Dr. Heerko Groefsema

Assistant Professor

• Room number: 591
• E-mail: h.groefsema [at] rug.nl
• Personal website: Heerko Groefsema

Research

• Service Oriented Architecture
• Business Process Management
• Variability Management

PhD Thesis

1. Business Process Variability: a study into process management and verification (H. Groefsema), Rijksuniversiteit Groningen, 2016.

   Abstract

   Business Process Management (BPM) manages and optimizes business processes with the intent to increase productivity and performance. BPM is a rapidly evolving field due to new requirements emerging at agile branches of business where business processes are required to be less and less rigid. Where BPM supported local user-specific rigid and repetitive units of work in the past, these days it is required to support loosely-coupled processes in cloud configurations among many users with each many different requirements.As the field of BPM continues to manage an increasing number of rapidly evolving business processes in agile environments, the evolution of each business process must continue to always behave in a correct manner and remain compliant with the laws, regulations, and internal business requirements imposed upon it. To manage the correct behavior of quickly evolving business processes, or the definition of a wide variety of similar business processes, we evaluate the application of formal verification techniques as a possible solution for the pre-runtime analysis of the correct behavior and compliant design of business processes within possible process families. A novel approach allowing pre-runtime verification that supports the different branching and merging constructs allowed by business process models and their service compositions is presented. Evaluations on expressive power demonstrate that, other than the generally employed transition systems, the proposed model correctly captures well-known business process patterns. Furthermore, it maintains information on parallel occurrences of activities and the local next activity occurrence: an ability which is unique to the presented approach.

   ---

   BibTeX

   
   @phdthesis{groefsema2016:thesis, title = "Business Process Variability: a study into process management and verification", abstract = "Business Process Management (BPM) manages and optimizes business processes with the intent to increase productivity and performance. BPM is a rapidly evolving field due to new requirements emerging at agile branches of business where business processes are required to be less and less rigid. Where BPM supported local user-specific rigid and repetitive units of work in the past, these days it is required to support loosely-coupled processes in cloud configurations among many users with each many different requirements.As the field of BPM continues to manage an increasing number of rapidly evolving business processes in agile environments, the evolution of each business process must continue to always behave in a correct manner and remain compliant with the laws, regulations, and internal business requirements imposed upon it. To manage the correct behavior of quickly evolving business processes, or the definition of a wide variety of similar business processes, we evaluate the application of formal verification techniques as a possible solution for the pre-runtime analysis of the correct behavior and compliant design of business processes within possible process families. A novel approach allowing pre-runtime verification that supports the different branching and merging constructs allowed by business process models and their service compositions is presented. Evaluations on expressive power demonstrate that, other than the generally employed transition systems, the proposed model correctly captures well-known business process patterns. Furthermore, it maintains information on parallel occurrences of activities and the local next activity occurrence: an ability which is unique to the presented approach.", author = "H. Groefsema", year = "2016", month = dec, language = "English", isbn = "978-90-367-9237-0", publisher = "Rijksuniversiteit Groningen", school = "University of Groningen", url = "https://research.rug.nl/en/publications/business-process-variability-a-study-into-process-management-and-", pdf = "https://pure.rug.nl/ws/portalfiles/portal/37651946/Complete_thesis.pdf", }

   ---

   urlpdf

Recent publications

1. Cross-Instance Regulatory Compliance Checking of Business Process Event Logs (van Beest, Nick, Groefsema, Heerko, Cryer, Adrian, Governatori, Guido, Tosatto, Silvano Colombo and Burke, Hannah), In IEEE Transactions on Software Engineering, volume , 2023.

   Abstract

   Event logs capture the execution of business processes, such that each task is represented by an event and each individual execution is a chronological sequence of events, called an event trace. Event logs allow after-the-act and runtime analysis of deployed business processes to verify whether their execution complies with regulations and business requirements. Checking the compliance of a single sequence of events in a trace is straightforward and a number of approaches have been proposed to address this. However, some regulations or business rules span multiple process instances and a cross-instance analysis is required. In order to check whether such requirements are maintained at all times, multiple traces need to be analysed together, which can result in a combinatorial computational complexity. In this paper, we present a novel approach that efficiently checks runtime regulatory compliance based on event logs, while supporting cross-instance rule evaluation and extensible function evaluation over sequences of attribute data values. The efficiency and applicability of the proposed method is tested in a two-pronged evaluation, showing a significant improvement over existing techniques with respect to capabilities as well as computational complexity. The approach presented in this paper is subject to a patent application, with patent number WO2021/248201.

   
   Keywords: Business process, Event log, Compliance, Regulations, Cross-instance, Instance-spanning, Runtime verification

   ---

   BibTeX

   
   @article{Groefsema2023:tse, author={van Beest, Nick and Groefsema, Heerko and Cryer, Adrian and Governatori, Guido and Tosatto, Silvano Colombo and Burke, Hannah}, journal={IEEE Transactions on Software Engineering}, title={Cross-Instance Regulatory Compliance Checking of Business Process Event Logs}, year={2023}, volume={}, number={}, pages={1-14}, abstract={Event logs capture the execution of business processes, such that each task is represented by an event and each individual execution is a chronological sequence of events, called an event trace. Event logs allow after-the-act and runtime analysis of deployed business processes to verify whether their execution complies with regulations and business requirements. Checking the compliance of a single sequence of events in a trace is straightforward and a number of approaches have been proposed to address this. However, some regulations or business rules span multiple process instances and a cross-instance analysis is required. In order to check whether such requirements are maintained at all times, multiple traces need to be analysed together, which can result in a combinatorial computational complexity. In this paper, we present a novel approach that efficiently checks runtime regulatory compliance based on event logs, while supporting cross-instance rule evaluation and extensible function evaluation over sequences of attribute data values. The efficiency and applicability of the proposed method is tested in a two-pronged evaluation, showing a significant improvement over existing techniques with respect to capabilities as well as computational complexity. The approach presented in this paper is subject to a patent application, with patent number WO2021/248201.}, keywords={Business process, Event log, Compliance, Regulations, Cross-instance, Instance-spanning, Runtime verification}, doi={10.1109/TSE.2023.3319086}, ISSN={1939-3520}, month={10}, }

   ---

   doi
2. On the Use of the Conformance and Compliance Keywords During Verification of Business Processes (H. Groefsema, N.R.T.P. van Beest and G. Governatori), In Business Process Management Forum (C. Di Ciccio, R. Dijkman, A. del Río Ortega, S. Rinderle-Ma, eds.), Springer, 2022.

   Abstract

   A wealth of techniques have been developed to help organizations understand their processes, verify correctness against requirements and diagnose potential problems. In general, these verification techniques allow us to check whether a business process conforms or complies with some specification, and each of them is specifically designed to solve a particular business problem at a stage of the BPM lifecycle. However, the terms conformance and compliance are often used as synonyms and their distinct differences in verification goals is blurring. As a result, the terminology used to describe the techniques or the corresponding verification activity does not always match with the precise meaning of the terms as they are defined in the area of verification. Consequently, confusion of these terms may hamper the application of the different techniques and the correct positioning of research. In this position paper, we aim to provide comprehensive definitions and a unified terminology throughout the BPM lifecycle. Moreover, we explore the consequences when these terms are used incorrectly. In doing so, we aim to improve adoption from research to practical applications by clarifying the relation between techniques and the intended verification goals.

   ---

   BibTeX

   
   @inproceedings{groefsema2022:bpm, title = "On the Use of the Conformance and Compliance Keywords During Verification of Business Processes", abstract = "A wealth of techniques have been developed to help organizations understand their processes, verify correctness against requirements and diagnose potential problems. In general, these verification techniques allow us to check whether a business process conforms or complies with some specification, and each of them is specifically designed to solve a particular business problem at a stage of the BPM lifecycle. However, the terms conformance and compliance are often used as synonyms and their distinct differences in verification goals is blurring. As a result, the terminology used to describe the techniques or the corresponding verification activity does not always match with the precise meaning of the terms as they are defined in the area of verification. Consequently, confusion of these terms may hamper the application of the different techniques and the correct positioning of research. In this position paper, we aim to provide comprehensive definitions and a unified terminology throughout the BPM lifecycle. Moreover, we explore the consequences when these terms are used incorrectly. In doing so, we aim to improve adoption from research to practical applications by clarifying the relation between techniques and the intended verification goals.", author = "H. Groefsema and N.R.T.P. {van Beest} and G. Governatori", year = "2022", month = sep, day = "7", doi = "10.1007/978-3-031-16171-1_2", language = "English", isbn = "978-3-031-16170-4", series = "Lecture Notes in Business Information Processing", publisher = "Springer", pages = "21–37", editor = "C. {Di Ciccio} and R. Dijkman and A. {del R{\'i}o Ortega} and S. Rinderle-Ma", booktitle = "Business Process Management Forum", note = "The 20th International Conference on Business Process Management, BPM 2022 ; Conference date: 11-09-2022 Through 15-09-2022", url = "https://bpm2022.uni-muenster.de/", }

   ---

   urldoi
3. Efficient conditional compliance checking of business process models (H. Groefsema, N.R.T.P. van Beest and A. Armas-Cervantes), In Computers in Industry, ELSEVIER SCIENCE BV, volume 115, 2020.

   Abstract

   When checking compliance of business processes against a set of business rules or regulations, the ability to handle and verify conditions in both the model and the rules is essential. Existing design-time verification approaches, however, either completely lack support for the verification of conditions or propose costly verification methods that also consider the full data perspective. This paper proposes a novel light-weight verification method, which is preferable over expensive approaches that include the data perspective when considering structural properties of a business process model. This novel approach generates partial models that capture only relevant execution states to the conditions under investigation. The resulting model can be verified using existing model checking techniques. The computation of such partial models fully abstracts conditions from the full models and specifications, thus avoiding the analysis of the full data perspective. The proposed method is complete with respect to the analyzed execution paths, while significantly reducing the state space complexity by pruning unreachable states given the conditions under investigation. This approach offers the ability to check if a process is compliant with rules and regulations on a much more fine-grained level, and it enables a more precise formulation of the conditions that should and should not hold in the processes. The approach is particularly useful in dynamic environments where processes are constantly changing and efficient conditional compliance checking is a necessity. The approach – implemented in Java and publicly available – is evaluated in terms of performance and practicability, and tested over both synthetic datasets and a real-life case from the Australian telecommunications sector.

   
   Keywords: Business process models, Formal verification, Conditional compliance, Data perspective, Temporal logic

   ---

   BibTeX

   
   @article{groefsema2020:cii, title = "Efficient conditional compliance checking of business process models", abstract = "When checking compliance of business processes against a set of business rules or regulations, the ability to handle and verify conditions in both the model and the rules is essential. Existing design-time verification approaches, however, either completely lack support for the verification of conditions or propose costly verification methods that also consider the full data perspective. This paper proposes a novel light-weight verification method, which is preferable over expensive approaches that include the data perspective when considering structural properties of a business process model. This novel approach generates partial models that capture only relevant execution states to the conditions under investigation. The resulting model can be verified using existing model checking techniques. The computation of such partial models fully abstracts conditions from the full models and specifications, thus avoiding the analysis of the full data perspective. The proposed method is complete with respect to the analyzed execution paths, while significantly reducing the state space complexity by pruning unreachable states given the conditions under investigation. This approach offers the ability to check if a process is compliant with rules and regulations on a much more fine-grained level, and it enables a more precise formulation of the conditions that should and should not hold in the processes. The approach is particularly useful in dynamic environments where processes are constantly changing and efficient conditional compliance checking is a necessity. The approach – implemented in Java and publicly available – is evaluated in terms of performance and practicability, and tested over both synthetic datasets and a real-life case from the Australian telecommunications sector.", keywords = "Business process models, Formal verification, Conditional compliance, Data perspective, Temporal logic", author = "H. Groefsema and N.R.T.P. {van Beest} and A. Armas-Cervantes", year = "2020", month = feb, doi = "10.1016/j.compind.2019.103181", url = "https://research.rug.nl/en/publications/efficient-conditional-compliance-checking-of-business-process-mod", pdf = "https://pure.rug.nl/ws/portalfiles/portal/128588560/1_s2.0_S0166361519303549_main.pdf", language = "English", volume = "115", journal = "Computers in Industry", issn = "0166-3615", publisher = "ELSEVIER SCIENCE BV", }

   ---

   urlpdfdoi
4. Variability in business processes: Automatically obtaining a generic specification (N.R.T.P. van Beest, H. Groefsema, L. Garcia-Banuelos and M. Aiello), In Information Systems, PERGAMON-ELSEVIER SCIENCE LTD, volume 80, 2019.

   Abstract

   The existence of different process variants is inevitable in many modern organizations. However, variability in business process support has proven to be a challenge as it requires a flexible business process specification that supports the required process variants, while at the same time being compliant with policies and regulations. Declarative approaches could support variability, by providing rules constraining process behavior and thereby allowing different variants. However, manual specification of these rules is complicated and error-prone. As such, tools are required to ensure that duplication and overlap of rules is avoided as much as possible, while retaining maintainability. In this paper, we present an approach to represent different process variants in a single compound prime event structure, and provide a method to subsequently derive variability rules from this compound prime event structure. The approach is evaluated by conducting an exploratory evaluation on different sets of real-life business process variants, including a real-life case from the Dutch eGovernment, to demonstrate the effectiveness and applicability of the approach.

   
   Keywords: Business Process Model, Declarative Variability Modeling, Event Structure, Temporal Logic, PROCESS MODELS, CORRECTNESS

   ---

   BibTeX

   
   @article{vanbeest2019:is, title = "Variability in business processes: Automatically obtaining a generic specification", abstract = "The existence of different process variants is inevitable in many modern organizations. However, variability in business process support has proven to be a challenge as it requires a flexible business process specification that supports the required process variants, while at the same time being compliant with policies and regulations. Declarative approaches could support variability, by providing rules constraining process behavior and thereby allowing different variants. However, manual specification of these rules is complicated and error-prone. As such, tools are required to ensure that duplication and overlap of rules is avoided as much as possible, while retaining maintainability. In this paper, we present an approach to represent different process variants in a single compound prime event structure, and provide a method to subsequently derive variability rules from this compound prime event structure. The approach is evaluated by conducting an exploratory evaluation on different sets of real-life business process variants, including a real-life case from the Dutch eGovernment, to demonstrate the effectiveness and applicability of the approach.", keywords = "Business Process Model, Declarative Variability Modeling, Event Structure, Temporal Logic, PROCESS MODELS, CORRECTNESS", author = "N.R.T.P. {van Beest} and H. Groefsema and L. Garcia-Banuelos and M. Aiello", year = "2019", month = feb, doi = "10.1016/j.is.2018.09.005", url = "https://research.rug.nl/en/publications/variability-in-business-processes-automatically-obtaining-a-gener", pdf = "https://pure.rug.nl/ws/portalfiles/portal/108415791/1_s2.0_S0306437918300401_main.pdf", language = "English", volume = "80", pages = "36--55", journal = "Information Systems", issn = "0306-4379", publisher = "PERGAMON-ELSEVIER SCIENCE LTD", }

   ---

   urlpdfdoi
5. A Formal Model for Compliance Verification of Service Compositions (H. Groefsema, N.R.T.P. van Beest and M. Aiello), In Ieee transactions on services computing, volume 11, 2018.

   Abstract

   Business processes design and execution environments increasingly need support from modular services in service compositions to offer the flexibility required by rapidly changing requirements. With each evolution, however, the service composition must continue to adhere to laws and regulations, resulting in a demand for automated compliance checking. Existing approaches, if at all, either offer only verification after the fact or linearize models to such an extent that parallel information is lost. We propose a mapping of service compositions to Kripke structures by using colored Petri nets. The resulting model allows preventative compliance verification using well-known temporal logics and model checking techniques while providing full insight into parallel executing branches and the local next invocation. Furthermore, the mapping causes limited state explosion, and allows for significant further model reduction. The approach is validated on a case study from a telecom company in Australia and evaluated with respect to performance and expressiveness. We demonstrate that the proposed mapping has increased expressiveness while being less vulnerable to state explosion than existing approaches, and show that even large service compositions can be verified preventatively with existing model checking techniques.

   
   Keywords: Service Composition, Business process, Compliance, Verification, Temporal Logic, Colored Petri net, Kripke structure, COMPLIANCE-CHECKING, BUSINESS, SPECIFICATION, SUPPORT

   ---

   BibTeX

   
   @article{groefsema2018:tsc, title = "A Formal Model for Compliance Verification of Service Compositions", abstract = "Business processes design and execution environments increasingly need support from modular services in service compositions to offer the flexibility required by rapidly changing requirements. With each evolution, however, the service composition must continue to adhere to laws and regulations, resulting in a demand for automated compliance checking. Existing approaches, if at all, either offer only verification after the fact or linearize models to such an extent that parallel information is lost. We propose a mapping of service compositions to Kripke structures by using colored Petri nets. The resulting model allows preventative compliance verification using well-known temporal logics and model checking techniques while providing full insight into parallel executing branches and the local next invocation. Furthermore, the mapping causes limited state explosion, and allows for significant further model reduction. The approach is validated on a case study from a telecom company in Australia and evaluated with respect to performance and expressiveness. We demonstrate that the proposed mapping has increased expressiveness while being less vulnerable to state explosion than existing approaches, and show that even large service compositions can be verified preventatively with existing model checking techniques.", keywords = "Service Composition, Business process, Compliance, Verification, Temporal Logic, Colored Petri net, Kripke structure, COMPLIANCE-CHECKING, BUSINESS, SPECIFICATION, SUPPORT", author = "H. Groefsema and N.R.T.P. {van Beest} and M. Aiello", year = "2018", month = may, doi = "10.1109/TSC.2016.2579621", url = "https://research.rug.nl/en/publications/a-formal-model-for-compliance-verification-of-service-composition", pdf = "https://pure.rug.nl/ws/portalfiles/portal/95100659/07488177.pdf", language = "English", volume = "11", pages = "466--479", journal = "Ieee transactions on services computing", issn = "1939-1374", number = "3", }

   ---

   urlpdfdoi

(For more publications go to Heerko's publication page)