RegComp

To meet public standards, software systems must often comply with regulations, policies, mandates, and guidelines. A first step towards this compliance is to make sure that the software requirements elaborated in software development projects properly reflect those regulatory artefacts. This task, however, is already error-prone and labor-intensive. This research project seeks to explore opportunities and challenges when working with requirements that are written with regulation as the source. The goal is to develop a novel and semi-automated approach for addressing the identified challenges. The approach aims to promote the development of responsible software engineering practices that align with institutional, political, and regulatory recommendations.

Project description

The RegComp (Regulatory Compliance) project focuses on the development of a novel approach for semi-automated requirement analysis and conformance checks of requirements towards regulatory texts. fortiss will be utilizing natural language processing techniques for change impact analysis and analyzing the requirements that are derived from various regulatory texts such as laws, norms, standards, and contracts. Furthermore, fortiss is developing a compliance check approach that can verify the conformance of requirements with regulatory texts.

fortiss aims to create a solution that can significantly reduce the time and effort required for compliance checks while ensuring the accuracy and reliability of the results. One particular focus in our research and development is to support change impact analyses throughout the development lifecycle, i.e. automatically detect changes in requirements in response to changes in regulations (and vice-versa). In addition, fortiss is analyzing the practical implications of our approach to ensure the applicability and usefulness of our results to our industry partner.

Research contribution

The project aims to contribute to the field of regulatory compliance in software engineering by developing a tool-supported approach for addressing the identified challenges in the industry. This approach will enable developers to better understand how requirements that are from ever-changing regulatory sources can be integrated into software engineering, and how to ensure compliance with regulatory standards. In addition, the developed tool-supported approach by the scientist will be evaluated in the industry on real data.

Funding

itestra GmbH

Project duration

01.01.2023. – 31.12.2025

Your contact

Parisa Elahidoost

+49 89 3603522 428
elahidoost@fortiss.org

Project partner

Publications

2024 Designing NLP-based solutions for requirements variability management: experiences from a design science study at Visma Parisa Elahidoost , Michael Unterkalmsteiner , Davide Fucci , Jannik Fischbach and Peter Liljenberg , 2024. Springer. Details URL DOI BIB

Name	Purpose	Lifetime	Type	Provider
_pk_id	Used to store a few details about the user such as the unique visitor ID.	13 months	HTML	Matomo
_pk_ref	Used to store the attribution information, the referrer initially used to visit the website.	6 months	HTML	Matomo
_pk_ses	Short lived cookie used to temporarily store data for the visit.	30 minutes	HTML	Matomo
_pk_cvar	Short lived cookie used to temporarily store data for the visit.	30 minutes	HTML	Matomo
_pk_hsr	Short lived cookie used to temporarily store data for the visit.	30 minutes	HTML	Matomo