Logo des Repositoriums

Auflistung nach Schlagwort "Regulatory compliance"

1 - 2 von 2
  • Konferenzbeitrag
    Cyber Security and Software Update management system for connected vehicles in compliance with UNECE WP.29, R155 and R156
    (Software Engineering 2023 Workshops, 2023) Bohara, Rohit; Ross, Mirko; Rahlfs, Sven; Ghatta, Sara
    Code is the new fuel of a modern car. Almost every aspect of a car is controlled and managed by software running in electronic control units (ECU). This has led to enormous complexity in automotive software. To put this in perspective, automotive software has grown from few 100 lines of code to 100 million in a span of 40 years. Additionally, inherent convolution in the automotive software supply chain introduces its own set of problems for cyber security and safety of a car. The research paper proposes a pioneered approach for cyber security and software update management to transform the automotive software engineering principles. It aims to strengthen the security of automotive software, bring transparency in the software supply chain and establishes regulatory compliance management processes by design.
  • Zeitschriftenartikel
    Personal data management inside and out
    (Enterprise Modelling and Information Systems Architectures (EMISAJ) – International Journal of Conceptual Modeling: Vol. 15, Nr. 9, 2020) Labadie, Clément; Legner, Christine
    Personal data is increasingly positioned as a valuable asset. While individuals generate and expose ever-expanding volumes of personal information online, certain tech companies have built their business models on the personal data they gather. In this context, lawmakers are revising data protection regulations in order to provide individuals with enhanced rights and set new rules regarding the way corporations collect, manage, and share personal information. We argue that recent data protection regulatory frameworks such as the European Union’s General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA) are fundamentally about data management. Yet, there have been no attempts to analyze the regulations in terms of their implications on the data life cycle. In this paper, we systematically analyze the GDPR and the CCPA, and identify their implications on the data life cycle. To synthesize our findings, we propose a semi-formal notation of the resulting changes on the personal data life cycle, in the form of a process and data model governed by business rules, consolidated in a reference personal data life cycle model for data protection. To the best of our knowledge, this study represents one of the first attempts to provide a data-centric view on data protection regulatory requirements.