View in EDS

Software engineering and the AI Act: towards regulatory-compliant AI

Saved in:
Bibliographic Details
Title: Software engineering and the AI Act: towards regulatory-compliant AI
Authors: Wagner, Matthias
Contributors: Lund University, Faculty of Engineering, LTH, Competence centers, LTH, NEXTG2COM – a Vinnova Competence Centre in Advanced Digitalisation, Lunds universitet, Lunds Tekniska Högskola, Kompetenscentrum, LTH, NEXTG2COM – ett Vinnova kompetenscenter inom Avancerad Digitalisering, Originator, Lund University, Profile areas and other strong research environments, Strategic research areas (SRA), ELLIIT: the Linköping-Lund initiative on IT and mobile communication, Lunds universitet, Profilområden och andra starka forskningsmiljöer, Strategiska forskningsområden (SFO), ELLIIT: the Linköping-Lund initiative on IT and mobile communication, Originator, Lund University, Faculty of Engineering, LTH, Departments at LTH, Department of Computer Science, Software Engineering Research Group, Lunds universitet, Lunds Tekniska Högskola, Institutioner vid LTH, Institutionen för datavetenskap, Programvarusystem, Originator, Borg, Markus, Runeson, Per
Source: Licentiate thesis. 5:2025
Subject Terms: Social Sciences, Law, Other Legal Research, Samhällsvetenskap, Juridik, Annan rättsvetenskaplig forskning, Natural Sciences, Computer and Information Sciences, Computer Sciences, Naturvetenskap, Data- och informationsvetenskap (Datateknik), Datavetenskap (Datalogi)
Description: Background: The European Union (EU) AI Act (AIA) aims to facilitate trustworthy Artificial Intelligence (AI) systems, especially for safety-critical use cases. Compliance with this new regulation entails a multitude of legal, technical, and organizational challenges for the providers of affected systems. Objective: This regulatory compliance engineering research aims for an empirical exploration and scoping of the AIA requirements that matter from a technical software engineering perspective. We identify affected systems as well as parts that are especially challenging to comply with, and we explore the act's potential industry impact. Moreover, this research aims to study how technological compliance for selected AIA aspects could be facilitated by developing artifacts. Methodology: The design science paradigm marks the frame of this software engineering research. The selection of research methods used in this thesis is threefold and grounded in proven best practices. First, we utilized case studies with semi-structured interviews for the data collection. Moreover, integrative literature reviews were used in most of our studies. To analyze the content of the AIA and related legal material, we used the legal doctrinal method, allowing us to span the domains of both legal studies and engineering. Results: Our contributions are structured along two phases, following a two-stage approach: (1) empirical exploration and scoping, and (2) applied compliance engineering. Phase 1 lays out which AIA requirements matter from a software engineering perspective and what they set out; what types of systems are affected by which requirements; a ranking for what AIA high-risk AI system requirements are perceived as most challenging to operationalize by industry; and the expected industry impact of this regulation. Phase 2 is part of future work and will focus on certain AIA aspects to work towards technological compliance through artifacts for concrete use cases. Conclusion: Considering the related literature, this thesis is a valuable primary research contribution to software engineering, where the state-of-the-art remains short of compliance-oriented studies related to the AIA. We hope this work will inspire others to follow along, shedding light on this important topic.
File Description: electronic
Access URL: https://lucris.lub.lu.se/ws/files/228919196/Licentiate_Thesis_Kappa_Matthias.pdf
Database: SwePub
FullText Text:
  Availability: 0
CustomLinks:
  – Url: https://lucris.lub.lu.se/ws/files/228919196/Licentiate_Thesis_Kappa_Matthias.pdf#
    Name: EDS - SwePub (s4221598)
    Category: fullText
    Text: View record in SwePub
  – Url: https://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=EBSCO&SrcAuth=EBSCO&DestApp=WOS&ServiceName=TransferToWoS&DestLinkType=GeneralSearchSummary&Func=Links&author=Wagner%20M
    Name: ISI
    Category: fullText
    Text: Nájsť tento článok vo Web of Science
    Icon: https://imagesrvr.epnet.com/ls/20docs.gif
    MouseOverText: Nájsť tento článok vo Web of Science
Header DbId: edsswe
DbLabel: SwePub
An: edsswe.oai.portal.research.lu.se.publications.6f9fb0a6.d58c.4421.941f.c6635446c3a7
RelevancyScore: 1046
AccessLevel: 6
PubType: Dissertation/ Thesis
PubTypeId: dissertation
PreciseRelevancyScore: 1045.89135742188
IllustrationInfo
Items – Name: Title
  Label: Title
  Group: Ti
  Data: Software engineering and the AI Act: towards regulatory-compliant AI
– Name: Author
  Label: Authors
  Group: Au
  Data: <searchLink fieldCode="AR" term="%22Wagner%2C+Matthias%22">Wagner, Matthias</searchLink>
– Name: Author
  Label: Contributors
  Group: Au
  Data: Lund University, Faculty of Engineering, LTH, Competence centers, LTH, NEXTG2COM – a Vinnova Competence Centre in Advanced Digitalisation, Lunds universitet, Lunds Tekniska Högskola, Kompetenscentrum, LTH, NEXTG2COM – ett Vinnova kompetenscenter inom Avancerad Digitalisering, Originator<br />Lund University, Profile areas and other strong research environments, Strategic research areas (SRA), ELLIIT: the Linköping-Lund initiative on IT and mobile communication, Lunds universitet, Profilområden och andra starka forskningsmiljöer, Strategiska forskningsområden (SFO), ELLIIT: the Linköping-Lund initiative on IT and mobile communication, Originator<br />Lund University, Faculty of Engineering, LTH, Departments at LTH, Department of Computer Science, Software Engineering Research Group, Lunds universitet, Lunds Tekniska Högskola, Institutioner vid LTH, Institutionen för datavetenskap, Programvarusystem, Originator<br />Borg, Markus<br />Runeson, Per
– Name: TitleSource
  Label: Source
  Group: Src
  Data: <i>Licentiate thesis</i>. 5:2025
– Name: Subject
  Label: Subject Terms
  Group: Su
  Data: <searchLink fieldCode="DE" term="%22Social+Sciences%22">Social Sciences</searchLink><br /><searchLink fieldCode="DE" term="%22Law%22">Law</searchLink><br /><searchLink fieldCode="DE" term="%22Other+Legal+Research%22">Other Legal Research</searchLink><br /><searchLink fieldCode="DE" term="%22Samhällsvetenskap%22">Samhällsvetenskap</searchLink><br /><searchLink fieldCode="DE" term="%22Juridik%22">Juridik</searchLink><br /><searchLink fieldCode="DE" term="%22Annan+rättsvetenskaplig+forskning%22">Annan rättsvetenskaplig forskning</searchLink><br /><searchLink fieldCode="DE" term="%22Natural+Sciences%22">Natural Sciences</searchLink><br /><searchLink fieldCode="DE" term="%22Computer+and+Information+Sciences%22">Computer and Information Sciences</searchLink><br /><searchLink fieldCode="DE" term="%22Computer+Sciences%22">Computer Sciences</searchLink><br /><searchLink fieldCode="DE" term="%22Naturvetenskap%22">Naturvetenskap</searchLink><br /><searchLink fieldCode="DE" term="%22Data-+och+informationsvetenskap+%28Datateknik%29%22">Data- och informationsvetenskap (Datateknik)</searchLink><br /><searchLink fieldCode="DE" term="%22Datavetenskap+%28Datalogi%29%22">Datavetenskap (Datalogi)</searchLink>
– Name: Abstract
  Label: Description
  Group: Ab
  Data: Background: The European Union (EU) AI Act (AIA) aims to facilitate trustworthy Artificial Intelligence (AI) systems, especially for safety-critical use cases. Compliance with this new regulation entails a multitude of legal, technical, and organizational challenges for the providers of affected systems. Objective: This regulatory compliance engineering research aims for an empirical exploration and scoping of the AIA requirements that matter from a technical software engineering perspective. We identify affected systems as well as parts that are especially challenging to comply with, and we explore the act's potential industry impact. Moreover, this research aims to study how technological compliance for selected AIA aspects could be facilitated by developing artifacts. Methodology: The design science paradigm marks the frame of this software engineering research. The selection of research methods used in this thesis is threefold and grounded in proven best practices. First, we utilized case studies with semi-structured interviews for the data collection. Moreover, integrative literature reviews were used in most of our studies. To analyze the content of the AIA and related legal material, we used the legal doctrinal method, allowing us to span the domains of both legal studies and engineering. Results: Our contributions are structured along two phases, following a two-stage approach: (1) empirical exploration and scoping, and (2) applied compliance engineering. Phase 1 lays out which AIA requirements matter from a software engineering perspective and what they set out; what types of systems are affected by which requirements; a ranking for what AIA high-risk AI system requirements are perceived as most challenging to operationalize by industry; and the expected industry impact of this regulation. Phase 2 is part of future work and will focus on certain AIA aspects to work towards technological compliance through artifacts for concrete use cases. Conclusion: Considering the related literature, this thesis is a valuable primary research contribution to software engineering, where the state-of-the-art remains short of compliance-oriented studies related to the AIA. We hope this work will inspire others to follow along, shedding light on this important topic.
– Name: Format
  Label: File Description
  Group: SrcInfo
  Data: electronic
– Name: URL
  Label: Access URL
  Group: URL
  Data: <link linkTarget="URL" linkTerm="https://lucris.lub.lu.se/ws/files/228919196/Licentiate_Thesis_Kappa_Matthias.pdf" linkWindow="_blank">https://lucris.lub.lu.se/ws/files/228919196/Licentiate_Thesis_Kappa_Matthias.pdf</link>
PLink https://erproxy.cvtisr.sk/sfx/access?url=https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=edsswe&AN=edsswe.oai.portal.research.lu.se.publications.6f9fb0a6.d58c.4421.941f.c6635446c3a7
RecordInfo BibRecord:
  BibEntity:
    Languages:
      – Text: English
    Subjects:
      – SubjectFull: Social Sciences
        Type: general
      – SubjectFull: Law
        Type: general
      – SubjectFull: Other Legal Research
        Type: general
      – SubjectFull: Samhällsvetenskap
        Type: general
      – SubjectFull: Juridik
        Type: general
      – SubjectFull: Annan rättsvetenskaplig forskning
        Type: general
      – SubjectFull: Natural Sciences
        Type: general
      – SubjectFull: Computer and Information Sciences
        Type: general
      – SubjectFull: Computer Sciences
        Type: general
      – SubjectFull: Naturvetenskap
        Type: general
      – SubjectFull: Data- och informationsvetenskap (Datateknik)
        Type: general
      – SubjectFull: Datavetenskap (Datalogi)
        Type: general
    Titles:
      – TitleFull: Software engineering and the AI Act: towards regulatory-compliant AI
        Type: main
  BibRelationships:
    HasContributorRelationships:
      – PersonEntity:
          Name:
            NameFull: Wagner, Matthias
      – PersonEntity:
          Name:
            NameFull: Lund University, Faculty of Engineering, LTH, Competence centers, LTH, NEXTG2COM – a Vinnova Competence Centre in Advanced Digitalisation, Lunds universitet, Lunds Tekniska Högskola, Kompetenscentrum, LTH, NEXTG2COM – ett Vinnova kompetenscenter inom Avancerad Digitalisering, Originator
      – PersonEntity:
          Name:
            NameFull: Lund University, Profile areas and other strong research environments, Strategic research areas (SRA), ELLIIT: the Linköping-Lund initiative on IT and mobile communication, Lunds universitet, Profilområden och andra starka forskningsmiljöer, Strategiska forskningsområden (SFO), ELLIIT: the Linköping-Lund initiative on IT and mobile communication, Originator
      – PersonEntity:
          Name:
            NameFull: Lund University, Faculty of Engineering, LTH, Departments at LTH, Department of Computer Science, Software Engineering Research Group, Lunds universitet, Lunds Tekniska Högskola, Institutioner vid LTH, Institutionen för datavetenskap, Programvarusystem, Originator
      – PersonEntity:
          Name:
            NameFull: Borg, Markus
      – PersonEntity:
          Name:
            NameFull: Runeson, Per
    IsPartOfRelationships:
      – BibEntity:
          Dates:
            – D: 02
              M: 10
              Type: published
              Y: 2025
          Identifiers:
            – Type: issn-print
              Value: 16524691
            – Type: issn-locals
              Value: SWEPUB_FREE
            – Type: issn-locals
              Value: LU_SWEPUB
          Numbering:
            – Type: volume
              Value: 5:2025
          Titles:
            – TitleFull: Licentiate thesis
              Type: main
ResultId 1