Towards Comprehensive Legislative Requirements for Cyber Physical Systems Testing in the European Union

Guillaume Nguyen,Manon Knockaert,Michael Lognoul,Xavier Devroey
2024-12-05
Abstract:While procedures prevail on the European market for the greater good of its citizens, it might be daunting when trying to introduce a product, whether innovative or not. In the current world, Cyber-Physical Systems (CPSs) are ubiquitous in our daily lives. Cars can provide intrusive assistance as they can brake or turn wheels on their own, buildings are getting smarter to optimize energy consumption, smart cities are emerging to facilitate information sharing and orchestrate the response to emergency situations, etc. As the presence of such tools will grow in the coming years and people will rely even more on CPSs, we certainly need to ensure that they are safe and reliable for users or everybody else, which is why regulations are so important. However, compliance should not act as a barrier to new actors coming to the European market. Nor should it prevent current actors from keeping systems deemed compliant when introduced while obsolete at the time they are used. While the individual elements we point out might not bring novelty in the various research areas we cover (EU policies, requirements engineering, business engineering, and software engineering), this paper identifies the challenges related to building and testing a CPS with respect to applicable laws and discusses the difficulty of automating the response to those challenges, such as finding a relevant legal text, paying for mentioned materials or identifying the level of compliance to a legal text. Our analysis of the holistic context when considering the compliance testing of CPS provides an overview enabling more effective decision-making as well.
Software Engineering,Computers and Society,Systems and Control
What problem does this paper attempt to address?
The problem that this paper attempts to solve is: How to establish a comprehensive legislative requirement testing framework for Cyber - Physical Systems (CPS) in the EU market to ensure the security and compliance of these systems, while avoiding setting an overly high compliance threshold for new companies entering the market and ensuring that existing systems still meet regulatory requirements during use. Specifically, the paper mainly focuses on the following aspects: 1. **Security and Reliability of CPS**: With the wide application of CPS in daily life, such as the automatic braking system in cars, energy optimization in smart buildings, and information sharing in smart cities, it becomes crucial to ensure the security and reliability of these systems. Therefore, corresponding regulations need to be formulated to safeguard users' safety. 2. **Regulatory Compliance**: In order to ensure the legality and security of CPS in the EU market, EU laws and regulations must be adhered to. However, existing regulations may not be detailed enough to be directly used for technical testing. Therefore, a method is required to transform high - level legal texts into specific testing requirements and maintain traceability with legal texts. 3. **Automated Compliance Checking**: To improve efficiency and reduce human errors, researchers have explored how to utilize existing technologies and research results to achieve automated checking of CPS compliance. This includes automatically parsing legal documents, extracting rights and obligations, generating test cases, etc. 4. **Coordination of Regulations and Standards**: The paper also discusses the challenges faced by EU standardization bodies (such as CEN, CENELEC, and ETSI) in the process of formulating standards applicable to CPS, and how to improve the collaboration between these bodies and the European Commission to better support CPS compliance testing. In summary, this paper aims to propose a systematic method to help engineers conduct CPS compliance testing by analyzing relevant regulations, standards, and technical tools, thereby ensuring the security and legality of these systems in the EU market.