QUIVIR Research Group
Rafael M. Gasca, PhD
Carmelo del Valle, PhD
María Teresa Gómez, PhD
Pablo Neira Ayuso, PhD
Sergio Pozo Hidalgo, PhD
Rafael Ceballos, PhD
Fernando de la Rosa, PhD
Miguel Toro, PhD
Irene Barba, PhD
Diana Borrego, PhD
OPBUS (OPtimization BUsiness process Security) is a framework composed of different tools for automated risk management in business processes. OPBUS is ready to use solvers for the automated analyses in business processes.
OPBUS intends to integrate risk management into the Business Process Management (BPM) based on a Model-Driven Architecture (MDA) approach. The integration of BPM and risk management is aligned to the strategic objectives of ”Integration of RM/RA with Operation Processes”; and "1.4 Secure, dependable and trusted infrastructures” defined by the European Network and Information Security Agency (ENISA) and European Commission 7th Framwork Programme (7FP) in the ICT Trust and Security.
OPBUS-RAT tool strives the automatic risk assessment of business process models in order to determine which activities are non-conformance with regard to established risk levels.
Video demo (low quality version)
Coming really soon!!
 A.J, Varela-Vaca, Rafael M. Gasca, "Towards the Automatic and Optimal Selection of Risk Treatments for Business Processes using a Constraint Programming Approach", Information and Software Technology, Volume 55, Issue 11, Pages 1948–1973, ISSN 0950-5849, http://dx.doi.org/10.1016/j.infsof.2013.05.007. (JCR 2012: 1.522)
 A.J. Varela-Vaca, Robert Warschofsky, Rafael M. Gasca, Sergio Pozo, C. Meinel " A Security Pattern-Driven Approach Toward the Automation of Risk Treatment in Business Processeses". 5th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2012). Ostrava, Czech Republic, 2012, Advances in Intelligent Systems and Computing, 2012, Volume 189, 13-23, DOI: 10.1007/978-3-642-33018-6_2.
 A.J. Varela-Vaca, Rafael M. Gasca and Sergio Pozo. "OPBUS: Risk-aware framework for the conformance of security-quality requirements in business processes". International Conference on Security and Cryptography (SECRYPT 2011) . Seville, Spain. ISBN 978-989-8425-71-3. 2011.
 A.J. Varela-Vaca, Rafael M. Gasca, A. Jiminez-Ramirez. "A Model-Driven Engineering approach with Diagnosis of Non-Conformance of Security Objectives in Business Process Models". 5th IEEE International Conference on Research Challenges in Information Science (RCIS 2011). Guadalopue, France, ISBN 978-1-4244-8671-7. 2011
 A. J. Varela- Vaca, Rafael M. Gasca, L. Parody: "OPBUS: Automating Structural Fault Diagnosis for Graphical Models in the Design of Business Processes". 21th International Workshop in Principles of Diagnosis (DX'10). Portland, Oregon, USA. ISBN: 978-1-936263-02-8. 2010.