Analysis of workflows: Verification, validation, and performance analysis'

1
Analysis of workflows Verification, validation,
and performance analysis.
Wil van der Aalst

• Eindhoven University of Technology
• Faculty of Technology Management
• Department of Information and Technology
• P.O. Box 513
• 5600 MB Eindhoven
• The Netherlands
• w.m.p.v.d.aalst_at_tm.tue.nl

2
Design-time and run-time questions
Run-time
Design-time

• verificationvalidationperformance analysis

• process mining

3
Techniques to analyze workflows (design-time)

• Validation is concerned with the relation between
  the model and reality.
• Verification is typically used to answer
  qualitative questions
• Is there a deadlock possible?
• It is possible to successfully handle a specific
  case?
• Will all cases terminate eventually?
• It is possible to execute two tasks in any order?
• Performance analysis is typically used to answer
  quantitative questions
• How many cases can be handled in one hour?
• What is the average flow time?
• How many extra resources are required?
• How many cases are handled within 2 days?

4
Verification analysis techniques can be used to
avoid logical errors.
c3
check_policy
send_letter
c4
c1
c5
c2
ready
start
register
pay_damage
check_damage
c6
Is this a correct workflow? If not, how to
correct it?
5
It this process correct?
6
Error 1 dangling tasks
task5
task4
task3
task2
task1
begin
end
7
Error 2 deadlock (task2)
task2
task1
begin
end
8
Error 3 unbounded and never-ending
task3
task2
task1
begin
end
9
Error 4 deadlock before or after termination
task3
task2
task1
begin
end
10
Soundness property
Eventually the case terminates and the moment
it terminates all references have been removed.
process definition
end
begin

• The soundness property corresponds to two
  standard Petri-net properties (liveness and
  boundedness).
• Standard Petri-net-based tools can be used.
• For (almost) free-choice nets this can be checked
  in polynomial time!

11
Petri-nets a solver-independent medium
12
Reachability analysis
13

• Reachability graph
• Each node corresponds to a reachable state.
• Done by a computer.
• A computer can cope with reachability graphs with
  millions of nodes.

The traffic lights are safe!
14
Exercise construct reachability graph
c3
check_policy
send_letter
c4
c1
c5
c2
ready
start
register
pay_damage
check_damage
c6
15
Structural analysis

• Many techniques are available
• place invariants
• transition invariants
• traps and siphons
• reduction rules
• decomposition techniques
• S-covers/T-covers
• special techniques for subclasses
• state machines
• marked graphs
• free-choice nets
• asymmetric free-choice nets

16
Place invariants

• A place invariant assigns a weight to each place
  such that the weighted token sum remains constant.

man
couple
divorce
marriage

• 1man 1woman2couple constant
  (manwoman2couple7)
• woman couple
• man couple
• man - woman

woman
17
Example
red1yellow1green1 1 red2yellow2green2
1 safe green1 green2 yellow1 yellow2
1 red1 red2 - safe 1
18
Place invariants can be used to check detect
errors
end
begin

• There should be a positive place invariant
  assigning positive weights to all places and
  identical weights to begin and end.
• 1.begin 1.end ..... constant

19
Exercise
c3
send_letter
check_policy
c1
c4
c5
c2
ready
start
register
pay_damage
check_damage
c6
Use place invariants to motivate the correctness
of the process definition.
20
Example
process_form
send_form
c1
c5
archive
time-out
c3
evaluate
start
register
ready
c7
c2
c6
c4
check_proc
Sound? P-inv.?
process_complaint
21
Example (2)
process_form
send_form
c1
c5
archive
time-out
c3
evaluate
start
register
ready
c2
c6
c4
check_proc
Sound? P-inv.?
process_complaint
22
Example (3)
process_form
send_form
c1
c5
archive
time-out
c3
evaluate
c8
start
register
ready
c7
c2
c6
c4
check_proc
Sound? P-inv.?
process_complaint
23
Example (4)
process_form
send_form
c1
c5
archive
time-out
c3
evaluate
start
register
ready
c7
c2
c6
check_proc
c4
Sound? P-inv.?
process_complaint
24
Example (5)
process_form
send_form
c1
c5
archive
c3
time-out
evaluate
start
register
ready
c7
c2
c6
c4
check_proc
Sound? P-inv.?
process_complaint
25
Transition invariants

• A transition invariant assigns a weight to each
  transition such that the net effect of firing
  each transition the specified number of time is
  zero, i.e., the initial marking is reproduced.

man
couple
divorce
marriage

• marriage divorce
• 2.marriage 2.divorce

woman
26
Transition invariants can be used to detect errors
short-circuited net
end
begin

• There should be a positive transition invariant
  assigning positive weights to all transitions.

27
Example
c3
check_policy
send_letter
c4
c1
c5
c2
ready
start
register
pay_damage
check_damage
c6

• Give transition invariants of short-circuited net.

28
Why invariants?

• Can be calculated efficiently (polynomial time
  for a basis).
• Independent of initial marking.
• However, the main reason is didactical! You only
  truly understand a model if you think about it in
  terms of invariants!

29
Performance analysis

• Questions
• throughput, waiting and service times
• service levels
• occupation rates
• Techniques
• simulation
• queuing theory
• Markovian analysis

30
Example sequential (1)
24 arrivals per hour
2 resources, average
service time of 4 minutes
2 resources, average
service time of 4 minutes
task2
task1
c3
c1
c2

• average throughput time 22.2 minutes
• service time 8.0 minutes
• waiting time 14.2 minutes

31
Parallel (2)
24 arrivals per hour
2 resources, average
service time of 4 minutes
c21
c23
task1
c1
c3
task2
c24
c22
2 resources, average
service time of 4 minutes

• average throughput time 15 minutes
• service time 4 minutes
• waiting time 11 minutes

32
Compose (3)
24 arrivals per hour
4 resources, average
service time of 7 minutes
task12
c3
c1

• average throughput time 9.5 minutes
• service time 7.0 minutes
• waiting time 2.5 minutes

33
Flexible resources (4)
24 arrivals per hour
4 resources, average
service time of 4 minutes
task2
task1
c3
c1
c2

• average throughput time 14.0 minutes
• service time 8.0 minutes
• waiting time 6.0 minutes

34
Triage (5)
1 resource, average
service time of 8 minutes
difficult cases
2 resources, average
service time of 4
6 difficult
c21
minutes
cases per hour
task1a
c1
c23
c3
task2
task1b
18 easy cases
c22
per hour
easy cases
1 resource, average
service time of 2.66 minutes

• average throughput time 31.1 minutes
• service time 8.0 minutes
• waiting time 23.1 minutes

35
Priority (6)
easy cases have priority
2 resources, average
service time 8 (difficult case) or
2.66 (easy case) minutes
6 difficult cases
per hour
task2
c1
task1
c3
c2
18 easy cases
per hour
easy cases have priority
2 resources, average
service time 8 (difficult case) or
2.66 (easy case) minutes

• average throughput time 14 minutes
• service time 8 minutes
• waiting time 6 minutes

36
Results
37
Queuing models
service
waiting
arrivals
l
m
c

• Basic characteristics
• average number of arrivals per time unit l (mean
  arrival rate)
• average number that can be handled by one server
  per time unit m (mean service rate)
• number of servers c

38
Queuing models (2)
l
m
c
W,Lq
S,L
W (S) average time in queue (system) Lq (L)
average number in queue (system)

• Basic relationships
• average time between arrivals 1/l
• average service time 1/m
• occupation rate r l/(cm)
• average number being served r l/m

• L Lq r
• S W 1/m
• Lq l W
• L l S (Littles formula)

39
M/M/1 queue
l
m
1

• Assumptions
• time between arrivals and service time follow a
  negative expontential distribution
• 1 server (c 1)
• FIFO

• Lq (l l)/(m (m-l))
• L l/(m-l) r/(1-r)
• W r/(m-l)
• S 1/(m-l)

Also formulas for M/Er/1, M/G/1, M/M/c, ... !
40
Exercise
1 resource, average
service time of 8 minutes
difficult cases
1 resource, average
service time of 2
6 difficult
c21
minutes
cases per hour
task1a
c1
c23
c3
task2
task1b
18 easy cases
c22
per hour
easy cases
1 resource, average
service time of 2.66 minutes

• Calculate
• occupation rates,
• average waiting time,
• average throughput time,
• average number in system.

• Increase the occupation rate until 90
• average waiting time,
• average throughput time,
• average number in system.

41
Queuing models
service
waiting
arrivals
l
m
c

• Basic characteristics
• average number of arrivals per time unit l (mean
  arrival rate)
• average number that can be handled by one server
  per time unit m (mean service rate)
• number of servers c

42
Queuing models (2)
l
m
c
W,Lq
S,L
W (S) average time in queue (system) Lq (L)
average number in queue (system)

• Basic relationships
• average time between arrivals 1/l
• average service time 1/m
• occupation rate r l/(cm)
• average number being served r l/m

• L Lq r
• S W 1/m
• Lq l W
• L l S (Littles formula)

43
M/M/1 queue
l
m
1

• Assumptions
• time between arrivals and service time follow a
  negative expontential distribution
• 1 server (c 1)
• FIFO

• Lq (l l)/(m (m-l))
• L l/(m-l) r/(1-r)
• W r/(m-l)
• S 1/(m-l)

Also formulas for M/Er/1, M/G/1, M/M/c, ... !
44
Exercise
1 resource, average
service time of 8 minutes
difficult cases
1 resource, average
service time of 2
6 difficult
c21
minutes
cases per hour
task1a
c1
c23
c3
task2
task1b
18 easy cases
c22
per hour
easy cases
1 resource, average
service time of 2.66 minutes

• Calculate
• occupation rates,
• average waiting time,
• average throughput time,
• average number in system.

• Increase the occupation rate until 90
• average waiting time,
• average throughput time,
• average number in system.

45
Simulation

• Random walk through the reachability graph
• Computer experiment
• pseudo random numbers
• random generator
• Validation
• Statistical aspects
• start run
• subruns
• Animation
• Flexible
• No proof!

46
Simulation using Protos/ExSpect