Conference Paper

Concurrency and Asynchrony in Declarative Workflows

Authors:
To read the full-text of this research, you can request a copy directly from the authors.

Abstract

Declarative or constraint-based business process and workflow notations, in particular DECLARE and Dynamic Condition Response (DCR) graphs, have received increasing interest in the last decade as possible means of addressing the challenge of supporting at the same time flexibility in execution, adaptability and compliance. However, the definition of concurrent semantics, which is a necessary foundation for asynchronously executing distributed processes, is not obvious for formalisms such as DECLARE and DCR Graphs. This is in stark contrast to the very successful Petri-net–based process languages, which have an inherent notion of concurrency. In this paper, we propose a notion of concurrency for declarative process models, formulated in the context of DCR graphs, and exploiting the so-called “true concurrency” semantics of Labelled Asynchronous Transition Systems. We demonstrate how this semantic underpinning of concurrency in DCR Graphs admits asynchronous execution of declarative workflows both conceptually and by reporting on a prototype implementation of a distributed declarative workflow engine. Both the theoretical development and the implementation is supported by an extended example; moreover, the theoretical development has been verified correct in the Isabelle-HOL interactive theorem prover.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

... A simplified version of a loan application procedure used in industry is depicted in Fig. 4, which was modelled as a DCR Graph in [9]. Along with the name of the action, the labels of the events also list the roles that are authorized to carry out the activity. ...
Article
Full-text available
This paper presents a method to manage private data stored on a blockchain. With our method, the blockchain’s features for log transparency and tamper-resistance are maintained, even though the data is only available to authorized users. The most relevant work so far randomly selects nodes to store the decryption key shares of a threshold cryptosystem for some data which are not maintained in the system. They provide the decryption keys to the data requester via on-chain methods. This is for guaranteeing the availability and distributing the incentives. If the system maintains the data and wants to achieve the same guarantees, it has to post the data to the blockchain. This will make the blockchain oversized and the work impractical. This paper shows that nodes in our method may provide data to the requester directly without posing to the blockchain while guaranteeing availability and that the incentives be fairly distributed. Furthermore, each data request incurs a tiny size of transactions. We achieve so by implementing a two-dimensional sharding model, where nodes are randomly assigned to shards. Data is arithmetically compressed and then split into pieces. Each data piece is stored by a node in a first dimension shard. Without getting all the pieces, the data cannot be successfully decompressed. Each node in the first dimension shard is monitored by a second dimension shard. We propose designs that empower the corresponding second dimension shard for evaluating whether the first dimension node has provided the correct data piece to the data requester. This waives the need for placing the data into transactions and being witnessed by all. In case when a first dimension node fails, its data will be recovered by the corresponding second dimension shard.
... DCR graphs have been extended to include both data [43], time [5,24], sub-processes [10], and choreographies [25]. In the present paper we consider the core notation with time, which is expressive enough to represent both regular and omega-regular languages [10] as well as so-called true concurrency [9]. In this work we only focus on laws describing control-flow and temporal constraints, leaving data, resource constraints or inter-law dependencies for future work. ...
Chapter
Full-text available
Legal compliance is an important part of certifying the correct behaviour of a business process. To be compliant, organizations might hard-wire regulations into processes, limiting the discretion that workers have when choosing what activities should be executed in a case. Worse, hard-wired compliant processes are difficult to change when laws change, and this occurs very often. This paper proposes a model-driven approach to process compliance and combines a) reference models from laws, and b) business process models. Both reference and process models are expressed in a declarative process language, The Dynamic Condition Response (DCR) graphs. They are subject to testing and verification, allowing law practitioners to check consistency against the intent of the law. Compliance checking is a combination of alignments between events in laws and events in a process model. In this way, a reference model can be used to check different process variants. Moreover, changes in the reference model due to law changes do not necessarily invalidate existing processes, allowing their reuse and adaptation. We exemplify the framework via the alignment of laws and business rules and a real contract change management process, Finally, we show how compliance checking for declarative processes is decidable, and provide a polynomial time approximation that contrasts NP complexity algorithms used in compliance checking for imperative business processes. All-together, this paper presents technical and methodological steps that are being used by legal practitioners in municipal governments in their efforts towards digitalization of work practices in the public sector.
... In the current paper, in contrast to [19,54,56] and other approaches to process models, we apply formal verification using a theorem prover (Agda) and provide machine-checked proofs as safety guarantees. We have found only two papers using formal specifications: Debois [23] proves in Isabelle a general result that a certain labeling of events in a business logic guarantees orthogonality of events. Montali et al. [57] developed a language DecSerFlow to model properties of business processes via choreographies mapped to LTL and then to abductive logic programming. ...
Conference Paper
Full-text available
Graphical user interfaces (GUIs) are ubiquitous in real-world software and a notorious source of bugs that are difficult to catch through software testing. Model checking has been used to prove the absence of certain kinds of bugs, but model checking works on an abstract model of the GUI application, which might be inconsistent with its implementation. We present a library for developing directly verified, state-dependent GUI applications in the dependently typed programming language Agda. In the library, the type of a GUI's controller depends on a specification of the GUI itself, statically enforcing consistency between them. Arbitrary properties can be defined and proved in terms of user interactions and state transitions. Our library connects to a custom-built Haskell back-end for declarative vector-based GUI elements. Compared to an earlier version of our library built on an existing imperative GUI framework, the more declarative back-end supports simpler definitions and proofs. As a practical application of our library to a safety-critical domain, we present a case study developed in cooperation with the Medical University of Vienna. The case study implements a healthcare process for prescribing anticoagulants, which is highly error-prone when followed manually. Our implementation generates GUIs from an abstract description of a data-aware business process, making our approach easy to reuse and adapt to other safety-critical processes. We prove medically relevant safety properties about the executable GUI application, such as that given certain inputs, certain states must or must not be reached.
... Until recently, no attempt had been made to support the data perspective in declarative languages ( Debois, Hildebrandt, & Slaats, 2015 ). The languages lacked the expressive power to adequately model the (tacit) knowledge that governs the execution of loosely framed and KiPs ( Lenz, Peleg, & Reichert, 2012;Mertens et al., 2015 ). ...
Article
Full-text available
Modeling loosely framed and knowledge-intensive business processes with the currently available process modeling languages is very challenging. Some lack the flexibility to model this type of processes, while others are missing one or more perspectives needed to add the necessary level of detail to the models. In this paper we have composed a list of requirements that a modeling language should fulfil in order to adequately support the modeling of this type of processes. Based on these requirements, a metamodel for a new modeling language was developed that satisfies them all. The new language, called DeciClare, incorporates parts of several existing modeling languages, integrating them with new solutions to requirements that had not yet been met. Deciclare is a declarative modeling language at its core, and therefore, can inherently deal with the flexibility required to model loosely framed processes. The complementary resource and data perspectives add the capability to reason about, respectively, resources and data values. The latter makes it possible to encapsulate the knowledge that governs the process flow by offering support for decision modeling. The abstract syntax of DeciClare has been implemented in the form of an Ecore model. Based on this implementation, the language-domain appropriateness of the language was validated by domain experts using the arm fracture case as application scenario.
Chapter
Due to growing digital opportunities, persistent legislative pressure, and recent challenges in the wake of the COVID-19 pandemic, public universities need to engage in digital innovation (DI). While society expects universities to lead DI efforts, the successful development and implementation of DIs, particularly in administration and management contexts, remains a challenge. In addition, research lacks knowledge on the DI process at public universities, while further understanding and guidance are needed. Against this backdrop, our study aims to enhance the understanding of the DI process at public universities by providing a structured overview of corresponding drivers and barriers through an exploratory single case study. We investigate the case of a German public university and draw from primary and secondary data of its DI process from the development of three specific digital process innovations. Building upon Business Process Management (BPM) as a theoretical lens to study the DI process, we present 13 drivers and 17 barriers structured along the DI actions and BPM core elements. We discuss corresponding findings and provide related practice recommendations for public universities that aim to engage in DI. In sum, our study contributes to the explanatory knowledge at the convergent interface between DI and BPM in the context of public universities.
Chapter
This paper addresses the open technical problems of evolving executable, event-based process models by refinement, that is, by iteratively expanding a model until it has the required level of detail. Such iterative development is helpful because of the expectation that the next-step model is semantically compatible with the previous one, only with more detail. We provide in this paper a formal notion of refinement of single atomic actions (events) into entire subprocesses, and a theoretical framework for providing guarantees that such a next-step model is formally a refinement of the previous one. Our work is set within the declarative, event-based process modelling language of timed Dynamic Condition Response (DCR) graphs, which can express timed constraints (conditions with delay and obligations with deadlines) between events, liveness, safety, and concurrency. Concretely, we extend DCR graph syntax and semantics with a notion of subprocess, provide examples of its use, and give sound approximations of situations where replacing an event with a subprocess formally is a refinement of the original process.
Chapter
The European General Data Protection Regulation (GDPR) gives primacy to purpose: Data may be collected and stored only when (i) end-users have consented, often explicitly, to the purposes for which that data is collected, and (ii) the collected data is actually necessary for achieving these purposes. This development in data protection regulations begets the question: how do we audit a computer system’s adherence to a purpose?
Chapter
We provide the first formal model for declarative choreographies, which is able to express general omega-regular liveness properties. We use the Dynamic Condition Response (DCR) graphs notation for both choreographies and end-points. We define end-point projection as a restriction of DCR graphs and derive the condition for end-point projectability from the causal relationships of the graph. We illustrate the results with a running example of a Buyer-Seller-Shipper protocol. All the examples are available for simulation in the online DCR workbench at http://dcr.tools/forte19.
Chapter
Although there have been major achievements in verified software, work on verifying graphical user interfaces (GUI) applications is underdeveloped relative to their ubiquity and societal importance. In this paper, we present a library for the development of verified, state-dependent GUI applications in the dependently typed programming language Agda. The library uses Agda’s expressive type system to ensure that the GUI, its controller, and the underlying model are all consistent, significantly reducing the scope for GUI-related bugs. We provide a way to specify and prove correctness properties of GUI applications in terms of user interactions and state transitions. Critically, GUI applications and correctness properties are not restricted to finite state machines and may involve the execution of arbitrary interactive programs. Additionally, the library connects to a standard, imperative GUI framework, enabling the development of native GUI applications with expected features, such as concurrency. We present applications of our library to building GUI applications to manage healthcare processes. The correctness properties we consider are the following: (1) That a state can only be reached by passing through a particular intermediate state, for example, that a particular treatment can only be reached after having conducted an X-Ray. (2) That one eventually reaches a particular state, for example, that one eventually decides on a treatment. The specification of such properties is defined in terms of a GUI application simulator, which simulates all possible sequences of interactions carried out by the user.
Article
Full-text available
We report on experiences from a case study applying a constraint-based process-modelling and -simulation tool, dcrgraphs.net, to the modelling and rehearsal of railway emergency response plans with domain experts. The case study confirmed the approach as a viable means for domain experts to analyse and rehearse emergency response plans, through the activities of formally modelling the plan and subsequently rehearsing it by simulating that model collaboratively. In particular, the constraint-based modelling notation resulted in a flexible model giving rehearsal participants freedom to explore different ways to proceed, including ways not necessarily anticipated in the paper-based emergency response plans. The case study was undertaken as part of a short research, ProSec, project funded by the Danish Defence Agency, with the aim of applying and developing methods for collaborative mapping of emergency and security processes in the danish public transport sector and their dependency on ICT.
Conference Paper
Full-text available
We report on a recent industrial project carried out by Exformatics A/S in which the company used the declarative DCR Graphs notation to model and implement the grant application process of a Danish foundation. We present the process and discuss the advantages of the approach and challenges faced both while modelling and implementing the process. Finally, we discuss current work on extensions to the DCR Graphs notation aiming to address the challenges raised by the case study and to support the declarative, agile approach.
Conference Paper
Full-text available
We present a new declarative model with composition and hierarchical definition of processes, featuring (a) incremental refinement, (b) adaptation of processes, and (c) dynamic creation of sub-processes. The approach is motivated and exemplified by a recent case manage-ment solution delivered by our industry partner Exformatics A/S. The approach is achieved by extending the Dynamic Condition Response (DCR) graph model with interfaces and composition along those inter-faces. Both refinement and sub-processes are then constructed in terms of that composition. Sub-processes take the form of hierarchical (complex) events, which dynamically instantiate sub-processes. The extensions are realised and supported by a prototype simulation tool.
Conference Paper
Full-text available
Nowadays organizations support their creation of value by explicitly defining the processes to be carried out. Processes are specifically discussed from the angle of simplicity, i.e., how compact and easy to understand they can be represented. In most cases, organizations rely on imperative models which, how-ever, become complex and cluttered when it comes to flexibility and optionality. As an alternative, declarative modeling reveals to be effective under such cir-cumstances. While both approaches are well known for themselves, there is still not a deep understanding of their semantic interoperability. With this work, we examine the latter and show how to obtain an imperative model out of a set of declarative constraints. To this aim, we devise an approach leading from a De-clare model to a behaviorally equivalent Petri net. Furthermore, we demonstrate that any declarative control flow can be represented by means of a Petri net for which the property of safety always holds true.
Thesis
Full-text available
Current business process technology is pretty good in supporting well-structured business processes and aim at achieving a fixed goal by carrying out an exact set of operations. In contrast, those exact operations needed to fulfill a business pro- cess/workflow may not be always possible to foresee in highly complex and dynamic environments like healthcare and case management sectors, where the processes ex- hibit a lot of uncertainty and unexpected behavior and thereby require high degree of flexibility. Several research groups have suggested declarative models as a good approach to handle such ad-hoc nature by describing control flow implicitly and there by offering greater flexibility to the end uses. The first contribution of this PhD thesis is to formalize the core primitives of a declarative workflow management system employed by our industrial partner Result- maker and further develop it as a general formal model for specification and execution of declarative, event-based business processes, as a generalization of a concurrency model, the classic event structures. The model allows for an intuitive operational semantics and mapping of execution state by a notion of markings of the graphs and we have proved that it is sufficiently expressive to model ω-regular languages for infinite runs. The model has been extended with nested sub-graphs to express hierarchy, multi-instance sub processes to model replicated behavior and support for data. The second contribution of the thesis is to provide a formal technique for safe distribution of collaborative, cross-organizational workflows declaratively modeled in DCR graphs based on a notion of projections. The generality of the distribution technique allows for fine tuned projections based on few selected events/labels, at the same time keeping the declarative nature of the projected graphs (which are also DCR graphs). We have also provided semantics for distributed executions based on synchronous communication among network of projected graphs and proved that global and distributed executions are equivalent. Further, to support modeling of processes using DCR Graphs and to make the formal model available to a wider audience, we have developed prototype tools for specification and a workflow engine for the execution of DCR Graphs. We have also developed tools interfacing SPIN model checker to formally verify safety and liveness properties on the DCR Graphs. Case studies from healthcare and case management domains have been modeled in DCR Graphs to show that our formal model is suitable for modeling the workflows from those dynamic sectors. This PhD project is funded by the Danish Strategic Research Council through the Trustworthy Pervasive Healthcare Services project (www.trustcare.eu).
Conference Paper
Full-text available
We describe how the declarative Dynamic Condition Response (DCR) Graphs process model can be used for trustworthy adaptive case management by leveraging the flexible execution, dynamic composition and adaptation supported by DCR Graphs. The dynamically composed and adapted graphs are verified for deadlock freedom and liveness in the SPIN model checker by utilizing a mapping from DCR Graphs to PROMELA code. We exemplify the approach by a small workflow extracted from a field study at a danish hospital.
Article
Full-text available
Business service engagements involve processes that extend across two or more autonomous organizations. Because of regulatory and competitive reasons, requirements for cross-organizational business processes often evolve in subtle ways. The changes may concern the business transactions supported by a process, the organizational structure of the parties participating in the process, or the contextual policies that apply to the process. Current business process modeling approaches handle such changes in an ad hoc manner, and lack a principled means for determining what needs to be changed and where. Cross-organizational settings exacerbate the shortcomings of traditional approaches because changes in one organization can potentially affect the workings of another. This article describes Amoeba, a methodology for business processes that is based on business protocols . Protocols capture the business meaning of interactions among autonomous parties via commitments. Amoeba includes guidelines for (1) specifying cross-organizational processes using business protocols, and (2) handling the evolution of requirements via a novel application of protocol composition. This article evaluates Amoeba using enhancements of a real-life business scenario of auto-insurance claim processing, and an aerospace case study.
Article
Full-text available
Recently we have presented distributed dynamic condition response structures (DCR structures) as a declarative process model conservatively generalizing labelled event structures to allow for finite specifications of repeated, possibly infinite behavior. The key ideas are to split the causality relation of event structures in two dual relations: the condition relation and the response relation, to split the conflict relation in two relations: the dynamic exclusion and dynamic inclusion, and finally to allow configurations to be multi sets of events. In the present abstract we recall the model and show how to characterise the execution of DCR structures and the acceptance condition for infinite runs by giving a map to Bu ̈chi-automata. This is the first step towards automatic verification of processes specified as DCR structures.
Conference Paper
Full-text available
The need for process support in the context of web services has triggered the development of many languages, systems, and standards. Industry has been developing software solutions and proposing standards such as BPEL, while researchers have been advocating the use of formal methods such as Petri nets and π-calculus. The languages developed for service flows, i.e., process specification languages for web services, have adopted many concepts from classical workflow management systems. As a result, these languages are rather procedural and this does not fit well with the autonomous nature of services. Therefore, we propose DecSerFlow as a Declarative Service Flow Language. DecSerFlow can be used to specify, enact, and monitor service flows. The language is extendible (i.e., constructs can be added without changing the engine or semantical basis) and can be used to enforce or to check the conformance of service flows. Although the language has an appealing graphical representation, it is grounded in temporal logic. KeywordsService flows-web services-workflow management-flexibility-temporal logic
Conference Paper
Full-text available
Protocols specifying business interactions among au- tonomous parties enable reuse and promote interoperability. A protocol is specified from a global viewpoint, but enacted in a distributed manner by (agents playing) different roles. Each role describes a local representation. An ill-specified protocol may yield roles that fail to produce correct enact- ments of the protocol. Existing approaches lack a formal and comprehensive treatment of this problem. Building on recent work on declaratively specifying a protocol as a set of rules of causal logic, this paper formally defines the enactability of protocols. It presents necessary and sufficient conditions for the enactability of a protocol as well as a decision procedure for extracting correct roles from enactable protocols. never observe that message, and thus inappropriately act or failto act. Thisproblemisexacerbatedbyasynchronywhich is motivated for conceptual and practical reasons peculiar to the Web: the autonomy of the agents and the performance hit of enforcing synchrony despite high latency. A protocol specifies the desirable interactions. A correct protocol should not rely upon any additional restrictions in orderto yield correct enactments. We examine the specifica- tion of a protocol to determine if it may be enacted correctly. Whenever a protocol is specified, its enactability is a con- cern. This points to the need for formalizing enactability to provide enhanced tools. Indeed, Desai et al. (2007) identify one of the challenges addressed here (of nonlocal choice) in enacting TWIST protocols. This paper goes beyond the state of the art in addressing the following important questions in business protocols de- sign. What are the specific ways in which protocols may fail to be enactable? What properties of protocols preclude the above problems, and how may we check such properties? How do we extract correct roles from enactable protocols?
Conference Paper
Full-text available
Foreign exchange (FX) markets see a transaction volume of over $2 trillion per day. A number of standard ways of conducting business have been developed in the FX industry. However, current FX specifications are informal and their business semantics unclear. The resulting implementations tend to be complex and compliance with the standards unverifiable. This results in potential loss of value due to incompatible business processes and possible trades not consummated. This paper validates a formal, protocol-based approach by specifying foreign exchange processes as standardized by the TWIST consortium. The proposed approach formalizes a small, core set of foreign exchange interaction protocols on which the desired processes can be based. The core protocols can be composed to yield a large variety of possible processes. Each protocol is rigorously defined in terms of the commitments undertaken and manipulated by the parties involved. By contrast, traditional approaches as used in the current TWIST specification lead to redundancy in specification and difficulty in understanding the import of the interactions involved. In addition, our approach discovered interesting business scenarios that traditional approaches would have missed.
Conference Paper
Full-text available
A promising approach to managing business operations is based on business entities with lifecycles (BEL’s) (a.k.a. business artifacts), i.e., key conceptual entities that are central to guiding the operations of a business, and whose content changes as they move through those operations. A BEL type includes both an information model that captures, in either materialized or virtual form, all of the business-relevant data about entities of that type, and a lifecycle model, that specifies the possible ways an entity of that type might progress through the business by responding to events and invoking services, including human activities. Most previous work on BEL’s has focused on the use of lifecycle models based on variants of finite state machines. This paper introduces the Guard-Stage-Milestone (GSM) meta-model for lifecycles, which is an evolution of the previous work on BEL’s. GSM lifecycles are substantially more declarative than the finite state machine variants, and support hierarchy and parallelism within a single entity instance. The GSM operational semantics are based on a form of Event-Condition-Action (ECA) rules, and provide a basis for formal verification and reasoning. This paper provides an informal, preliminary introduction to the GSM approach, and briefly overviews selected research directions.
Article
Full-text available
Business service engagements involve processes that extend across two or more autonomous organizations. Because of regulatory and competitive reasons, requirements for cross-organizational business processes often evolve in subtle ways. The changes may concern the business transactions supported by a process, the organizational structure of the parties participating in the process, or the contextual policies that apply to the process. Current business process modeling approaches handle such changes in an ad hoc manner, and lack a principled means for determining what needs to be changed and where. Cross-organizational settings exacerbate the shortcomings of traditional approaches because changes in one organization can potentially affect the workings of another. This article describes Amoeba, a methodology for business processes that is based on business protocols. Protocols capture the business meaning of interactions among autonomous parties via commitments. Amoeba includes guidelines for (1) specifying cross-organizational processes using business protocols, and (2) handling the evolution of requirements via a novel application of protocol composition. This article evaluates Amoeba using enhancements of a real-life business scenario of auto-insurance claim processing, and an aerospace case study.
Article
Full-text available
This paper describes work undertaken in the ADEPT (Advanced Decision Environment for Process Tasks) project towards developing an agent-based infrastructure for managing business processes. We describe how the key technology of negotiating, service providing, autonomous agents was realised and demonstrate how this was applied to the BT (British Telecom) business process of providing a customer quote for network services.
Article
Full-text available
We present Dynamic Condition Response Graphs (DCR Graphs) as a declarative, event-based process model inspired by the workflow language employed by our industrial partner and conservatively generalizing prime event structures. A dynamic condition response graph is a directed graph with nodes representing the events that can happen and arrows representing four relations between events: condition, response, include, and exclude. Distributed DCR Graphs is then obtained by assigning roles to events and principals. We give a graphical notation inspired by related work by van der Aalst et al. We exemplify the use of distributed DCR Graphs on a simple workflow taken from a field study at a Danish hospital, pointing out their flexibility compared to imperative workflow models. Finally we provide a mapping from DCR Graphs to Buchi-automata.
Article
Full-text available
Enacting tasks in a workflow cannot always follow a pre-defined process model. In application domains like disaster management workflows are partially specified and circumstances of their enactment change. There exist various approaches for formal workflow models that are effective in such situations, like declarative specifications instead of operational models for formalizing flexible workflow process. These powerful models leave a gap to existing techniques in the domain of workflow modeling, workflow analysis, and workflow management. In this paper we bridge this gap with a compositional mechanism for translating declarative workflow models to operational workflow models. The mechanism is of a general nature and we reveal its principles as we provide an exemplary definition for translating DecSerFlow models based on LTL to Petri nets. We then demonstrate its use in analyzing and refining declarative models. @InProceedings{fahland:DSP:2007:1033, author = {Dirk Fahland}, title = {Towards Analyzing Declarative Workflows}, booktitle = {Autonomous and Adaptive Web Services}, year = {2007}, editor = {Jana Koehler and Marco Pistore and Amit P. Sheth and Paolo Traverso and Martin Wirsing}, number = {07061}, series = {Dagstuhl Seminar Proceedings}, ISSN = {1862-4405}, publisher = {Internationales Begegnungs- und Forschungszentrum f{"u}r Informatik (IBFI), Schloss Dagstuhl, Germany}, address = {Dagstuhl, Germany}, URL = {http://drops.dagstuhl.de/opus/volltexte/2007/1033}, annote = {Keywords: Workflow, declarative, temporal logic, flexible, adaptive, analysis, transformation, Petri net} }
Article
Full-text available
p>Revised version of DAIMI PB-429 This is, we believe, the final version of a chapter for the Handbook of Logic and the Foundations of Computer Science, vol. IV, Oxford University Press. It surveys a range of models for parallel computation to include interleaving models like transition systems, synchronisation trees and languages (often called Hoare traces in this context), and models like Petri nets, asynchronous transition systems, event structures, pomsets and Mazurkiewicz traces where concurrency is represented more explicitly by a form of causal independence. The presentation is unified by casting the models in a category-theoretic framework. One aim is to use category theory to provide abstract characterisations of constructions like parallel composition valid throughout a range of different models and to provide formal means for translating between different models. A knowledge of basic category theory is assumed, up to an acquaintance with the notion of adjunction.</p
Conference Paper
We study modularity, run-time adaptation and refinement under safety and liveness constraints in event-based process models with dynamic sub-process instantiation. The study is part of a larger programme to provide semantically well-founded technologies for modelling, implementation and verification of flexible, run-time adaptable processaware information systems, moved into practice via the Dynamic Condition Response (DCR) Graphs notation co-developed with our industrial partner. Our key contributions are: (1) A formal theory of dynamic subprocess instantiation for declarative, event-based processes under safety and liveness constraints, given as the DCR* process language, equipped with a compositional operational semantics and conservatively extending the DCR Graphs notation; (2) an expressiveness analysis revealing that the DCR* process language is Turing-complete, while the fragment corresponding to DCR Graphs (without dynamic sub-process instantiation) characterises exactly the languages that are the union of a regular and an omega-regular language; (3) a formalisation of run-time refinement and adaptation by composition for DCR* processes and a proof that such refinement is undecidable in general; and finally (4) a decidable and practically useful sub-class of run-time refinements. Our results are illustrated by a running example inspired by a recent Electronic Case Management solution based on DCR Graphs and delivered by our industrial partner. An online prototype implementation of the DCR* language (including examples from the paper) and its visualisation as DCR Graphs can be found at http://tiger.itu.dk:8020/.
Article
In this paper we present a pattern-based approach for syn- thesizing truly distributed Petri nets from a class of LTL speciflcations. The synthesis allows for the automatic, correct generation of humanly conceivable Petri nets, thus circumventing a manual construction of nets, or the use of Buchi automata which are not distributed and often less intuitive to understand.
Article
Workflows are the semantically appropriate composite activities in heterogeneous computing environments. Such environments typically comprise a great diversity of locally autonomous databases, applications, and interfaces. Much good research has focused on the semantics of workflows, and how to capture them in different extended transaction models. Here we address the complementary issues pertaining to how workflows may be declaratively specified, and how distributed constraints may be derived from those specifications to enable local control, thus obviating a centralized scheduler. Previous approaches to this problem were limited and often lacked a formal semantics.
Conference Paper
Networked Cyber-Physical Systems (NCPS) present many challenges that are not suitably addressed by existing distributed computing paradigms. They must be reactive and maintain an overall situation awareness that emerges from partial distributed knowledge. They must achieve system goals through local, asynchronous actions, using (distributed) control loops through which the environment provides essential feedback. Typical NCPS are open, dynamic, and heterogeneous in many dimensions, and often need to be rapidly instantiated and deployed for a given mission. To address these challenges, we pursue a declarative approach to provide an abstraction from the high complexity of NCPS and avoid error-prone and time-consuming low-level programming. A longer-term goal is to develop a distributed computational and logical foundation that supports a wide spectrum of system operation between autonomy and cooperation to adapt to resource constraints, in particular to limitations of computational, energy, and networking resources. Here, we present first steps toward a logical framework for NCPS that combines distributed reasoning and asynchronous control in space and time. The logical framework is based on partially ordered knowledge sharing, a distributed computing paradigm for loosely coupled systems that does not require continuous network connectivity. We illustrate our approach with a simulation prototype of our logical framework in the context of networked mobile robot teams that operate in an abstract instrumented cyber-physical space with sensors.
Conference Paper
Protocols represent the allowed interactions among communicating agents. Protocols are essential in applications such as electronic commerce where it is necessary to constrain the behaviors of autonomous agents. Traditional approaches, which model protocols in terms of action sequences, limit the flexibility of the agents in executing the protocols. By contrast, we develop an approach for specifying protocols in which we capture the content of the actions through agents' commitments to one another. We formalize commitments in a variant of the event calculus. We provide operations and reasoning rules to capture the evolution of commitments through the agents' actions. Using these rules in addition to the basic event calculus axioms enables agents to reason about their actions explicitly to flexibly accommodate the exceptions and opportunities that arise at run time. This reasoning is implemented using an event calculus planner that helps us determine flexible execution paths that respect the protocol specifications.
Conference Paper
Workflows are the semantically appropriate composite activities in heterogeneous computing environments. Such environments typically comprise a great diversity of locally autonomous databases, applications and interfaces. Much good research has focused on the semantics of workflows and how to capture them in different extended transaction models. We address the complementary issues pertaining to how workflows may be declaratively specified and how distributed constraints may be derived from those specifications to enable local control, thus obviating a centralized scheduler. Previous approaches to this problem were limited and often lacked a formal semantics
Isabelle-hol formalisation of present paper
  • S Debois
Mastering the Unpredictable: How Adaptive Case Management Will Revolutionize the Way That Knowledge Workers Get Things Done
  • K D Swenson
Models for concurrency In: Handbook of Logic and the Foundations of
  • G Winskel
  • M Nielsen