Towards a detective approach to process-centered resilience

Abstract

Protection of today's interconnected and complex information infrastructures is of high priority. Traditionally, protection means robustness: preventively identify the threats to business processes and propose countermeasures within the context of a risk analysis. This, however, only covers known risks having punctual effects upon the IT infrastructure. In contrast, the notion of resilience, as a refinement of trustworthiness, is getting attention both in academia and within organizations as a denominator to move beyond survival and even prosper in the face of adverse conditions. This paper reports on ongoing work towards the development of PREDEC, a detective framework to realize resilience in the context of business processes. Specifically, it firstly motivates the need for operational resilience and corresponding tool support at the level of processes. Secondly, it sketches the operation and building blocks of PREDEC, which currently employs process mining techniques to analyze process event logs to assess systems' resilience. Finally, it describes the intended evaluation steps to be undertaken once PREDEC is completely implemented. © 2013 Springer-Verlag.