Analysis of Workflow Graphs through SESE Decomposition Jussi Vanhatalo, IBM Zurich Research Lab Hagen Völzer, IBM Zurich Research Lab Frank Leymann, University of Stuttgart, IAAS AWPN 2007 September 2007
Control-flow errors in business process models Business process models are no longer only for documentation Increasing importance when models are executed Workflow engine Realistic business measures through simulation Code generation Our experience [Koehler, Vanhatalo, 2007] & other studies [Mendling et al., 2006] Control-flow errors, e.g. deadlocks occur frequently in real models Early detection can substantially save costs 2
Trade off Speed versus debugging information Workflow graph = Free-Choice workflow net Sound workflow graph = no control-flow errors Known soundness checkers can: Check soundness in cubic time Produce error trace in exponential time Our contribution is a preprocessor: Speeds up any soundness checker Improves debugging information Workflow graph Workflow graph Preprocessor Sound? Yes / No Soundness checker Debugging information 3
Our contribution Our preprocessor has two parts: 1) Decomposition of workflow graph Into fragments that can be checked in isolation Decomposition takes linear time 2) Fast heuristics Sort out many fragments occuring in practice Takes linear time Decomposition Fast heuristics Sound Unsound Workflow graph Sound? Yes / No? Soundness checker Debugging information 4
Outline 1. Introduction Workflow graphs Soundness 2. Decomposition into fragments 3. Heuristics for analyzing soundness 4. Case study 5. Conclusion 5
Workflow graph fork activity a1 join start node a2 stop node decision a3 merge 6
Soundness of a workflow graph = Terminal state never becomes dead = (1)+(2): Initial state a1 a2 Terminal state 1. No (local) deadlock A join cannot get enough tokens entry edge a3 exit edge 2. No lack of synchronization An edge carries two or more tokens at the same time Deadlock a1 a2 a3 Lack of synchronization a1 a2 a3 7
Outline 1. Introduction 2. Decomposition into fragments Fragments Decomposition Process structure tree 3. Heuristics for analyzing soundness 4. Case study 5. Conclusion 8
Single-entry-single-exit (SESE) fragments A SESE fragment is a connected subgraph that has a single entry edge and a single exit edge. f7 entry edge d1 fragment C f1 a1 a2 j1 exit edge m1 f2 a4 f3 a6 j2 a8 j3 a9 j6 a3 a5 a7 f4 a10 j4 f5 a14 m4 a16 j5 d2 m2 a11 a12 m3 a13 d3 d4 f6 a15 m5 a17 9
Single-entry-single-exit (SESE) fragments SESE fragments are either nested (e.g. J and C), or disjoint (J and V) SESE fragments do not overlap (essentially) f7 J d1 C f1 a1 a2 j1 m1 f2 a4 f3 a6 j2 a8 j3 a9 j6 a3 a5 a7 V f4 a10 j4 f5 a14 m4 a16 j5 d2 m2 a11 a12 m3 a13 d3 d4 f6 a15 m5 a17 10
Decomposition into fragments There is a unique decomposition into SESE fragments Linear-time algorithm for SESE decomposition known from compiler theory used for discovering the structure of sequential programs [Johnson et al., 1994] Z f7 X J d1 C f1 A B a1 a2 j1 m1 K f2 E a4 f3 G a6 j2 I a8 j3 L a9 j6 D a3 F a5 H a7 Y V d2 O f4 M N m2 j4 a10 a11 P a12 m3 Q a13 d3 W d4 f5 f6 R S a14 a15 m4 m5 T U a16 a17 j5 11
Process structure tree Z X Y J K L V W C D E F G H I O P Q R S T U A B M N Z f7 X J d1 C f1 A B a1 a2 j1 m1 K f2 E a4 f3 G a6 j2 I a8 j3 L a9 j6 D a3 F a5 H a7 Y V d2 O f4 M N m2 j4 a10 a11 P a12 m3 Q a13 d3 W d4 f5 f6 R S a14 a15 m4 m5 T U a16 a17 j5 12
Each fragment can be analyzed in isolation A fragment is sound if and only if all its child fragments are sound, and the fragment that is obtained by replacing each child fragment with an activity is sound. [Valette, 1979] V O d2 m2 f4 j4 a10 a11 P m3 a12 Sound Q O f4 j4 a10 V O a13 d3 d2 m3 m2 a11 Sound P P a12 Q Q a13 Sound Sound + Sound d3 13
View switch Fragment means the second view in the following V O f4 a10 j4 V O d2 m2 a11 P a12 m3 Q a13 d3 d2 m2 P m3 Q d3 14
Bottom-up analysis Z X Y J K L V W C D E F G H I O P Q R S T U A B M N Z f7 X J d1 C f1 A B a1 a2 j1 m1 K f2 E a4 f3 G a6 j2 I a8 j3 L a9 j6 D a3 F a5 H a7 Y V d2 O f4 M N m2 j4 a10 a11 P a12 m3 Q a13 d3 W d4 f5 f6 R S a14 a15 m4 m5 T U a16 a17 j5 15
Locating an error Z X Y J K L V W C D E F G H I O P Q R S T U A B M N Z f7 X J d1 C f1 A B a1 a2 j1 m1 K f2 E a4 f3 G a6 j2 I a8 j3 L a9 j6 D a3 F a5 H a7 Y V d2 O f4 M N m2 j4 a10 a11 P a12 m3 Q a13 d3 W d4 f5 f6 R S a14 a15 m4 m5 T U a16 a17 j5 16
Reduction achieved through decomposition Number of fragments is linear in graph size Time complexity of the soundness checker is cubic (exponential for error trace) The size of the largest fragment is the most important factor for worst-case running time Workflow 20 graph Decomposition Largest 8 4 6 2 Soundness checker 8000 Sound? vs. Yes 800/ No Debugging 1 048 576 information vs. 340 17
Outline 1. Introduction 2. Decomposition into fragments 3. Heuristics for analyzing soundness Heuristic for sound fragments Heuristic for unsound fragments 4. Case Study 5. Conclusion 18
Heuristic for sound fragments Well-structured fragments Well-structured sequence Well-structured alternative branching D A B C G E F Well-structured cycle Well-structured concurrent branching L K O M N All sound, and all recognized in linear time 19
Heuristic for sound fragments Pure fragments Pure alternative branching (State machine) Pure concurrent branching (Marked graph) V O K f2 E j2 I j3 d2 m2 P m3 Q d3 F f3 G H No forks, no joins No concurrency No decisions, no merges No cycles All sound, and all recognized in linear time 20
Complex fragments Not well-structured, nor pure Mixes of forks/joins with decisions/merges Sound or unsound Soundness checker required Sound complex fragment Unsound complex fragment W d4 f5 f6 R S m4 m5 T U j5 C A B Deadlock 21
Outline 1. Introduction 2. Decomposition into fragments 3. Heuristics for analyzing soundness Heuristic for sound fragments Heuristic for unsound fragments 4. Case study 5. Conclusion 22
Heuristic for unsound fragments D A B Deadlock H E F Lack of synchr. C G At least one join, but no forks At least one fork, but no joins L I J Lack of synchr. P M N Deadlock K O At least one merge, but no decisions At least one decision, but no merges All unsound, and all recognized in linear time 23
Heuristic for unsound fragments Cyclic Fragments H G Deadlock H G Lack of synchr. A cycle, but no merges A cycle, but no decisions H Deadlock G A cycle, but no merges and no decisions All unsound, and all recognized in linear time 24
Outline 1. Introduction 2. Decomposition into fragments 3. Heuristics for analyzing soundness 4. Case study Reductions achieved with the decomposition Applicability of the heuristics 5. Conclusion 25
Case study More than 340 process models: Industrial business process models Modeled with the IBM WebSphere Business Modeler Workflow graph Decomposition Library 1: More than 140 process models Library 2: More than 200 process models Experimental extension of Library 1 Average analysis time per workflow graph is less than 0.1 seconds Excluding the soundness checker Fast heuristics Sound Unsound Sound? Yes / No? Soundness checker Debugging information 26
Reductions achieved with the decomposition Library 1 Reduction factor = Graph size / size of largest fragment Average 2.8 (min: 1.0, max: 9.0) Average size: 67 edges (min: 11, max: 215) Average size of the largest fragment: 24 edges (min: 11, max: 51) 140 x Workflow graph Decomposition Largest Fast heuristics Sound Unsound? Soundness checker Sound? Yes / No Debugging information 27
Reduction increases as the graph size increases Number of edges in the largest fragment of the workflow graph 60 50 40 30 20 10 0 0 50 100 150 200 250 Number of edges in the workflow graph Upper boundary for the largest fragment size seems to be independent of graph size 28
Applicability of the heuristics Library 1 140 x Workflow graph Decomposition Largest Fragment category Percentage of fragments Fast heuristics 1) Well-structured (sound) 2) Pure (sound) 3) Complex 3a) Complex (not sound) 3b) Complex (soundness unknown) 54.8 % 45.2 % 0.0 % 0.0 % 0.0 % 100 % 0 % Sound Unsound Sound? All sound Yes / No? 0 % Soundness checker Debugging information 29
Applicability of the heuristics Library 2 200 x Workflow graph Decomposition Largest Fragment category Percentage of fragments Fast heuristics 1) Well-structured (sound) 2) Pure (sound) 3) Complex 3a) Complex (not sound) 3b) Complex (soundness unknown) 65.4 % 14.9 % 19.7 % 5.4 % 14.3 % 80.3 % 5.4 % Sound Unsound Sound? Yes /? / No? Soundness checker 14.3 % Debugging information 30
Outline 1. Introduction 2. Decomposition into fragments 3. Heuristics for analyzing soundness 4. Case study 5. Conclusion 31
Conclusion Our preprocessor has two parts: 1) Decomposition of workflow graph Workflow graph Decomposition Divide-and-conquer technique Linear time algorithm 2) Fast heuristics Resolves many fragments occurring in practice Linear time algorithm Fast heuristics Sound Unsound? Soundness checker Sound? Yes / No Debugging information 32
Future work Integrate our prototype to a soundness checker Compare the analysis times Use cases for the SESE decomposition: Browsing and constructing large processes Discovery of reusable subprocesses Code generation 33