Modelling strategic relationships for process reengineering
Modelling strategic relationships for process reengineering
Implementing Rule-Based Monitors within a Framework for Continuous Requirements Monitoring
HICSS '05 Proceedings of the Proceedings of the 38th Annual Hawaii International Conference on System Sciences - Volume 07
Fundamental legal concepts: a formal and teleological characterisation
Artificial Intelligence and Law
RE '08 Proceedings of the 2008 16th IEEE International Requirements Engineering Conference
Analysis of Multi-Party Agreement in Requirements Validation
RE '09 Proceedings of the 2009 17th IEEE International Requirements Engineering Conference, RE
Towards a framework for tracking legal compliance in healthcare
CAiSE'07 Proceedings of the 19th international conference on Advanced information systems engineering
Extending argumentation to goal-oriented requirements engineering
ER'07 Proceedings of the 2007 conference on Advances in conceptual modeling: foundations and applications
Checking Existing Requirements for Compliance with Law Using a Production Rule Model
RELAW '09 Proceedings of the 2009 Second International Workshop on Requirements Engineering and Law
Argument-Driven Validation of Computer Simulations - A Necessity, Rather than an Option
VALID '10 Proceedings of the 2010 Second International Conference on Advances in System Testing and Validation Lifecycle
A Method for Identifying Software Requirements Based on Policy Commitments
RE '10 Proceedings of the 2010 18th IEEE International Requirements Engineering Conference
Law and adaptivity in requirements engineering
Proceedings of the 8th International Symposium on Software Engineering for Adaptive and Self-Managing Systems
Arguing regulatory compliance of software requirements
Data & Knowledge Engineering
Hi-index | 0.00 |
A software system complies with a regulation if its operation is consistent with the regulation under all circumstances. The importance of regulatory compliance for software systems has been growing, as regulations are increasingly impacting both the functional and nonfunctional requirements of legacy and new systems. HIPAA and SOX are recent examples of laws with broad impact on software systems, as attested by the billions of dollars spent in the US alone on compliance. In this paper we propose a framework for establishing regulatory compliance for a given set of software requirements. The framework assumes as inputs models of the requirements (expressed in i*) and the regulations (expressed in Nòmos). In addition, we adopt and integrate with i* and Nòmos a modeling technique for capturing arguments and establishing their acceptability. Given these, the framework proposes a systematic process for revising the requirements, and arguing through a discussion among stakeholders that the revisions make the requirements compliant. Our proposed framework is illustrated through a case study involving fragments of the HIPAA regulation.