DCR Tools A quick tour of tools for Dynamic Condition Response - - PowerPoint PPT Presentation

dcr tools
SMART_READER_LITE
LIVE PREVIEW

DCR Tools A quick tour of tools for Dynamic Condition Response - - PowerPoint PPT Presentation

Dec 03, 2022 182 likes •761 views

DCR Tools A quick tour of tools for Dynamic Condition Response graphs Thomas T. Hildebrandt & Sren Debois IT University of Copenhagen (and joint work with R. Mukkamala, T. Slaats, M. Marquard, F. Zanitti) Dagstuhl Seminar 17051 Theory and

slide-1
SLIDE 1

IT UNIVERSITY OF COPENHAGEN

DCR Tools

A quick tour of tools for Dynamic Condition Response graphs Thomas T. Hildebrandt & Søren Debois IT University of Copenhagen

Dagstuhl Seminar 17051 Theory and Applications of Behavioural Types February 1st, 2017

(and joint work with R. Mukkamala, T. Slaats, M. Marquard, F. Zanitti)

slide-2
SLIDE 2

IT UNIVERSITY OF

Thomas T. Hildebrandt

IT systems increasingly control and support critical processes & interactions between humans and machines

vebido.de
slide-3
SLIDE 3

IT UNIVERSITY OF

Thomas T. Hildebrandt

IT systems increasingly control and support critical processes & interactions between humans and machines

Run-time adaptability, Correctness & compliance with legal, safety and security regulations is getting more and more critical!

vebido.de
slide-4
SLIDE 4

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Key points of this talk

slide-5
SLIDE 5

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Key points of this talk

  • Correctness and security: Need for formalisation of

processes & data-flow involving both humans and IT

slide-6
SLIDE 6

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Key points of this talk

  • Correctness and security: Need for formalisation of

processes & data-flow involving both humans and IT

  • Effectiveness, maintainability & compliance: Need

for “intelligent”, flexible & adaptable IT systems

slide-7
SLIDE 7

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Key points of this talk

  • Correctness and security: Need for formalisation of

processes & data-flow involving both humans and IT

  • Effectiveness, maintainability & compliance: Need

for “intelligent”, flexible & adaptable IT systems

  • The Dynamic Condition Response (DCR) Graphs

process technology is a promising approach developed jointly by industry and academia and supported by tools DCRGraphs.net & dcr.tools

slide-8
SLIDE 8

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

What are DCR Graphs ?

Dynamic Condition Response (DCR) graphs are declarative run-time adaptable choreographies

slide-9
SLIDE 9

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

What are DCR Graphs ?

Dynamic Condition Response (DCR) graphs are declarative run-time adaptable choreographies

Rule 1: The Seller must have made an offer before the Buyer can buy

condition

slide-10
SLIDE 10

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

What are DCR Graphs ?

Dynamic Condition Response (DCR) graphs are declarative run-time adaptable choreographies

Rule 1: The Seller must have made an offer before the Buyer can buy

condition response

Rule 2: The Seller must eventually make an offer if the Buyer ask

slide-11
SLIDE 11

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

What are DCR Graphs ?

Dynamic Condition Response (DCR) graphs are declarative run-time adaptable choreographies

Rule 1: The Seller must have made an offer before the Buyer can buy

condition response

Rule 2: The Seller must eventually make an offer if the Buyer ask

event

slide-12
SLIDE 12

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

What are DCR Graphs ?

Dynamic Condition Response (DCR) graphs are declarative run-time adaptable choreographies

Rule 1: The Seller must have made an offer before the Buyer can buy

condition response

Rule 2: The Seller must eventually make an offer if the Buyer ask

event activity

slide-13
SLIDE 13

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

What are DCR Graphs ?

Dynamic Condition Response (DCR) graphs are declarative run-time adaptable choreographies

Rule 1: The Seller must have made an offer before the Buyer can buy

condition response

Rule 2: The Seller must eventually make an offer if the Buyer ask

event activity role

slide-14
SLIDE 14

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

What are DCR Graphs ?

Dynamic Condition Response (DCR) graphs are declarative run-time adaptable choreographies

Rule 1: The Seller must have made an offer before the Buyer can buy

condition response

Rule 2: The Seller must eventually make an offer if the Buyer ask

Let’s us look at the example in DCR.tools

event activity role

slide-15
SLIDE 15

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Parser

slide-16
SLIDE 16

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Visualiser

slide-17
SLIDE 17

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

What was the point?

  • The DCR graph language has an operational semantics with

state given as a marking of events with three booleans (executed,pending,included)

  • We do not need to unfold the entire transition system!
  • Distinguish may (enabled) & must (pending) eventually
  • Flexibility in execution
  • Conflicts ?
  • Adaptable ?
slide-18
SLIDE 18

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Merging Choreographies

slide-19
SLIDE 19

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Merged Choreography

slide-20
SLIDE 20

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Timed DCR Graphs

Eventually is often not good enough….

slide-21
SLIDE 21

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Timed DCR Graphs

Eventually is often not good enough…. and delays may be required

slide-22
SLIDE 22

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Timed DCR Graphs

Eventually is often not good enough…. and delays may be required Timed DCR Graphs introduce delays on conditions, and deadlines on responses

[JLAP82,2013, CSF2016]

slide-23
SLIDE 23

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Timed choreographies

DCR.tools

slide-24
SLIDE 24

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Timed choreographies

response deadline

DCR.tools

slide-25
SLIDE 25

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Timed execution

slide-26
SLIDE 26

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Advancing time by 7

slide-27
SLIDE 27

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Timed choreographies: Delays

DCR.tools

slide-28
SLIDE 28

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Timed choreographies: Delays

DCR.tools

delayed conditions

slide-29
SLIDE 29

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Sub processes

slide-30
SLIDE 30

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Sub processes

slide-31
SLIDE 31

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Sub processes

Infinite state system, and indeed reachability and refinement becomes undecidable [FM 2015] Look for decidable approximations!

slide-32
SLIDE 32

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Enforceability & Escalation

Some events are uncontrollable in particular progress of time and human activities

slide-33
SLIDE 33

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Enforceability & Escalation

Some events are uncontrollable in particular progress of time and human activities Need compensation/escalation & pro-active enforcement [CSF2016]

slide-34
SLIDE 34

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Enforceability & Escalation

Some events are uncontrollable in particular progress of time and human activities Need compensation/escalation & pro-active enforcement [CSF2016] Try research-prototype at dcr.tools/obligations

slide-35
SLIDE 35

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Policy enforcement

Workflow engine Workflow engine

Policy enforcement point

[“In the nick of time …” with Basin & Debois @ CSF 2016]

slide-36
SLIDE 36

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Policy enforcement

Workflow engine Workflow engine

Policy enforcement point

[“In the nick of time …” with Basin & Debois @ CSF 2016] Controllable actions Un-controllable actions Causable actions

slide-37
SLIDE 37

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Work so far

  • Tools (DCRGraphs.net, dcr.tools)
  • Verification, Time & Dynamic Subprocesses
  • Distribution & Independence
  • Search Path & projections, process mining [BPM14,SAC17]
  • Applications to case studies [FHIES2011,ACM14,BPM15,S4CIP16]


(Healthcare, funding agency, finance & emergency management, security)

  • Run-time adaptation, refinement & enforcement [EDOC2013][ACM14][FM15]

[CSF16]

  • Programming Language, Data & Forms

[SEFM2011,BPM15] [JLAP82,2013, BPM14,FM15] [DEBS2012,REBLS15, BPM CASE 2016]

slide-38
SLIDE 38

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Dealing with state space explosion

  • Safe distribution & infer concurrency
  • Modularity & step-wise refinement
  • Static analysis for reachability & enforceability [CSF15]

[SEFM2011,BPM15] [FM15]

vs

slide-39
SLIDE 39

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Data & Declarative Forms

* * *

slide-40
SLIDE 40

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Data & Declarative Forms

* * *

slide-41
SLIDE 41

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Data & Declarative Forms

Forms are Declarative Processes!

[BPM Case paper 2016] * * *

slide-42
SLIDE 42

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Security Elicitation

slide-43
SLIDE 43

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Security Elicitation

  • (EU General

Data Protection Requirement)

slide-44
SLIDE 44

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Mining Declarative Processes

Process log Statistically inferred constraints Inferred flows Avoid mined spaghetti diagrams BPMEA@SAC 2017

https://youtu.be/7oat7MatU_U

slide-45
SLIDE 45

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Mining for Prescriptive Processes

Process log Mined evidence-based routes We collaborate with danish municipality and major provider of eGovernment solutions (work in progress)

slide-46
SLIDE 46

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

What is special for DCR graphs?

slide-47
SLIDE 47

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

What is special for DCR graphs?

  • Formal and close to natural language:


Conditions, Responses, Inclusions and Exclusions

slide-48
SLIDE 48

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

What is special for DCR graphs?

  • Formal and close to natural language:


Conditions, Responses, Inclusions and Exclusions

  • Expressive and decidable:


Can express all regular safety and liveness properties

slide-49
SLIDE 49

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

What is special for DCR graphs?

  • Formal and close to natural language:


Conditions, Responses, Inclusions and Exclusions

  • Expressive and decidable:


Can express all regular safety and liveness properties

  • Operational and understandable:


Run-time state as “check-list” on events

slide-50
SLIDE 50

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

What is special for DCR graphs?

  • Formal and close to natural language:


Conditions, Responses, Inclusions and Exclusions

  • Expressive and decidable:


Can express all regular safety and liveness properties

  • Operational and understandable:


Run-time state as “check-list” on events

  • Efficient distributed monitoring & enactment


Local decision of enabledness & effect of events

slide-51
SLIDE 51

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Conclusions

slide-52
SLIDE 52

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Conclusions

  • Imperative process notations often too inflexible, do not

capture why and are difficult to adapt & maintain

slide-53
SLIDE 53

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Conclusions

  • Imperative process notations often too inflexible, do not

capture why and are difficult to adapt & maintain

  • DCR graphs support flexibility, adaptability and formal

validation of compliance and correctness

slide-54
SLIDE 54

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Conclusions

  • Imperative process notations often too inflexible, do not

capture why and are difficult to adapt & maintain

  • DCR graphs support flexibility, adaptability and formal

validation of compliance and correctness

  • Tool support & applied with success in industry
slide-55
SLIDE 55

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Conclusions

  • Imperative process notations often too inflexible, do not

capture why and are difficult to adapt & maintain

  • DCR graphs support flexibility, adaptability and formal

validation of compliance and correctness

  • Tool support & applied with success in industry
  • Still challenges! But promising initial work on

understandability, refinement, static analysis & applications to collaborative design, validation and training

slide-56
SLIDE 56

A quick tour of tools for Dynamic Condition Response (DCR) graphs February 1st, 2017 Thomas T. Hildebrandt (hilde@itu.dk)

IT UNIVERSITY OF COPENHAGEN

Sponsors

IT UNIVERSITY OF COPENHAGEN

2011-2014: Funding of industrial PhD, 2016: Contract research at ITU, development of DCRGraphs.net and much more 2015-16: ProSec: Cyber security and ICT Infrastructure with importance to crucial functions in Denmark - Mapping Emergency and Security Processes in the Danish Public Transport Sector and their Dependency on ICT (Royal Danish Defence College) 2014-17: Computational Artifacts: Design Oriented Theory of Computational Artifacts in Cooperative Work Practices (www.COMPART.ku.dk) 2010: Case Studies of Best Practice Workflow and Workflow in Practice (Innovation Network Project) 2015: Visualising for Customers, Business & IT (Copenhagen Fintech Innovation & Research Innovation network) Salaries of senior researchers at ITU and co-financing of research projects