process – Page 87

Software AG and webMethods

The acquisition of webMethods by Software AG that I wrote about in April has finally come to fruition, although the planned press/analyst web conference on Friday somehow managed to crash the hosting provider’s servers so I didn’t get all the gory details. From their press release, however, it appears that the webMethods brand will be retained, and Software AG’s current Crossvision business will be renamed as webMethods.

Is BPMG imploding?

I’ve attended and spoken at a couple of BPMG conferences, as well as attending the new chapter meetings here in Toronto. I’ve never really understood the organization; some people refer to it as a “buyer’s club”, where membership just gets you discounted on their proprietary training and methods, and I since I’m not interested in their 8 Omega methodology (the name of which still makes me laugh), I haven’t found any reason to pay for a membership since my first time around. The quality of their output can be a bit uneven, and most of it appears to be driven by Steve Towers and Terry Schurter, both of whom I have met at the conferences (in fact, I wrote a review for Terry’s recent book).

This week, some weird things started happening. First, the usual weekly BPM email arrived from Steve Towers, but with a statement “I can’t point you at any articles on the bpmg.org site as it has been down for several days (more on that very soon)” — with no explanation, although the email came from Steve Towers’ address rather than BPMG.

Then, an email from Terry Schurter announcing that he has resigned BPMG, lengthy but no more informative:

Today ends almost 3 years of work with the BPM Group for me and I have many fond memories that I will cherish over the years.

I feel it is important and necessary to share with you a few things about my resignation to help you understand why this change has occurred.

I leave the BPM Group under duress. I will simply say that things have come to the point where what I get from the BPM Group won’t buy any “bread” and I’m not an “open-source” thought leader/CIO.

I retain my positive relationship with Steve Towers and will continue to work with him on the latest hot BPM concepts including CEM, the CEM Method (CEMM), Outside-In, SCOs, etc. CEM, CEMM and much of the other latest insights into the customer focus in BPM are the intellectual property of Bennu Group LLC, Terry Schurter and/or Steve Towers. These resources will no longer be available through the BPM Group but they will remain available…

Because I am not “going away” in fact; I see this as the trigger to take the best concepts forward without the chains of “inside-out” thinking placed on me by some of the directors in the BPM Group (not including Steve Towers of course). The place to visit me and have access to these resources is www.bennugroup.net. I hope you have the chance to stop by and visit.

Of course, I’ll be out there speaking at conferences (visit www.terryschurter.com for more on that) and I will be doing lots of other things as well. Whatever I am up to, you’ll find more about it at the sites listed above.

I hope that during my stay at the BPM Group I have helped to enrich some of your lives in some small way and I hope to have the opportunity to stay in touch with as many of you as possible.

Finally, in closing I wish to apologize for anything that the BPM Group may have promised you that they have failed to deliver on. If I could have left the BPM Group without duress my departure would have been carefully structured to help ensure an orderly exit from the business. Unfortunately that has not turned out to be the case.

As we say on the internet, WTF?

Then yesterday, a missive from BPMG (or what’s left of it):

I am writing to you to inform you of the official company position regarding issues with regard to BPMG and its web site.

I have been a non-executive director, director and shareholder of BPM Ventures Ltd the holding company of BPMG for some years. Recently a dispute has arisen in the company about some invoices and payments that have been claimed to be improper. A board meeting was called to consider the best action for the company until such disputes had been resolved. I have have been appointed managing director and the executive authority of David Lyneham-Brown and Steve Towers have been suspended whilst due enquiries can be made. I must emphasis that there is no implication of wrong doing at this stage by any party but it is normal in these circumstances to suspend individuals until due enquires have been made.

One of the disputes involves a company called Bennu, run by a Mr Terry Schurter. This company had the responsibility, amongst others, of running and maintaining the BPMG web site. One of their invoices has been claimed to be improperly submitted and is in dispute. A matter that I intend to resolve as quickly as possible. However Bennu have taken it upon themselves to re-direct the BPMG web site to their own website. We would like all parties to know that they are improperly doing this and have no grounds or authority for this redirection. We will of course be taking appropriate action but that will take time.

The training that BPMG have so successfully delivered over the past few years has not changed and we intend to continue to honour all training course and responsibilities. To this end David Lyneham-Brown remains involved in the day to day activities of the company and along with our colleague Rose Butler, will remain available for any questions you might have regarding the delivery of BPMG services. In addition both he and Rose will be your contact points for any new bookings. All training materials and IP remain the property of BPMG but customers need to be aware of possible improper use of materials in the future.

It is most regretful that a subcontractor to BPMG has seen fit to take such actions over a minor invoice that has been questioned in its validity and will be resolved in a short time if the submitted invoice is genuine. We apologise to our customers for any inconvenience that this may have caused and we will take all and any actions necessary to protect our customers position and ensure that all services are delivered to the usual high levels of standard that we have always delivered.

Finally, I wish to assure you that the company is solvent (as agreed by the board yesterday) and remains in a position to honor any proper financial commitments made by the company. We will be doing our very best to get normal service resumed as soon as possible.

We will be setting up a web site in the near future where further information will be available.

Stewart Ashton

As a temporary measure you will find us at www.processperformance.com along with details of how to contact us.

The BPMG site is still redirected to Terry Schurter’s Bennu Group website, and Ashton’s letter and the BPMG logos are on the site that Ashton mentions at the end of his letter. The BPMG.org domain registration is private, but presumably Terry has control over it if he was able to redirect to his own site — an action that appears to be in tremendously bad faith, even if not illegal, since I assume that BPMG owns its own trade name and domain name, even if Terry was managing the website and domain records.

Given that the two key visible people at BPMG are no longer on active duty — Terry has resigned and Steve has been suspended by the board — it’s not clear how BPMG can continue to do business.

Task and Process Exploration and Modelling at I-KNOW ’07

From Markus Strohmaier of the Know-Center Graz, information on this September’s I-KNOW (International Conference on Knowledge Management), including a special track on Task and Process Exploration and Modelling with the following objectives:

In contrast to the well researched and applied top-down approaches to business process modelling and management the “Task and Process Exploration and Modelling (TPEM)” tries to find answers to the following guiding research questions:

To what extend is knowledge work capturing possible? Barriers? Challenges?

Can knowledge work be modelled or derived from usage data? Do knowledge work patterns exist and how can they be automatically discovered?

What is the impact of usage data analysis on knowledge work support and business process modelling and management?

I’ve been seeing some interesting things with BPM vendors lately about deriving process patterns from usage data, both for the purposes of automating decisions and to suggest decisions to a human operator; there’s a lot of interesting research going on in this area, and some is starting to manifest already. Deadline to submit a paper is May 21st.

Markus is a Column 2 reader who I met face-to-face when he moved to Toronto last year for post-doctoral research; he’s now headed home to Austria.

Why SOA needs BPM

There’s a webinar going on right now (12 Eastern) on ebizQ about which comes first, BPM or SOA, featuring Colin Teubner of Forrester. I like his agenda point: “Why SOA needs BPM (and not vice versa)”.

BEAParticipate: BPM for Compliance

Brandon Dean of BEA talked about how to use BPM for compliance and improved visibility into processes. I wrote a course on compliance and BPM recently, and I was interested in how they’re seeing this roll out amongst their customer base.

Regulatory compliance (e.g., SOX) and any sort of commercial compliance (e.g., SLAs) or organizational compliance (e.g., internal KPIs) have many of the same requirements: processes need to behave in a consistent fashion, and any exceptions have to be handled using a standard method. Measurements on how well that the process is meeting its stated compliance goals are critical to understand whether or not the underlying business process is compliant. This, of course, plays directly to the strengths of BPM: providing a platform for standardizing and, where possible, automating processes; integration of multiple systems; consistent exception handling; security on the process steps and a comprehensive audit trail on who did what, and when; and monitoring and reporting for visibility into the processes and proactive alerts when they start to wander out of compliance.

Dean covered on how to position BPM for compliance, starting with a great categorization of organizational types ranging from companies that already have compliant processes but just need a better audit trail, to those that are actively trying to find ways around compliance. He made a point that I also discussed in my compliance course: if you implement compliance on a regulation-by-regulation basis, it’s a lot more expensive and time-consuming. In fact, I used a quote from a Gartner report from 2004, in the middle of the SOX gold rush:

Enterprises that choose one-off solutions for each regulatory challenge that they face will spend 10 times more on compliance projects than their counterparts that take a proactive approach.

He went through a number of case studies and how their compliance was facilitated by BPM:

Dental insurance claims processing, which started out as a completely manual process that had no audit trail and didn’t enforce standard rates and practices. Using BPM, they not only had some processes decrease cycle time from 3 days to 8 minutes, but they were able to meet HIPAA compliance requirements.
Trade processing, where the SLA was not being met and they were risking losing the ability to execute trades. BPM allowed them to set alerts on trades that arrived but didn’t complete for some reason, so that any manual intervention required could be performed in time to meet their SLA. This also allowed them to do follow-the-sun processing for more intelligent human resource allocation.
Residential mortgage processing, which wasn’t able to track requests for special handling in loan origination, and was causing them to lose customers. Using BPM, documents were automatically rendezvoused with waiting processes, and the processes presented for work at the point when they were ready to be processed rather than having people track the missing documents manually. This also automated feedback to the brokers to submit the necessary documents to reduce the wait time. A major gain was in making sure that all the information was gathered in a timely manner, and not presented for processing until all the information was available.

Although I think that Dean’s definition of compliance is a bit stretched to include both customer SLAs and internal KPIs, his points are valid for developing many types of business cases for BPM.

BEAParticipate: Building your own UI

First session of the last morning, Eduardo Chiocconi of BEA and Rob Wald of JPMorgan Chase talked about the ALBPM UI: what comes out of the box, and what you can build yourself.

Out of the box, ALBPM has three user interfaces alternatives:

HiPer WorkSpace, a full user workspace with menus based on their permissions, a view of their inbox, and views of any instances that the user opens. It uses CSS if you want to change styles, and can be customized further in terms of removing buttons and other controls.
JSR-168 portlets for any standard portal environment, such as WebLogic.
WorkSpace Extensions WorkList Portlets that can be plugged into ALI and provide additional integration functionality over the standard portal interface, such as integration with the ALI Collaboration environment.

They’re working on consolidating these interfaces in order to reduce the user learning curve.

If those don’t work for you, then you can create your own user interface, either browser-based or rich client, using the available APIs. For building web clients, many of their customers have used JSP to re-code the entire user interface, then used servlets to access the engine. Alternatively, you can use Struts or JSF/AJAX. All of these can use their Java-based process API, PAPI, or the web services version, PAPI-WS, to retrieve instances from the engine, or WAPI (a servlet-based API) to execute interactive activities such as screen flows.

For rich clients, they’re seeing a lot of .Net development that uses PAPI-WS to retrieve instances, then create the UI. It’s also possible to use Eclipse or Swing to build rich user interfaces that call PAPI directly. This is more complex for interactive activities, but there are ways to work around that.

To sum up, there are three public APIs:

PAPI (process API), which is a Java implementation. If you’re working in a Java environment, this provides the tightest integration and best functionality. It manages multiple process engines transparently, and does instance caching on the client side to reduce latency in connecting to the engine — a critical performance factor.
PAPI-WS is a subset of PAPI that operates as web services (SOAP), although this is being extended in the near future to provide the full functionality of PAPI. There may be a .Net version of PAPI in the future, but for now you have to use PAPI-WS if you’re developing in .Net (e.g., ASP.Net), and can also be used from any web service client. Right now, PAPI-WS is part of the HiPer WorkSpace, but will be decoupled as a self-contained web application in the future. It’s also possible to expose processes directly as web services, as we heard in an earlier session, which provides another point of integration from a web service or .Net development environment.
WAPI, which is a servlet API that can be used to launch the UI of an interactive activity at a point in the process, which can’t be done in PAPI or PAPI-WS.

With any custom UI, there’s always the question of single sign-on. With the WorkSpace Extensions WorkList Portlets in ALI, that’s handled natively; in the HiPer WorkSpace and JSR-168 portlet implementations it requires some customization, although there is a single sign-on login servlet provided with the JSR-168 portlets to make this easier.

Getting to the specific JPMorgan case study, they created a custom user interface since, like many large companies, they want integration with other applications in their environment and want more control over the look and feel of the interface. It’s possible to just create custom JSPs and use them in the standard work portal framework, which provides a great deal of control over the UI without completely rewriting it, but this wasn’t sufficient for many of their applications. What they ended up doing was creating a completely custom inbox using Struts/JSP/GWT with PAPI: one example that he showed was using Struts and AJAX via the Google Web Toolkit to manage financial reconciliation processes. They’re also using IceFaces, an open source RenderKit implementation of JSF (as a replacement for Struts) that supports AJAX to create a visual drag-and-drop components for use in an IDE such as Eclipse. Since JPMorgan is dedicated to the use of open source, they’re doing some innovative development that’s not seen in most corporate environments, but maybe should be. They’re also using the JSR-168 portlets in a more standard portal implementation, and building rich clients with Eclipse.

On the back end of their implementation, they’ve found that some of the PAPI protocols don’t work well over wide-area networks, such as between their US and Japan operations, so they do quite a bit of preloading of the PAPI cache.

JPMorgan has implemented ALBPM as a centralized shared service in order to provide efficient use of both human and server resources: centralized code and best practices on the human side, and a single ALBPM server handling 10 applications without difficulty.

BEAParticipate: The Future of BPM

Jesper Joergensen gave us BEA’s view of how BPM is changing business and the future of BPM. Actually, he starts out with Gartner’s view of expected market growth (hockey, anyone?) and how BPM is becoming more and more a part of organizations’ productivity improvement initiatives as it moves from opportunistic to pervasive adoption.

There’s a number of obstacles to BPM adoption, however, many of them cultural:

The ivory tower of process expertise, where a few process experts are doing the modelling. Easy-to-use modelling tools like ALBPM are helping to change that, but my opinion is that we need to have more pervasive technology to enable the shift, and that’s going to be web-based, like Appian‘s process designer or Lombardi’s Blueprint process discovery tool.
The ROI barrier: many current opportunistic BPM projects are low-hanging fruit in terms of ROI, but projects need to deliver faster and cheaper in order to implement processes with a lesser potential return.
Getting beyond just system-to-system orchestration and adding human-facing steps to the process. Stop thinking of those processes as “human-interrupted” and accept people as necessary actors in BPM-automated processes.
Managing complexity and scale.

Jesper went on to discuss a number of areas where practices and technologies need to evolve (note that this is not a statement of where ALBPM is going, just how he thinks that the BPM market needs to change):

Web-based process modelling (which I obviously agree with).
improved standards and interoperability, especially between a vendor’s own tools if they have multiple tools for discovery, modelling and design.
Automated process discovery based on monitoring (which I saw recently in a vendor demonstration but can’t at this moment recall which one), where historical trends in manual decision-making are used to suggest automation of certain decision points.
Better integration of BPM and BI, since many products currently have very separate BPM and analytics environments that don’t integrate well.
Standardization and service-enablement of process data; I think that BPRI may help with some of the standardization, but it likely needs to be taken further in terms of how process instance data and be extracted from a process engine via RSS feeds or other integration mechanisms.
Process decision support, e.g., making suggestions based on historical decisions, and potentially raising exceptions if the current decision doesn’t match the past trend.
More open process flows to allow for dynamic changes to the process flow at runtime, even if they weren’t anticipated at design time.
Social computing functionality, such as tagging.
Better integration with SOA and ESB.
Enterprise-scale process execution and management to allow for end-to-end cross-departmental processes rather than the more common departmental BPM implementations that we see today.

We’re in agreement on a lot of things on this list, and I’m looking forward to how some of these ideas might creep into the product in the future.

BEAParticipate: Advanced Process Modelling

Last session of the morning was Mateo Almenta Recca of BEA and Kunal Shah of Citigroup talking about advanced process modelling — specifically process exceptions — in ALBPM. Exceptions can be either system exceptions, such as a service being unavailable, or business (user-defined) exceptions, such as an account being closed. System exceptions are typically handled through automated retries and/or transaction rollbacks, whereas business exceptions are modelled into the process by the process designer.

Exception handlers can be built into the process at either the individual activity, group (similar to a BPMN transaction) or process level. Exception handlers at an activity appear just as an alternative path out of that activity, although an exception is typically invoked by a timeout or other non-decision activity instead of an explicit decision at that point. Exception handlers at the group level are shown connected to the group wrapper boundary, as in BPMN transaction exceptions, and process exception handlers are visualized as disconnected from the process but on the same model.

All exception handlers can take one of three basic actions: abort the process and go to the end of the process, go back and retry the step that threw the exception, or skip the step that threw the exception and move on to the next step in the process. The back and skip functionality is always at the activity level: an exception at the group level that causes a “back” instruction from the exception handler would return to the specific activity to be retried, not the entire group; “skip” would skip the activity but continue on to any later activities in the same group. This was counter-intuitive for me and I asked specifically about that: I would have expected that a group would be treated more like a BPMN transaction wrapper, such that a retry or skip would apply to the entire group, not the specific activity. Exception handlers can be automatic or manual steps: an automatic exception handler might perform some related transaction rollback in another system before aborting a process, for example, whereas a manual exception handler might allow for data repair before retrying the failed step.

They then talked about compensation flows, which seems to match the BPMN meaning of a compensation, in that it reverses a completed activity or group of activities. This isn’t so easy as just rolling back any changed data values in the process instance, since there may have been external systems updated that now need to be rolled back to an earlier state, or non-transactional activities such as sending an email. Compensation flows are used when you can’t use automatic rollback because an activity executed successfully, but can also be called by exception handlers. Visually, these appear very similar on the process model to exception handlers, in that they can be attached at the activity, group or process level. Since groups can be nested in a process model, the compensation flow for a group will invoke the compensation flows for any groups nested within it as it rolls back the entire flow of the group.

They finished up with a short Citigroup case study on how they handle trade exceptions in their back-office processes. Although most financial trades are handled straight through with no manual intervention, they handle 2000 trade exceptions each day. From designing a number of similar transactional BPM implementations, I know that there’s huge financial risk if you don’t handle your exceptions in a timely manner: market fluctuations that occur after the trade is accepted and priced but before it’s completed are purely the risk of the financial institution, not the customer, so it’s key to get the exceptions resolved as quickly as possible. Citigroup has implemented this as process-level exception handlers that log the exceptions and pass them on for manual review. In most cases, the exception handling process is just a matter of some manual data repair and the trade is resubmitted to the automated process, although some trades are cancelled from within the exception handler.

BEAParticipate: ALBPM Architectural Overview

I started my day in a session about what’s coming up in future versions of ALBPM; unfortunately, most of the information hasn’t been publicly released, so you’ll have to wait to read about it at a later date. BEA will be holding BPM steering group meetings in July, so if you’re an ALBPM customer and want to get involved in defining future versions of the product, this is your chance. I’d love to sit in on these, although I can’t imagine the size of the NDA that I’d have to sign first.

I’m back listening to Mariano Benitez with an architectural overview of ALBPM for administrators and operators; I think that he’s nervous now based on his reaction to my post yesterday. 🙂

We’re going to cover the components of the ALBPM solutions, the enterprise infrastructure, and the deployment alternatives. I’ll leave out a lot of the technical details since it would only be of interest if you were actually digging into ALBPM at this level in order to plan a deployment, in which case you’re probably in the room with me right now.

In short, an ALBPM project can be made up of many processes, where a process consists of the process flow, points of integration and the presentation layer. Also associated with a process are the roles used by the process (which map to enterprise security), service endpoints, and deployment methods. ALBPM allows you to define the organization as it pertains to the business processes: participants and groups, organizational units, and roles.

Taking a look at the ALBPM enterprise infrastructure, it’s (not surprising) three layers:

There’s a number of data sources, including a directory repository (which maintains configuration information about the deployment as well as organizational models used both in process definition and for authentication), the engine back-end database for all information on work in progress, historical instance data archived from the work-in-progress database, a real-time BAM data store with one day’s worth of data aggregated for dashboard views, and an OLAP data store for more complete historical analytics. Either Oracle, MS SQL Server or DB2 can be used for the data sources, and although multiple execution engines don’t require a separate database for each, they do require at least a separate schema. For performance, however, I would assume that you’d tend to split any production engine data stores and the analytics data stores onto separate database servers for performance reasons.
In the middle layer is the main process execution engine — the heart of the system — plus a few other services such as data warehousing to load the analytics data stores. There are a number of basic services provided by the engine that are used to execute running process instances; no big surprises here on an architectural level if you’ve seen the process engine of other BPM vendors, although every engine has its specific advantages.
Layered above the engine are various web applications, such as the main Workspace UI application that can be used both for processing and monitoring work. Listening to highly-technical engineers talk about user functions is always pretty funny: Benitez refers to the action of processing work as “invoking instance operations”, so you can be sure that he’s not going to be writing any user documentation. To be fair, I used to talk like that when I wrote code, too.

We unfortunately had to rush through the deployment scenarios, but saw that it’s possible to deploy ALBPM either as a standalone BPM box or in a J2EE container (simple or clustered).