Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Temporal logics over finite traces for declarative BPM

253 views

Published on

Invited talk on "Temporal logics over finite traces for declarative BPM" at the Workshop on Formal Methods for Artificial Intelligence (FMAI 2017), 22-24/02/2017, Naples, Italy

  • Be the first to comment

  • Be the first to like this

Temporal logics over finite traces for declarative BPM

  1. 1. Marco Montali
 Free University of Bozen-Bolzano montali@inf.unibz.it cess Story TEMPORAL DECLARATIVE OVER FOR BPM FINITE TRACES LOGICS A SUCCESS STORY marco montali free university of bozen-bolzano FMAI17
  2. 2. Assets of an Organization • Data: the main information source about the history of the domain of interest and the relevant aspects of the current state of affairs • Resources: humans and devices responsible for the execution of work • Business processes: how work is carried out in the domain of interest, towards the achievement of organizational objectives 2
  3. 3. Business Process Management A collection of
 concepts, methodologies, techniques,
 to support humans in 
 modeling, governance, deployment, enactment, and analysis of
 business processes 3
  4. 4. Business Process Lifecycle diagnosis/ requirements configuration/ implementation (re)design enactment/ monitoring 4 models data
  5. 5. BPM! 5
  6. 6. BPM? 6
  7. 7. Environment 7
  8. 8. Flexibility vs Control Flexibility: degree to which users can make local decisions about how to execute processes. Control: degree to which a system makes centralized decisions about how to execute processes. Universe of Traces Compliant Traces Flexibility8
  9. 9. Trends in BPM modeling • Highly-variable BPs • Metaphor: rules/constraints Dec t i lar a ev Imperative modeling • Traditional repetitive BPs • Metaphor: flow-chart 9
  10. 10. The Issue of Flexibility 10
  11. 11. Imperative Modeling 11
  12. 12. Organizational Boundaries 12
  13. 13. Imperative Modeling Focus: howthings must be done • Explicit description of the process control-flow Closedmodeling • All that is not explicitly modeled is forbidden • Exceptions/uncommon behaviors have to be explicitly enumerated at design time 13
  14. 14. BPMN Receive order Check availability Article available? Ship article Financial settlement yes Procurement no Payment received Inform customer Late deliveryUndeliverable Customer informed Inform customer Article removed Remove article from catalogue 14
  15. 15. BPMN Receive order Check availability Article available? Ship article Financial settlement yes Procurement no Payment received Inform customer Late deliveryUndeliverable Customer informed Inform customer Article removed Remove article from catalogue Input Output 15
  16. 16. BPMN Receive order Check availability Article available? Ship article Financial settlement yes Procurement no Payment received Inform customer Late deliveryUndeliverable Customer informed Inform customer Article removed Remove article from catalogue Input Output 16
  17. 17. Organizational Boundaries 17
  18. 18. Choreography Example • An order can be finalized at most once • Once an order is finalized, it must be confirmed or rejected • A confirmed order may be rejected later on (due to “late” problems), but not vice-versa: a rejection cannot be reverted. • An order can be confirmed only if it shipped before. • An order may be rejected autonomously by the seller. However, if the warehouse notifies the seller of a shipment issue, then the seller has to reject the order. • The warehouse decision is firm: “Ship” and “Notify shipment issue” are mutually exclusive. 18
  19. 19. What is your Favourite Italian Food? Order-to-delivery 19
  20. 20. What is your Favourite Italian Food? Order-to-delivery 20
  21. 21. What is your Favourite Italian Food? UnderstandingSpaghettiModelswithSequenceClusteringforProM9 thoseexceptions.Figure4depictstheresultofafirstattempttoanalyzethe applicationserverlogsusingtheheuristicsminer[4]. Exception (complete) 187 EstabelecimentoNotFoundException (complete) 187 0,991 152 GREJBPersistencyException (complete) 179 0,909 159 PGWSException (complete) 168 0,889 12 ITPTExternalServiceException (complete) 183 0,944 162 SIPSCNoRecordsFoundException (complete) 160 0,8 5 PessoaSingularNotFoundException (complete) 138 0,667 3 BusinessLogicException (complete) 183 0,75 4 SICCLException (complete) 175 0,857 19 NaoExistemRegistosException (complete) 143 0,833 6 RPCBusinessException (complete) 38 0,75 3 SAFBusinessException (complete) 115 0,8 68 GREJBBusinessException (complete) 45 0,75 23 DESWSException (complete) 14 0,667 14 NullPointerException (complete) 104 0,8 91 ValidationException (complete) 31 0,8 12 GILBusinessException (complete) 14 0,5 6 GRServicesException (complete) 7 0,667 3 CSIBusinessException (complete) 14 0,5 6 ConcorrenciaException (complete) 5 0,5 2 CSIPersistencyException (complete) 3 0,5 2 0,857 34 ITPTServerException (complete) 21 0,667 15 COOPException (complete) 4 0,5 2 RSIValidationException (complete) 25 0,667 18 BasicSystemException (complete) 16 0,667 11 PesquisaAmbiguaException (complete) 6 0,5 6 CPFBusinessException (complete) 3 0,5 2 0,8 95 ADOPException (complete) 6 0,5 5 AFBusinessException (complete) 64 SIPSCRemoteBusinessException (complete) 51 0,833 13 ConcurrentModificationException (complete) 5 0,5 1 CDFBusinessException (complete) 6 0,667 2 AssinaturaNaoIncluidaException (complete) 1 0,5 1 SICCSException (complete) 32 0,8 11 CartaoCidadaoException (complete) 64 0,833 38 SOAPException (complete) 22 0,667 14 TooManyRowsException (complete) 112 0,667 18 SIPSCFatalException (complete) 20 0,667 9 LimiteTemporalException (complete) 4 0,5 2 0,8 28 SVIBusinessUserException (complete) 18 0,75 12 GRConcurrencyException (complete) 8 0,5 2 ContribuinteRegionalNotFoundException (complete) 63 0,75 30 JDOFatalUserException (complete) 124 0,947 49 0,667 5 SQLException (complete) 9 0,667 7 IOException (complete) 27 0,75 22 PessoaColectivaNotFoundException (complete) 23 0,75 20 ServiceDelegateRemoteException (complete) 3 0,5 2 0,5 5 PASException (complete) 2 0,5 1 FileNotFoundException (complete) 31 0,75 13 QgenMIParametrizedBusinessException (complete) 1 0,5 1 ADOPMessageException (complete) 3 0,5 2 LayoffException (complete) 1 0,5 1 0,75 8 CMPException (complete) 1 0,5 1 GREJBRemoteServiceException (complete) 34 0,75 4 RSIPersistenceException (complete) 24 0,75 4 CSIRemoteException (complete) 3 0,5 1 SIPSCFatalRemoteCallException (complete) 3 0,5 1 SIPSCDatabaseException (complete) 1 0,5 1 BusinessException (complete) 159 0,667 9 SVIBusinessException (complete) 1 0,5 1 ParametrizedBusinessException (complete) 2 0,5 2 GDServicesException (complete) 4 0,5 3 ServerException (complete) 132 0,75 16 PGException (complete) 6 0,667 5 0,75 4 DESException (complete) 135 0,667 13 0,667 2 0,75 9 SIPSCException (complete) 27 0,75 9 ReportException (complete) 5 0,667 2 SSNServiceException (complete) 1 0,5 1 AFException (complete) 1 0,5 1 InvalidNISSException (complete) 14 0,75 4 0,75 14 GILConcurrencyException (complete) 1 0,5 1 RSISystemException (complete) 28 0,75 7 0,667 5 0,667 1 0,75 2 0,667 5 0,833 5 0,667 5 0,667 4 0,75 12 0,981 53 ADOPUserChoiceException (complete) 1 0,5 1 0,667 5 RPCException (complete) 1 0,5 1 GREJBConcurrencyException (complete) 15 0,875 8 0,5 1 0,5 1 0,667 1 MoradaPortuguesaNotFoundException (complete) 1 0,5 1 0,75 4 0,5 1 0,667 6 0,5 1 0,5 2 0,889 8 0,75 3 0,8 3 RSIException (complete) 1 0,5 1 0,5 1 0,5 1 0,667 4 0,667 3 0,5 1 0,5 2 0,75 5 0,5 1 0,5 1 0,5 2 0,5 1 0,5 1 0,5 1 0,5 1 0,5 1 0,5 1 0,5 1 0,5 1 0,5 1 0,5 1 0,5 1 0,5 1 0,8 1 0,5 1 0,5 1 0,5 1 Fig.4.Spaghettimodelobtainedfromtheapplicationserverlogsusingtheheuristics miner. Usingthesequenceclusteringplug-inanditspreprocessingcapabilities,as wellasthepossibilityofvisuallyadjustingtheclustermodelsaccordingtocertain Healthcare 21
  22. 22. What is your Favourite Italian Food? UnderstandingSpaghettiModelswithSequenceClusteringforProM9 thoseexceptions.Figure4depictstheresultofafirstattempttoanalyzethe applicationserverlogsusingtheheuristicsminer[4]. Exception (complete) 187 EstabelecimentoNotFoundException (complete) 187 0,991 152 GREJBPersistencyException (complete) 179 0,909 159 PGWSException (complete) 168 0,889 12 ITPTExternalServiceException (complete) 183 0,944 162 SIPSCNoRecordsFoundException (complete) 160 0,8 5 PessoaSingularNotFoundException (complete) 138 0,667 3 BusinessLogicException (complete) 183 0,75 4 SICCLException (complete) 175 0,857 19 NaoExistemRegistosException (complete) 143 0,833 6 RPCBusinessException (complete) 38 0,75 3 SAFBusinessException (complete) 115 0,8 68 GREJBBusinessException (complete) 45 0,75 23 DESWSException (complete) 14 0,667 14 NullPointerException (complete) 104 0,8 91 ValidationException (complete) 31 0,8 12 GILBusinessException (complete) 14 0,5 6 GRServicesException (complete) 7 0,667 3 CSIBusinessException (complete) 14 0,5 6 ConcorrenciaException (complete) 5 0,5 2 CSIPersistencyException (complete) 3 0,5 2 0,857 34 ITPTServerException (complete) 21 0,667 15 COOPException (complete) 4 0,5 2 RSIValidationException (complete) 25 0,667 18 BasicSystemException (complete) 16 0,667 11 PesquisaAmbiguaException (complete) 6 0,5 6 CPFBusinessException (complete) 3 0,5 2 0,8 95 ADOPException (complete) 6 0,5 5 AFBusinessException (complete) 64 SIPSCRemoteBusinessException (complete) 51 0,833 13 ConcurrentModificationException (complete) 5 0,5 1 CDFBusinessException (complete) 6 0,667 2 AssinaturaNaoIncluidaException (complete) 1 0,5 1 SICCSException (complete) 32 0,8 11 CartaoCidadaoException (complete) 64 0,833 38 SOAPException (complete) 22 0,667 14 TooManyRowsException (complete) 112 0,667 18 SIPSCFatalException (complete) 20 0,667 9 LimiteTemporalException (complete) 4 0,5 2 0,8 28 SVIBusinessUserException (complete) 18 0,75 12 GRConcurrencyException (complete) 8 0,5 2 ContribuinteRegionalNotFoundException (complete) 63 0,75 30 JDOFatalUserException (complete) 124 0,947 49 0,667 5 SQLException (complete) 9 0,667 7 IOException (complete) 27 0,75 22 PessoaColectivaNotFoundException (complete) 23 0,75 20 ServiceDelegateRemoteException (complete) 3 0,5 2 0,5 5 PASException (complete) 2 0,5 1 FileNotFoundException (complete) 31 0,75 13 QgenMIParametrizedBusinessException (complete) 1 0,5 1 ADOPMessageException (complete) 3 0,5 2 LayoffException (complete) 1 0,5 1 0,75 8 CMPException (complete) 1 0,5 1 GREJBRemoteServiceException (complete) 34 0,75 4 RSIPersistenceException (complete) 24 0,75 4 CSIRemoteException (complete) 3 0,5 1 SIPSCFatalRemoteCallException (complete) 3 0,5 1 SIPSCDatabaseException (complete) 1 0,5 1 BusinessException (complete) 159 0,667 9 SVIBusinessException (complete) 1 0,5 1 ParametrizedBusinessException (complete) 2 0,5 2 GDServicesException (complete) 4 0,5 3 ServerException (complete) 132 0,75 16 PGException (complete) 6 0,667 5 0,75 4 DESException (complete) 135 0,667 13 0,667 2 0,75 9 SIPSCException (complete) 27 0,75 9 ReportException (complete) 5 0,667 2 SSNServiceException (complete) 1 0,5 1 AFException (complete) 1 0,5 1 InvalidNISSException (complete) 14 0,75 4 0,75 14 GILConcurrencyException (complete) 1 0,5 1 RSISystemException (complete) 28 0,75 7 0,667 5 0,667 1 0,75 2 0,667 5 0,833 5 0,667 5 0,667 4 0,75 12 0,981 53 ADOPUserChoiceException (complete) 1 0,5 1 0,667 5 RPCException (complete) 1 0,5 1 GREJBConcurrencyException (complete) 15 0,875 8 0,5 1 0,5 1 0,667 1 MoradaPortuguesaNotFoundException (complete) 1 0,5 1 0,75 4 0,5 1 0,667 6 0,5 1 0,5 2 0,889 8 0,75 3 0,8 3 RSIException (complete) 1 0,5 1 0,5 1 0,5 1 0,667 4 0,667 3 0,5 1 0,5 2 0,75 5 0,5 1 0,5 1 0,5 2 0,5 1 0,5 1 0,5 1 0,5 1 0,5 1 0,5 1 0,5 1 0,5 1 0,5 1 0,5 1 0,5 1 0,5 1 0,8 1 0,5 1 0,5 1 0,5 1 Fig.4.Spaghettimodelobtainedfromtheapplicationserverlogsusingtheheuristics miner. Usingthesequenceclusteringplug-inanditspreprocessingcapabilities,as wellasthepossibilityofvisuallyadjustingtheclustermodelsaccordingtocertain Healthcare 22
  23. 23. Our Goal represents Reality Model 23
  24. 24. Constraint-Based Modeling 24
  25. 25. Constraint-Based Modeling Focus: whathas to be accomplished • Explicit description of the relevant business constraints • behavioral constraints, best practices, norms, rules, … Openmodeling • All behaviors are possible unless they are explicitly forbidden • Control-flow left implicit 25
  26. 26. Organizational Boundaries 26
  27. 27. Declare 27
  28. 28. Declare 28
  29. 29. Declare • A constraint-based extensible language 
 for flexible process modeling • An execution engine for constraint-based processes
 http://www.win.tue.nl/declare/ • Originally proposed by Pesic and van der 
 Aalst • Formalized by Pesic and van der Aaalst, 
 and by _ 29
  30. 30. Modeling in Declare Finalize order Confirm order Reject order Ship Notify shipment issue 30
  31. 31. 0..1 Modeling in Declare Finalize order Confirm order Reject order Ship Notify shipment issue An order can be finalized at most once 31
  32. 32. 0..1 Modeling in Declare Finalize order Confirm order Reject order Ship Notify shipment issue Once an order is finalized, it must be confirmed or rejected 32
  33. 33. 0..1 Modeling in Declare Finalize order Confirm order Reject order Ship Notify shipment issue precedence… 33
  34. 34. 0..1 Modeling in Declare Finalize order Confirm order Reject order Ship Notify shipment issue A confirmed order may be rejected later on, but not vice-versa 34
  35. 35. 0..1 Modeling in Declare Finalize order Confirm order Reject order Ship Notify shipment issue if the warehouse notifies the seller of a shipment issue, then the seller has to reject the order An order can be confirmed only if it shipped before 35
  36. 36. 0..1 Modeling in Declare Finalize order Confirm order Reject order Ship Notify shipment issue Mutually exclusive 36
  37. 37. Existence Constraints 50 3 The ConDec Language Table 3.1. ConDec existence constraints name graphical meaning absence(a) 0 a Activity a cannot be executed absence(n+1,a) 0..n a Activity a can be executed at most n times, i.e., the execution trace cannot contain n + 1 occurrences of a existence(n,a) n..∗ a Activity a must be executed at least n times exactly(n,a) n a Activity a must be executed exactly n times init(a) init a Activity a must be the first executed activity 1..∗ order item On the contrary, an absenceN constraint could be used to state that at most three payment attempts can be made by the customer: Examples: ec existence constraints graphical meaning 0 a Activity a cannot be executed 0..n a Activity a can be executed at most n times, i.e., the execution trace cannot contain n + 1 occurrences of a n..∗ a Activity a must be executed at least n times n a Activity a must be executed exactly n times init a Activity a must be the first executed activity 1..∗ order item , an absenceN constraint could be used to state that at most absence(n+1,a) 0..n a Activity a can be executed at most n times, i execution trace cannot contain n + 1 occurrenc existence(n,a) n..∗ a Activity a must be executed at least n times exactly(n,a) n a Activity a must be executed exactly n times init(a) init a Activity a must be the first executed activity 1..∗ order item On the contrary, an absenceN constraint could be used to state that a three payment attempts can be made by the customer: 0..3 pay 37
  38. 38. Choice Constraints 3.3 Constraints 51 Table 3.2. ConDec choice constraints name graphical meaning choice(n of m,[a1,...,am]) a1 am a2 n of m ... At least n distinct activities among a1,. . . ,am must be exe- cuted ex choice(n of m,[a1,...,am]) a1 am a2 n of m ... Exactly n distinct activities among a1,. . . ,am must be exe- cuted Note that the constraint supports an execution trace containing three submis- sions of the paper (via e-mail and/or by using the web site), while it evaluates a trace without submissions as noncompliant. A 1 of 2-exclusive choice can be instead adopted to model the existence between two alternatives that exclude each other. For example, it could be used to state that, within an instance of the system, the customer commits herself to cancel or successfully close the order, but not both: Examples: choice(n of m,[a1,...,am]) a1 am a2 n of m ... At least n distinct activitie among a1,. . . ,am must be exe cuted x choice(n of m,[a1,...,am]) a1 am a2 n of m ... Exactly n distinct activitie among a1,. . . ,am must be exe cuted ote that the constraint supports an execution trace containing three submis ons of the paper (via e-mail and/or by using the web site), while it evaluate trace without submissions as noncompliant. A 1 of 2-exclusive choice can be instead adopted to model the existenc etween two alternatives that exclude each other. For example, it could b sed to state that, within an instance of the system, the customer commit erself to cancel or successfully close the order, but not both: cancel order −− −− close order It is worth noting that choice constraints, together with the existence38
  39. 39. name graphical meaning resp existence([a], [b]) a •−−−− b If a is executed, then b must be exe- cuted before or after a coexistence([a],[b]) a •−−−• b Neither a nor b is executed, or they are both executed response([a],[b]) a •−−− b If a is executed, then b must be exe- cuted thereafter precedence([a],[b]) a −−− • b b can be executed only if a has been previously executed succession([a],[b]) a •−− • b a and b must be executed in succes- sion, i.e. b must follow a and a must precede b alt response([a],[b]) a •=== b b is response of a and between every two executions of a, b must be exe- cuted at least once alt precedence([a],[b]) a === • b a is precedence of b and between ev- ery two executions of b, a must be executed at least once alt succession([a],[b]) a •== • b b is alternate response of a, and a is alternate precedence of b chain response([a],[b]) a •=−=−=− b If a is executed, then b must be exe- cuted next (immediately after a) chain precedence([a],[b]) a =−=−=− • b If b is executed, then a must have been executed immediately before b chain succession([a],[b]) a •=−=− • b a and b must be executed in sequence (next to each other) RelationConstraints 39
  40. 40. NegationConstraints Table 3.4. ConDec negation constraints name graphical meaning resp absence([a],[b]) a •−−−−∥ b If a is executed, then b can never be executed not coexistence([a],[b]) a •−−−•∥ b a and b exclude each other neg response([a],[b]) a •−−−∥ b b cannot be executed after a neg precedence([a],[b]) a −−− •∥ b a cannot be executed before b neg succession([a],[b]) a •−− •∥ b a and b cannot be executed in succession neg alt response([a],[b]) a •===∥ b b cannot be executed between any two occurrences of a neg alt precedence([a],[b]) a === •∥ b a cannot be executed between any two bs neg alt succession([a],[b]) a •== •∥ b b cannot be executed between any two as and viceversa neg chain response([a],[b]) a •=−=−=−∥ b b cannot be executed next to a neg chain precedence([a],[b]) a =−=−=− •∥ b a cannot be executed immedi- ately before b neg chain succession([a],[b]) a •=−=− •∥ b a and b cannot be executed in sequence 40
  41. 41. Semantics of Declare diagnosis/ requirements configuration/ implementation enactment/ monitoring 41 data (re)design models
  42. 42. The Origin of Declare… 42
  43. 43. The Origin of Declare… 43 LTL
  44. 44. A Slide of Fairness The disruptive novelty of this idea has to be put in the BPM context! • In AI, these ideas have been around for a long time • E.g., work on declarative interaction protocols and temporal declarative specification of agents 44
  45. 45. The Origin of Declare… 45 LTL ⇤(m ! ⌃e)
  46. 46. The Origin of Declare… 46 LTL Each process instance eventually terminates!
  47. 47. The Origin of Declare… 47 LTLf Each process instance eventually terminates! Models: finite traces
  48. 48. Declare 2 Finite State Automata LTLf NFA
 nondeterministic DFA
 deterministic LTLf2aut determin. ' 48 For a single constraint: local automaton For the whole model: global automaton
  49. 49. Our Vision… Realized! ' LTLf NFA
 nondeterministic DFA
 deterministic LTLf2aut determin. 49
  50. 50. Formalization Example Moored Under way using engine Under way sailing constrained by her draught 50
  51. 51. Formalization Example Moored Under way using engine Under way sailing constrained by her draught ¬(⌃e ^ ⌃s) Model formula: conjunction of all constraint formulae ⇤(m ! ⌃e) 51 ¬cWs
  52. 52. Correctness Verification diagnosis/ requirements configuration/ implementation enactment/ monitoring 52 data (re)design models
  53. 53. 0..1 Example a c b 53
  54. 54. 0..1 Example a c b dead activity 54
  55. 55. 0..1 Example a c b dead activity 55
  56. 56. Correctness • In BPM: typically assessed via model checking • In the case of Declare: satisfiability • Correct Declare model: there exists at least a finite trace satisfying all its constraints • i.e., if its LTLf model formula is satisfiable • A correct model may still contain dead activities: activities that can never be executed • How to check? Language emptiness of the corresponding NFA 56
  57. 57. (re)design models diagnosis/ requirements configuration/ implementation 57 data enactment/ monitoring Enactment and Monitoring
  58. 58. Enactment of a Process • History recognition: given the history of a running instance, compute the current state (or reject) • Todo list: given the current state, tell 
 which tasks can(not) be executed next
 (including possibility of termination)
 • Update: given a state and a task,
 determine the new state S A B C S SnewS 58
  59. 59. Execution 0..1 Finalize order Confirm order Reject order Ship Notify shipment issue 59
  60. 60. Initial Situation 0..1 Finalize order Confirm order Reject order Ship Notify shipment issue May complete now…60
  61. 61. “Finalize Order” 0..1 Finalize order Confirm order Reject order Ship Notify shipment issue 61
  62. 62. “Notify Shipment Issue” 0..1 Finalize order Confirm order Reject order Ship Notify shipment issue 62
  63. 63. “Reject Order” 0..1 Finalize order Confirm order Reject order Ship Notify shipment issue May complete now…63
  64. 64. Hidden Dependencies Ship Notify shipment issue Pick package Insert material Close package 64
  65. 65. Initial State Ship Notify shipment issue Pick package Insert material Close package May complete now…65
  66. 66. Initial State Ship Notify shipment issue Pick package Insert material Close package May complete now… What if I execute this? 66
  67. 67. “Notify Shipment Issue” Ship Notify shipment issue Pick package Insert material Close package May complete now… !!! 67
  68. 68. RV-LTL Truth Values Refined analysis of the “truth value” of a constraint. Consider a partial trace t, and a constraint C • C is permanently satisfied if t satisfies C and no matter how t is extended, C will stay satisfied • C is temporarily satisfied if t satisfies C but there is a continuation of t that violates C • C is temporarily violated if t violates C but there is a continuation that leads to satisfy C • C is permanently violated if t violates C and no matter how t is extended, C will stay violated 68
  69. 69. Linear Dynamic Logic over Finite Traces 69 The Logic ldlf [De Giacomo&Vardi,IJCAI13] Merges ltlf with regular expressions, through the syntax of Propositional Dynamic Logic (PDL): Ï ::= „ | tt | | ¬Ï | Ï1 · Ï2 | ÈflÍÏ | [fl]Ï fl ::= „ | Ï? | fl1 + fl2 | fl1; fl2 | flú Ï: ltlf part; fl: regular expression part. They mutually refer to each other: • ÈflÍÏ states that, from the current step in the trace, there is an execution satisfying fl such that its last step satisfies Ï. • [fl]Ï states that, from the current step in the trace, all execution satisfying fl are such that their last step satisfies Ï. • Ï? checks whether Ï is true in the current step and, if so, continues to evaluate the remaining execution. Of special interest is end = [true?] , to check whether the trace has been
  70. 70. Automata for LDLf 70 From ldlf to nfa Direct calculation of nfa corresponding to ldlf formula Ï Algorithm 1: algorithm ldlf 2nfa() 2: input ltlf formula Ï 3: output nfa AÏ = (2P , S, {s0}, Í, {sf }) 4: s0 Ω {"Ï"} Û single initial state 5: sf Ω ÿ Û single final state 6: S Ω {s0, sf }, Í Ω ÿ 7: while (S or Í change) do 8: if (q œ S and qÕ |= w ("Â"œq) ”("Â", )) 9: S Ω S fi {qÕ } Û update set of states 10: Í Ω Í fi {(q, , qÕ )} Û update transition relation Note • Standard nfa. • No detour to Büchi automata. • Easy to code. • Implemented! Auxiliary rules ”("tt", ) = true ”(" ", ) = false ”("„", ) = I true if |= „ false if ”|= „ („ propositional) ”("Ï1 · Ï2", ) = ”("Ï1", ) · ”("Ï2", ) ”("Ï1 ‚ Ï2", ) = ”("Ï1", ) ‚ ”("Ï2", ) ”("È„ÍÏ", ) = Y _] _[ "Ï" if last ”œ and |= „ („ propositional) ”("Ï", ‘) if last œ and |= „ false if ”|= „ ”("ÈÂ?ÍÏ", ) = ”("Â", ) · ”("Ï", ) ”("Èfl1 + fl2ÍÏ", ) = ”("Èfl1ÍÏ", ) ‚ ”("Èfl2ÍÏ", ) ”("Èfl1; fl2ÍÏ", ) = ”("Èfl1ÍÈfl2ÍÏ", ) ”("Èflú ÍÏ", ) = I ”("Ï", ) if fl is test-only ”("Ï", ) ‚ ”("ÈflÍÈflúÍÏ", ) o/w ”("[„]Ï", ) = Y _] _[ "Ï" if last ”œ and |= „ („ propositional) ”("Ï", ‘) if last œ and |= „ („ propositional) true if ”|= „ ”("[Â?]Ï", ) = ”("nnf (¬Â)", ) ‚ ”("Ï", ) ”("[fl1 + fl2]Ï", ) = ”("[fl1]Ï", ) · ”("[fl2]Ï", ) ”("[fl1; fl2]Ï", ) = ”("[fl1][fl2]Ï", ) ”("[flú ]Ï", ) = I ”("Ï", ) if fl is test-only ”("Ï", ) · ”("[fl][flú]Ï", ) o/w Marco Montali (unibz) Monitoring Business Metaconstraints BPM 2014 22 / 26
  71. 71. Black Magic with LDLf 71 Runtime ldlf Monitors Check partial trace fi = e1, . . . , en against formula Ï. From ad-hoc techniques . . . e1 . . . en |= C Ï D RV = Y ___] ___[ temp_true temp_false true false . . . To standard techniques e1 . . . en |= Y ______] ______[ Ïtemp_true Ïtemp_false Ïtrue Ïfalse Marco Montali (unibz) Monitoring Business Metaconstraints BPM 2014 14 / 26
  72. 72. Colored Automata 72 ' 00 1 m e not m not e
  73. 73. 'temp true Colored Automata 73 ' 'temp false 'perm false'perm true 00 1 m e not m not e
  74. 74. 'temp true Colored Automata 74 ' 'temp false 'perm false'perm true 00 1 m e not m not e 00 1 m e not m not e
  75. 75. Coloring local automata Coloring simply amounts to reachability checks! • State permanently satisfied: it is final and cannot reach a non-final state • State temporarily satisfied: it is final but can reach a non-final state • State temporarily violated: it is non-final but can reach a final state • State permanently violated: it is non-final and cannot reach a final state 75
  76. 76. Local Colored Automata • For each constraint, we take its LTLf formula, and compute the corresponding DFA • This DFA accepts all and only the execution traces that lead to satisfy (pemanently or temporarily) the constraint 76
  77. 77. Local Automata: Example moored under way using engine under way sailing constrained by her draught 0 s c not {c,s} true1 0 true 00 1 m e not m not e s e not s true00 not {s,e} 1 2 3 e s not e 1 2 77
  78. 78. Global Automaton What about hidden dependencies? • We have to consider the interplay between constraints • To do that: compute the “global automaton” for the entire model. Either: • Take the “conjunction formula” of all constraints and get the DFA • Compute the intersection of the local DFAs 78
  79. 79. Global Colored Automaton By carefully intersecting local DFAs: we get a global DFA that retains all “local colors”.
 This is… an execution engine! 79
  80. 80. Implemented in ProM! Monitoring The same approach can be used for monitoring • With LDLf, we can predicate about the truth value of constraints • Direct support for
 meta-constraints • Compensation constraints • Contrary-to-duty constraints • Dynamic activation/
 disablement of constraints 80
  81. 81. enactment/ monitoring Process Mining 81 (re)design models configuration/ implementation data diagnosis/ requirements
  82. 82. Declarative Process Discovery 82 Event log
  83. 83. Declarative Process Discovery 83 Event log Declarative model 
 that “best” capture the process hidden in the log
  84. 84. Basic Idea of Existing Algorithms • Apply heuristics to guess a constraint • Check the support of the constraint • Check the interestingness factor of the constraint • Combine these two metrics to decide whether to keep the constraint or not • Iterate and prune 84
  85. 85. Problems • Correctness of the overall declarative model (for constraints with <100% support) • Minimality of the overall declarative model (redundant constraints) • How to determine whether a constraint is interesting or not • All these questions: successfully tackled with logics and automata! 85
  86. 86. Interestingness and Vacuity • ababababab • adfbcdadb • acb • acbaafb • aabbabbb 86 ⇤(a ! ⌃b) Support: 100% ⇤(a ! ⌃b) Support: 100%
  87. 87. Why is a trace interesting for a constraint? • Because it “activates” the constraint, “changing” something • Semantically: • It flips the RV-LTL state of the constraint • It changes the set of allowed transitions • Non-vacuous satisfaction =
 satisfaction + interestingness
 87
  88. 88. Example 88 00 1 a b not a not b ⇤(a ! ⌃b) ⇤(a ! ⌃b) a c b a a f b
  89. 89. Another Example 89 c a d a f ¬(⌃a ^ ⌃b) a b not b true00 not {a,b} 1 2 3 b a not a 1 2 c d f f
  90. 90. Activation-Aware Automata 90
  91. 91. Conclusion • BPM struggles to balance flexibility and control • Constraint-based approaches and temporal logics over finite traces offer a solution • The automata-theoretic approach leads to a “correct by design” computation mechanism to assist humans during the entire process lifecycle • A lot of open challenges! • Measuring interestingness (“graded within a trace”) • Mix declarative and imperative approaches • Data! 91
  92. 92. And the Story Continues… Object-Centric Declare 
 (joint work with Wil van der Aalst and Guangming Li) 92 OrderItem Package Pick 
 Item Pay
 Order Get 
 Package 0..1 ** 0..1
  93. 93. Acknowledgments • Wil van der Aalst • Maja Pesic • Federico Chesani • Paola Mello • Fabrizio Maggi 93 • Michael Westergaard • Giuseppe De Giacomo • Riccardo De Masellis • Claudio di Ciccio • Jan Mendling
  94. 94. Some References Declare and its formalizations • M. Pesic and W. van der Aalst, A Declarative Approach for Flexible Business Processes Management, in BPM Workshops. Vol. 4103 of LNCS, pp. 169-180. Springer, 2007. • M. Montali, M. Pesic, W. M. P. van der Aalst, F. Chesani, P. Mello, and S. Storari, Declarative specification and verification of service choreographies, ACM Trans. Web, vol. 4, pp. 3:1–3:62, 2010. • M. Montali. Specification and Verification of Declarative Open Interaction Models: a Logic- Based Approach, vol. 56 of LNBIP. Springer, 2010. • M. Westergaard, Better Algorithms for Analyzing and Enacting Declarative Workflow Languages Using LTL, in BPM, vol. 6896 of LNCS, pp. 83-98. Springer, 2010. • Giuseppe De Giacomo, Riccardo De Masellis, Marco Montali,
 Reasoning on LTL on Finite Traces: Insensitivity to Infiniteness, in AAAI, pp. 1027-1033. AAAI Press, 2014. 94
  95. 95. Some References Declare Execution Environment • M. Pesic, H. Schonenberg, and W. M. P. van der Aalst, DECLARE: Full Support for Loosely-Structured Processes, in EDOC, pp. 287–300. IEEE Computer Society, 2007. • M. Pesic, M. Schonenberg, N. Sidorova, and W. van der Aalst, Constraint-Based Workflow Models: Change Made Easy, in CoopIS, vol. 4803 of LNCS, pp. 77-94. Springer, 2007. • M. Pesic, H. Schonenberg, and W. Aalst, The Declare Service, in Modern Business Process Automation, Springer, 2010, pp. 327-343. • M. Westergaard, F. M. Maggi, Declare: A Tool Suite for Declarative Workflow Modeling and Enactment, BPM (Demos) 2011. 95
  96. 96. Some References Monitoring Declare constraints • F. M. Maggi, M. Montali, M. Westergaard, and W. M. P. van der Aalst, Monitoring Business Constraints with Linear Temporal Logic: An Approach Based on Colored Automata, in BPM, volume 6896 of LNCS, pp. 132-147. Springer, 2011. • F. M. Maggi, M. Westergaard, M. Montali, W. M. P. van der Aalst,
 Runtime Verification of LTL-Based Declarative Process Models.: Proceedings of RV, volume 7186 of LNCS, pp. 131-146. Springer, 2011. • M. Montali, F. M. Maggi, F. Chesani, P. Mello, W. M. P. van der Aalst,
 Monitoring business constraints with the event calculus. ACM Trans. on Intelligent Systems and Technology 5(1): 17, 2013. • G. De Giacomo, R. De Masellis, M. Grasso, F. M. Maggi, M. Montali, 
 Monitoring Business Metaconstraints Based on LTL and LDL for Finite Traces, in BPM, volume 8659 of LNCS, pp. 1-17. Springer, 2014. 96
  97. 97. Some References Discovering Declare constraints • F. Chesani, E. Lamma, P. Mello, M. Montali, F. Riguzzi, S. Storari, Exploiting Inductive Logic Programming Techniques for Declarative Process Mining. Trans. Petri Nets and Other Models of Concurrency 2: 278-295, 2009. • F. Maria Maggi, A. J. Mooij, W. M. P. van der Aalst, User-guided discovery of declarative process models. In CIDM, pp. 192-199. IEEE Press, 2011. • F. M. Maggi, R. P. J. Chandra Bose, W. M. P. van der Aalst, Efficient Discovery of Understandable Declarative Process Models from Event Logs. In CAiSE, volume 7908 of LNCS, pp. 270-285. Springer, 2012. • F. M. Maggi, M. Dumas, L. García-Bañuelos, M. Montali, Discovering Data-Aware Declarative Process Models from Event Logs. In BPM, volume 8094 of LNCS, pp. 81-96. Springer, 2013. • C. Di Ciccio, M. Mecella, On the Discovery of Declarative Control Flows for Artful Processes. ACM Trans. Management Inf. Syst. 5(4): 24:1-24:37, 2015. • C. Di Ciccio, F. M. Maggi, M. Montali, J. Mendling, Ensuring Model Consistency in Declarative Process Discovery. In BPM, volume 9253 of LNCS, pp. 144-159. Springer, 2015. • C. Di Ciccio, F. M. Maggi, M. Montali, J. Mendling, Semantical Vacuity Detection in Declarative Process Mining. In BPM, volume 9850 of LNCS, pp. 158-175. Springer, 2016. • Claudio Di Ciccio, Fabrizio Maria Maggi, Marco Montali, Jan Mendling:
 Resolving inconsistencies and redundancies in declarative process models. Inf. Syst. 64: 425-446, 2017. 97

×