TY - GEN
T1 - Finding Non-compliances with Declarative Process Constraints through Semantic Technologies
AU - Di Ciccio, Claudio
AU - Ekaputra, Fajar J.
AU - Cecconi, Alessio
AU - Ekelhart, Andreas
AU - Kiesling, Elmar
PY - 2019/6
Y1 - 2019/6
N2 - Business process compliance checking enables organisations to assess whether their processes fulfil a given set of constraints, such as regulations, laws, or guidelines. Whilst many process analysts still rely on ad-hoc, often handcrafted per-case checks, a variety of constraint languages and approaches have been developed in recent years to provide automated compliance checking. A salient example is DECLARE, a well-established declarative process specification language based on temporal logics. DECLARE specifies the behaviour of processes through temporal rules that constrain the execution of tasks. So far, however, automated compliance checking approaches typically report compliance only at the aggregate level, using binary evaluations of constraints on execution traces. Consequently, their results lack granular information on violations and their context, which hampers auditability of process data for analytic and forensic purposes. To address this challenge, we propose a novel approach that leverages semantic technologies for compliance checking. Our approach proceeds in two stages. First, we translate DECLARE templates into statements in SHACL, a graph-based constraint language. Then, we evaluate the resulting constraints on the graph-based, semantic representation of process execution logs. We demonstrate the feasibility of our approach by testing its implementation on real-world event logs. Finally, we discuss its implications and future research directions.
AB - Business process compliance checking enables organisations to assess whether their processes fulfil a given set of constraints, such as regulations, laws, or guidelines. Whilst many process analysts still rely on ad-hoc, often handcrafted per-case checks, a variety of constraint languages and approaches have been developed in recent years to provide automated compliance checking. A salient example is DECLARE, a well-established declarative process specification language based on temporal logics. DECLARE specifies the behaviour of processes through temporal rules that constrain the execution of tasks. So far, however, automated compliance checking approaches typically report compliance only at the aggregate level, using binary evaluations of constraints on execution traces. Consequently, their results lack granular information on violations and their context, which hampers auditability of process data for analytic and forensic purposes. To address this challenge, we propose a novel approach that leverages semantic technologies for compliance checking. Our approach proceeds in two stages. First, we translate DECLARE templates into statements in SHACL, a graph-based constraint language. Then, we evaluate the resulting constraints on the graph-based, semantic representation of process execution logs. We demonstrate the feasibility of our approach by testing its implementation on real-world event logs. Finally, we discuss its implications and future research directions.
U2 - 10.1007/978-3-030-21297-1_6
DO - 10.1007/978-3-030-21297-1_6
M3 - Conference contribution
SN - 978-3-030-21296-4
VL - 350
T3 - Lecture Notes in Business Information Processing
SP - 60
EP - 74
BT - Information Systems Engineering in Responsible Information Systems - CAiSE Forum 2019, Rome, Italy, June 3-7, 2019, Proceedings
A2 - Cappiello, Cinzia
A2 - Ruiz, Marcela
PB - Springer
ER -