Compliance Requirements in Large-Scale Software Development: An Industrial Case StudyShow others and affiliations
2020 (English)In: Lecture Notes in Computer Science / [ed] Morisio M.,Torchiano M.,Jedlitschka A., Springer-Verlag Tokyo Inc., 2020, Vol. 12562, p. 385-401Conference paper, Published paper (Refereed)
Abstract [en]
Regulatory compliance is a well-studied area, including research on how to model, check, analyse, enact, and verify compliance of software. However, while the theoretical body of knowledge is vast, empirical evidence on challenges with regulatory compliance, as faced by industrial practitioners particularly in the Software Engineering domain, is still lacking. In this paper, we report on an industrial case study which aims at providing insights into common practices and challenges with checking and analysing regulatory compliance, and we discuss our insights in direct relation to the state of reported evidence. Our study is performed at Ericsson AB, a large telecommunications company, which must comply to both locally and internationally governing regulatory entities and standards such as GDPR. The main contributions of this work are empirical evidence on challenges experienced by Ericsson that complement the existing body of knowledge on regulatory compliance. © 2020, Springer Nature Switzerland AG.
Place, publisher, year, edition, pages
Springer-Verlag Tokyo Inc., 2020. Vol. 12562, p. 385-401
Series
Lecture Notes in Computer Science, ISSN 03029743, E-ISSN 16113349
Keywords [en]
Empirical study, Regulatory compliance, Privacy by design, Process engineering, Software design, Telecommunication industry, Body of knowledge, Ericsson, Industrial case study, Industrial practitioners, Software engineering domain, Compliance control
National Category
Software Engineering
Identifiers
URN: urn:nbn:se:bth-20886DOI: 10.1007/978-3-030-64148-1_24ISI: 000766320200024Scopus ID: 2-s2.0-85097638984ISBN: 9783030641474 (print)OAI: oai:DiVA.org:bth-20886DiVA, id: diva2:1514431
Conference
21st International Conference on Product-Focused Software Process Improvement, PROFES 2020, Turin, Italy, 25 November 2020 through 27 November 2020
Part of project
SERT- Software Engineering ReThought, Knowledge Foundation
Funder
Knowledge Foundation, 201900812021-01-052021-01-052023-01-02Bibliographically approved