Policy-enabled goal-oriented requirements engineering for semantic Business Process Management

Business Process Management is a paradigm for enterprise computing that uses IT not only to support or execute business processes but also to continuously monitor and improve these processes to better achieve business objectives. A variant on Business Process Management, called Semantic Business Process Management, is meant to further close the gap between business and IT by attaching business semantics to the technology artifacts used for Business Process Management. A current problem in Semantic Business Process Management is that the specification of the business requirements that processes must respond to and that follow from the enterprise's strategic decisions, is not fully integrated within the design of the processes themselves. In this paper, we propose an approach in which business requirements for business processes are formally modeled and the skeleton of the designs of these business processes is automatically generated from these models. The approach presented here focuses upon the modeling of policies (i.e., a kind of business requirements for business processes) and on the subsequent design of business processes that comply to these policies. A first contribution is extending an existing goal-oriented requirements specification language, i.e. Formal Tropos, to incorporate policies, called Policy-extended Formal Tropos. A second contribution is offering an automated transformation to create business process design skeletons out of the Policy-extended Formal Tropos models. The paper also reports upon three pilot studies that were conducted as a first, though preliminary, empirical test of our approach. © 2010 Wiley Periodicals, Inc.

[1]  Marvin V. Zelkowitz,et al.  Experimental Models for Validating Technology , 1998, Computer.

[2]  Daniel Amyot,et al.  Towards a Framework for Tracking Legal Compliance in Healthcare , 2007, CAiSE.

[3]  Annie I. Antón,et al.  Financial privacy policies and the need for standardization , 2004, IEEE Security & Privacy Magazine.

[4]  Jon Doyle,et al.  Semantic parameterization: A process for modeling domain descriptions , 2008, TSEM.

[5]  Anna Perini,et al.  Exploring the Effectiveness of Normative i* Modelling: Results from a Case Study on Food Chain Traceability , 2008, CAiSE.

[6]  Ian Beeson,et al.  Modelling non-functional requirements of business processes , 2007, Inf. Softw. Technol..

[7]  John Mylopoulos,et al.  Automating the Extraction of Rights and Obligations for Regulatory Compliance , 2008, ER.

[8]  Ganna Frankova,et al.  From Early Requirements to Business Processes with Service Level Agreements , 2007 .

[9]  John Mylopoulos,et al.  Specifying and analyzing early requirements in Tropos , 2004, Requirements Engineering.

[10]  W. Graham,et al.  The importance of conducting and reporting pilot studies: the example of the Scottish Births Survey. , 2001, Journal of advanced nursing.

[11]  Keng Siau,et al.  Evaluation techniques for systems analysis and design modelling methods – a review and comparative analysis , 2011, Inf. Syst. J..

[12]  Keith Phalp,et al.  B-SCP: A requirements analysis framework for validating strategic alignment of organizational IT based on strategy, context, and process , 2006, Inf. Softw. Technol..

[13]  Stephen Fickas,et al.  Goal-Directed Requirements Acquisition , 1993, Sci. Comput. Program..

[14]  Keith Phalp,et al.  Deriving requirements from process models via the problem frames approach , 2005, Inf. Softw. Technol..

[15]  Colette Rolland,et al.  Combining Intention-Oriented and State-Based Process Modeling , 2005, ER.

[16]  Lin Liu,et al.  Designing information systems in social context: a goal and scenario modelling approach , 2004, Inf. Syst..

[17]  John Mylopoulos,et al.  Requirements engineering for trust management: model, methodology, and reasoning , 2006, International Journal of Information Security.

[18]  E. V. Van Teijlingen,et al.  The importance of pilot studies. , 2002, Nursing standard (Royal College of Nursing (Great Britain) : 1987).

[19]  Keith Phalp,et al.  Requirements engineering for e-business advantage , 2005, Requirements Engineering.

[20]  Robert Darimont,et al.  Goal-oriented Analysis of Regulations , 2006, ReMo2V.

[21]  Ariel Fuxman,et al.  Formal analysis of early requirements specifications , 2001 .

[22]  Robert L. Glass,et al.  Pilot Studies: What, Why, and How , 1997, J. Syst. Softw..

[23]  Martin Hepp,et al.  An Ontology Framework for Semantic Business Process Management , 2007, Wirtschaftsinformatik.

[24]  Annie I. Antón,et al.  Analyzing goal semantics for rights, permissions, and obligations , 2005, 13th IEEE International Conference on Requirements Engineering (RE'05).

[25]  Sergiu M. Dascalu,et al.  Unit-level test adequacy criteria for visual dataflow languages and a testing methodology , 2008, TSEM.

[26]  Daniel Amyot,et al.  Introduction to the User Requirements Notation: learning by example , 2003, Comput. Networks.

[27]  Karl Cox,et al.  Validating strategic alignment of organizational IT requirements using goal modeling and problem diagrams , 2006, J. Syst. Softw..

[28]  M. Hammer,et al.  REENGINEERING THE CORPORATION: A MANIFESTO FOR BUSINESS REVOLUTION , 1995 .

[29]  Eugene H. Spafford,et al.  A distributed requirements management framework for legal compliance and accountability , 2009, Comput. Secur..

[30]  J. Rodney Turner,et al.  The role of pilot studies in reducing risk on projects and programmes , 2005 .

[31]  Daniel Amyot,et al.  Compliance Analysis Based on a Goal-oriented Requirement Language Evaluation Methodology , 2009, 2009 17th IEEE International Requirements Engineering Conference.

[32]  Colette Rolland,et al.  A Multi-Model View of Process Modelling , 1999, Requirements Engineering.

[33]  Annie I. Antón,et al.  Precluding incongruous behavior by aligning software requirements with security and privacy policies , 2003, Inf. Softw. Technol..

[34]  John Mylopoulos,et al.  Towards requirements-driven information systems engineering: the Tropos project , 2002, Inf. Syst..

[35]  Alessandra Russo,et al.  A goal-based approach to policy refinement , 2004, Proceedings. Fifth IEEE International Workshop on Policies for Distributed Systems and Networks, 2004. POLICY 2004..

[36]  Roel Wieringa,et al.  Requirements researchers: are we really doing research? , 2005, Requirements Engineering.

[37]  John Mylopoulos,et al.  From object-oriented to goal-oriented requirements analysis , 1999, CACM.

[38]  Neil A. M. Maiden,et al.  PRiM: An i*-based process reengineering method for information systems specification , 2008, Inf. Softw. Technol..

[39]  Geert Poels,et al.  Practical Challenges for Methods Transforming i* Goal Models into Business Process Models , 2009, 2009 17th IEEE International Requirements Engineering Conference.

[40]  Evangelia Kavakli,et al.  Goal-Oriented Requirements Engineering: A Unifying Framework , 2002, Requirements Engineering.

[41]  Annie I. Antón,et al.  Analyzing Regulatory Rules for Privacy and Security Requirements , 2008, IEEE Transactions on Software Engineering.

[42]  Yair Wand,et al.  On the notion of soft-goals in business process modeling , 2005, Bus. Process. Manag. J..

[43]  Yijun Yu,et al.  Requirements-Driven Design and Configuration Management of Business Processes , 2007, BPM.

[44]  Geert Poels,et al.  Mapping semantically enriched Formal Tropos to business process models , 2009, SAC '09.

[45]  Ganna Frankova,et al.  Secure Workflow Development from Early Requirements Analysis , 2008, 2008 Sixth European Conference on Web Services.

[46]  Michela Montesi,et al.  Software engineering article types: An analysis of the literature , 2008, J. Syst. Softw..

[47]  P. Prescott,et al.  The potential uses of pilot work. , 1989, Nursing research.