Abstract
Metrics have been applied in software engineering to manage the complexity of program code. This paper explores a new application area of the classic software engineering metrics to determine the complexity of compliance rules in business processes. Despite the critical voices noting the rather weak theoretical foundation, metrics provide effective measures for overlooking the concepts that may drive the complexity of a program. Their scope, scalability, and perceived ease of use do not diffuse these doubts, but provide ample reasons to believe that there is more to complexity analysis than numbers, and that a better methodological approach can help to reveal their true potential. Utilizing this potential would be of great importance, not only for establishing effective and efficient compliance management, but also for providing innovative solutions to digitalization trends and increasing data stacks. While some extant work has shown the applicability of software metrics for analyzing the complexity of process models, metrics have not been applied so far to manage the complexity of compliance rules. The approach presented in this paper provides an integrated view on the complexity of compliance rules that are modeled with conceptually different compliance languages. To this end, we review and discuss the literature on software metrics to derive the definitions needed to compute the complexity of compliance rules, and to refurbish the methodological foundation of software engineering metrics.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
A complete documentation of all metric calculations can be retrieved from http://win-dl.informatik.uni-rostock.de/190101_metrics_calculation.pdf.
References
Antoniou, G., et al.: Legal reasoning and big data: opportunities and challenges. In: 17th Workshop Proceedings of MIning and REasoning with Legal texts (MIREL), 17 September 2018, Luxembourg (2018)
Boehm, B.W., Brown, J.R.; Liplow, L.: Quantitative evaluation of software quality. In: Proceedings of 2nd International Conference on Software Engineering (ICSE), pp. 592–605 (1976)
Cardoso, J.: Business process control-flow complexity: metric, evaluation, and validation. Int. J. Web Serv. Res. 5(2), 49–76 (2008)
Cardoso, J.: Control-flow complexity measurement of processes and Weyuker’s properties. In: 6th Proceedings of International Enformatika Conference, 23 December 2005, Warsaw, Poland, 213–218 (2005)
Curtis, B., Sheppard, S.B., Milliman, P., Borst, M.A., Love, T.: Measuring the psychological complexity of software maintenance tasks with the Halstead and McCabe metrics. IEEE Trans. Soft. Eng. 2, 96–104 (1979)
Dwyer, M.B., Avrunin, G.S., Corbett, J.C.: Patterns in property specifications for finite-state verification. In: Proceedings of the International Conference on Software Engineering, pp. 411–420 (1999)
Edmonds, B.: What is complexity? The philosophy of complexity per se with application to some examples in evolution. In: The evolution of complexity, pp. 1–17. Kluwer, Dordrecht (1999)
Elgammal, A., Turetken, O., van den Heuvel, W.J., Papazoglou, M.: Formalizing and appling compliance patterns for business process compliance. Softw. Syst. Model. 15, 119–146 (2016)
Erickson, J., Siau, K.: Theoretical and practical complexity of modeling methods. Commun. ACM 50(8), 46–51 (2007)
EUR-Lex: Regulation (EC) No 300/2008 of the European Parliament and of the Council of 11 March 2008 on common rules in the field of civil aviation security and repealing Regulation (EC) No 2320/2002
Fenton, N.E.: Quantitative analysis of faults and failures in a complex software system. IEEE Trans. Softw. Eng. 26, 797–814 (2000)
Ferrer, J., Chicano, F., Alba, E.: Estimating software testing complexity. Inf. Softw. Technol. 55(12), 2125–2139 (2013)
Governatori, G., Hashmi, M.: No time for compliance. In: 19th IEEE Proceedings of International Enterprise Distributed Object Computing Conference (EDOC), 21–25 September 2015 (2015)
Halstead, M.H.: Elements of Software Science Operating and Programming Systems. Series, vol. 7. Elsevier, New York (1977)
Hashmi, M., Governatori, G., Wynn, M.T.: Normative requirements for regulatory compliance: an abstract formal framework. Inf. Syst. Front. 18(3), 429–455 (2016)
Hashmi, M., Governatori, G.: Norms modeling constructs of business process compliance management frameworks: a conceptual evaluation. Artif. Intell. Law 26(3), 1–55 (2017)
Henry, S., Kafura, D.: Software structure metrics based on information flow. IEEE Trans. Softw. Eng. 7(5), 510–518 (1981)
Kiepuszewski, B.: Expressiveness and Suitability of Languages for Control Flow Modelling in Workflows. PhD Thesis, Queensland University of Technology, Brisbane (2003)
Kitchenham, B.: What’s up with software metrics? - a preliminary mapping study. J. Syst. Softw. 83(1), 37–51 (2010)
Knuplesch, D., Reichert, M.: A visual language for modeling multiple perspectives of business process compliance rules. Softw. Syst. Model. 1701(3), 52–55 (2016)
McCabe, T.J.: A complexity measure. IEEE Trans. Softw. Eng. SE-2, 308–320 (1976)
Mendling, J.: Detection and prediction of errors in EPC business process models. PhD Thesis, Vienna University of Economics and Business, Vienna (2007)
Moreno-Montes De Oca, I., Snoeck, M., Reijers, H.A., Rodríguez-Morffi, A.: A systematic literature review of studies on business process modeling quality. Inf. Softw. Technol. 58, 187–205 (2015)
Pesic, M.: Constraint-based workflow management systems: shifting control to users, PhD Thesis, Eindhoven University of Technology, Eindhoven (2008)
Ramezani, E., Fahland, D., van der Aalst, Wil M.P.: Where did i misbehave? Diagnostic information in compliance checking. In: Barros, A., Gal, A., Kindler, E. (eds.) BPM 2012. LNCS, vol. 7481, pp. 262–278. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32885-5_21
Recker, J., Dreiling, A.: Does it matter which process modelling language we teach or use? An experimental study on understanding process modelling languages without formal education. In: 18th Proceedings of Australasian Conference on Information Systems (ACIS), 5–7 December 2007, Toowoomba, Australian (2007)
Recker, J., Reijers, H.A., van de Wouw, S.G.: Process model comprehension: the effects of cognitive abilities, learning style, and strategy. Commun. Assoc. Inf. Syst. 34, 199–222 (2014)
Recker, J.: Opportunities and constraints: the current struggle with BPMN. Bus. Process Manag. J. 16(1), 181–201 (2010)
Shepperd, M., Ince, D.C.: A critique of three metrics. J. Syst. Softw. 26(3), 197–210 (1994)
Vanderfeesten, I., Cardoso, J., Reijers, H.A., Van Der Aalst, W.M.P.: Quality metrics for business process models. In: BPM and Workflow Handbook, vol. 144, no. 3, pp. 1–12 (2006)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Zasada, A. (2019). How Complex Does Compliance Get?. In: Cappiello, C., Ruiz, M. (eds) Information Systems Engineering in Responsible Information Systems. CAiSE 2019. Lecture Notes in Business Information Processing, vol 350. Springer, Cham. https://doi.org/10.1007/978-3-030-21297-1_22
Download citation
DOI: https://doi.org/10.1007/978-3-030-21297-1_22
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-21296-4
Online ISBN: 978-3-030-21297-1
eBook Packages: Computer ScienceComputer Science (R0)