Aaron Massey

Assistant Professor — University of Maryland, Baltimore County

• Home
• About
• Publications
• Teaching
• Resume
• Advice
• Data
• Subscribe

You have to know how to accept rejection and reject acceptance.

— Ray Bradbury

Legal Requirements Metrics for Compliance Analysis

My dissertation examines how software engineers evaluate software requirements for compliance with laws and regulations and proposes legal requirements metrics to improve legal implementation readiness decision making. The main objective of this work is to help software engineers ensure that software complies with laws and regulations by developing empirically validated: (a) techniques for determining which requirements are legally implementation ready (LIR); (b) metrics to estimate which requirements are LIR automatically; and (c) a prototype tool supporting the identification of LIR requirements using legal requirements metrics. This work is the first to empirically examine the extent to which software engineers are able to accurately determine whether software requirements meet or exceed their legal obligations.

Download PDF

Outline

Chapter 1: Introduction

Introduces the problem and defines the research questions explored. Includes a discussion of the ethical motivations for this research.

Chapter 2: Background and Related Work

Describes the necessary background information for the problem domain and surveys related work in software engineering, requirements engineering, and legal analysis.

Chapter 3: Tracing Existing Requirements to Legislation

Describes the research methodology used to evaluate existing requirements for legal compliance and trace them to the pertinent subsections of the legislation to which they must comply.

Chapter 4: Defining Legal Requirements Metrics

Defines each legal requirement metric evaluated and outlines a basic algorithm for combining them to generate a legal implementation readiness decision.

Chapter 5: Validation Studies

Presents the validation methodologies and results used to evaluate the utility of the legal requirements metrics defined in Chapter 4.

Chapter 6: Conclusion

Concludes with a discussion of the limitations of legal requirements metrics, including threats to validity, a summary of contributions and potential future work in this area.

Appendix A: Materials for User Study

Provides the complete materials used to perform the user study evaluation of how software engineers assess legal implementation readiness for requirements.