=Paper=
{{Paper
|id=Vol-2542/MOD-DLT2
|storemode=property
|title=Trusted Artifact-Driven Monitoring of Business Processes using Blockchains (invited paper)
|pdfUrl=https://ceur-ws.org/Vol-2542/MOD-DLT2.pdf
|volume=Vol-2542
|authors=Giovanni Meroni
|dblpUrl=https://dblp.org/rec/conf/modellierung/Meroni20
}}
==Trusted Artifact-Driven Monitoring of Business Processes using Blockchains (invited paper)==
https://ceur-ws.org/Vol-2542/MOD-DLT2.pdf
Joint Proceedings of Modellierung 2020 Short, Workshop and Tools & Demo Papers
Int. Workshop on Conceptual Modeling for Distributed Ledger Technologies 45
Trusted artifact-driven monitoring of business processes
using blockchains
Giovanni Meroni1
Abstract:
Having a reliable business process monitoring platform is important to promptly detect and react to
violations during process execution. Typically, when processes span among multiple organizations
or require manual activities, a relationship of trust must be established among participants to obtain
meaningful results. Also, when a violation is detected, most monitoring platforms report it and expect
participants to stop executing the process and to manually solve it before resuming the execution.
Trusted artifact-driven monitoring tries to overcome these limitations. By relying on a declarative
model of the process to monitor, rather than an imperative one, trusted artifact-driven monitoring
can continue to monitor the process even after a violation occurred. Also, it relies on events coming
from artifacts (i.e., physical or virtual objects) participating in the process to infer when activities are
executed. Finally, to guarantee the immutability of monitoring information once they are produced, it
relies on a blockchain-based architecture to store and retrieve this information.
Keywords: Business Process Monitoring; Blockchain; Artifact-driven Monitoring
1 Introduction
Business process monitoring plays an important role in the Business Process Management
lifecycle [Du13]. In fact, if properly performed, process monitoring allows to obtain useful
insights on the processes being executed. For instance, it is possible to know if some
activities are causing bottlenecks, or if a deviations between the process definitions and
the actual execution occurred. This information is particularly important when multiple
organizations participate in the same process. In case accidents occur, reliable monitoring
information allows to identify the root cause of the accident and, consequently, the involved
organization.
For these reasons, a reliable process monitoring solution should collect only events coming
from the processes being executed. In addition, it should protect collected events from
accidental or intentional deletions or modifications. Thank to the properties of persistence,
non-repudiation and decentralization, a blockchain is a good starting point to build a reliable
process monitoring solution. In fact, a blockchain is explicitly designed to create a trusted
environment among untrusted entities. For these reasons, some blockchain-based engines
1 Politecnico di Milano, Piazza Leonardo da Vinci 32, 20133 Milan, Italy giovanni.meroni@polimi.it
Copyright © 2020 for this paper by its authors.
Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0).
�46 Giovanni Meroni
have been proposed in the literature, such as [Pr17] or [Ló19]. However, most solutions rely
on an imperative model to represent the process to monitor. This has the disadvantage of
making the platform unable to fully monitor executions that do not follow the execution flow
defined in the model. In addition, they expect events to explicitly indicate which activity is
being executed, which is problematic when activities are manually executed. In this case, to
generate events, human operators are required to interrupt their work and manually send
notifications, a task which is prone to be forgotten or incorrectly performed.
2 Approach
To solve these issues, trusted artifact-driven monitoring has been proposed [MPV19].
Instead of relying on an imperative representation of the process, artifact-driven monitoring
relies on a declarative model following the Extended Guard-Stage-Milestone (E-GSM)
specifications [Me18]. In this way, execution flow dependencies are treated as descriptive
rather than prescriptive. Consequently, the platform can continue monitoring the process
even if it violates the execution flow dependencies. Also, it can detect subsequent violations,
and for each of them it can mark the activity responsible for the violation.
Another advantage of artifact-driven monitoring is that, to detect when activities are
executed, it relies on events notifying changes in the artifacts – physical or virtual objects
– participating in the process. In particular, the E-GSM specifications allow to define for
each activity (Stage) in which conditions are the artifacts expected to be for it to start
(Data Flow Guard) and to complete its execution (Milestone). Therefore, by monitoring the
conditions of the artifacts – a task that can be automated thanks to the Internet of Things
(IoT) revolution – it is possible to monitor the process in a completely transparent fashion.
More in detail, smart devices can collect through sensors information on the physical objects,
summarize it, and publish it on a blockchain.
To reduce the amount of data stored on a blockchain and, consequently, the computational
and – in case of a public blockchain – monetary costs, trusted artifact-driven monitoring
follows an approach similar to [Hä18]. In fact, by adopting a distributed file system, both
the process model and the conditions of the artifacts can be stored off-chain. In this case,
only the hash of this information is stored on-chain, thus guaranteeing integrity. This also
allows monitoring information to be encrypted and, consequently, be accessible only to the
organizations that possess the decryption key.
3 Discussion
This talk will provide a detailed overview on trusted artifact-driven monitoring and its
potential applications in the real world. To this aim, a case study belonging to the logistics
domain will be adopted to demonstrate the need for reliable inter-organizational process
� Trusted artifact-driven monitoring of business processes using blockchains 47
monitoring, and to outline how trusted artifact-driven monitoring can address it. The talk
will also discuss the current limitations of trusted artifact-driven monitoring, the trade-offs
in terms of privacy and costs that have to be made, and the currently ongoing research work
to solve these issues.
References
[Du13] Dumas, M.; La Rosa, M.; Mendling, J.; Reijers, H. A.: Fundamentals of Business Process
Management. Springer, 2013.
[Hä18] Härer, F.: Decentralized Business Process Modeling and Instance Tracking Secured by a
Blockchain. In (Bednar, P. M.; Frank, U.; Kautz, K., eds.): 26th European Conference
on Information Systems: Beyond Digitization - Facets of Socio-Technical Change, ECIS
2018, Portsmouth, UK, June 23-28, 2018. P. 55, 2018, url: https://aisel.aisnet.
org/ecis2018%5C_rp/55.
[Ló19] López-Pintado, O.; García-Bañuelos, L.; Dumas, M.; Weber, I.; Ponomarev, A.: Cater-
pillar: A business process execution engine on the Ethereum blockchain. Softw., Pract.
Exper. 49/7, pp. 1162–1193, 2019, url: https://doi.org/10.1002/spe.2702.
[Me18] Meroni, G.; Baresi, L.; Montali, M.; Plebani, P.: Multi-party business process compliance
monitoring through IoT-enabled artifacts. Inf. Syst. 73/, pp. 61–78, 2018, url: https:
//doi.org/10.1016/j.is.2017.12.009.
[MPV19] Meroni, G.; Plebani, P.; Vona, F.: Trusted Artifact-Driven Process Monitoring of
Multi-party Business Processes with Blockchain. In: Business Process Management:
Blockchain and Central and Eastern Europe Forum - BPM 2019 Blockchain and CEE
Forum, Vienna, Austria, September 1-6, 2019, Proceedings. Pp. 55–70, 2019, url:
https://doi.org/10.1007/978-3-030-30429-4%5C_5.
[Pr17] Prybila, C.; Schulte, S.; Hochreiner, C.; Weber, I.: Runtime verification for business
processes utilizing the Bitcoin blockchain. FGCS/, 2017, issn: 0167-739X.
�