Search results

Testing business processes is crucial to assess the compliance of business process models with requirements. Automating this task optimizes testing efforts and reduces human error while also providing improvement insights for the business process modeling activity. The primary purposes of this paper are to conduct a literature review of Business Process Model and Notation (BPMN) testing and formal verification and to propose the Business Process Evaluation and Research Framework for Enhancement and Continuous Testing (bPERFECT) framework, which aims to guide business process testing (BPT) research and implementation. Secondary objectives include (1) eliciting the existing types of testing, (2) evaluating their impact on efficiency and (3) assessing the formal verification techniques that complement testing.

The methodology used is based on Kitchenham's (2004) original procedures for conducting systematic literature reviews.

Results of this study indicate that three distinct business process model testing types can be found in the literature: black/gray-box, regression and integration. Testing and verification approaches differ in aspects such as awareness of test data, coverage criteria and auxiliary representations used. However, most solutions pose notable hindrances, such as BPMN element limitations, that lead to limited practicality.

The databases selected in the review protocol may have excluded relevant studies on this topic. More databases and gray literature could also be considered for inclusion in this review.

Three main originality aspects are identified in this study as follows: (1) the classification of process model testing types, (2) the future trends foreseen for BPMN model testing and verification and (3) the bPERFECT framework for testing business processes.

This paper investigates the criteria for a selective integration, in the multidisciplinary business process management (BPM) areas, between information technologies tools and the company's internal control systems (ICSs) aimed at directing organizational behaviours. Adopting a process-based perspective, the authors propose a formal methodology to increase ICSs aims, related to the segregation of duties (SoDs) models, efficiently and effectively.

The authors examine the applicability of formal verifications to validate a banking process of providing investment services, which is mapped through the workflow management system. To mitigate the state explosion problem of formal methods, the authors propose an efficient methodology that has been proved on the SoDs models in the bank ICSs, as a case study.

The authors’ investigations suggest that in the BPM domain, the banking ICSs aims can benefit from the aforesaid methodologies, originating from the formal methods area, to increase the reliability and correctness in the design, modelling and implementation of the SoDs models.

The proposed methodology is quite general and can be efficiently applied to large-scale systems in different business contexts or areas of the BPM. Its application to the bank's SoD prevents or detects significant weaknesses, operational risks, excessive risk appetite and other undesirable behaviours in the investment services provision processes. This guarantees that the investment ordered/offered is “suitable and appropriate” with the client's risk profile, especially non-professional, required by the MiFID II Directive.

The purpose of this paper is to describe how formal verification strategies have been utilized to assess the correctness of Knowledge Creation Process (KCP) in the social systems. This paper analyzes a User Relationship Management (URM) approach in term of human behavior connection in the social systems. A formal framework is displayed for the URM which consolidates behavioral demonstrating strategy.

Evaluating the human behavior interactions is an important matter in the social systems. For this analysis, formal verification is an essential section in the complex information systems development. Model checking results satisfied the logical problems in the proposed behavior model analysis.

Model checking results represent satisfaction of the logical problems in the proposed behavior model analysis. In the statistical testing, the proposed URM mechanism supported KCP conditions. Also, the percentage of state reachability in the URM with KCP conditions is higher than the URM mechanism without supporting KCP conditions.

The model checking results show that the proposed URM mechanism with supporting the KCP conditions satisfies comprehensively behavioral interactions rather than the mechanism without KCP conditions in the social networks.

The purpose of this paper is to present a formal verification method to prove the correctness of social customer relationship management (CRM)-based service composition approach. The correctness of the proposed approach is analyzed to evaluate the customer behavioral interactions for discovering, selecting and composing social CRM-based services. In addition, a Kripke structure-based verification method is presented for verifying the behavioral models of the proposed approach.

Evaluating the customer behavioral interactions using the social CRM-based service composition approach is an important issue. In addition, formal verification has an important role in assessing the social CRM-based service composition. However, model checking can be efficient as a verification method to evaluate the functional properties of the social CRM-based service composition approach.

The results of model checking satisfied the logical problems in the proposed behavior model analysis. In the statistical testing, the proposed URM mechanism supported the four knowledge creation process conditions. It was also shown that the percentage of state reachability in the URM with KCP conditions is higher than the URM mechanism without supporting KCP conditions.

The comparison of time and memory consumption of the model checking method shows that the social CRM-based service composition approach covers knowledge process features, which makes it an efficient method.

This study is a systematic literature review of the application of artificial intelligence (AI) in safety-critical systems. The authors aim to present the current application status according to different AI techniques and propose some research directions and insights to promote its wider application.

A total of 92 articles were selected for this review through a systematic literature review along with a thematic analysis.

The literature is divided into three themes: interpretable method, explain model behavior and reinforcement of safe learning. Among AI techniques, the most widely used are Bayesian networks (BNs) and deep neural networks. In addition, given the huge potential in this field, four future research directions were also proposed.

This study is of vital interest to industry practitioners and regulators in safety-critical domain, as it provided a clear picture of the current status and pointed out that some AI techniques have great application potential. For those that are inherently appropriate for use in safety-critical systems, regulators can conduct in-depth studies to validate and encourage their use in the industry.

This is the first review of the application of AI in safety-critical systems in the literature. It marks the first step toward advancing AI in safety-critical domain. The paper has potential values to promote the use of the term “safety-critical” and to improve the phenomenon of literature fragmentation.

The need for assuring correctness of business processes in enterprises is widely recognised in terms of business process re-engineering and improvement. Formal methods are a promising approach to this issue. The challenge in business process verification is to create a formal model that is well-aligned to the reality. Process mining is a well-known technique to discover a model of a process based on facts. However, no studies exist that apply it to formal verification. This study aims to propose a methodology for formal business process verification by means of process mining, and attempts to clarify the challenges and necessary technologies in this approach using a case study.

A trading company simulation model is used as a case study. A workflow model is discovered from an event log produced by a simulation tool and manually complemented to a formal model. Correctness requirements of both domain-dependent and domain-independent types of the model are checked by means of model-checking.

For business process verification with both domain-dependent and domain-independent correctness requirements, more advanced process mining techniques that discover data-related aspects of processes are desirable. The choice of a formal modelling language is also crucial. It depends on the correctness requirements and the characteristics of the business process.

Formal verification of business processes starting with creating its formal model is quite new. Furthermore, domain-dependent and domain-independent correctness properties are considered in the same framework, which is also new. This study revealed necessary technologies for this approach with process mining.

Nowadays, connected vehicles are becoming quite complex systems which are made up of different devices. In such a vehicle, there are several electronic control units (ECUs) that represent basic units of computation. These ECUs communicate with each other over the Controller Area Network (CAN) bus protocol which ensures a high communication rate. Even though it is an efficient standard which provides communication for in-vehicle networks, it is prone to various cybersecurity attacks. This paper aims to present a systematic literature review (SLR) which focuses on potential attacks on CAN bus networks. Then, it surveys the solutions proposed to overcome these attacks. In addition, it investigates the validation strategies aiming to check their accuracy and correctness.

The authors have adopted the SLR methodology to summarize existing research papers that focus on the potential attacks on CAN bus networks. In addition, they compare the selected papers by classifying them according to the adopted validation strategies. They identify also gaps in the existing literature and provide a set of open challenges that can significantly improve the existing works.

The study showed that most of the examined papers adopted the simulation as a validation strategy to imitate the system behavior and evaluate a set of performance criteria. Nevertheless, a little consideration has been given to the formal verification of the proposed systems.

Unlike the existing surveys, this paper presents the first SLR that identifies local and remote security attacks that can compromise in-vehicle and inter-vehicle communications. Moreover, it compares the reviewed papers while focusing on the used validation strategies.

This paper aims to describe the development of a new software tool for the scheduling of real‐time control messages in a time‐triggered control network. The prime application area for such a solution is in real‐time robotic controllers and other similar machine control systems.

The design of a scheduling tool, called SMART‐Plan, is described. The tool is based on a “least slack time” scheduling policy. A prototype tool for the time‐triggered controller area network (TTCAN) is developed. The design is validated against Society of Automotive Engineers Benchmark and a formal verification of the message schedule is also proposed.

The research findings show that it is feasible to develop such a message scheduling tool and the performance of the tool is comparable with other research solutions, which have been applied in the past to simple periodic schedulers, as opposed to time‐triggered networks.

Although the prototype solution assumes a TTCAN control network, the concept will also be feasible for other types of time‐triggered control networks. The availability of such a tool might encourage developers of robotic equipment to adopt the time‐triggered network approach for the architectural development of such control systems. To date, the problems associated with the message scheduling of such time‐triggered systems have been an inhibitor to such developments.

This is a new scheduling approach to the message scheduling of time‐triggerred control networks.

This paper aims to present the verification process conducted to assess the functional correctness of the voting system. Consejo Nacional de Investigaciones Científicas y Técnicas (CONICET) is the most important research institution in Argentina. It depends directly from Argentina’s President but its internal authorities are elected by around 8,000 research across the country. During 2011, the CONICET developed a Web voting system to replace the traditional mail-based process. In 2012 and 2014, CONICET conducted two Web election with no complaints from candidates and voters. Before moving the system into production, CONICET asked the authors to conduct a functional and security assessment of it.

This process is the result of integrating formal, semi-formal and informal verification activities from formal proof to code inspection and model-based testing.

Given the resources and time available, a reasonable level of confidence on the correctness of the application could be transmitted to senior management.

A formal specification of the requirements must be developed.

Formal methods and semi-formal activities are seldom applied to Web applications.

Public services can be modelled, analysed and implemented using notations and tools for the business process (BP) abstraction. Applying such an explicit approach public administrations (PAs) can better react to the undergoing transformation in service provisioning and they can continuously improve service quality in order to satisfy citizens and business requests, while coping with decreasing budgets. The purpose of this paper is to discuss these issues.

The proposed approach relies on using formal methods, in particular unfolding to analyse the correctness of BP. The paper also compares and selects mapping rules from semi-formal to formal modelling languages; these techniques are presented in the context of the BP Modelling Languages and Petri Net (PN).

Main aim of this paper is to raise the need for formal verification of BP governing the interactions among PAs, which more and more need to be supported by ICT mechanisms, and then are not so much tolerant to errors and imperfections in the process specification. The paper illustrates the main motivations of such a work and it introduces a verification technique of a BP using a mapping of a high-level notation (such as BPMN 2.0) to a formal notation (such as PNs) for which formal analysis techniques can be adopted. In particular the verification step is implemented using an unfolding-based technique.

The paper answers a call for further development of the body of knowledge on effective analysis of BPs, a rapidly emerging field of interest for large and ultra large scenarios, where a clear gap in literature exists. Than the paper shows that formal techniques are mature enough to be applied on real scenarios.