Compliance Requirements in Large-Scale Software Development: An Industrial Case Study
| Autor: | Usman, Muhammad, Felderer, Michael, Unterkalmsteiner, Michael, Klotins, Eriks, Mendez, Daniel, Alegroth, Emil |
|---|---|
| Rok vydání: | 2021 |
| Předmět: | |
| Zdroj: | 21st International Conference on Product-Focused Software Process Improvement, PROFES 2020, Turin, Italy, 25 November 2020 through 27 November 2020 |
| Druh dokumentu: | Working Paper |
| DOI: | 10.1007/978-3-030-64148-1_24 |
| Popis: | Regulatory compliance is a well-studied area, including research on how to model, check, analyse, enact, and verify compliance of software. However, while the theoretical body of knowledge is vast, empirical evidence on challenges with regulatory compliance, as faced by industrial practitioners particularly in the Software Engineering domain, is still lacking. In this paper, we report on an industrial case study which aims at providing insights into common practices and challenges with checking and analysing regulatory compliance, and we discuss our insights in direct relation to the state of reported evidence. Our study is performed at Ericsson AB, a large telecommunications company, which must comply to both locally and internationally governing regulatory entities and standards such as GDPR. The main contributions of this work are empirical evidence on challenges experienced by Ericsson that complement the existing body of knowledge on regulatory compliance. Comment: Full research paper accepted at International Conference on Product-Focused Software Process Improvement 2020 |
| Databáze: | arXiv |
| Externí odkaz: |
|