Towards Generating Compliance Action Plans: A Discussion of Needs and Opportunities
Ensuring compliance with industry standards and regulations is a critical challenge in software and systems engineering, particularly in domains such as automotive or aerospace in which adherence to standards is mandatory. Compliance checking is often manually connected, e.g., through reviews based on project-specific rules, which is a costly process. This paper proposes a structured, tool-supported approach to compliance analysis. The proposed approach is based on providing a computable reference model, which lays the foundation for the tailoring of project-specific processes, and an automated analysis of the degree of implemented compliance-relevant activities. A proof of concept was is presented, which includes the development of an ECSS-based reference model for software systems engineering, which was developed in close collaboration with practitioners from the aerospace domain. Based on this reference model, the process management tool Stages was used to provide means to generate assessments and action plans. To demonstrate the concept, an exemplary systems development process was modeled and analyzed, which allowed us to identify missing elements in the planed project activities.
Wed 4 DecDisplayed time zone: Athens change
11:00 - 12:30 | PROFES Session 8: Security, Compliance and Regulatory ComplianceResearch Papers / Short Papers and Posters at UT Library - Room 3 (Seminar Room Kodavere) Chair(s): Kari Smolander LUT University | ||
11:00 18mResearch paper | An Approach to Cognitive Root Cause Analysis of Software Vulnerabilities Research Papers Theo Hytopoulos Western Washington University, Marvin Chan Western Washington University, Keegan Roth Western Washington University, Rylon Wasson Western Washington University, Fuqun Huang Western Washington University | ||
11:18 18mResearch paper | Guidelines for Supporting Software Engineers in Developing Secure Web Applications Research Papers Klara Svensson Chalmers | University of Gothenburg, Drake Axelrod Chalmers | University of Gothenburg, Mazen Mohamad Chalmers | RISE - Research Institutes of Sweden, Rebekka Wohlrab Chalmers University of Technology | ||
11:36 12mShort-paper | Towards Generating Compliance Action Plans: A Discussion of Needs and Opportunities Short Papers and Posters Julio Guzman Reutlingen University, Heiko Doerr UL Method Park GmbH, Thomas Brenner OHB System AG, Rainer Gerlich Dr. Rainer Gerlich System and Software Engineering, Jürgen Münch Reutlingen University, Marco Kuhrmann Reutlingen University | ||
11:48 18mResearch paper | Regulatory Requirements Engineering in Large Enterprises: An Interview Study on the European Accessibility Act Research Papers Oleksandr Kosenkov fortiss GmbH, Michael Unterkalmsteiner Blekinge Institute of Technology, Daniel Mendez Blekinge Institute of Technology and fortiss, Jannik Fischbach Netlight Consulting GmbH and fortiss GmbH | ||
12:06 24mTalk | Session 8 Discussion Research Papers |