Paper Info
Title
Establishing regulatory compliance for software requirements
Abstract
A software system complies with a regulation if its operation is consistent with the regulation under all circumstances. The importance of regulatory compliance for software systems has been growing, as regulations are increasingly impacting both the functional and nonfunctional requirements of legacy and new systems. HIPAA and SOX are recent examples of laws with broad impact on software systems, as attested by the billions of dollars spent in the US alone on compliance. In this paper we propose a framework for establishing regulatory compliance for a given set of software requirements. The framework assumes as inputs models of the requirements (expressed in i*) and the regulations (expressed in Nòmos). In addition, we adopt and integrate with i* and Nòmos a modeling technique for capturing arguments and establishing their acceptability. Given these, the framework proposes a systematic process for revising the requirements, and arguing through a discussion among stakeholders that the revisions make the requirements compliant. Our proposed framework is illustrated through a case study involving fragments of the HIPAA regulation.
Year
DOI
Venue
2011
10.1007/978-3-642-24606-7_5
ER
Keywords
Field
DocType
software system,hipaa regulation,proposed framework,requirements compliant,inputs model,broad impact,software requirement,software system complies,regulatory compliance,case study
Data mining,Systematic process,Computer science,Argumentation theory,Requirements engineering,Requirements analysis,Software system,Software requirements specification,Non-functional requirement,Software requirements
Conference
Volume
ISSN
Citations 
6998
0302-9743
13
PageRank 
References 
Authors
0.81
9
3
Name
Order
Citations
PageRank
Silvia Ingolfo1977.35
Alberto Siena229727.63
John Mylopoulos3109561569.74