State of the art. 2.1 Regulatory and legal compliance In a broad definition, compliance is the conformance of human or artificial behaviour with a set of rules, norms, principles, or values. In the Internet of Things (IoT), compliance has also been bootstrapped, because if humans must be compliant, so must be cyber-physical systems (CPS), autonomous and intelligent systems (AI/S), socio-technical systems (STS), and socio-cognitive technical systems (SCTS). Regulatory and legal compliance should be carefully distinguished. Regulatory compliance refers to the concept, languages and methodologies developed within the business, commercial and corporate fields to design, control and monitor in advance business processes and activities. Legal compliance refers to the formal developments that can be deemed ‘legal’ according to the norms, principles, and jurisdictions of regional, national, international, and transnational legal systems. They certainly converge, but the meanings of the two notions should be kept separate, as some requirements must be added for legal compliance be accorded from official bodies. This is linked to the Compliance by Design (CbD) schemes that have been developed in the corporate business field since the beginning of the century to cope with the constraints set by the ▇▇▇▇▇▇▇▇-▇▇▇▇▇ Act (2002), a US Federal law that laid down new requirements for public company boards and accounting firms. There is some confusion ins this regard. In computer science literature regulatory compliance also denotes “the act and process on ensuring adherence to laws” that involves “discovering, extracting and representing different requirements from laws and regulations that affect a business process.” (▇▇▇▇▇▇▇ et al., 2015). In the past twenty years, several formal languages have been developed to carry out these tasks, following a variety of methodologies and techniques described many times in the literature on the subject, within four main fields: (i) deontic logic (temporal deontic logic and computational tree logic), (ii) Petri nets, (iii) graph-based business modelling—BPMN, event-driven process chain (EPC diagrams), unified modelling language (UM)—, (iii) goal-oriented languages, (iv) and languages for the semantic web (legalXML, legalRuleML). Figure 1 maps these different trends. Figure 1. Languages for business compliance models. SDL: Standard Deontic Logic, CTL: Computer Tree Logic, BPMN: Business Process Model and Notation, EPC: Event-driven Process Chain, UML: Unified Modeling Language
Appears in 2 contracts
Sources: Grant Agreement, Grant Agreement