A machine learning approach for tracing regulatory codes to product specific requirements

@article{ClelandHuang2010AML,
  title={A machine learning approach for tracing regulatory codes to product specific requirements},
  author={Jane Cleland-Huang and Adam Czauderna and Marek Gibiec and John Emenecker},
  journal={2010 ACM/IEEE 32nd International Conference on Software Engineering},
  year={2010},
  volume={1},
  pages={155-164}
}
Regulatory standards, designed to protect the safety, security, and privacy of the public, govern numerous areas of software intensive systems. Project personnel must therefore demonstrate that an as-built system meets all relevant regulatory codes. Current methods for demonstrating compliance rely either on after-the-fact audits, which can lead to significant refactoring when regulations are not met, or else require analysts to construct and use traceability matrices to demonstrate compliance… 

Figures and Tables from this paper

Tackling the term-mismatch problem in automated trace retrieval
TLDR
Three query augmentation techniques for addressing the term mismatch problem and improving the quality of trace links generated between regulatory codes and requirements are described and compared.
Automated training-set creation for software architecture traceability problem
TLDR
The results indicate that automated techniques can create a reliable training set for the problem of tracing architectural tactics and investigate the impact of training set size on the accuracy of recovering trace links.
Towards the automatic classification of traceability links
  • Chris Mills
  • Computer Science
    2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE)
  • 2017
TLDR
Preliminary results show that this approach has promise for accurately recommending valid links and there are several challenges that still must be addressed in order to achieve a technique with high enough performance to consider it a viable, completely automated solution.
Trace-by-classification: A machine learning approach to generate trace links for frequently occurring software artifacts
TLDR
The purpose of this paper is to release a publicly available TraceLab experiment including reusable and modifiable components as well as associated datasets, and to establish baseline results that would encourage further experimentation.
Using traceability links to identifying potentially erroneous artifacts during regulatory reviews
TLDR
An automated mechanism is proposed, which utilizes traceability information to identify lists of related software artifacts that are similar to those involved in the reported errors, either during pre- or post-market review.
Empirical Study of Training-Set Creation for Software Architecture Traceability Methods
TLDR
The results of this area of study indicate that the automated techniques, capable of creating very large training sets, allow for sufficient reliability in the problem of tracing architectural tactics, indicates that these automated methods have potential applications in other areas of software traceability.
A tactic-centric approach for automating traceability of quality concerns
TLDR
This paper presents a novel approach for automating the construction of traceability links for architectural tactics using machine learning methods and lightweight structural analysis to detect tactic-related classes and train the trace algorithm using code extracted from performance-centric and safety-critical open source software systems.
INCREMENT: A Mixed MDE-IR Approach for Regulatory Requirements Modeling and Analysis
TLDR
The Connexion metamodel is presented that provides a canvas for the definition and capitalization of the nuclear regulatory requirements domain and an hybrid MDE/IR-based approach, named INCREMENT, for acquiring, modeling and analyzing these regulatory requirements.
Information Retrieval Methods for Automated Traceability Recovery
TLDR
This chapter overviews a general process of using IR-based methods for traceability link recovery and overview some of them in a greater detail: probabilistic, vector space, and Latent Semantic Indexing models.
An Approach for Discovering Traceability Links between Regulatory Documents and Source Code Through User-Interface Labels
TLDR
A traceability approach based on the intuition that the regulatory documents and the user-interface of the corresponding software applications are very close is presented, which shows that most important regulatory pieces of information appear in the graphical user- interface because the end-users in those application domains care about the regulation.
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 37 REFERENCES
Analyzing Regulatory Rules for Privacy and Security Requirements
TLDR
The methodology provides statement-level coverage for an entire regulatory document to consistently identify and infer six types of data access constraints, handle complex cross references, resolve ambiguities, and assign required priorities between access rights and obligations to avoid unlawful information disclosures.
Improving automated requirements trace retrieval: a study of term-based enhancement methods
TLDR
This paper investigates and compares three term-based enhancement methods that are designed to improve the performance of a probabilistic automated tracing tool and presents two new project-level metrics which can be used to predict the effectiveness of each enhancement method for a given data set.
Automated classification of non-functional requirements
TLDR
The approach is used to detect and classify stakeholders’ quality concerns across requirements specifications containing scattered and non-categorized requirements, and also across freeform documents such as meeting minutes, interview notes, and memos.
A Framework for Comparing Requirements Tracing Experiments
TLDR
An experimental framework for evaluating requirements tracing and traceability studies is presented and suggestions on how the field of tracing and Traceability research may move to a more mature level are provided.
Software Traceability : A Roadmap
TLDR
A roadmap of research and practices related to software traceability is presented and issues that are still open for further research are identified to improve the quality of software systems.
Clustering support for automated tracing
TLDR
This paper evaluates and compares the effectiveness of several existing clustering methods to support traceability; describes a technique for incorporating them into the automated traceability process; and proposes new techniques based on the concepts of theme cohesion and coupling to dynamically identify optimal clustering granularity.
Toward Reference Models of Requirements Traceability
TLDR
Four kinds of traceability link types are identified and critical issues that must be resolved for implementing each type and potential solutions are discussed, and implications for the design of next-generation traceability methods and tools are discussed and illustrated.
Utilizing supporting evidence to improve dynamic requirements traceability
TLDR
Experimental results indicate that enhancement strategies can be used effectively to improve trace retrieval results thereby increasing the practicality of utilizing dynamic trace retrieval methods.
Advancing candidate link generation for requirements tracing: the study of methods
TLDR
This paper defines goals for a tracing tool based on analyst responsibilities in the tracing process, introduces several new measures for validating that the goals have been satisfied, and presents a prototype tool that is built, RETRO (REquirements TRacing On-target), to address these goals.
...
1
2
3
4
...