Identifying Anomalies in SBVR-based Business Rules using Directed

Graphs and SMT-LIBv2

Sayandeep Mitra, Kritika Anand and Pavan Kumar Chittimalli

Tata Research Development and Design Centre, TCS Innovation Labs, Pune, India

Keywords:

Business Rules, Veriﬁcation, Directed Graph, SMT, Clustering, SBVR, Anomalies.

Abstract:

In modern times, business rules have grown exponentially with enterprises becoming more complex in diverse

ﬁelds. Due to this growth, different forms of anomalies creep into the business rules, causing business en-

terprise to take wrong decisions, which can impact it’s performance and reputation. It is time and resource

consuming to examine the rules manually due to the large number of rules intermingled with each other. The

process of manual veriﬁcation is also not free of human induced errors. Thus, automatic veriﬁcation of busi-

ness rules is the need of the hour. We present a tool to detect different anomalies in business rules represented

in SBVR format. The tool uses a combination of Directed Graphs and SMT solvers to perform the veriﬁcation

task. We show the implementation of our tool along with it’s evaluation on industry level benchmarks.

1 INTRODUCTION

Business Rules are operational regulations, decision

rules that are followed by a business organization to

perform their day to day activities. The business rules

are usually embodied in the system artifacts such as

governing policies, guidelines, operating procedures,

legacy source code, etc.

Humans and information systems together are in-

volved in various business operations, with the corre-

sponding business rules distributed across the enter-

prise in different forms (policy documents, operatio-

nal procedures and in the source code of the informa-

tion systems). Varying market conditions and exter-

nal regulatory reasons cause constant changes to the

business structure, policies and strategies. Business

transformation is a process of adjusting business acti-

vities to accommodate the above changes. The aging

business information systems may also require chan-

ges in order to respond to changing business environ-

ment, i.e., competition and growth for superior busi-

ness products and services. Due to the large number

of rules of a business enterprise co-existing together

in such a state of constant ﬂux, various form of ano-

malies such as conﬂicts, redundancies, duplicates and

circularity may creep in. Thus both IT transformation

and business transformation force the enterprises to

revisit their business rules, pushing forward the need

for automatic veriﬁcation of business rules.

In recent time, various epresentation of business

rules have been used (IBM, 2017; JBoss, 2017;

OMG, 2013). We have selected SBVR (OMG, 2013)

in our tool due to its base in First Order Logic (FOL)

and similarity to natural language. The SBVR model

has been presented as result of the request for propo-

sal on Business Semantics of Business Rules (BSBR)

made by OMG, which is a part of the business mo-

del layer in the Model Driven Architecture (MDA).

The purpose of SBVR is to describe formally and wit-

hout ambiguities the semantics of a business model

which in turn beneﬁts business analysts and modelers,

as well as business vocabulary & rules administra-

tors and software tool developers. SBVR works as a

bridge between business enterprises and Information

Technology (IT), aiming to provide a way to express

business knowledge to the IT group unambiguously

using natural language. SBVR meta-model is used to

represent business knowledge as:

1. Specifying business vocabularies.

2. Specifying business rules.

Organizations or communities specify the conduct

of business using a cohesive set of interconnected

concepts known as Business vocabulary. These con-

cepts are entities represented through name, term, and

verb while fact is expressed as relation between these

concepts. SBVR Structured English (SSE) is a po-

pular textual representation of SBVR, providing the

option to write business rules in plain English. De-

tailed explanation about SBVR can be found at (OMG,

2013).

Mitra, S., Anand, K. and Chittimalli, P.

Identifying Anomalies in SBVR-based Business Rules using Directed Graphs and SMT-LIBv2.

DOI: 10.5220/0006669802150222

In Proceedings of the 20th International Conference on Enterprise Information Systems (ICEIS 2018), pages 215-222

ISBN: 978-989-758-298-1

215

Previously, works like (He et al., 2003; Chavarria-

Baez and Li, 2006; Nazareth and Kennedy, 1991; Ra-

maswamy et al., 1997) focused on veriﬁcation of kno-

wledge base or rule base veriﬁcation. The approaches

presented in these works suffered from the problems

of large computational complexity, which if applied

on huge and complex rule systems existing at present

will be extremely inefﬁcient. Presently, some work

has been done aiming at veriﬁcation of business ru-

les and speciﬁcations. Some of these works are (dos

Santos Guimar

aes et al., 2014; Karpovi

c et al., 2016;

Reynares et al., 2014; Solomakhin et al., 2013). Ho-

wever most of them fail to present results on complex

and real life business rules, along with their efﬁciency

on the proposed approaches.

In our background study, we observe that most of

the work has been done aiming to detect all forms of

anomalies (errors) using one particular method. In

our opinion, this causes a spike in the computational

complexity of the approaches and reduces efﬁciency.

We present our tool using a compliance of two diffe-

rent methods, utilizing them to detect targeted class

of anomalies, aiming at high efﬁciency and low com-

plexity. Initially, a directed graph based technique is

used to identify various structural anomalies in the

business rule set, followed by modeling the rules in

SMT-LIBv2 (Barrett et al., 2010) and then using a sol-

ver to detect a different set of anomalies. In our tool,

the targeted elimination of errors from the rule set in

each step leads to less complexity and high efﬁciency

in the complete veriﬁcation task.

The rest of the paper is arranged as follows. In

Section 2 we present the classiﬁcation of anomalies

that exist in business rule systems, followed by the de-

tailed explanation of our method in Section 3. Section

4 shows the performance of our tool on industry level

benchmarks and snapshots of our tool. We present va-

rious related works in Section 5, followed by Future

Work and Conclusion in Section 6.

2 CLASSIFICATION OF

ANOMALIES

Various works have been made presenting the taxo-

nomy of the different anomalies that exist in rule-

based systems (Preece and Shinghal, 1994; Nazareth,

1989). Based on these works, we deﬁne the anoma-

lies that exist in Business Rules along with examples.

Figure 1 presents a collection of some rules in SBVR

format.

• Conﬂicting Rules: Business rules conﬂict with

others, when same premise leads to mutually ex-

It is necessary that if car is luxury car then car has driver.

It is necessary that if car has driver then driver owns license.

It is necessary that if car has driver and car does not has driver then

car is rented car.

It is necessary that if driver owns license then car has driver .

It is necessary that if car has driver then driver does not owns license

and driver follows trafﬁc rules.

It is necessary that if car has driver then driver does not owns li-

cense.

Figure 1: Example of Anomalies in Business Rules.

clusive conclusions. A simple example of con-

ﬂicting rules occur when the conditions in antece-

dents are the same, but the consequents are con-

tradictions of each other. e.g., in Figure 1, Rules

and r

have the same conditions in their ante-

cedent, however the consequents are the opposite

of each other.

• Redundancy: Different form of redundancies ex-

ist in Business Rules, namely Non-executable Ru-

les, Subsuming rules and Logical Equivalence.

Non-executable Rules are the group of rules which

never ﬁre (execute) in a business rule set, gi-

ven any possible conditions. In broad terms, we

can say that non-executable rules are those which

have conﬂicting conditions in their antecedents,

thus never allowing the consequents to materia-

lize. These conﬂicting conditions can exist in a

single rule or in form of a chain of rules, the latter

being much more harder to detect. In Figure 1,

Rule r

is an example of non-executable rule.

Subsuming Rules exist in two different ways, pai-

rwise and in a chain of rules. The former occurs

when the antecedents of one rule is a proper sub-

set of another while the consequents are exactly

the same and vice versa. The latter occurs due to

different inference paths, involving multiple rules,

from a given antecedent to a ﬁnal conclusion. We

say that rules R subsumes R

, if for some substi-

tution σ, R

→ Rσ, where Rσ denotes the instance

of R obtained by carrying out substitution σ in R

(Preece and Shinghal, 1994). For example, in Fi-

gure 1, rules r

and r

are examples of subsump-

tion, where the consequents of Rule r

is a subset

of the consequents of Rule r

, thus causing Rule

to subsume Rule r

Logical Equivalence is present when two rules ef-

fectively convey the same logical meaning, i.e.,

they logically imply one another. These type of

rules are also called duplicate rules. We say that

rules R and R

are duplicates iff (R → R

σ) ∧

→ Rσ) for some substitution σ.

ICEIS 2018 - 20th International Conference on Enterprise Information Systems

216

3 DETAILED METHODOLOGY

We present a detailed explanation of the approach

used in our tool to perform automatic veriﬁcation of

business rules. The tool applies two different met-

hods, layered in a systematic way to achieve efﬁcient

veriﬁcation. Initially, the rules are clustered on the

SBVR facts level, aided by the deﬁnitions provided in

the corresponding SBVR vocabulary. Clustering is fol-

lowed by simultaneous transformation of the business

rules provided in natural language to a simpliﬁed re-

presentation (stripping off any restrictive quantiﬁcati-

ons that are present in the rules) and SMT-LIBv2 re-

presentation. The transformed rules are used for the

veriﬁcation techniques.

3.1 Clustering

The major concern for business rule veriﬁcation has

been the huge spike in computation time and cost,

due to the large size of real life business rule sets.

Thus to reduce the number of business rules as in-

put to our tool, we present a method of clustering the

business rules beforehand, based on their relationship

with each other and the SBVR vocabulary deﬁnitions.

We intend to put ‘related’ business rules in one clus-

ter, and rules belonging to a particular cluster are ta-

ken as input to the veriﬁcation approaches. Let there

be n number of business rules, m clusters are formed

and c

denote the number of rules in cluster i, i.e.,

∑

i=1

= n. Since c

< n, the input size to the tool

is reduced. In real life scenarios, rules of a business

enterprise are function speciﬁc, e.g., a bank will have

different rules regarding legal charges and database

change for payment failure. Clustering will ensure

that we verify the two set of rules separately, rather

than together.

As mentioned earlier, SBVR representation con-

sists of a vocabulary, where the noun concepts and

facts are speciﬁed. Rules are generated by creating

conditions and relations among the facts. Thus SBVR

provides us with a deﬁnition ﬁle which simpliﬁes our

goal of clustering. We put rules sharing a common

fact in one cluster. Figure 2 provides us with an ex-

ample of our clustering method. Cluster 1 has two

rules, which are related by the common fact customer

rents car. The third rule is formed using two facts

which are not used in any of the rules of Cluster 1,

resulting in it being in a separate cluster.

3.2 Transformation

SBVR provides the option to apply quantiﬁcation on

rules, enabling the domain experts to represent busi-

Cluster 1:

It is necessary that if customer rents car then customer has at least

2 credit card.

It is necessary that if customer rents car then customer age is greater

than 18.

Cluster 2:

It is necessary that if customer owns luxury credit card then custo-

mer gets surprise gift.

Figure 2: Example of Clustering SBVR rules.

ness rules as close to the real world as possible. Rule

in Figure 3 shows an example of SBVR business ru-

les with quantiﬁcation, where we quantify the number

of credit card that a customer has to own in order to

rent a car. We undertake two different transformati-

ons on the business rules, preserving quantiﬁcation

and discarding quantiﬁcation. The latter generates

a set of simpliﬁed rules, unifying the quantiﬁcation

throughout the entire set of rules. We use these newly

generated rules as input to our digraph based veriﬁca-

tion technique. An example of this transformation is

shown in Rule r

in Figure 3.

Each simpliﬁed rule is represented as a relation bet-

ween its underlying base facts. The simpliﬁed rules

are made free from disjunctions by transforming ru-

les with disjunction into a set of rules and made to

involve implications, without loss of generality. e.g.,

a simpliﬁed business rule of the form f

∨ f

→ f

represented as f

→ f

and f

→ f

, where f

, f

and

are SBVR facts.

To ensure that our tool captures the anomalies invol-

ving the quantiﬁcations present in modern business

rules, we perform another form of transformation.

The SBVR rules are mapped to SMT-LIBv2. The map-

pings are generated based on the SBVR XMI and the

generated SMT-LIBv2 representation incorporates the

quantiﬁcations that were present in the original rule.

3.3 Directed Graph Based Veriﬁcation

The use of graphical techniques for veriﬁcation of

rules is attractive, since graphs provide an easy to

use framework to represent conceptual dependencies.

Complex relationships between rules can be represen-

ted as paths in the graph, and the veriﬁcation pro-

blem is reformulated as one of reachability of spe-

ciﬁc nodes in the graph. From our study, we observe

that most of the approaches involve building the entire

SBVR Rule: It is necessary that if customer rents car then customer

owns at least 2 credit card.

Simpliﬁed Rule: rents(customer , car) → owns(customer , cre-

dit card)

Figure 3: Transformation of SBVR to Simpliﬁed Rules.

Identifying Anomalies in SBVR-based Business Rules using Directed Graphs and SMT-LIBv2

217

sibling, r

: car is luxury car f

: ¬ driver owns license

: car has driver f

: car is rented car

: ¬ car has driver f

: driver follows trafﬁc rules

: driver owns license

Figure 4: Representation of rules (Figure 2) according to

our proposed graph structure.

graph initially, followed by performing various com-

putations on the corresponding graph representations

(mostly adjacency matrices) to identify errors, which

due to the large size of the graphs becomes extremely

inefﬁcient. We present a different approach, where

we identify errors among the rules while the graph

is built in an incremental manner, i.e., rule by rule,

without undergoing any complex computations on the

complete graph representation at the end.

We represent our set of business rules as a col-

lection of nodes and directed edges, i.e., a directed

graph. Each fact used in the representation of a rule

and it’s negation, is represented as a node in the graph.

We draw directed edges from the facts present in the

antecedent to the facts forming the consequent of the

rule. These edges are called the successor links. Si-

milarly, directed edges are drawn from the facts be-

longing to the consequent to the facts forming the an-

tecedent. We call these edges ancestor links. Both an-

cestor and successor relationships are transitive in our

graph representation. For example, we draw a succes-

sor link from x to y for rule x → y. If y has as succes-

sor two nodes p and q, then a successor link is drawn

from x to both p and q. Thus we ensure that from a

node, any of it’s ancestor or successor can be visited.

We introduce a new form of relationships among the

facts belonging to the consequent of a rule termed as

sibling relationship, to show that they are asserted to-

gether. e.g., in Rule r

in Figure 1, if car has driver

then driver does not own license as well as driver fol-

lows trafﬁc rules. Both of the facts in the consequent

are termed siblings. Along with sibling relationship

we further introduce two new relationships ancestor-

sibling and successor-sibling. We say that facts which

share a sibling relationship with any of ancestors of a

fact δ, are ancestor-sibling of δ, while siblings of any

successor of δ are termed as successor-sibling of δ.

To give an example of our graph representation,

let us consider the rules in Figure 1. The set of ru-

les represented according to our proposed graph struc-

ture is shown in Figure 4. Successor relationships are

shown by the solid edges, ancestor relationships by

the dashed edges and the sibling relationship by dou-

ble lines. The rule numbers corresponding to the rela-

tionships are mentioned between the dashed and solid

edges.

Each node in the graph has the following infor-

mation stored: list of ancestors, list of siblings, list

of successors, list of successor-siblings and list of

ancestor-siblings along with the corresponding rule

sequences through which these relations have been

formed. A fact can have the same relationship with

another fact in multiple rules, thus leading to multi-

ple rule sequences being stored corresponding to each

fact in each of the relation list. For a new rule, ed-

ges are established and the new nodes (if any) ex-

change information from their immediate ancestor or

immediate successor node. For example, if there are

two nodes n

and n

and we encounter a new rule

→ n

, an ancestor edge from n

to n

is created

and the ancestor list from n

is added to n

. A succes-

sor edge will be created from n

to n

with the succes-

sor list of n

being added to that of n

. This updated

successor list will be propagated to all the ancestors

of n

. Thus for each node x ∈ ancestor(n

), now

x ∈ ancestor(n

) through the union of rule number r

and the chain of rules via which x ∈ ancestor(n

). Si-

milarly, each x will have n

in its successor list. Next

the updated ancestor information from n

is passed

onto each of it’s successors. Each x ∈ ancestor(n

), is

now an ancestor of every y ∈ successor(n

) with rule

added to the corresponding rule sequence, while y

is added to successor(x). e.g., n

has a successor n

via rule numbers r

, r

. Then the ancestor n

of n

will store n

in it’s successor list with corresponding

rule sequence as r

, r

, while n

∈ successor(n

)

through rule sequence r

, r

We use this graphical representation to identify

non-executable conditions and circularity among bu-

siness rules. While the graph is being generated in

an incremental fashion, we check for anomaly con-

ditions among the different lists stored in each node.

As explained earlier, non-executable rules are those

where conﬂicting facts are present in the antecedent

of a business rule, or a sequence of rules, resulting

in the consequent of some rule to be never asserted.

After the addition of a new rule, non-executable con-

ditions can exist in the following combinations.

1. Node n previously has node n

as it’s ancestor and

¬n

is added to the ancestor list.

2. We add ¬n to the ancestor/ successor list of n or

vice versa.

ICEIS 2018 - 20th International Conference on Enterprise Information Systems

218

3. Node n has n

in it’s ancestor list and ¬n

added as a sibling to some ancestor (ancestor-

sibling) of n, or vice versa.

Circularity condition exists when a node n has the

same node n

in it’s ancestor and successor list,

ancestor-sibling and successor list or ancestor and

successor-sibling list.

If a SBVR fact n

∈ ancestor(n), due to the pre-

sence of multiple rule sequences, i.e.,



RID

)



> 1,

and n

is a direct ancestor (rule sequence of size 1)

of n at least once, we say that chained subsumption

exists.

When any of the above conditions are detected, it

ﬂags the presence of a possible anomaly. The set

of rules causing the possible anomaly are found out

by combining the rule sequences via which the rela-

tions were established to the conﬂicting nodes. e.g.,

∈ ancestor(n) via rule sequences R

, R

and ¬n

∈

ancestor(n) via rule sequence R

. The possible rule

combinations generating the non-executable conditi-

ons are

, R

and

, R

Implementation: The digraph proposed in this work

involves each node storing copious amount of infor-

mation. It is evident that traditional methods of graph

representation, i.e., adjacency matrix and lists will not

sufﬁce. We use a modiﬁed version of adjacency lists

for our implementation, with the aim of fast access

to enable rapid information exchange between multi-

ple nodes for a rule. To ensure direct and fast access

to the different lists of each node and quick checks

for anomaly conditions between the lists after each

update, we represent each SBVR fact by an odd num-

ber. The next even number denotes the negation of

the fact. Equation 1 presents a formal representation

of the mapping, where S is a set of SBVR facts and

their negation.

S = { f

, ¬ f

, f

, ¬ f

, . . . , f

, ¬ f

}

O = {1, 2, 3, 4, . . . , 2n − 1, 2n}

We deﬁne a function z, such that

S 7→ O

(1)

Due to this representation the checks for anomaly

condition become very straightforward, e.g., for non-

executable condition while inserting an even number

to a list l we need to check for the presence of the

previous odd number in list l

(based on the error con-

dition check) and vice versa. Also, the use of numbers

as node representation makes access to the lists of a

particular node in the graph similar to how an array

position is accessed given the index, i.e., in a direct

manner.

3.4 SMT-LIBv2 based Veriﬁcation

Modern day business rules along with structural ano-

malies contains anomalies due to quantiﬁcations.

Graphical techniques are not sufﬁcient to detect these

form of anomalies, leading to a different veriﬁcation

approach.

3.4.1 Mapping SBVR XMI to SMTLibv2

From the SBVR vocabulary shown in Figure 1, it can

be seen that the rule r : ‘It is obligatory that if rented

car has driver then driver has license’ is based on SBVR

fact f : ‘car has driver’. The binary fact bf → n

where n

(subject) and n

(object) are noun concepts

related through verb concept v

is mapped as,

(declare-fun v

( Thing Thing) Bool)

The concepts n

and n

are declared as constants

of sort ‘Thing’. SBVR also permits a noun con-

cept n

to be derived from another noun concept n

For instance, noun concept ‘rented car’ is derived

from another noun concept ‘car’. The corresponding

SMT-LIBv2 representation is generated as:

(declare-const rented car Thing)

(declare-fun rented car fun ( Thing ) Bool)

(assert (rented car fun rented car ) )

(assert (forall((x Thing))

(implies(rented car fun x)(car fun x))))

In Figure 1, the execution of rules r

and r

can

create an ambiguity in business system resulting in

inconsistent state of knowledge base.

An instance of SBVR rule mapping to SMT-LIBv2

for rules r

and r

is given below:

smt(r

(assert (forall((x Thing)(y Thing)(z Thing))

(implies

(and (car fun x)(driver fun y)

(license fun z) ( has x y))

(owns y z))))

smt(r

(assert (forall((x Thing)(y Thing)(z Thing))

(implies

(and (car fun x)(driver fun y)

(license fun z) ( has x y))

(not(owns y z)))))

The aim of mapping SBVR rules to SMT-LIBv2 is to be

able to use SMT solvers for veriﬁcation. This appro-

ach has the following advantages.

1. SMT generalizes Boolean Satisﬁabilty (SAT) by

adding equality reasoning, arithmetic, ﬁxed size

bit vectors, arrays, quantiﬁers and other logics

and useful ﬁrst order theories (Barrett et al., 2009;

De Moura and Bjørner, 2011). SMT solvers are

efﬁciently able to handle such theories, thus provi-

ding the support for veriﬁcation considering quan-

tiﬁcations.

Identifying Anomalies in SBVR-based Business Rules using Directed Graphs and SMT-LIBv2

219

2. SMT provides a provision to check satisﬁability,

validity and un-satisﬁabilty of the formulas repre-

sented in SMT-LIBv2 format which is captured in

our approach to detect conﬂicting rules.

Mappings have been completed for 50 SBVR con-

structs to the corresponding SMT-LIBv2 which is an

extension of the work performed by (Chittimalli and

Anand, 2016) which includes SBVR vocabulary, rules,

deﬁnitions and various other concepts (e.g. synonym,

synonymous form, inverse verb concept, atleast-n ,

atmost-n, exactly-n, universal and existential quanti-

ﬁcations).

3.4.2 Conﬂicting Rules Detection

The presence of conﬂicting conditions in a set of ru-

les shall cause the latter to be inconsistent. There-

fore it is important to check for conﬂicting conditi-

ons within individual rules and between different ru-

les. Conﬂicting rules can exist in one of the following

two scenarios:

1. When a rule is enumerated using AND operator,

i.e., r

: ‘It is obligatory that f

and f

and..... f

’

( f

’s are fact types) and conjunction of some fact

types contradicts with another fact type in the

rule. Formally, the conﬂicting condition can be

represented as fol( f

) ∧ fol( f

).......∧ fol( f

) ⇒ ¬

fol( f

), where fol( f

) is the FOL formula corre-

sponding to f

2. A rule base R consists of rules = {r

, r

,....

} and the conjunction of some rules in R is

contradictory with some other rule/ rules in R,

i.e.,

fol(r

) ∧ fol(r

).......∧ fol(r

) ⇒ ¬ fol(r

) where

fol(r

) is the FOL formula corresponding to r

Our tool aims to ﬁnd the minimal set of rules that

are inconsistent with respect to each other, i.e., the

minimal unsatisﬁable cores, aided by the Satisﬁable

Modulo Theories (SMT) solvers. We use the deﬁni-

tion of validity and satisfiability that exists in

First Order Logic in our veriﬁcation approach.

DPLL(T )-BASED SMT SOLVERS checks for

the satisﬁability of the SMT formulas (generated from

SBVR rules). The underlying logic is that if formulas

given as input to the solvers are consistent, i.e., the bu-

siness rules have no conﬂict present among them then

sat will be returned by the solvers else unsat. The

working of the DPLL(T )-BASED SMT SOLVERS

can be visualized as that of a transition system. The

initial state of the transition system is given as {

0, F

0}, where F

is a given set of clauses to be checked

for satisﬁability (i.e., the input formula). When F

is unsatisﬁable in T the expected ﬁnal states is fail

0. Here T is the background theory considered

while mapping from SBVR to SMT-LIBv2, i.e., effecti-

vely the transformations (Katz et al., 2016).

A conﬂicting set of rules can be found by putting

assert statements in SMT-LIBv2, which compels the

solvers to check the satisﬁability until the point of in-

vocation. We add labels to the assertions to identify

the exact rules which caused the unsatisﬁability (con-

ﬂict) to occur. The command ‘get-unsat-core’ use

these labels to generate UNSAT core output in a re-

presentation which is easily understandable by logic

experts.

3.4.3 Redundancy : Subsuming and Duplicate

Rules Detetction

We use the generated SMT-LIbv2 formulas to detect

the pair of subsuming rules involving quantiﬁcations

in business rule set. A formula F subsumes another

formula F

(FF

) if for each interpretation I, I |= F

implies I |= F (Lukichev, 2010). We use this deﬁ-

nition to devise our veriﬁcation approach of detecting

subsumption. Let smt(r

) be the SMT-LIBv2 represen-

tation of rule r

∈ R. As per the deﬁnition of subsump-

tion provided in Section 2, in order to check whether a

rule r

∈ R is subsumed by another rule r ∈ R, we pro-

pose to assert the negation of the formula obtained

by smt(r) →smt(r

¬(smt(r) → smt(r

))

≡ ¬(¬smt(r) ∨ smt(r

)).........[MaterialImplication]

≡ (smt(r) ∧ ¬smt(r

)).........[DeMorgan

sLaw]

Our assumption is if r subsumes r

, then the solver

should ﬁnd a solution to the formula smt(r) →smt(r

Since we check for the satisﬁability of the negation

of the formula, if the solver returns UNSAT, i.e., no

solution exists where smt(r) is satisﬁed but smt(r

)is

not, it is deduced that r subsumes r

. Figure 5 shows

rules which are subsumed due to quantiﬁcations.

: It is permitted that if car rental is insured by at least 2 credit cards

then car rental is luxury car rental.

: It is permitted that if car rental is insured by exactly 3 credit cards

then car rental is luxury car rental.

Figure 5: SBVR Rules created from EURent vocabulary

that are subsuming.

While checking for the satisﬁability of smt(r

)

∧ ¬smt(r

), the SMT solvers fail to ﬁnd a value

x ∈ Thing that satisﬁes smt(r

) but does not satisfy

smt(r

), resulting in unsat. This happens because

if a constant satisﬁes the antecedent of rule r

then

by default it is going to satisfy the antecedent of r

as the formula EqualsTo(credit card.quantity (x), 3)

is subsumed by GreaterThan(credit card.quantity (x),

ICEIS 2018 - 20th International Conference on Enterprise Information Systems

220

Table 1: Performance of our Tool on Business Rules.

Business Rule Set Number of Rules

Anomalies Detected

Conﬂicting Rules Redundant Rules Circularity

EU-Rent Car Rental 84 14 5 1

Industrial Insurance Application 125 12 6 0

Photo Equipment 35 2 3 0

Loan Contracts 11 2 2 0

2). Satisﬁability check on smt(r

) ∧ ¬smt(r

) gives

SAT while that on smt(r

) ∧ ¬smt(r

) gives an UNSAT,

depicting that r

subsumes r

, but the reverse is not

true.

As explained earlier in Section 2, logical equiva-

lence or duplicates are special cases of subsumption.

From the corollary of the approach employed to de-

tect subsumption in rules, we propose that two rules

are duplicates or logical equivalent of one another if

¬ (smt(r) → smt(r

)) and ¬ (smt(r

) → smt(r)) yields

UNSAT.

4 IMPLEMENTATION AND

EXPERIMENTAL RESULTS

We have developed an intelligent editor to specify bu-

siness rules in SBVR. The editor removes spelling mis-

takes and SBVR syntactical errors like duplicate fact

detection, absence of term from SBVR vocabulary but

used in rules or facts. The business rules speciﬁed in

the editor undergo the pre-processing step, where they

are clustered and then transformed to simplified

rules and SMT-LIBv2. We check the satisﬁability

of the generated SMT-LIBv2 formulas using z3 sol-

ver (De Moura and Bjørner, 2008), while the graph

based veriﬁcation algorithm has been implemented in

Java. For both the approaches, we highlight the set

of rules which are the cause of the possible anomaly.

While performing experiments of our tool, we felt

that there was a dearth of universally accepted ben-

chmarks for this veriﬁcation problem. The work done

by (Mitra and Chittimalli, 2017) also stated about the

same drawback in this research ﬁeld.

Table 1 shows the distribution of anomalies iden-

tiﬁed by our tool. EU-Rent Car Rental, Photo Equip-

ment and Loan Contracts consists of seeded anoma-

lies, where the anomalies were injected in by a bu-

siness expert ignorant of our approaches. The tool

performed exceptionally well identifying all the ano-

Figure 6: Snapshot of our Tool.

malies injected. We executed the Industrial Insurance

Application Case Study twice. Initially the original

version was given as input, i.e., no anomalies were in-

jected from our side. Our tool identiﬁed 6 redundan-

cies in the rule set. The business expert could iden-

tify only these 6 anomalies on manual inspection of

the case study. This experiment enabled us to show

that our tool performs efﬁciently well on real life bu-

siness rules. Later we executed the Case Study with

conﬂicting conditions injected by our business expert.

Our tool could identify 12 conﬂicting rules while 15

were injected by the expert. 3 rules were not identi-

ﬁed by our tool because they involved quantiﬁcations

via numerical computations (addition, multiplication,

etc.), for which we have not yet generated SMT-LIBv2

mappings. Figure 6 shows a snapshot of our tool in

work.

5 RELATED WORK

Various solutions had been proposed for automatic

rule base knowledge veriﬁcation, where the rules

were mostly represented in sentential logic form. The

approaches included veriﬁcation with the aid of petri

nets (He et al., 2003; Chavarria-Baez and Li, 2006),

directed graphs (Nazareth and Kennedy, 1991), di-

rected hypergraph (Ramaswamy et al., 1997), infe-

rence graphs (Nguyen et al., 1987) and hypergraphs

(Valiente, 1993). These approaches presents extreme

computational complexity on present day business ru-

les, along with not detecting anomalies involving data

and quantiﬁcations. (Yeh and Chu, 2008) proposed a

DNA-based computing algorithm to detect structural

errors in rule based systems, which had low compu-

tational complexity but failed to deal with anomalies

involving quantiﬁcations. Recently the problem of

automatic veriﬁcation of large and complex business

rules has gained popularity. (Mitra and Chittimalli,

2017) presents a survey showing the present state of

research for this problem. Conversion of SBVR ba-

sed business rules to ontologies and then using rea-

soners to identify anomalies is an approach that has

been presented by (Ceravolo et al., 2007; Karpovi

et al., 2016; Reynares et al., 2014; Solomakhin et al.,

2013). Most of these works fail to show the efﬁciency

and completeness of their approach, and results on

Identifying Anomalies in SBVR-based Business Rules using Directed Graphs and SMT-LIBv2

221

real life complex business rules. A different approach

was presented by (dos Santos Guimar

aes et al., 2014),

where the business rules were modeled into Alloy no-

tation and the Alloy tool was used to detect anoma-

lies. This approach suffered from high execution time

and completely failed to detect anomalies existing in

a sequence of rules. (Chittimalli and Anand, 2016)

detected only inconsistencies modeling the rules into

SMT-LIBv2.

6 CONCLUSION AND FUTURE

WORK

In this paper, we present a tool to automatically detect

anomalies present in business rules using a assortment

of different techniques. We successfully detect ano-

malies with quantiﬁcations along with the ones not

involving quantiﬁcation. We better previous graph

based rule veriﬁcation techniques bypassing the adja-

cency matrix computations of high complexity, while

we present mappings to SMT-LIBv2 enabling use of

solvers. As per our knowledge, our tool is the ﬁrst

to use a combined approach to tackle the problem of

detecting anomalies in business rules. We show expe-

rimental results on standard benchmarks along with

some industrial data sets. In the future, the aim is

to extend the graph based veriﬁcation to be able to

detect anomalies involving quantiﬁcations along with

optimizing the performance of the logic solvers. We

also intend to test our approaches on more complex

real life business systems.

REFERENCES

Barrett, C. et al. (2010). The smt-lib standard: Version 2.0.

Barrett, C. W., Sebastiani, R., Seshia, S. A., and Tinelli, C.

(2009). Satisﬁability modulo theories. Handbook of

satisﬁability.

Ceravolo, P. et al. (2007). Modeling semantics of business

rules. In 2007 Inaugural IEEE-IES Digital EcoSys-

tems and Technologies Conference, pages 171–176.

IEEE.

Chavarria-Baez, L. and Li, X. (2006). Structural error veri-

ﬁcation in active rule-based systems using petri nets.

In Artiﬁcial Intelligence, 2006. MICAI’06. IEEE.

Chittimalli, P. K. and Anand, K. (2016). Domain-

independent method of detecting inconsistencies in

sbvr-based business rules. In Proceedings of the Inter-

national Workshop on Formal Methods for Analysis of

Business Systems.

De Moura, L. and Bjørner, N. (2008). Z3: An efﬁcient

smt solver. In 14th International Conference on Tools

and Algorithms for the Construction and Analysis of

Systems. Springer-Verlag.

De Moura, L. and Bjørner, N. (2011). Satisﬁability modulo

theories: introduction and applications. Communica-

tions of the ACM.

dos Santos Guimar

aes, D. et al. (2014). A method for veri-

fying the consistency of business rules using alloy. In

Proceedings of the Twenty-Sixth International Confe-

rence on Software Engineering & Knowledge Engi-

neering.

Group, B. R. (2016). EU-Rent Car Rental case study.

http://www.kdmanalytics.com/sbvr/EU-Rent.html.

He, X. et al. (2003). A new approach to verify rule-based

systems using petri nets. Information and Software

Technology.

IBM (2017). Business action language. https://goo.gl/

Ybqj1m.

JBoss (2017). Drools. https://goo.gl/KivdD2.

Karpovi

c, J. et al. (2016). Experimental investigation

of transformations from sbvr business vocabularies

and business rules to owl 2 ontologies. Information

Technology And Control.

Katz, G., Barrett, C., Tinelli, C., Reynolds, A., and Had-

arean, L. (2016). Lazy proofs for dpll (t)-based smt

solvers. In Formal Methods in Computer-Aided De-

sign (FMCAD), 2016. IEEE.

Lukichev, S. (2010). Improving the quality of rule-based

applications using the declarative veriﬁcation appro-

ach. International Journal of Knowledge Engineering

and Data Mining.

MIT (2015). Alloy: A language and tool for relational mo-

dels. http://alloy.mit.edu/alloy/index.html.

Mitra, S. and Chittimalli, P. K. (2017). A systematic review

of methods for consistency checking in sbvr-based bu-

siness rules.

Nazareth, D. (1989). Issues in the veriﬁcation of knowledge

in rule-based systems. Int. J. Man-Mach. Stud.

Nazareth, D. L. and Kennedy, M. H. (1991). Veriﬁcation of

rule-based knowledge using directed graphs. Know-

ledge Acquisition.

Nguyen, T. A. et al. (1987). Verifying consistency of pro-

duction systems. In Proceedings of the Third Con-

ference on Artiﬁcial Intelligence Applications, pages

4–8.

OMG (2013). Semantics of business vocabulary and rules

1.2. http://www.omg.org/spec/SBVR/1.2/.

Preece, A. D. and Shinghal, R. (1994). Foundation and ap-

plication of knowledge base veriﬁcation. Internatio-

nal Journal of Intelligent Systems.

Ramaswamy, M. et al. (1997). Using directed hypergraphs

to verify rule-based expert systems. IEEE Trans. on

Knowl. and Data Eng.

Reynares, E. et al. (2014). Sbvr to owl 2 mappings: an au-

tomatable and structural-rooted approach. CLEI Elec-

tronic Journal.

Sirin, E. et al. (2007). Pellet: A practical owl-dl reasoner.

Web Semantics: science, services and agents on the

World Wide Web.

Solomakhin, D. et al. (2013). Logic-based reasoning sup-

port for sbvr. Fundamenta Informaticae.

Valiente, G. (1993). Veriﬁcation of knowledge base redun-

dancy and subsumption using graph transformations.

International Journal of Expert Systems, 6:341–355.

Yeh, C.-W. and Chu, C.-P. (2008). Molecular veriﬁcation of

rule-based systems based on dna computation. IEEE

Transactions on Knowledge and Data Engineering.

ICEIS 2018 - 20th International Conference on Enterprise Information Systems

222