Inquiry-Based Requirements Analysis
IEEE Software
A Compositional Claim-based Component Certification Procedure
EUROMICRO '04 Proceedings of the 30th EUROMICRO Conference
The Description Logic Handbook
The Description Logic Handbook
A survey of architecture design rationale
Journal of Systems and Software
A rationale-based architecture model for design traceability and reasoning
Journal of Systems and Software
The Impact of Certification Criteria on Integrated COTS-Based Systems
ICCBSS '07 Proceedings of the Sixth International IEEE Conference on Commercial-off-the-Shelf (COTS)-Based Software Systems
Towards a Requirements-Driven Workbench for Supporting Software Certification and Accreditation
SESS '07 Proceedings of the Third International Workshop on Software Engineering for Secure Systems
Towards trustworthy computing systems: taking microkernels to the next level
ACM SIGOPS Operating Systems Review
Semantic parameterization: A process for modeling domain descriptions
ACM Transactions on Software Engineering and Methodology (TOSEM)
Mining and analysing security goal models in health information systems
SEHC '09 Proceedings of the 2009 ICSE Workshop on Software Engineering in Health Care
On Non-Functional Requirements in Software Engineering
Conceptual Modeling: Foundations and Applications
Goal-oriented requirements analysis and reasoning in the Tropos methodology
Engineering Applications of Artificial Intelligence
On software certification: we need product-focused approaches
Monterey'08 Proceedings of the 15th Monterey conference on Foundations of Computer Software: future Trends and Techniques for Development
| Hi-index | 0.00 |
Due to its critical nature with respect to patient safety, privacy and other quality attribute, healthcare software is often subject to third party certification. To take a solitary example, Health Canada deems patient management systems (such as Electronic Medical Records) to be subject to mandatory certification and licensing. One strategy to reduce the cost of certifying large software products is to dislocate the implementation of functions that require certification from those functions that do not require certification. While this strategy has been recommended, no systematic method has been proposed on how to integrate this notion into the overall system design process. This paper addresses this gap. We present a process that takes a requirements specification and pertinent certification criteria as input and produces a set of constraints on potential architecture designs, ensuring that the size of software that must undergo certification is reduced. We demonstrate the approach using a real-world case study involving Electronic Health Record software in the context of the Canadian regulatory framework.