References of "Sabetzadeh, Mehrdad 50002966"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailEvidence management for compliance of critical systems with safety standards: A survey on the state of practice
Nair, Sunil; de la Vara, Jose Luis; Sabetzadeh, Mehrdad UL et al

in Information and Software Technology (2015), 60

Context Demonstrating compliance of critical systems with safety standards involves providing convincing evidence that the requirements of a standard are adequately met. For large systems, practitioners ... [more ▼]

Context Demonstrating compliance of critical systems with safety standards involves providing convincing evidence that the requirements of a standard are adequately met. For large systems, practitioners need to be able to effectively collect, structure, and assess substantial quantities of evidence. Objective This paper aims to provide insights into how practitioners deal with safety evidence management for critical computer-based systems. The information currently available about how this activity is performed in the industry is very limited. Method We conducted a survey to determine practitioners’ perspectives and practices on safety evidence management. A total of 52 practitioners from 15 countries and 11 application domains responded to the survey. The respondents indicated the types of information used as safety evidence, how evidence is structured and assessed, how evidence evolution is addressed, and what challenges are faced in relation to provision of safety evidence. Results Our results indicate that (1) V&V artefacts, requirements specifications, and design specifications are the most frequently used safety evidence types, (2) evidence completeness checking and impact analysis are mostly performed manually at the moment, (3) text-based techniques are used more frequently than graphical notations for evidence structuring, (4) checklists and expert judgement are frequently used for evidence assessment, and (5) significant research effort has been spent on techniques that have seen little adoption in the industry. The main contributions of the survey are to provide an overall and up-to-date understanding of how the industry addresses safety evidence management, and to identify gaps in the state of the art. Conclusion We conclude that (1) V&V plays a major role in safety assurance, (2) the industry will clearly benefit from more tool support for collecting and manipulating safety evidence, and (3) future research on safety evidence management needs to place more emphasis on industrial applications. [less ▲]

Detailed reference viewed: 176 (8 UL)
Full Text
Peer Reviewed
See detailAssessing IT Security Standards Against the Upcoming GDPR for Cloud Systems
Bartolini, Cesare UL; Gheorghe, Gabriela UL; Giurgiu, Andra UL et al

Poster (2015, March 11)

This work in progress aims at identifying a mapping between the current security standards (in particular, but not limited to, ISO 27001-2013) and the upcoming regulations in data protection. The aim is ... [more ▼]

This work in progress aims at identifying a mapping between the current security standards (in particular, but not limited to, ISO 27001-2013) and the upcoming regulations in data protection. The aim is to find an overlap between the requirements for data protection and the existing security standards, to measure the gap that a business has to cross (and consequently an estimate of the expenses that it must sustain) to achieve compliance with the GDPR. [less ▲]

Detailed reference viewed: 1965 (46 UL)
Full Text
Peer Reviewed
See detailA Model-Based Framework for Probabilistic Simulation of Legal Policies
Soltana, Ghanem UL; Sannier, Nicolas UL; Sabetzadeh, Mehrdad UL et al

in 18th ACM/IEEE International Conference on Model Driven Engineering Languages and Systems (MODELS'15) (2015)

Legal policy simulation is an important decision-support tool in domains such as taxation. The primary goal of legal policy simulation is predicting how changes in the law affect measures of interest, e.g ... [more ▼]

Legal policy simulation is an important decision-support tool in domains such as taxation. The primary goal of legal policy simulation is predicting how changes in the law affect measures of interest, e.g., revenue. Currently, legal policies are simulated via a combination of spreadsheets and software code. This poses a validation challenge both due to complexity reasons and due to legal experts lacking the expertise to understand software code. A further challenge is that representative data for simulation may be unavailable, thus necessitating a data generator. We develop a framework for legal policy simulation that is aimed at addressing these challenges. The framework uses models for specifying both legal policies and the probabilistic characteristics of the underlying population. We devise an automated algorithm for simulation data generation. We evaluate our framework through a case study on Luxembourg's Tax Law. [less ▲]

Detailed reference viewed: 274 (45 UL)
Full Text
Peer Reviewed
See detailImproving Requirements Glossary Construction via Clustering: Approach and Industrial Case Studies
Arora, Chetan UL; Sabetzadeh, Mehrdad UL; Briand, Lionel UL et al

in 8th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM 2014) (2014, September)

Context. A glossary is an important part of any software requirements document. By making explicit the technical terms in a domain and providing definitions for them, a glossary serves as a helpful tool ... [more ▼]

Context. A glossary is an important part of any software requirements document. By making explicit the technical terms in a domain and providing definitions for them, a glossary serves as a helpful tool for mitigating ambiguities. Objective. A necessary step for building a glossary is to decide upon the glossary terms and to identify their related terms. Doing so manually is a laborious task. Our objective is to provide automated support for identifying candidate glossary terms and their related terms. Our work differs from existing work on term extraction mainly in that, instead of providing a flat list of candidate terms, our approach \emph{clusters} the terms by relevance. Method. We use case study research as the basis for our empirical investigation. Results. We present an automated approach for identifying and clustering candidate glossary terms. We evaluate the approach through two industrial case studies; one study concerns a satellite software component, and the other -- an evidence management tool for safety certification. Conclusion. Our results indicate that over requirements documents: (1) our approach is more accurate than other existing methods for identifying candidate glossary terms; this makes it less likely that our approach will miss important glossary terms. (2) Clustering provides an effective basis for grouping related terms; this makes clustering a useful support tool for selection of glossary terms and associating these terms with their related terms. [less ▲]

Detailed reference viewed: 267 (30 UL)
Full Text
Peer Reviewed
See detailAutomated Detection and Resolution of Legal Cross References: Approach and a Study of Luxembourg's Legislation
Adedjouma, Morayo UL; Sabetzadeh, Mehrdad UL; Briand, Lionel UL

in 22nd IEEE International Requirements Engineering Conference (2014, August 25)

Detailed reference viewed: 252 (26 UL)
Full Text
Peer Reviewed
See detailRequirement Boilerplates: Transition From Manually-Enforced to Automatically-Verifiable Natural Language Patterns
Arora, Chetan UL; Sabetzadeh, Mehrdad UL; Briand, Lionel UL et al

in Requirements Patterns (RePa), 2014 IEEE 4th International Workshop on (2014, August)

By enforcing predefined linguistic patterns on requirements statements, boilerplates serve as an effective tool for mitigating ambiguities and making Natural Language requirements more amenable to ... [more ▼]

By enforcing predefined linguistic patterns on requirements statements, boilerplates serve as an effective tool for mitigating ambiguities and making Natural Language requirements more amenable to automation. For a boilerplate to be effective, one needs to check whether the boilerplate has been properly applied. This should preferably be done automatically, as manual checking of conformance to a boilerplate can be laborious and error prone. In this paper, we present insights into building an automatic solution for checking conformance to requirement boilerplates using Natural Language Processing (NLP). We present a generalizable method for casting requirement boilerplates into automated NLP pattern matchers and reflect on our practical experience implementing automated checkers for two well-known boilerplates in the RE community. We further highlight the use of NLP for identification of several problematic syntactic constructs in requirements which can lead to ambiguities. [less ▲]

Detailed reference viewed: 292 (29 UL)
Full Text
Peer Reviewed
See detailAn Extended Systematic Literature Review on Provision of Evidence for Safety Certification
Nair, Sunil; de la Vara, Jose Luis; Sabetzadeh, Mehrdad UL et al

in Information and Software Technology (2014), 56(7), 689717

Detailed reference viewed: 259 (20 UL)
Full Text
Peer Reviewed
See detailTraceability and SysML Design Slices to Support Safety Inspections: A Controlled Experiment
Briand, Lionel UL; Falessi, Davide; Nejati, Shiva UL et al

in ACM Transactions on Software Engineering and Methodology (2014), 23(1),

Detailed reference viewed: 245 (50 UL)
Full Text
Peer Reviewed
See detailUsing UML for Modeling Procedural Legal Rules: Approach and a Study of Luxembourg’s Tax Law
Soltana, Ghanem UL; Fourneret, Elizabeta; Adedjouma, Morayo UL et al

in 17th ACM/IEEE International Conference on Model Driven Engineering Languages and Systems (MODELS'14) (2014)

Many laws, e.g., those concerning taxes and social benefits, need to be operationalized and implemented into public administration procedures and eGovernment applications. Where such operationalization is ... [more ▼]

Many laws, e.g., those concerning taxes and social benefits, need to be operationalized and implemented into public administration procedures and eGovernment applications. Where such operationalization is warranted, the legal frameworks that interpret the underlying laws are typically prescriptive, providing procedural rules for ensuring legal compliance. We propose a UML-based approach for modeling pro- cedural legal rules. With help from legal experts, we investigate actual legal texts, identifying both the information needs and sources of com- plexity in the formalization of procedural legal rules. Building on this study, we develop a UML profile that enables more precise modeling of such legal rules. To be able to use logic-based tools for compliance analysis, we automatically transform models of procedural legal rules into the Object Constraint Language (OCL). We report on an application of our approach to Luxembourg’s Income Tax Law providing initial evidence for the feasibility and usefulness of our approach. [less ▲]

Detailed reference viewed: 329 (73 UL)
Full Text
Peer Reviewed
See detailAutomatic Checking of Conformance to Requirement Boilerplates via Text Chunking: An Industrial Case Study
Arora, Chetan UL; Sabetzadeh, Mehrdad UL; Briand, Lionel UL et al

in 7th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM 2013) (2013, October)

Detailed reference viewed: 264 (37 UL)
Full Text
Peer Reviewed
See detailRUBRIC: A Flexible Tool for Automated Checking of Conformance to Requirement Boilerplates
Arora, Chetan UL; Sabetzadeh, Mehrdad UL; Briand, Lionel UL et al

in 9th joint meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE 2013) (2013, August)

Detailed reference viewed: 248 (31 UL)
Full Text
Peer Reviewed
See detailClassification, structuring, and assessment of evidence for safety: A systematic literature review
Nair, Sunil; de la Vara, Jose; Sabetzadeh, Mehrdad UL et al

in International Conference on Software Testing, Verification, and Validation, Luxembourg 2013 (2013)

Detailed reference viewed: 210 (14 UL)
Full Text
Peer Reviewed
See detailSupporting the Verification of Compliance to Safety Standards via Model-Driven Engineering: Approach, Tool-Support and Empirical Validation
Panesar-Walawege, Rajwinder; Sabetzadeh, Mehrdad UL; Briand, Lionel UL

in Information and Software Technology (2013), 55(1), 836-864

Detailed reference viewed: 216 (35 UL)
Full Text
Peer Reviewed
See detailPWWM: A Personal Web Workflow Methodology
Chechik, Marsha; Simmonds, Jocelyn; Liaskos, Sotirios et al

in Chignell, M.; Cordy, J.; Kealey, R. (Eds.) et al The Personal Web (2013)

Detailed reference viewed: 129 (11 UL)
Full Text
Peer Reviewed
See detailA Goal-Based Approach for Qualification of New Technologies: Foundations, Tool Support, and Industrial Validation
Sabetzadeh, Mehrdad UL; Falessi, Davide; Briand, Lionel UL et al

in Reliability Engineering & System Safety (2013), 119

Detailed reference viewed: 200 (19 UL)
Full Text
Peer Reviewed
See detailResearch-Based Innovation: A Tale of Three Projects in Model-Driven Engineering
Briand, Lionel UL; Falessi, Davide; Nejati, Shiva UL et al

in 15th ACM/IEEE International Conference Model Driven Engineering Languages and Systems (2012)

Detailed reference viewed: 182 (9 UL)
Full Text
Peer Reviewed
See detailMatching and Merging of Variant Feature Specifications.
Nejati, Shiva UL; Sabetzadeh, Mehrdad UL; Chechik, Marsha et al

in IEEE Transactions on Software Engineering (2012), 38(6), 1355-1375

Detailed reference viewed: 147 (5 UL)
Full Text
Peer Reviewed
See detailPlanning for Safety Standards Compliance: A Model-Based Tool-Supported Approach
Falessi, Davide; Sabetzadeh, Mehrdad UL; Briand, Lionel UL et al

in IEEE Software (2012), 29(3), 64-70

Detailed reference viewed: 209 (13 UL)
Full Text
Peer Reviewed
See detailModeling and Analysis of CPU Usage in Safety-Critical Embedded Systems to Support Stress Testing
Nejati, Shiva UL; Di Alesio, Stefano; Sabetzadeh, Mehrdad UL et al

in 15th ACM/IEEE International Conference on Model Driven Engineering Languages & Systems (2012)

Detailed reference viewed: 220 (9 UL)