Towards Increased Efficiency and Confidence in Process Compliance

Ardila, Julieth Patricia Castellanos; Gallina, Barbara

doi:10.1007/978-3-319-64218-5_13

Cited by 8 publications

(3 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A framework for safety-critical process management in engineering projects 87 Conference S17 Applying process mining techniques in software process appraisals 88 Journal S18 Continuous process compliance using model driven engineering 89 Conference S19 Towards increased efficiency and confidence in process compliance 90 Conference S20 Automated legal compliance checking by security policy analysis 91 Conference S21 A formalization of the ISO/IEC 15504: Enabling automatic inference of capability levels 92 Conference S22 Security analysis and legal compliance checking for the design of privacy-friendly information systems 93 Conference S23 Towards efficiently checking compliance against automotive security and safety standards 94 Workshop S24 An axiom based metamodel for software process formalisation: An ontology approach 95 Journal S25 Enabling compliance checking against safety standards from SPEM 2.0 process models 96 Conference…”

Section: S16mentioning

confidence: 99%

Compliance checking of software processes: A systematic literature review

Ardila

Gallina

Muram

2022

J Software Evolu Process

Self Cite

View full text Add to dashboard Cite

The processes used to develop software need to comply with normative requirements (e.g., standards and regulations) to align with the market and the law. Manual compliance checking is challenging because there are numerous requirements with changing nature and different purposes. Despite the importance of automated techniques, there is not any systematic study in this field. This lack may hinder organizations from moving toward automated compliance checking practices. In this paper, we characterize the methods for automatic compliance checking of software processes, including used techniques, potential impacts, and challenges. For this, we undertake a systematic literature review (SLR) of studies reporting methods in this field. As a result, we identify solutions that use different techniques (e.g., anthologies and metamodels) to represent processes and their artifacts (e.g., tasks and roles). Various languages, which have diverse capabilities for managing competing and changing norms, and agile strategies, are also used to represent normative requirements. Most solutions require tool‐support concretization and enhanced capabilities to handle processes and normative diversity. Our findings outline compelling areas for future research. In particular, there is a need to select suitable languages for consolidating a generic and normative‐agnostic solution, increase automation levels, tool support, and boost the application in practice by improving usability aspects.

show abstract

Section: S16mentioning

confidence: 99%

Compliance checking of software processes: A systematic literature review

Ardila

Gallina

Muram

2022

J Software Evolu Process

Self Cite

View full text Add to dashboard Cite

show abstract

“…Patil et al (2015) discuss the need for MBSE approaches to be compliant to the, 'Automotive open systems architecture' (AUTOSAR) standards and incorporate information, such as AUTOSAR interfaces, in MBSE itself. Also, the SE development process and work products in the automotive industry must comply with the ASPICE process standard (Castellanos et al, 2017). ASPICE aims to provide process assessment and the process reference model for development in the automotive industry (Messnarz et al, 2019).…”

Section: Introductionmentioning

confidence: 99%

A generic hierarchical System of Systems Engineering (SOS) Approach for Model based System Engineering (MBSE) Projects

Pandey¹

2022

INCOSE International Symp

View full text Add to dashboard Cite

Model based systems engineering (MBSE) has been accepted worldwide by many industries, including the automotive industry, for several years. Hundreds of projects have already been developed and deployed using MBSE approaches. MBSE is gaining importance because it provides systems advantageous life cycle processes, such as returns of investments and meeting the demands of global marketplaces, as they become increasingly complex. Consequently, the number and pace of deployment using MBSE approaches will increase in the future.Our current work objective is to define a generic MBSE methodology compatible with Systems Engineering Body of Knowledge (SEBOK) functional decomposition principles, 'Automotive open systems architecture' (AUTOSAR) developments and compliant to 'Automotive software performance improvement and capability determination' (ASPICE) processes using the 'systems modelling language' (SysML). We have proposed a generic SysML process framework, a hierarchical system of systems (SOS) engineering approach and automation solutions. We have shown that the proposed solution helps meet the defined objectives. The work is targeted and relevant for automotive industry MBSE practitioners. In general, the research, apart from transportation and mobility industries, can also be used in other industries.

show abstract

“…To overcome the above challenges, formal approaches to process modeling and verification have been proposed in previous studies [4,7,[12][13][14]. These increase confidence and trustworthness in the evidence used for process complaince [15] and enable the use of automated analysis and verification techniques in software process [17]. However, we couldn't use them for the task at hand for various reasons; The approach by [7] employs first order logic (FOL), to formalize and verify standards compliant software development.…”

Section: Introductionmentioning

confidence: 99%

Ensuring Conformance to Process Standards Through Formal Verification

Kabaale

Wen

Wang

et al. 2018

Communications in Computer and Information Science

View full text Add to dashboard Cite

Software process standards and models encapsulate best practices and guidelines for managing and engineering software. For easy accessibility, process standards are usually prescribed in natural language. However, natural language based process specifications can be inconsistent and ambiguous that makes it difficult to monitor and verify if they have been fully implemented and adhered too in a given software project. Besides the process of defining and documenting the necessary evidence to comply with process standard requirements is often manual, time consuming and laborious. In earlier studies, we developed a translation scheme and metamodel for consistent and uniform software process formalisation. In the current study, we leverage the formal process specification to develop a two-step formal process verification approach; first we extract process requirements from the standard documents and translate them into logical axioms. We then augment these axioms with additional information in a process verification ontology. This ontology is then utilised in conformance verification of a performed process. We demonstrate the feasibility of our approach with software requirements analysis process and a case study.

show abstract

Towards Increased Efficiency and Confidence in Process Compliance

Cited by 8 publications

References 13 publications

Compliance checking of software processes: A systematic literature review

Compliance checking of software processes: A systematic literature review

A generic hierarchical System of Systems Engineering (SOS) Approach for Model based System Engineering (MBSE) Projects

Ensuring Conformance to Process Standards Through Formal Verification

Contact Info

Product

Resources

About