Search results
1 – 10 of 143Tomás Lopes and Sérgio Guerreiro
Testing business processes is crucial to assess the compliance of business process models with requirements. Automating this task optimizes testing efforts and reduces human error…
Abstract
Purpose
Testing business processes is crucial to assess the compliance of business process models with requirements. Automating this task optimizes testing efforts and reduces human error while also providing improvement insights for the business process modeling activity. The primary purposes of this paper are to conduct a literature review of Business Process Model and Notation (BPMN) testing and formal verification and to propose the Business Process Evaluation and Research Framework for Enhancement and Continuous Testing (bPERFECT) framework, which aims to guide business process testing (BPT) research and implementation. Secondary objectives include (1) eliciting the existing types of testing, (2) evaluating their impact on efficiency and (3) assessing the formal verification techniques that complement testing.
Design/methodology/approach
The methodology used is based on Kitchenham's (2004) original procedures for conducting systematic literature reviews.
Findings
Results of this study indicate that three distinct business process model testing types can be found in the literature: black/gray-box, regression and integration. Testing and verification approaches differ in aspects such as awareness of test data, coverage criteria and auxiliary representations used. However, most solutions pose notable hindrances, such as BPMN element limitations, that lead to limited practicality.
Research limitations/implications
The databases selected in the review protocol may have excluded relevant studies on this topic. More databases and gray literature could also be considered for inclusion in this review.
Originality/value
Three main originality aspects are identified in this study as follows: (1) the classification of process model testing types, (2) the future trends foreseen for BPMN model testing and verification and (3) the bPERFECT framework for testing business processes.
Details
Keywords
Domenico Raucci, Antonella Santone, Francesco Mercaldo and Tomasz Dyczkowski
This paper investigates the criteria for a selective integration, in the multidisciplinary business process management (BPM) areas, between information technologies tools and the…
Abstract
Purpose
This paper investigates the criteria for a selective integration, in the multidisciplinary business process management (BPM) areas, between information technologies tools and the company's internal control systems (ICSs) aimed at directing organizational behaviours. Adopting a process-based perspective, the authors propose a formal methodology to increase ICSs aims, related to the segregation of duties (SoDs) models, efficiently and effectively.
Design/methodology/approach
The authors examine the applicability of formal verifications to validate a banking process of providing investment services, which is mapped through the workflow management system. To mitigate the state explosion problem of formal methods, the authors propose an efficient methodology that has been proved on the SoDs models in the bank ICSs, as a case study.
Findings
The authors’ investigations suggest that in the BPM domain, the banking ICSs aims can benefit from the aforesaid methodologies, originating from the formal methods area, to increase the reliability and correctness in the design, modelling and implementation of the SoDs models.
Originality/value
The proposed methodology is quite general and can be efficiently applied to large-scale systems in different business contexts or areas of the BPM. Its application to the bank's SoD prevents or detects significant weaknesses, operational risks, excessive risk appetite and other undesirable behaviours in the investment services provision processes. This guarantees that the investment ordered/offered is “suitable and appropriate” with the client's risk profile, especially non-professional, required by the MiFID II Directive.
Details
Keywords
Alireza Souri, Monire Nourozi, Amir Masoud Rahmani and Nima Jafari Navimipour
The purpose of this paper is to describe how formal verification strategies have been utilized to assess the correctness of Knowledge Creation Process (KCP) in the social systems…
Abstract
Purpose
The purpose of this paper is to describe how formal verification strategies have been utilized to assess the correctness of Knowledge Creation Process (KCP) in the social systems. This paper analyzes a User Relationship Management (URM) approach in term of human behavior connection in the social systems. A formal framework is displayed for the URM which consolidates behavioral demonstrating strategy.
Design/methodology/approach
Evaluating the human behavior interactions is an important matter in the social systems. For this analysis, formal verification is an essential section in the complex information systems development. Model checking results satisfied the logical problems in the proposed behavior model analysis.
Findings
Model checking results represent satisfaction of the logical problems in the proposed behavior model analysis. In the statistical testing, the proposed URM mechanism supported KCP conditions. Also, the percentage of state reachability in the URM with KCP conditions is higher than the URM mechanism without supporting KCP conditions.
Originality/value
The model checking results show that the proposed URM mechanism with supporting the KCP conditions satisfies comprehensively behavioral interactions rather than the mechanism without KCP conditions in the social networks.
Details
Keywords
Alireza Souri, Amir Masoud Rahmani, Nima Jafari Navimipour and Reza Rezaei
The purpose of this paper is to present a formal verification method to prove the correctness of social customer relationship management (CRM)-based service composition approach…
Abstract
Purpose
The purpose of this paper is to present a formal verification method to prove the correctness of social customer relationship management (CRM)-based service composition approach. The correctness of the proposed approach is analyzed to evaluate the customer behavioral interactions for discovering, selecting and composing social CRM-based services. In addition, a Kripke structure-based verification method is presented for verifying the behavioral models of the proposed approach.
Design/methodology/approach
Evaluating the customer behavioral interactions using the social CRM-based service composition approach is an important issue. In addition, formal verification has an important role in assessing the social CRM-based service composition. However, model checking can be efficient as a verification method to evaluate the functional properties of the social CRM-based service composition approach.
Findings
The results of model checking satisfied the logical problems in the proposed behavior model analysis. In the statistical testing, the proposed URM mechanism supported the four knowledge creation process conditions. It was also shown that the percentage of state reachability in the URM with KCP conditions is higher than the URM mechanism without supporting KCP conditions.
Originality/value
The comparison of time and memory consumption of the model checking method shows that the social CRM-based service composition approach covers knowledge process features, which makes it an efficient method.
Details
Keywords
Yue Wang and Sai Ho Chung
This study is a systematic literature review of the application of artificial intelligence (AI) in safety-critical systems. The authors aim to present the current application…
Abstract
Purpose
This study is a systematic literature review of the application of artificial intelligence (AI) in safety-critical systems. The authors aim to present the current application status according to different AI techniques and propose some research directions and insights to promote its wider application.
Design/methodology/approach
A total of 92 articles were selected for this review through a systematic literature review along with a thematic analysis.
Findings
The literature is divided into three themes: interpretable method, explain model behavior and reinforcement of safe learning. Among AI techniques, the most widely used are Bayesian networks (BNs) and deep neural networks. In addition, given the huge potential in this field, four future research directions were also proposed.
Practical implications
This study is of vital interest to industry practitioners and regulators in safety-critical domain, as it provided a clear picture of the current status and pointed out that some AI techniques have great application potential. For those that are inherently appropriate for use in safety-critical systems, regulators can conduct in-depth studies to validate and encourage their use in the industry.
Originality/value
This is the first review of the application of AI in safety-critical systems in the literature. It marks the first step toward advancing AI in safety-critical domain. The paper has potential values to promote the use of the term “safety-critical” and to improve the phenomenon of literature fragmentation.
Details
Keywords
Sohei Ito, Dominik Vymětal and Roman Šperka
The need for assuring correctness of business processes in enterprises is widely recognised in terms of business process re-engineering and improvement. Formal methods are a…
Abstract
Purpose
The need for assuring correctness of business processes in enterprises is widely recognised in terms of business process re-engineering and improvement. Formal methods are a promising approach to this issue. The challenge in business process verification is to create a formal model that is well-aligned to the reality. Process mining is a well-known technique to discover a model of a process based on facts. However, no studies exist that apply it to formal verification. This study aims to propose a methodology for formal business process verification by means of process mining, and attempts to clarify the challenges and necessary technologies in this approach using a case study.
Design/methodology/approach
A trading company simulation model is used as a case study. A workflow model is discovered from an event log produced by a simulation tool and manually complemented to a formal model. Correctness requirements of both domain-dependent and domain-independent types of the model are checked by means of model-checking.
Findings
For business process verification with both domain-dependent and domain-independent correctness requirements, more advanced process mining techniques that discover data-related aspects of processes are desirable. The choice of a formal modelling language is also crucial. It depends on the correctness requirements and the characteristics of the business process.
Originality/value
Formal verification of business processes starting with creating its formal model is quite new. Furthermore, domain-dependent and domain-independent correctness properties are considered in the same framework, which is also new. This study revealed necessary technologies for this approach with process mining.
Details
Keywords
Faten Fakhfakh, Mohamed Tounsi and Mohamed Mosbah
Nowadays, connected vehicles are becoming quite complex systems which are made up of different devices. In such a vehicle, there are several electronic control units (ECUs) that…
Abstract
Purpose
Nowadays, connected vehicles are becoming quite complex systems which are made up of different devices. In such a vehicle, there are several electronic control units (ECUs) that represent basic units of computation. These ECUs communicate with each other over the Controller Area Network (CAN) bus protocol which ensures a high communication rate. Even though it is an efficient standard which provides communication for in-vehicle networks, it is prone to various cybersecurity attacks. This paper aims to present a systematic literature review (SLR) which focuses on potential attacks on CAN bus networks. Then, it surveys the solutions proposed to overcome these attacks. In addition, it investigates the validation strategies aiming to check their accuracy and correctness.
Design/methodology/approach
The authors have adopted the SLR methodology to summarize existing research papers that focus on the potential attacks on CAN bus networks. In addition, they compare the selected papers by classifying them according to the adopted validation strategies. They identify also gaps in the existing literature and provide a set of open challenges that can significantly improve the existing works.
Findings
The study showed that most of the examined papers adopted the simulation as a validation strategy to imitate the system behavior and evaluate a set of performance criteria. Nevertheless, a little consideration has been given to the formal verification of the proposed systems.
Originality/value
Unlike the existing surveys, this paper presents the first SLR that identifies local and remote security attacks that can compromise in-vehicle and inter-vehicle communications. Moreover, it compares the reviewed papers while focusing on the used validation strategies.
Details
Keywords
Margaret Naughton and Donal Heffernan
This paper aims to describe the development of a new software tool for the scheduling of real‐time control messages in a time‐triggered control network. The prime application area…
Abstract
Purpose
This paper aims to describe the development of a new software tool for the scheduling of real‐time control messages in a time‐triggered control network. The prime application area for such a solution is in real‐time robotic controllers and other similar machine control systems.
Design/methodology/approach
The design of a scheduling tool, called SMART‐Plan, is described. The tool is based on a “least slack time” scheduling policy. A prototype tool for the time‐triggered controller area network (TTCAN) is developed. The design is validated against Society of Automotive Engineers Benchmark and a formal verification of the message schedule is also proposed.
Findings
The research findings show that it is feasible to develop such a message scheduling tool and the performance of the tool is comparable with other research solutions, which have been applied in the past to simple periodic schedulers, as opposed to time‐triggered networks.
Research limitations/implications
Although the prototype solution assumes a TTCAN control network, the concept will also be feasible for other types of time‐triggered control networks. The availability of such a tool might encourage developers of robotic equipment to adopt the time‐triggered network approach for the architectural development of such control systems. To date, the problems associated with the message scheduling of such time‐triggered systems have been an inhibitor to such developments.
Originality/value
This is a new scheduling approach to the message scheduling of time‐triggerred control networks.
Details
Keywords
Maximiliano Cristia and Claudia Frydman
This paper aims to present the verification process conducted to assess the functional correctness of the voting system. Consejo Nacional de Investigaciones Científicas y Técnicas…
Abstract
Purpose
This paper aims to present the verification process conducted to assess the functional correctness of the voting system. Consejo Nacional de Investigaciones Científicas y Técnicas (CONICET) is the most important research institution in Argentina. It depends directly from Argentina’s President but its internal authorities are elected by around 8,000 research across the country. During 2011, the CONICET developed a Web voting system to replace the traditional mail-based process. In 2012 and 2014, CONICET conducted two Web election with no complaints from candidates and voters. Before moving the system into production, CONICET asked the authors to conduct a functional and security assessment of it.
Design/methodology/approach
This process is the result of integrating formal, semi-formal and informal verification activities from formal proof to code inspection and model-based testing.
Findings
Given the resources and time available, a reasonable level of confidence on the correctness of the application could be transmitted to senior management.
Research limitations/implications
A formal specification of the requirements must be developed.
Originality/value
Formal methods and semi-formal activities are seldom applied to Web applications.
Details
Keywords
Flavio Corradini, Andrea Polini and Barbara Re
Public services can be modelled, analysed and implemented using notations and tools for the business process (BP) abstraction. Applying such an explicit approach public…
Abstract
Purpose
Public services can be modelled, analysed and implemented using notations and tools for the business process (BP) abstraction. Applying such an explicit approach public administrations (PAs) can better react to the undergoing transformation in service provisioning and they can continuously improve service quality in order to satisfy citizens and business requests, while coping with decreasing budgets. The purpose of this paper is to discuss these issues.
Design/methodology/approach
The proposed approach relies on using formal methods, in particular unfolding to analyse the correctness of BP. The paper also compares and selects mapping rules from semi-formal to formal modelling languages; these techniques are presented in the context of the BP Modelling Languages and Petri Net (PN).
Findings
Main aim of this paper is to raise the need for formal verification of BP governing the interactions among PAs, which more and more need to be supported by ICT mechanisms, and then are not so much tolerant to errors and imperfections in the process specification. The paper illustrates the main motivations of such a work and it introduces a verification technique of a BP using a mapping of a high-level notation (such as BPMN 2.0) to a formal notation (such as PNs) for which formal analysis techniques can be adopted. In particular the verification step is implemented using an unfolding-based technique.
Originality/value
The paper answers a call for further development of the body of knowledge on effective analysis of BPs, a rapidly emerging field of interest for large and ultra large scenarios, where a clear gap in literature exists. Than the paper shows that formal techniques are mature enough to be applied on real scenarios.
Details