Important tasks in requirement engineering are resolving requirements inconsistencies between regulators and developers of safety-critical computer systems, and the validation of regulatory requirements. This paper proposes a new approach to the regulatory process, including formulating requirements and elaborating methods for their assessment. We address the differences between prescriptive and nonprescriptive regulation, and suggest a middle approach. Also introduced is the notion of a normative package as the collection of documents to be used by a regulator and provided to a developer. It is argued that the normative package should include not only regulatory requirements but also methods of their assessment. We propose the use of formal regulatory requirements as a basis for development of software assessment methods. This approach is illustrated with examples of requirements for protecting computer control systems against unauthorized access, using the Z notation as the method of formalization. © Springer-Verlag Berlin Heidelberg 2004.
CITATION STYLE
Vilkomir, S. A., & Ghose, A. K. (2004). Development of a normative package for safety-critical software using formal regulatory requirements. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 3009, 523–537. https://doi.org/10.1007/978-3-540-24659-6_38
Mendeley helps you to discover research relevant for your work.