Collaborative business processes can be seen as smart contracts, as they are oftentimes adopted to express agreements among different organizations. Indeed, they provide mechanisms to formalize the obligations of each involved party. For instance, collaborative business processes can specify when a certain task should be executed, under which conditions a service should be offered to the other participants, and how physical objects and information should be manipulated. In this setting, to prevent misuse of smart contracts and services and information provided, it is paramount to guarantee by design that security requirements are fulfilled. With the rise in popularity of blockchains, several approaches exploiting the trusted smart contract execution environment offered by this technology to enforce collaborative business processes have been proposed. Yet, the complexity of business processes, security requirements, and blockchain applications calls for an engineering approach that guides the design of secure business processes. Such an approach should both take advantage of the possibilities offered by blockchain technology to enforce some security requirements (e.g., non-repudiation), and take into account the limitations blockchain poses for other security requirements (e.g., confidentiality). However, we are not aware of any existing work that aims at addressing such issues following a similar approach.

In this article, we propose SecBPMN2BC: a model-driven approach to designing business processes with security requirements that are meant to be deployed on blockchains. SecBPMN2BC consists of: (i) an extension of BPMN 2.0 that allows designing secure smart contracts; (ii) a set of algorithms and their implementation that check incompatible security requirements and help the design of smart contracts; (iii) a workflow that guides the application of the method. The method has been validated with a survey conducted on security and BPMN experts.

协作业务流程可以被视为智能合约，因为它们通常被用来表达不同组织之间的协议。实际上，它们提供了将每个相关方的义务正式化的机制。例如，协作业务流程可以指定何时应执行某项任务、应在何种条件下向其他参与者提供服务以及应如何操作物理对象和信息。在这种情况下，为防止滥用智能合约以及所提供的服务和信息，最重要的是通过设计保证满足安全要求。随着区块链的普及，已经提出了几种利用该技术提供的可信智能合约执行环境来执行协作业务流程的方法。然而，业务流程、安全要求和区块链应用程序的复杂性需要一种工程方法来指导安全业务流程的设计。这种方法既应利用区块链技术提供的可能性来执行某些安全要求（例如，不可否认性），又应考虑到区块链对其他安全要求（例如，机密性）造成的限制。但是，我们不知道有任何现有工作旨在通过类似方法解决此类问题。

在本文中，我们提出了 SecBPMN2BC：一种模型驱动的方法来设计具有安全要求的业务流程，这些业务流程旨在部署在区块链上。SecBPMN2BC 包括：(i) BPMN 2.0 的扩展，允许设计安全的智能合约；(ii) 一组算法及其实现，用于检查不兼容的安全要求并帮助设计智能合约；(iii) 指导方法应用的工作流程。该方法已经通过对安全和 BPMN 专家进行的调查进行了验证。