Held by Dirk Fahland on September 10, 2009 on the 7th International Conference on Business Process Management (BPM 2009), held in Ulm, Germany.

1. Cédric Favre Barbara Jobstmann Niels Lohmann Dirk Fahland
Jana Koehler Karsten Wolf
Hagen Völzer
IBM Research Zürich EPF Lausanne Universität Rostock Humboldt-Universität
zu Berlin

2. Find errors as early as possible
Analysis on Demand?
business process
model
simulation 

X code generation  .bpel 
business process workflow engine 
modeler
error in process model  unreliable simulation results
 erroneous translation
 erroneous execution
find errors as early as possible
find control-flow errors: check soundness
2

3. Finding errors in practice
Analysis on Demand?
 an example from practice, not well-structured
 
sound?
need: automated analysis
?
how often on every save, load, export, on demand
h ow fast? press a button … < 500 ms
Which techniques allow analysis on demand? 3

4. Outline
Analysis on Demand?
 Soundness and how difficult is it?
 Techniques for efficient analysis
 Experimental results
4

5. Error (1): Lack of Synchronization
sound = no deadlock + no lack of synchronization
Analysis on Demand?
P1 : B
Lack of Synchronization:
A X D two tokens on one edge
C
State Space of P1:
D
C
B
A C D D
C B B
D
Naïve analysis: build state space and find error state
5

6. Error (2): Deadlock
sound = no deadlock + no lack of synchronization
Analysis on Demand?
P2 : B
Deadlock:
A X D token cannot proceed
C
State Space of P2:
B
A
C
Naïve analysis: build state space and find error state
6

7. How difficult is soundness analysis?
Analysis on Demand?
 a sample of 735 industrial business processes
 all expressed with:
A B X (“free choice” constructs)
 analysis by naïve state space exploration:
 intractable for 4 processes only
 problem: state space explosion
 n parallel activities  2n states
 found 4 sound processes with >> 1,000,000 states
 naïve analysis is incomplete in practice
7

8. Outline
Analysis on Demand?
 Soundness and how difficult is it?
 Techniques for efficient analysis
 Experimental results
8

9. Partial order reduction
Analysis on Demand?
 naïve analysis:
 build each state: check if deadlock
 partial order reduction
 build only one path from entry to exit
 no deadlock on path  no deadlock in the rest
 yields exponential reduction
 works also for lack of synchronization
9

10. Refined Process Structure Tree (RPST)
 decompose process into fragments (single entry and single exit)
Analysis on Demand?
P A
A1 A2
P par
B B1 A seq B split/join
X
B2 A1 A2 B1 B2
 analyze each fragment
A: B1
A1 A2 B:
B2
 error in a fragment ↔ process unsound
10

11. Avoid state space exploration
A
Analysis on Demand?
 heuristics on fragments, e.g. A1 A2
 A: only sequence  sound
 B: one XOR-split, n0 XOR-join B B1
 unsound X
B2
 structural reduction:
A1 A2
 rules for reducing process model
 reduction to single node  sound
A12
 infer behavior from model structure
 e.g. S-coverability (in Woflan) = partial check for unsoundness
11

12. Outline
Analysis on Demand?
 Soundness and how difficult is it?
 Techniques for efficient Analysis
 Experimental results
12

13. Experiment
Analysis on Demand?
 a sample of 735 industrial business processes
 size of processes:
 nodes: max. 118
 parallel branches: max. 66
 state space: max. >> 1,000,000
 experiment: 3 tools (different techniques)
 complete analysis on all processes
 # sound: 374 (50%)
 max. analysis time: 91 ms, avg. 10 ms
 analysis on demand
13

14. Detailed results
sound
Analysis on Demand?
Petri LoLA: model checker +
net partial order reduction unsound:
max. 50 ms
max. > 1,000,000 decision within 6500 states error-trace
IBM WebSphere sound
heuristics
workflow decompose frag-
IBM WebSphere Business Modeler unsound:
graph state space
(RPST) ment erroneous
exploration
fragments
heuristics decides 97% of all fragments
decision within 165 states per fragment max. 62 ms
Woflan
sound
workflow structural Woflan state space
net S-coverability unsound + info
reduction exploration
133 processes
735 processes decision
sound unsound + info
251 processes 351 processes within 12 states max. 91 ms
one exception: 1 sec 14

15. Diagnostic information
 only 50% sound models
Analysis on Demand?
 state-space exploration A1 A2
 trace to error
B1
 experiment: traces of
X
reasonable length
B2 deadlock
 RPST fragments
 one error per fragment B B1
 can detect multiple errors X
 experiment: B2
unsound  2-7 error fragments
XOR/AND mismatch
 Woflan
 nodes that cause the error
15

16. Conclusion
Analysis on Demand?
 checked soundness of 735 industrial business processes
 naïve state space exploration incomplete in practice
 apply reduction techniques (state space, structure)
 experiment with 3 different approaches
 max. < 91 ms per process
 allows for analysis on demand
 choose analysis technique depending on diagnostic info
 trace to error
 anti-patterns
16

17. Future work
Analysis on Demand?
 Present diagnostic information to modeler
 Check models with more involved constructs
 e.g. BPMN event handler
 Check advanced properties
 Different combinations of techniques
 RPST fragments + partial order reduction
 Try by yourself: www.service-technology.org/soundness
 process models and
 links to: LoLA / IBM WebSphere + RPST plugin / Woflan
17