Jeremy C. Maxwell
PhD Student
North Carolina State University
jcmaxwe + "the number three"@ncsu.edu
[home] | [publications] | [professional]
Conference Papers
[MA09a] Maxwell, J.C., and Antón, A.I., "Developing Production Rule Models to Aid in
Acquiring Requirements from Legal Texts", Proc. of the 17th Intl. IEEE Requirements Engineering Conf.,
Atlanta, 2009, pp. 101-110. |
Abstract
Regulatory compliance is an important consideration for requirements engineering because recent regulations impose costly penalties for noncompliance. This paper details how developing production rule models can aid in acquiring software requirements from regulatory texts. Production rules enable requirements engineers to gain valuable domain knowledge of a particular legal text by providing the ability to receive precise answers to a specific query. In particular, a production rule model facilitates communication between requirements engineers and legal domain experts , supports and augments requirements elicitation, and resolves ambiguity. Prior work in this area has failed to detail a precise methodology for translating a legal text into production rules, and considered using production rule models for aiding requirements elicitation and validation. This paper introduces our Production Rule Modeling methodology, and demonstrates this methodology using examples from a production rule model for four sections of the U.S. Heath Insurance Portability and Accountability Act (HIPAA).
Workshop Papers
[MA09b] Maxwell, J.C., and Antón, A.I., "Validating Existing Requirements for Compliance with Law Using a Production
Rule Model" Proc. of the 2nd Intl. IEEE Workshop on Requirements Engineering and the Law, Atlanta, 2009, pp. 1-6. |
Abstract
To ensure legal compliance, requirements engineers need tools to determine existing requirements’ compliance with relevant law. We propose using a production rule model for requirements engineers to query as they check software requirements for legal compliance. In this paper, we perform a case study using our approach to evaluate the iTrust Medical Records System requirements for compliance with the U.S. Health Insurance Portability and Accountability Act (HIPAA). We identify 12 new compliance requirements beyond the 63 functional requirements with which we began our analysis.
NOTE: Papers are in PDF format.
All material, unless otherwise noted,
(c) Jeremy Maxwell, 2008-09.
The material located on this site is not endorsed, sponsored or provided by or on behalf of North Carolina State University.
