Three Decades of Formal Methods in Business Process Compliance: A Systematic Literature Review
- URL: http://arxiv.org/abs/2410.10906v1
- Date: Sun, 13 Oct 2024 21:19:57 GMT
- Title: Three Decades of Formal Methods in Business Process Compliance: A Systematic Literature Review
- Authors: Hugo A. López, Thomas T. Hildebrandt,
- Abstract summary: Digitalization efforts often face a key challenge: business processes must adhere to legal regulations.
This study focuses on rigorous frameworks using formal methods to verify or ensure compliance.
- Score: 0.0
- License:
- Abstract: Digitalization efforts often face a key challenge: business processes must not only be efficient in achieving their goals but also adhere to legal regulations. Business process compliance refers to aligning processes with these regulations. Numerous frameworks have been developed to address this, with the earliest dating back to 1981. This study focuses on rigorous frameworks using formal methods to verify or ensure compliance. We conducted a systematic literature review (SLR) on process compliance frameworks based on formal models. Our goal was to assess the current state of research on process model compliance and identify gaps and opportunities for future work. Starting with 5018 candidate studies from 1981 to the establishment of GDPR, we selected 46 primary studies. These frameworks were categorized by their phases, the languages used for processes and compliance, and their reasoning techniques. We also examined their practical applicability, the case studies they were tested on, the types of users involved, and the skills needed for compliance. Also, we assessed the maturity of each framework. Our findings reveal strong consensus around verification techniques as central to process compliance, though there is less agreement on the earlier and later phases of compliance. Model checking is the dominant technique, but the compliance and process languages have evolved. Most frameworks are still conceptual with prototype implementations, often failing to account for compliance professionals like legal experts or law changes. In conclusion, there is a need for comprehensive empirical studies to better understand the anatomy and maturity of regulatory compliance frameworks, and for robust evaluation methods to benchmark these frameworks. This review offers valuable insights for researchers and practitioners in process compliance.
Related papers
- The Use of Readability Metrics in Legal Text: A Systematic Literature Review [3.439579933384111]
Linguistic complexity is an important contributor to difficulties experienced by readers.
Document readability metrics have been developed to measure document readability.
Not all legal domains are well represented in terms of readability metrics.
arXiv Detail & Related papers (2024-11-14T15:04:17Z) - Ethical and Scalable Automation: A Governance and Compliance Framework for Business Applications [0.0]
This paper introduces a framework ensuring that AI must be ethical, controllable, viable, and desirable.
Different case studies validate this framework by integrating AI in both academic and practical environments.
arXiv Detail & Related papers (2024-09-25T12:39:28Z) - LawLLM: Law Large Language Model for the US Legal System [43.13850456765944]
We introduce the Law Large Language Model (LawLLM), a multi-task model specifically designed for the US legal domain.
LawLLM excels at Similar Case Retrieval (SCR), Precedent Case Recommendation (PCR), and Legal Judgment Prediction (LJP)
We propose customized data preprocessing techniques for each task that transform raw legal data into a trainable format.
arXiv Detail & Related papers (2024-07-27T21:51:30Z) - Lean-STaR: Learning to Interleave Thinking and Proving [53.923617816215774]
We present Lean-STaR, a framework for training language models to produce informal thoughts prior to each step of a proof.
Lean-STaR achieves state-of-the-art results on the miniF2F-test benchmark within the Lean theorem proving environment.
arXiv Detail & Related papers (2024-07-14T01:43:07Z) - On Developing an Artifact-based Approach to Regulatory Requirements Engineering [18.256422026527986]
Regulatory acts are a challenging source when eliciting, interpreting, and analyzing requirements.
No existing approach considers explicating and managing legal domain knowledge and engineering-legal coordination.
We introduce the first version of our Artifact Model for Regulatory Requirements Engineering (AM4RRE) and its conceptual foundation.
arXiv Detail & Related papers (2024-05-01T09:51:56Z) - Towards an Enforceable GDPR Specification [49.1574468325115]
Privacy by Design (PbD) is prescribed by modern privacy regulations such as the EU's.
One emerging technique to realize PbD is enforcement (RE)
We present a set of requirements and an iterative methodology for creating formal specifications of legal provisions.
arXiv Detail & Related papers (2024-02-27T09:38:51Z) - Identification of Regulatory Requirements Relevant to Business
Processes: A Comparative Study on Generative AI, Embedding-based Ranking,
Crowd and Expert-driven Methods [10.899912290518648]
This work examines how legal and domain experts can be assisted in the assessment of relevant requirements.
We compare an embedding-based NLP ranking method, a generative AI method using GPT-4, and a crowdsourced method with the purely manual method of creating labels by experts.
A gold standard is created for both BPMN2.0 processes and matched to real-world requirements from multiple regulatory documents.
arXiv Detail & Related papers (2024-01-02T12:08:31Z) - Validation-Driven Development [54.50263643323]
This paper introduces a validation-driven development (VDD) process that prioritizes validating requirements in formal development.
The effectiveness of the VDD process is demonstrated through a case study in the aviation industry.
arXiv Detail & Related papers (2023-08-11T09:15:26Z) - Towards a multi-stakeholder value-based assessment framework for
algorithmic systems [76.79703106646967]
We develop a value-based assessment framework that visualizes closeness and tensions between values.
We give guidelines on how to operationalize them, while opening up the evaluation and deliberation process to a wide range of stakeholders.
arXiv Detail & Related papers (2022-05-09T19:28:32Z) - Prescriptive Process Monitoring: Quo Vadis? [64.39761523935613]
The paper studies existing methods in this field via a Systematic Literature Review ( SLR)
The SLR provides insights into challenges and areas for future research that could enhance the usefulness and applicability of prescriptive process monitoring methods.
arXiv Detail & Related papers (2021-12-03T08:06:24Z) - The MultiBERTs: BERT Reproductions for Robustness Analysis [86.29162676103385]
Re-running pretraining can lead to substantially different conclusions about performance.
We introduce MultiBERTs: a set of 25 BERT-base checkpoints.
The aim is to enable researchers to draw robust and statistically justified conclusions about pretraining procedures.
arXiv Detail & Related papers (2021-06-30T15:56:44Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.