PROFES 2024
Mon 2 - Wed 4 December 2024 Tartu, Estonia

Ensuring compliance with industry standards and regulations is a critical challenge in software and systems engineering, particularly in domains such as automotive or aerospace in which adherence to standards is mandatory. Compliance checking is often manually connected, e.g., through reviews based on project-specific rules, which is a costly process. This paper proposes a structured, tool-supported approach to compliance analysis. The proposed approach is based on providing a computable reference model, which lays the foundation for the tailoring of project-specific processes, and an automated analysis of the degree of implemented compliance-relevant activities. A proof of concept was is presented, which includes the development of an ECSS-based reference model for software systems engineering, which was developed in close collaboration with practitioners from the aerospace domain. Based on this reference model, the process management tool Stages was used to provide means to generate assessments and action plans. To demonstrate the concept, an exemplary systems development process was modeled and analyzed, which allowed us to identify missing elements in the planed project activities.

Wed 4 Dec

Displayed time zone: Athens change

11:00 - 12:30
PROFES Session 8: Security, Compliance and Regulatory ComplianceResearch Papers / Short Papers and Posters at UT Library - Room 3 (Seminar Room Kodavere)
Chair(s): Kari Smolander LUT University
11:00
18m
Research paper
An Approach to Cognitive Root Cause Analysis of Software Vulnerabilities
Research Papers
Theo Hytopoulos Western Washington University, Marvin Chan Western Washington University, Keegan Roth Western Washington University, Rylon Wasson Western Washington University, Fuqun Huang Western Washington University
11:18
18m
Research paper
Guidelines for Supporting Software Engineers in Developing Secure Web Applications
Research Papers
Klara Svensson Chalmers | University of Gothenburg, Drake Axelrod Chalmers | University of Gothenburg, Mazen Mohamad Chalmers | RISE - Research Institutes of Sweden, Rebekka Wohlrab Chalmers University of Technology
11:36
12m
Short-paper
Towards Generating Compliance Action Plans: A Discussion of Needs and Opportunities
Short Papers and Posters
Julio Guzman Reutlingen University, Heiko Doerr UL Method Park GmbH, Thomas Brenner OHB System AG, Rainer Gerlich Dr. Rainer Gerlich System and Software Engineering, Jürgen Münch Reutlingen University, Marco Kuhrmann Reutlingen University
11:48
18m
Research paper
Regulatory Requirements Engineering in Large Enterprises: An Interview Study on the European Accessibility Act
Research Papers
Oleksandr Kosenkov fortiss GmbH, Michael Unterkalmsteiner Blekinge Institute of Technology, Daniel Mendez Blekinge Institute of Technology and fortiss, Jannik Fischbach Netlight Consulting GmbH and fortiss GmbH
12:06
24m
Talk
Session 8 Discussion
Research Papers