What is Continuous Compliance?
Artikel i vetenskaplig tidskrift, 2024

Safety and security are increasingly important in critical and smart systems. Original Equipment Manufacturers (OEMs) and suppliers are moving toward Over-the-Air (OTA) updates, bringing new benefits and challenges. Updating the software after production permits fixing bugs and improving functionalities from a safety and security point of view, but given that OTA updates will be increasingly frequent, we need tools and procedures capable of guaranteeing compliance with standards continuously, so that each new version of the software has the same security as the previous one. Although the need to comply with standards has been identified, the concept of continuous compliance has never been defined and characterized. In this paper, we present how compliance with standards can be ensured continuously. We provide a precise definition of continuous compliance, together with an overview of the main stakeholders, components, and steps. To achieve this objective, we analyzed academic and industrial points of view.

Codes

Companies

Security

Process control

Safety

Automotive engineering

Software

Författare

Tiziano Santilli

Gran Sasso Science Institute (GSSI)

Patrizio Pelliccione

Gran Sasso Science Institute (GSSI)

Rebekka Wohlrab

Chalmers, Data- och informationsteknik, Interaktionsdesign och Software Engineering

Ali Shahrokni

Systemite AB

IEEE Software

0740-7459 (ISSN) 19374194 (eISSN)

Vol. 41 4 134-142

Ämneskategorier

Programvaruteknik

Datorsystem

DOI

10.1109/MS.2023.3342974

Mer information

Senast uppdaterat

2024-06-18