Log Compliance

Many information systems today record all operations executed by their users and components. Most of such executions conform with business processes defined by their designers, however, in some systems such as health care systems, the executors deviate from what has been specified because of external factor.

For example, a doctor of a health care system, may decide to skip a task or change the order of execution to save the life of a patient. Nevertheless, some deviations may threat assets of the organization and immediate reparation action must be taken to mitigate the threat.

The LogCompliance plugin is part of the STS-Tool toolset. It permits to analyze anomalous log traces and to identify the security-critical ones. The plugin is based on SecBPMN2 plugin of STS-Tool toolset which permits to specify business process and security policies. The LogCompliance plugin uses the SecBPMN2 business process specified by the users, to identify log traces that deviate, and it runs a security analysis that based on the security policies defined with SecBPMN2. If a log trace fails the verification, then it is classified as security-critical and shown to the user.

You can download LogCompliance directly from the plugin manager of STS-Tool, or download STS-Tool with the plugin already installed from the following list.

Latest available version

Name Version Operating
Min. Java
STS-Tool & LogCompliance - Win 32bit 1.1.0 Windows 32 bit March 14, 2018 Java 7 124 MB
STS-Tool & LogCompliance - Win 64bit 1.1.0 Windows 64 bit March 14, 2018 Java 7 124 MB
STS-Tool & LogCompliance - Linux 32bit 1.1.0 Linux 32 bit March 14, 2018 Java 7 123 MB
STS-Tool & LogCompliance - Linux 64bit 1.1.0 Linux 64 bit March 14, 2018 Java 7 123 MB
STS-Tool & LogCompliance - Mac 64bit 1.1.0 MacOs 64 bit March 14, 2018 Java 7 123 MB


The manual for the Log Compliance plug-in describes how to use the plug-in, to guide users to obtain correct results.

Examples Files

This examples are used to show what to expect as a result from using the plug-in. We provide a exported STS project files, that contain a SecBPMN2 file, a log file and a few security policies. To import the projects in STS-Tool, execute the software, then click File -> Import.. and select the file you downloaded.
To see the business process file and log file, navigate into the opened projects in the folder Model – > SecBPMN2 -> business processes.
To see the security policies files navigate into Model -> SecBPMN2 -> security policies -> user.


A simple example about the interaction between the doctor and patient.