •(i → X ✷ fin → null ✷abt → stop)And Y = (‖i : Process set • α(Pi ) ◦ P(i))
Only the sequence of external interactions of the BPDThe transformed executable specification is a parallelcomposition of CSP subprocesses
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Business Process graphical specificationFormalization of a BPD subset
BPD representation of BPMN modelling entities
Figure: BPMN Elements Extended Graphical Representation.
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Business Process graphical specificationFormalization of a BPD subset
Extended Business Process Modelling Notation
Firstly, EBPMN needs the semantic precision given by aformal language to its basic elements to transformbusiness processes into executable models
A set of EBPMN constructs can be transformed intoCSP+T terms with soundness
Parallel Fork GatewayParallel Join GatewayData–based OR gatewaysEvent–based OR gatewaysOR–join gateways
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Business Process graphical specificationFormalization of a BPD subset
Parallel Fork Gateway
One branch P(i) for each outgoing control flow depicted bythe gate state
Pagate.1(m,R,P(1) . . .P(n)) = (init .R → SKIP;P(R); ‖m
i=1 [A] : N • init .P(i) → SKIP; P(i))✷ fin → SKIP
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Business Process graphical specificationFormalization of a BPD subset
Data–based OR Gateway
Inclusive gateways that are used for selection of a set ofoutput branches among all the outgoing flows
Pinclusive(n,R,P(1) . . .P(n)) =(init .R → SKIP; X (n))✷ fin → SKIP
X (i) = (i > 1&(condition(i)& init .P(i)→ SKIP; P(i)✷¬condition(i)&SKIP) ‖ X (i − 1))
✷(i = 1& condition(i)& init .P(i)→ SKIP; P(i))
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Business Process graphical specificationFormalization of a BPD subset
Data–based OR Gateway(2)
Exclusive gateways that are used for selecting only oneamong a set of mutually exclusive alternative output flows
Pexclusive(n,R,P(1) . . .P(n),P(Def )) =(init .R → SKIP; X (n))✷ fin → SKIP
X (n) = (✷i=ni=1condition(i)& init .P(i) → SKIP; P(i))
✷(∧i=ni=1¬condition(i)& init .P(Def ) → SKIP ; P(Def ))
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Business Process graphical specificationFormalization of a BPD subset
Event–based OR Gateway
An external events–based choice for selecting a set ofalternative sequence flowsP(event .based) = init .P(m) → SKIP; P(m);
P(inclusive|exclusive)(n,P(m),P(1), . . . ,P(n))P(x) =? x
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Business Process graphical specificationFormalization of a BPD subset
OR–Join Gateway
The exclusive OR–Join (XOR.join) can be modelled by a“select” of mutually exclusive alternativesPXOR.join(n,P(1) . . .P(n),R) =
(✷i=ni=1init .P(i) → SKIP; P(i); init .R →; P(R))
✷ fin → SKIP
The inclusive OR-Merge is equivalent to a barriersynchronizationPincl .join(n,P(1) . . .P(n),R) =
|||i=ni=1 (condition(i)& init .P(i) → SKIP; P(i)
✷¬condition(i)&SKIP); init .R →; P(R)✷ fin → SKIP
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Business Process graphical specificationFormalization of a BPD subset
Formalization of temporal extensions of EBPMN
In many models, not to abide time constraints or resourcesabuse causes the violation of business process rules
The definition of delays associated to BPMN 2.0intermediate event timers is not enough to define preciseconstraints in business process specifications
New analysis entities should be included in BPMN that canaddress temporal and resource constraints
And they have to have associated quantifiable operators toexpress enabled intervals, deadlines, etc.
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Business Process graphical specificationFormalization of a BPD subset
Start event, maximum and minimum time of an Activity
We opted for an extension that includes a maximum andminimum duration time for each BPMN activity:
Figure: Temporal Annotations of the Activity
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Business Process graphical specificationFormalization of a BPD subset
Semantical interpretation
The execution time of bpmn S1 activity does not overrun itsmaximum range, nor occurs before its minimum startingtime elapses:
vS1 + S1.ran.min ≤ s(ǫS2) ≤ vS1 + S1.ran.max .
The corresponding CSP+T process term:
P(S1) =ǫS1 ✶ vS1 → SKIP; (I(Time, vS1 + S1.ran.min).ǫS2 → SKIP;P(S2)✷ǫend → SKIP)Time = S1.ran.max − S1.ran.min
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Business Process graphical specificationFormalization of a BPD subset
Service Tasks
Message sending/reception must be carried out within thetime limits of the activities that sends/receives
These activities do not enter a deadlock state
1) (vS1 < s(ǫm1) ≤ (vS1 + S1.ran.min))
∧ (vS2 < s(ǫm1) < (vS2 + S2.ran.min))
2) (vS2 < s(ǫm2) ≤ (vS2 + S2.ran.min))
∧ (vS1 < s(ǫm2) < (vS1 + S1.ran.min))
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Business Process graphical specificationFormalization of a BPD subset
Semantical interpretation
The communication must take place within the intervalsdefined by the conditions:
s(ǫm1), s(ǫm2) ∈[max{vS1, vS2},min{vS1 + S1.ran.min, vS2 + S2.ran.min}]
The corresponding CSP+T process terms areP(S1) =(ǫS1 ✶ vS1 → SKIP;
(I(MI, MA).ǫm1!(x, vS1) → SKIP; I(MI, MA).ǫm2?(y, vS2) → SKIP;I(Time, vS1 + S1.ran.min).ǫS3 → P(S3)✷ǫend.1 → SKIP))
P(S2) =(ǫS2 ✶ vS2 → SKIP;(I(MI, MA).ǫm1?(x, vS1) → SKIP; I(MI, MA).ǫm2!(y, vS2) → SKIP;I(Time, vS2 + S2.ran.min).ǫS4 → P(S4)✷ǫend.2 → SKIP))
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Product–Service Sell case studyBTransformer utilization
BTransformer Tool
This tool has been invented as model transformationmanager: BPMN model → CSP+T modelImplemented in Eclipse
Includes Model Transformation Language (MTL) andATLAS Transformation Language (ATL) featuresFamiliar environment to the business process analystAutomatic generation of CSP+T formal specifications fromany BPMN model
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Product–Service Sell case studyBTransformer utilization
Btransformer Tool (2)
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Product–Service Sell case studyBTransformer utilization
Case Study
A significant complex process of any CustomerRelationship Management (CRM) business process
Each BPD is encapsulated by a BPMN state, showing ahigh collaboration between business–model participants
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Product–Service Sell case studyBTransformer utilization
BPD of the Product–Service Sell
taskCo_s1
taskCo_s21
end.2start taskCo_s3
taskCo_s4
abort
agate agate
task Co_s6
task Co_s5
taskCo_s7
taskCo_s8
taskCo_s2st
art 2 end.2
agate
taskCu_s1st
art 1 task
Cu_s2N
end.1
abort
vs2
m1.min m1.max
m2.min m2.max
vs1
m4.min m4.max
m3.min m3.max
m5.min m5.max
m6.min m6.max m7.min m7.max
vs21
task Cu_s3
task Cu_s6t.Cu_s4 task Cu_s5
Ycus = (P(start.1)‖Pserv.1()‖Pserv.2()‖Pxgate.1())Pserv.1(P(cu s1), P(co s1), Pmiseq(cu s2), Pmiseqs(co s2))Pserv.2(Pmiseq(cu s2), Pmysub(co s2), Pxgate.1(), Pinterr ())Pinterr (P(co s3), (Pagate.1()‖Pagate.2()), ( P(co s4)‖P(abort.2)))Pxgate.1(2, Pmiseq(cu s2), (P(cu s4)‖Pserv.3()‖P(cu s6)‖
P(end.1)), (P(cu s3)‖Psend (m)‖P(abort.1)))Pserv.3(P(cu s5), P(co s3), P(cu s6), Pagate.2())Pagate.1(2, Pinterr (), P(co s6), P(co s5))Pagate.2(2, P(co s6), P(co s5), (P(co s7)‖P(co s8)‖P(end.2)))
Ycom = (P(start.2)‖Pserv.1()‖Pmiseqs(co s2)‖Pinterr ()‖
Pagate.2()‖P(co s7)‖P(co s8)‖P(end.2))Pmiseqs(co s2) = (P(start.3) ‖ P(co s21) ‖P(end.3))
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Product–Service Sell case studyBTransformer utilization
Definition and specification of PSS business process
The specification of BPMN modelling entities thatrepresent the business participants:[bpmnCompany ]Com = (P(start.2)‖Pserv .1()‖Pmiseqs(co s2)‖Pinterr ()
and the Customer:[bpmnCustomer ]
(P(start.1)‖Pserv .1()‖Pserv .2()‖Pxgate.1())
The collaboration between Customer and Company is denotedby the parallel composition CSP+T process term:
PSS = (Cus | [αCus‖αCom] | Com)\{| msg1}
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Product–Service Sell case studyBTransformer utilization
PSS Properties definition(1)
Some properties of interest for the PSS areabsolute deadline for complete task model execution,task execution according to a predefined order,safety properties preservation,any product/service request will be finally responded,the model participants cannot be unsynchronized, anda product/service should only be delivered/performed afterreceiving a previous request.
We will only demonstrate the following liveness property:
φ = AG[a,b](Communication request ⇒ (1)
AF[a+1,b]Receive and acknowledge)
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Product–Service Sell case studyBTransformer utilization
PSS Properties definition(2)
Figure: Büchi automaton for Customer properties specification
Figure: Büchi automaton for Company properties specification
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Product–Service Sell case studyBTransformer utilization
Model Verification with FDR 2.0(1)
According to trace/failures semantics of CSP, it can beascertained that the following refinements satisfied:
T (φCus) ⊑F Cus, T (φCom) ⊑F Com, (2)
However, FDR 2.0 gives the following counter–example:(〈starts.Cus.cu s1, starts.Cus.cu s2〉, {starts.Cus s3})
After requesting information about the product, the modelwill get blocked if the cutomer cancels the product sell!
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Product–Service Sell case studyBTransformer utilization
Model Verification with FDR 2.0(1)
There is two ways to solve the mismatch between theCustomer process and its specification:
To change the internal design of the bpmn–Customer orthe specification of the Customer process
It makes much more sense to change the specification inthis case, since the business rules allow cancellations upuntil the product has been delivered
We changed Customer specification formula accordingly,to avoid deadlock situation:
φ = AG[a,b](P/S delivery request ⇒ (3)
AF[a+1,b]Receive and acknowledge)
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
Summary
Set of transformation rules fro BPMN 2.0 constructs, inorder to advance towards the verification of task modelsderived from business processesTemporal EBPMN constructs formalization A formalsemantics based on CSP+T has been proposed to gve aprecise semantics to the duretion of bpmn tasks andprocessesCase study discussed A Customer RelationshipManagement (CRM) system has been presented, as abusiness process model to verifyOutlook
Ongoing work focuses on modelling task models ofindustrial–case size which are amenable to fornalverification with model–checking techniques
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
References I
W. Aalst. Challenges in business process analysis. In:Enterprise Information Systems. Lecture Notes in BusinessInformation Processing, v. 12: 27–42. Heidelberg: Springer,2009.
J.Arias, L.Sánchez, C.Delgado. Formal verification ofbpel4ws business collaborations. E-Commerce and WebTechnologies. LNCS 3182:76-85, 2008
H.Eshuis. semantics and verification of uml activitydiagrams for workflow modelling. PhD, University ofTweente, 2002
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
References II
Formal Systems Europe Ltd. Failures–DivergenceRefinement – FDR2 User Manual. Formal Systems EuropeLtd., Oxford, 2005
L.E. Mendoza, M.I. Capel, M.A. Pérez. Conceptualframework for business processes compositionalverification. Information and SoftwareTechnology,54,149:161, 2012.
S. Morimoto. A survey of formal verification for businessprocess modeling. I. Journal of Operations and QuantitativeManagement, 14(4): 237–247, 2008.
Capel, Mendoza From BPMN to CSP+T
IntroductionFormalization of BPMN
Basic ideas for proofs/implementationConclusions and future work
References III
F. Scuglik and M. Sveda. Automatically Generated CSPSpecifications. Journal of Universal Computer Science, v. 9(11):1277-1295, 2003.
H.Verbeek, T.Basten, W.Van der Aalst. Diagnosingworkflow processes using woflan. The Computer Journal44(4):246-279(2001)
P.Y.H. Wong, J. Gibbons.A Relative Timed Semantics forBPMN. Electronic Notes in Theoretical Computer Science229, 59:75, Elsevier, 2009.
Capel, Mendoza From BPMN to CSP+T