Powered by
2014 IEEE 7th International Workshop on Requirements Engineering and Law (RELAW),
August 26, 2014,
Karlskrona, Sweden
2014 IEEE 7th International Workshop on Requirements Engineering and Law (RELAW)
Frontmatter
Preface
The Seventh International Workshop on Requirements Engineering and Law (RELAW'14) is a multi-disciplinary, one-day workshop that brings together practitioners and researchers from two domains: Requirements Engineering and Law, with the objective of fostering discussion related to requirements engineering for systems governed by any legal regulation, policy, or law.
Keynote
An Open Source Perspective on Innovative Societal Applications and Policy Making (Keynote)
Cedric Thomas
(OW2 Paris, France)
This keynote address takes the perspective of open source
software to look at some of the policy issues arising from the
ever increasing impact of software systems on people's lives. It
contends that open source can facilitate public regulation by
fostering open cooperation and counter-balancing current
oligopoly and vertical integration trends in the IT industry.
Thirty years ago, Richard Stallman, and then the Free
Software Foundation, invented free software, an efficient
techno-legal construct to share code development efforts with
traces of anti-monopolistic values. Thanks to new permissive
licenses some 15 years later, free software was forked into
open source – a business movement and outsider's strategy par
excellence. And now, a third kind of open source is emerging,
driving innovation as IT applications become increasingly
social, diverse and complex. Developers "scratching an itch”,
investors copying leaders in existing market segments, and
committees exploring new grounds, requirement management
are always a reflection of current industry drivers. Moreover,
while dominant vertically integrated oligopolistic players with
no incentive for transparency nor regulation are re-shaping the
IT industry and our digital economy, open source
collaborative R&D provides an alternative evolution path
based on open standards and componentized software stacks.
Identifying the issues at stake and implementing the
mechanisms to interact with the industry, without interfering
with market forces, are some of the greatest challenges facing
policy makers.
@InProceedings{RELAW14p1,
author = {Cedric Thomas},
title = {An Open Source Perspective on Innovative Societal Applications and Policy Making (Keynote)},
booktitle = {Proc.\ RELAW},
publisher = {IEEE},
pages = {1--1},
doi = {},
year = {2014},
}
Compliance in Practice
Experiences from an Industry-Wide Initiative for Setting Metadata for Regulatory Requirements in the Nuclear Domain
Eero Uusitalo, Mikko Raatikainen, Mikko Ylikangas, and Tomi Männistö
(Aalto University, Finland; University of Helsinki, Finland)
Abstract—The industrial organizations involved in developing and maintaining nuclear power plants need to comply with the requirements coming from the legislative regulation. In the newly renewed Finnish guidelines, there are over 6500 such requirements, which are not always easy to interpret. The industrial stakeholders particularly find the situation highly challenging. Therefore, the Finnish nuclear industry and regulators formed a joint task force to clarify the new requirements by attaching metadata to regulatory requirements. We observed the work process and created tooling to support this work. We present the initial results of the ongoing work of the task force at its halfway milestone, the KLAD tool and experiences on its usage. In the process of setting metadata, the industrial stakeholders reported increasing understanding of the content meaning of the requirements, and regulatory requirement authors learned about writing good requirements. The tool was successful, and in addition, it provides good opportunities for further analysis of the requirements and metadata.
@InProceedings{RELAW14p2,
author = {Eero Uusitalo and Mikko Raatikainen and Mikko Ylikangas and Tomi Männistö},
title = {Experiences from an Industry-Wide Initiative for Setting Metadata for Regulatory Requirements in the Nuclear Domain},
booktitle = {Proc.\ RELAW},
publisher = {IEEE},
pages = {2--9},
doi = {},
year = {2014},
}
Current and Necessary Insights into SACM: An Analysis Based on Past Publications
Jose Luis de la Vara
(Simula Research Laboratory, Norway)
SACM (Structured Assurance Case Metamodel) is a standard for assurance case creation and exchange. Although it is a promising initiative towards providing common system assurance practices and improving them, the document of the standard provides little information about how to use SACM, its benefits, and its limitations. Consequently, it is difficult to determine what SACM can be used for and what needs to be investigated about the standard. This position paper aims to address this issue by reviewing 28 publications that have referred to SACM. Based on the insights gained, we propose a set of aspects that need to be further studied. This information can be valuable for anyone interested in the standard.
@InProceedings{RELAW14p10,
author = {Jose Luis de la Vara},
title = {Current and Necessary Insights into SACM: An Analysis Based on Past Publications},
booktitle = {Proc.\ RELAW},
publisher = {IEEE},
pages = {10--13},
doi = {},
year = {2014},
}
A Critical Analysis of Legal Requirements Engineering from the Perspective of Legal Practice
Guido Boella, Llio Humphreys, Robert Muthuri, Piercarlo Rossi, and Leendert van der Torre
(University of Torino, Italy; University of Luxembourg, Luxembourg; University of Eastern Piedmont, Italy)
This paper reviews existing approaches to representing legal knowledge for legal requirements engineering. Legal requirement methodologies are rarely developed together with legal practitioners, with the result that often approaches are based on a simplified
view of law which prevents their acceptance by legal practitioners. In this paper, we analyse how legal practitioners build legal knowledge and possibilities for existing approaches in RELaw to mirror legal practice.
@InProceedings{RELAW14p14,
author = {Guido Boella and Llio Humphreys and Robert Muthuri and Piercarlo Rossi and Leendert van der Torre},
title = {A Critical Analysis of Legal Requirements Engineering from the Perspective of Legal Practice},
booktitle = {Proc.\ RELAW},
publisher = {IEEE},
pages = {14--21},
doi = {},
year = {2014},
}
New Theoretical Directions
The Thing Itself Speaks: Accountability as a Foundation for Requirements in Sociotechnical Systems
Amit K. Chopra and Munindar P. Singh
(Lancaster University, UK; North Carolina State University, USA)
We consider sociotechnical systems (STSs) that facilitate social interaction among autonomous principals (either humans or organizations). Although accountability is a foundational concept in such systems, established requirements engineering methods do not support accountability in the broad sense of calling to account of one party by another. To address this shortcoming, we propose the notion of accountability requirement. Further, we claim that to model an STS means to precisely capture the accountability requirements between its principals.
@InProceedings{RELAW14p22,
author = {Amit K. Chopra and Munindar P. Singh},
title = {The Thing Itself Speaks: Accountability as a Foundation for Requirements in Sociotechnical Systems},
booktitle = {Proc.\ RELAW},
publisher = {IEEE},
pages = {22--22},
doi = {},
year = {2014},
}
The Role of Power in Legal Compliance
Robert Muthuri, Sepideh Ghanavati, André Rifaut, Llio Humphreys, and Guido Boella
(University of Torino, Italy; CRP Henri Tudor, Luxembourg; University of Luxembourg, Luxembourg)
Many jurisdictions devote a significant portion of their legislation to powers. This reality is yet to be reflected in Requirements Engineering (RE) where more familiar deontic notions have prevailed for years. We explore different kinds of power and crucial factors to be considered for modeling them.
@InProceedings{RELAW14p23,
author = {Robert Muthuri and Sepideh Ghanavati and André Rifaut and Llio Humphreys and Guido Boella},
title = {The Role of Power in Legal Compliance},
booktitle = {Proc.\ RELAW},
publisher = {IEEE},
pages = {23--24},
doi = {},
year = {2014},
}
On Lawful Disclosure of Personal User Data: What Should App Developers Do?
Yung Shin Van Der Sype and Walid Maalej
(KU Leuven, Belgium; University of Hamburg, Germany)
The proliferation of mobile devices and apps together with the increasing public interest in privacy and data protection matters necessitate a more careful precaution for legal compliance. As apps are becoming more popular, app developers can expect an increased scrutiny of privacy practices in the future. In this paper, we focus on the problem of the disclosure of personal data to third parties and the role of app developers to enhance user privacy and data protection in the app ecosystem. We discuss the EU data protection principles and apply them to the mobile app context. We then derive requirements and guidelines for app developers on how to contribute to the protection of their users’ data.
@InProceedings{RELAW14p25,
author = {Yung Shin Van Der Sype and Walid Maalej},
title = {On Lawful Disclosure of Personal User Data: What Should App Developers Do?},
booktitle = {Proc.\ RELAW},
publisher = {IEEE},
pages = {25--34},
doi = {},
year = {2014},
}
Models and Processes
Usability Issues for Systems Supporting Requirements Extraction from Legal Documents
Nicola Zeni and Luisa Mich
(University of Trento, Italy)
Usability as ease of use and learnability, is critical for systems supporting requirements elicitation for regulatory compliance. The main problem is that these systems have to analyze documents in a specialized natural language, a task that is far from being completely automated. Usability issues are also related to a variety of other characteristics of such systems. Reasons why an early adoption of usability practices is desirable and beneficial in their development are described. Main lessons learned in developing and applying a complex framework for requirements elicitation from regulatory documents are presented to illustrate some of the most relevant usability concerns.
@InProceedings{RELAW14p35,
author = {Nicola Zeni and Luisa Mich},
title = {Usability Issues for Systems Supporting Requirements Extraction from Legal Documents},
booktitle = {Proc.\ RELAW},
publisher = {IEEE},
pages = {35--38},
doi = {},
year = {2014},
}
Towards a Legal Compliance Verification Approach on the Procurement Process of IT Solutions for the Brazilian Federal Public Administration
Lamartine da Silva Barboza, Gilberto A. de A. Cysneiros Filho, and Ricardo A. C. de Souza
(Federal Rural University of Pernambuco, Brazil)
The Brazilian federal government regulates the process for procurement of Information Technology (IT) solutions through specific legislation named Regulatory Instruction - RI Nº 04/2010. This process consists of three phases: procurement planning, supplier selection and contract management. This work helps (i) specify and validate an approach for traceability between legal requirements and documents created in the procurement process of IT solutions; (ii) reduce manual work for the verification of legal compliance in the set of artifacts produced; and (iii) support activities of auditing and inspection during and after the procurement of IT solutions by the Brazilian federal government.
@InProceedings{RELAW14p39,
author = {Lamartine da Silva Barboza and Gilberto A. de A. Cysneiros Filho and Ricardo A. C. de Souza},
title = {Towards a Legal Compliance Verification Approach on the Procurement Process of IT Solutions for the Brazilian Federal Public Administration},
booktitle = {Proc.\ RELAW},
publisher = {IEEE},
pages = {39--40},
doi = {},
year = {2014},
}
proc time: 0.02