Abstract
The auditing sector is acquiring a strong interest in the diffusion of blockchain technologies. Such technologies guarantee the persistence, and authenticity of transactions related to the execution of a contract, and then enable auditing activities. In particular, they make possible to check if observed sequences of transactions are in line with the possibly expected ones. In other words, auditing blockchain transactions allow users to check if the smart contract fits the expectation of the designers, that for instance could check if a given activity is performed or if it satisfies a given set of properties. In such a setting we propose a methodology that exploits process mining techniques to evaluate smart contracts, and to support the work of the auditor. Models resulting from the mining can be used to diagnose if the deployed application works as expected, and possibly to continuously improve them. We illustrate the use of our approach using a small, but real, case study.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Van der Aalst, W., Adriansyah, A., van Dongen, B.: Replaying history on process models for conformance checking and performance analysis. Wiley Interdisc. Rev. Data Min. Knowl. Disc. 2(2), 182–192 (2012)
van der Aalst, W.M.P.: Process Mining - Data Science in Action, 2nd edn. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49851-4
van der Aalst, W.M.P., et al.: Process mining manifesto. In: Daniel, F., Barkaoui, K., Dustdar, S. (eds.) BPM 2011. LNBIP, vol. 99, pp. 169–194. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28108-2_19
van der Aalst, W.M.P., van Hee, K.M., van der Werf, J.M.E.M., Verdonk, M.: Auditing 2.0: using process mining to support tomorrow’s auditor. IEEE Comput. 43(3), 90–93 (2010)
Accorsi, R., Stocker, T.: On the exploitation of process mining for security audits: the conformance checking case. In: Symposium on Applied Computing, pp. 1709–1716. ACM (2012)
Aceto, L., Larsen, K.G., Morichetta, A., Tiezzi, F.: A cost/reward method for optimal infinite scheduling in mobile cloud computing. In: Braga, C., Ölveczky, P.C. (eds.) FACS 2015. LNCS, vol. 9539, pp. 66–85. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-28934-2_4
Adriansyah, A., van Dongen, B.F., van der Aalst, W.M.P.: Towards robust conformance checking. In: zur Muehlen, M., Su, J. (eds.) BPM 2010. LNBIP, vol. 66, pp. 122–133. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20511-8_11
Ahmad, A., Saad, M., Bassiouni, M., Mohaisen, A.: Towards blockchain-driven, secure and transparent audit logs. In: 15th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services, pp. 443–448. ACM (2018)
Augusto, A., et al.: Automated discovery of process models from event logs: review and benchmark. IEEE Trans. Knowl. Data Eng. 31, 686–705(2018)
Augusto, A., Conforti, R., Dumas, M., Rosa, M.L.: Split Miner: discovering accurate and simple business process models from event logs. In: International Conference on Data Mining, pp. 1–10. IEEE (2017)
Bertolino, A., Marchetti, E., Morichetta, A.: Adequate monitoring of service compositions. In: 9th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering, pp. 59–69 (2013)
Buijs, J.C.A.M., van Dongen, B.F., van der Aalst, W.M.P.: On the role of fitness, precision, generalization and simplicity in process discovery. In: Meersman, R., et al. (eds.) OTM 2012. LNCS, vol. 7565, pp. 305–322. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33606-5_19
Casino, F., Dasaklis, T.K., Patsakis, C.: A systematic literature review of blockchain-based applications: current status, classification and open issues. Telematics Inform. 36, 55–81 (2019)
Corradini, F., Morichetta, A., Polini, A., Re, B., Tiezzi, F.: Collaboration vs. choreography conformance in BPMN 2.0: from theory to practice. In: 22nd International Enterprise Distributed Object Computing Conference, pp. 95–104. IEEE (2018)
Corradini, F., Fornari, F., Polini, A., Re, B., Tiezzi, F.: A formal approach to modeling and verification of business process collaborations. Sci. Comput. Program. 166, 35–70 (2018)
Corradini, F., Fornari, F., Polini, A., Re, B., Tiezzi, F., Vandin, A.: BproVe: a formal verification framework for business process models. In: Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering, ASE 2017, Urbana, IL, USA, 30 October–03 November 2017, pp. 217–228 (2017)
Doganata, Y., Curbera, F.: Effect of using automated auditing tools on detecting compliance failures in unmanaged processes. In: Dayal, U., Eder, J., Koehler, J., Reijers, H.A. (eds.) BPM 2009. LNCS, vol. 5701, pp. 310–326. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03848-8_21
Ghose, A., Koliadis, G.: Auditing business process compliance. In: Krämer, B.J., Lin, K.-J., Narasimhan, P. (eds.) ICSOC 2007. LNCS, vol. 4749, pp. 169–180. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74974-5_14
Holotiuk, F., Pisani, F., Moormann, J.: The impact of blockchain technology on business models in the payments industry. In: Towards Thought Leadership in Digital Transformation: 13. Internationale Tagung Wirtschaftsinformatik, pp. 12–15 (2017)
Jans, M., Alles, M.G., Vasarhelyi, M.A.: The case for process mining in auditing: sources of value added and areas of application. Int. J. Accounting Inf. Syst. 14(1), 1–20 (2013)
Leemans, S.J.J., Fahland, D., van der Aalst, W.M.P.: Discovering block-structured process models from event logs containing infrequent behaviour. In: Lohmann, N., Song, M., Wohed, P. (eds.) BPM 2013. LNBIP, vol. 171, pp. 66–78. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-06257-0_6
Leemans, S.J., Fahland, D., van der Aalst, W.M.: Discovering block-structured process models from event logs - a constructive approach. Petri Nets 7927, 311–329 (2013)
Leng, K., Bi, Y., Jing, L., Fu, H., Nieuwenhuyse, I.V.: Research on agricultural supply chain system with double chain architecture based on blockchain technology. Future Gener. Comp. Syst. 86, 641–649 (2018)
Mannhardt, F., de Leoni, M., Reijers, H.A., van der Aalst, W.M.P.: Data-driven process discovery - revealing conditional infrequent behavior from event logs. In: Dubois, E., Pohl, K. (eds.) CAiSE 2017. LNCS, vol. 10253, pp. 545–560. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-59536-8_34
Myers, D., Suriadi, S., Rad, K., Foo, E.: Anomaly detection for industrial control systems using process mining. Comput. Secur. 78, 103–125 (2018)
Nakamoto, S., et al.: Bitcoin: A peer-to-peer electronic cash system (2008)
OMG: Business process model and notation (2011)
OMG: XES standard definition (2019)
Ramezani, E., Fahland, D., van der Aalst, W.M.P.: Where did i misbehave? diagnostic information in compliance checking. In: Barros, A., Gal, A., Kindler, E. (eds.) BPM 2012. LNCS, vol. 7481, pp. 262–278. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32885-5_21
Rozinat, A., de Medeiros, A.K.A., Günther, C.W., Weijters, A.J.M.M., van der Aalst, W.M.P.: The need for a process mining evaluation framework in research and practice. In: ter Hofstede, A., Benatallah, B., Paik, H.-Y. (eds.) BPM 2007. LNCS, vol. 4928, pp. 84–89. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78238-4_10
Samavi, R., Consens, M.P.: Publishing privacy logs to facilitate transparency and accountability. J. Web Semant. 50, 1–20 (2018)
Sutton, A., Samavi, R.: Blockchain enabled privacy audit logs. In: d’Amato, C., et al. (eds.) ISWC 2017. LNCS, vol. 10587, pp. 645–660. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68288-4_38
Wood, G.: Ethereum: A secure decentralised generalised transaction ledger. Technical report, Ethereum Project Yellow Paper 151 (2014)
Zerbino, P., Aloini, D., Dulmin, R., Mininno, V.: Process-mining-enabled audit of information systems: methodology and an application. Expert Syst. Appl. 110, 80–92 (2018)
Acknowledgement
It is really our pleasure to take part in Stefania’s Festschrift. The cooperation with her and her group is somehow recent, nevertheless it has been very profitable, and inspiring both from the professional and human profile. In particular the cooperation has strengthened in relation to the Learn PAd European research project where both UNICAM and ISTI–CNR were partners. The work we present here can be somehow considered a germination of the research carried on together within Learn PAd. We thank Stefania for her friendship, and wish her all the best for the future.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Corradini, F., Marcantoni, F., Morichetta, A., Polini, A., Re, B., Sampaolo, M. (2019). Enabling Auditing of Smart Contracts Through Process Mining. In: ter Beek, M., Fantechi, A., Semini, L. (eds) From Software Engineering to Formal Methods and Tools, and Back. Lecture Notes in Computer Science(), vol 11865. Springer, Cham. https://doi.org/10.1007/978-3-030-30985-5_27
Download citation
DOI: https://doi.org/10.1007/978-3-030-30985-5_27
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-30984-8
Online ISBN: 978-3-030-30985-5
eBook Packages: Computer ScienceComputer Science (R0)