The Infosys Labs research blog tracks trends in technology with a focus on applied research in Information and Communication Technology (ICT)

Main | July 2009 »

June 23, 2009

Process Mining - Existing Methods and Challenges

Process Mining has been gaining lots of attention from business analysts lately and is considered one big breakthrough in Business Process Management Paradigm. Process mining has been there as one research item for a long time, I wonder what has made it popular all of a sudden now. Is it because process mining has been presented as commercial tools and consultant’s aid by some companies? Academics are active in field of process mining for quite some time now and have created some useful open source tools as well.

Most of the process mining or process discovery tools provide lots of features of mining process which includes, mining of exception routes as well as most common routes. These tools provide an excellent start for purpose of process elicitation. The usual method of process elicitation is to conduct workshops and interviews with process owner and users. This method not only takes lots of time to elicit the process, the elicit process may be incorrect as it may be vision of people of how process should work rather than how process is actually working and lastly the elicited process may not have all exception paths. Other than that process mining tools can provide lots of information to process consultants just by looking at the mined process, this information includes the average time to complete the task, probability of taking one route as compared to other, identify potential process bottlenecks by identifying repetitive loops. These tools may also provide information on which role or user usually performs certain activities.

All this is good but lets analyze the input which is needed by these tools. Most of these tools expect input as lots of sequences of correlated activities as they executed in the system. The format would be like this, I would provide 3 sequences A -> B - > D, A -> C -> D, A -> B -> D. The output of this process may be A->(B or C)->D. This may also indicate that there is more probability of choosing path B after A is completed as compared to C.

The current challenge is how to get this activity sequences as input to the tool. One option is to create these activity sequences using audit logs. If the application stores the audit log of how an order or request is processes as input, these mining tools have capability of importing the available data as input to the tool. These activity sequences are available in ERP tools, workflow systems and of course in BPM tools. In my view all these kind of applications are already process aware. The real challenge is to extract processes from applications which are not process aware, for example from COBOL application which interacts with a web based application.

Is there a way to mine the process , even partially, from any set of existing applications?

June 15, 2009

Can BPM support you in your Compliance Challenge?

A BPM based solution enables the design, analysis, optimization and automation of business processes. BPM separates process logic and rules from the execution engines, manages relationships between individuals and applications, and monitors performance.
One of the major challenges the organizations are facing today are growing requirements for managing compliance to various standards and frameworks.  These compliance standards include both regulatory (SOX,HIPPA) and Non regulatory (COBIT,CMMI,ISO). Regulatory compliance is a must for the organization, non compliance to the regulatory standards will have huge liabilities to the company and to the senior leadership. Compliance to the non regulatory standards is more strategic in nature and it will provide distinct advantages for accomplishing objectives of the organization.
Over the years the number of such compliance standards (both regulatory and non regulatory) have increased.
Some of the Key challenges are
• Managing conflicting versions of data which is spread across the enterprise.
• Dependence on non automated systems- many companies rely on sheer manpower, In spite of advances in technology, companies maintain many of their systems outside the domain of Automation.
• Changes in processes and definition
• Combination of Automated Process and Manual process pose a challenge in collecting the data for  consolidating
• Managing Compliance periodically, Compliance is not a one-time event
• Multiple standards and frameworks
Appropriate application of BPM based solution will support in managing your compliance challenge. What you need is shift in your mind-set from working hard to working smart.

June 10, 2009

Connecting Aristotle to Distributed Security..

It may come as a long shot for people to think of connecting the legendary philosopher Aristotle to a topic like Distributed Systems Security..

However, as our book reveals some of the classic works in related works like philosophical logic, propounded by Aristotle forming the basis of the modern day

Solutions and algorithms for distributed systems security..


Modern day distributed systems are highly heterogeneous, and complex with emergence of divergent technologies like grid computing, service oriented computing, and most prevalently Web based computing, and most computing..


The quest for openness, transparency, scalability,  heterogeneity, and resource sharing are key concerns in modern day distributed systems which shape up the security requirements for these systems.


Keeping an enterprise focus, with a view to address these complex abovementioned requirements , a structured tiered framework for modern day distributed systems security is proposed in the book, while enumerating a detailed set of detailed consideration of issues, solutions, standards and processes in each tier.

Unique to the book include innovative approaches to explaining concepts like XML firewall via detailed deconstruction, exploration of unique techniques like logic based approaches. It is this connection,  the connection of Aristotle to Distributed Systems security emerges, namely  in a solution titled “Proof Carrying Code”, for host security which involves the notion of embedding an aristotlean logic based proof as a mechanism for trust establishment in transient code scenarios..


Read on for further details  in the book Distributed Systems Security: Issues, Processes and Solutions, by Wiley..





Architecture and Design considerations for BPM using SOA

In today’s enterprise business processes are often created from services. Creation of business process from services has been greatly facilitated by platforms providing run times for business process languages (e.g. BPML, BPEL etc) and architectural paradigms like SOA. These platforms and software components greatly facilitate development, deployment, monitoring, NFR requirements management and life cycle management of services/processes. Usage of services for creation of business processes has distinct benefits in terms of extensibility of process/ service, managing SLA, implementing change back models at finer level of granularity etc to name a few.  In order to address such varied requirements practitioner architects often come up with ingenuous architectures or design to address an overall requirement or a specific issue.
Frankly, a given solution can be trivial or elegant architectural proposition, but valuable all the same and hence the need for sharing such best practices with larger community. I will be discussing on architectures/ components/ tips for BPM implementations using SOA.
I am looking forward to the Designer, Architect and practitioner community to share their unique experiences, in terms of business requirement and proposed architectural and design considerations in BPM solutions.