As a Masters student in computer science, I have become very interested in the software engineering process.  Having gained significant industry experience it has become increasingly obvious that the software development processes used by many organizations are faulty.  As the initial activity in the software engineering process, requirements engineering is of paramount importance because failure to get the requirements right can result in system failures or total project failure.  In the context of regulatory compliance software requirements engineering is even more important due to the fact that companies may be sanctioned when their software systems fail to comply with law.

Over the past two decades software components have become an integral part of nearly all systems used by business, government, and nearly all organizations.  Over the past decade legislation and governance has been extended to cover more and more systems; for example, health care systems are now governed by the HIPAA (Health Insurance Portability and Accountability Act) and financial systems are now governed by GLBA (Gramm-Leach-Bliley Act) and SOX (Sarbanes-Oxley Act).  Requirements engineering has become an increasingly important and complex process within the context of these new regulations. 

To date, as a member of ThePrivacyPlace.org, I have conducted an extensive survey of the requirements engineering literature.  Specifically, I have examined requirements traceability; goal-based requirements engineering methods and models; obstacle based risk analysis; use case, misuse case, and abuse case risk mitigation methods.  My additional readings have focused on investigations of HIPAA violations, proposed electronic medical record solutions, privacy concerns, and many software compliance challenges.

My current focus is the processes and models used to engineer software requirements for systems and applications that must comply with Federal legislation.  This may include any extensions of the domain such as privacy, security, traceability, and risk analysis.  I currently work as a GRA (Graduate Research Assistant) funded on an NSF grant by Dr. Antón.