From Problems to Laws in Requirements Engineering - Using Model-Transformation

Stephan Faßbender, Maritta Heisel

2013

Abstract

Nowadays, many legislators decided to enact different laws, which all enforce legal and natural persons to deal more carefully with IT systems. Hence, there is a need for techniques to identify and analyze laws, which are relevant for an IT system. But identifying relevant compliance regulations for an IT system and aligning it to be compliant to these regulations is a challenging task. In earlier works of ours we proposed patterns and a structured method to tackle these problems. One of the central crucial steps, while using the patterns and the method, is the transformation of requirements into a structure, allowing the identification of laws. The step is not trivial, as requirements, in most cases, focus on the technical parts of the problem, putting the knowledge about the environment of the system aside. In this work, we propose a method to structure the requirements, elicit the needed domain knowledge and transform requirements into law identification pattern instances. For this purpose, we make use of problem diagrams, problem frames, domain knowledge, and questionnaire. We present our method using a voting system as an example, which was obtained from the ModIWa DFG project and the common criteria profile for voting systems.

References

  1. Í lvarez, J. A. T., Olmos, A., and Piattini, M. (2002). Legal requirements reuse: A critical success factor for requirements quality and personal data protection. In Proceedings of the International Conference on Requirements Engineering (RE), pages 95-103. IEEE.
  2. Beckers, K., Faßbender, S., Küster, J.-C., and Schmidt, H. (2012a). A pattern-based method for identifying and analyzing laws. In REFSQ, pages 256-262.
  3. Beckers, K., Faßbender, S., and Schmidt, H. (2012b). An integrated method for pattern-based elicitation of legal requirements applied to a cloud computing example. In ARES, pages 463-472.
  4. Bench-Capon, T. J. M., Robinson, G. O., Routen, T. W., and Sergot, M. J. (1987). Logic programming for large scale applications in law: A formalization of supplementary benefit legislation. In Proceedings of the International Conference on Artificial Intelligence and Law (ICAIL). ACM.
  5. Biagioli, C., Mariani, P., and Tiscornia, D. (1987). Esplex: A rule and conceptual model for representing statutes. In ICAIL, pages 240-251. ACM.
  6. Breaux, T. D. and Ant ón, A. I. (2008). Analyzing regulatory rules for privacy and security requirements. IEEE Transactions on Software Engineering, 34(1):5-20.
  7. Breaux, T. D., Vail, M. W., and Ant ón, A. I. (2006). Towards regulatory compliance: Extracting rights and obligations to align requirements with regulations. In Proceedings of the International Conference on Requirements Engineering (RE), pages 46-55. IEEE.
  8. Brehm, R. (2012). Kryptographische Verfahren in Internetwahlsystemen. Technical report, Technical University of Darmstadt.
  9. Coˆté, I., Hatebur, D., Heisel, M., Schmidt, H., and Wentzlaff, I. (2008). A systematic account of problem frames. In Proceedings of the European Conference on Pattern Languages of Programs (EuroPLoP), pages 749-767. Universitätsverlag Konstanz.
  10. Federal Constitutional Court of Germany (2009). Verwendung von Wahlcomputern bei der Bundestagswahl 2005 verfassungswidrig.
  11. Hatebur, D. and Heisel, M. (2010). Making pattern- and model-based software development more rigorous. In Proceedings of 12th International Conference on Formal Engineering Methods, ICFEM 2010, Shanghai, China, LNCS 6447, pages 253-269. Springer.
  12. Hohfeld, W. N. (1917). Fundamental legal conceptions as applied in judicial reasoning. The Yale Law Journal, 26(8):710-770.
  13. Jackson, M. (2001). Problem Frames. Analyzing and structuring software development problems. AddisonWesley.
  14. Maxwell, J. C. and Antón, A. I. (2009). Developing production rule models to aid in acquiring requirements from legal texts. In Proceedings of the 2009 17th IEEE International Requirements Engineering Conference, RE, RE 7809, Washington, DC, USA. IEEE Computer Society.
  15. Otto, P. N. and Antón, A. I. (2007). Addressing legal requirements in requirements engineering. In Proceedings of the International Conference on Requirements Engineering. IEEE.
  16. Siena, A., Perini, A., and Susi, A. (2008). From laws to requirements. In Proceedings of the International Workshop on Requirements Engineering and Law (RELAW), pages 6-10. IEEE.
  17. Siena, A., Perini, A., Susi, A., and Mylopoulos, J. (2009). A meta-model for modelling law-compliant requirements. In Proceedings of the International Workshop on Requirements Engineering and Law (RELAW), pages 45-51. IEEE.
  18. Volkamer, M. (2009). Evaluation of Electronic Voting: Requirements and Evaluation Procedures to Support Responsible Election Authorities. Springer Publishing Company, 1st edition.
  19. Volkamer, M. and Vogt, R. (2008). Common Criteria Protection Profile for Basic set of security requirements for Online Voting Products. Bundesamt f”ur Sicherheit in der Informationstechnik.
Download


Paper Citation


in Harvard Style

Faßbender S. and Heisel M. (2013). From Problems to Laws in Requirements Engineering - Using Model-Transformation . In Proceedings of the 8th International Joint Conference on Software Technologies - Volume 1: ICSOFT-PT, (ICSOFT 2013) ISBN 978-989-8565-68-6, pages 447-458. DOI: 10.5220/0004490804470458


in Bibtex Style

@conference{icsoft-pt13,
author={Stephan Faßbender and Maritta Heisel},
title={From Problems to Laws in Requirements Engineering - Using Model-Transformation},
booktitle={Proceedings of the 8th International Joint Conference on Software Technologies - Volume 1: ICSOFT-PT, (ICSOFT 2013)},
year={2013},
pages={447-458},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004490804470458},
isbn={978-989-8565-68-6},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 8th International Joint Conference on Software Technologies - Volume 1: ICSOFT-PT, (ICSOFT 2013)
TI - From Problems to Laws in Requirements Engineering - Using Model-Transformation
SN - 978-989-8565-68-6
AU - Faßbender S.
AU - Heisel M.
PY - 2013
SP - 447
EP - 458
DO - 10.5220/0004490804470458