Designing Normative Theories for Ethical and Legal Reasoning: LogiKEy Framework, Methodology, and Tool Support

A framework and methodology---termed LogiKEy---for the design and engineering of ethical reasoners, normative theories and deontic logics is presented. The overall motivation is the development of suitable means for the control and governance of intelligent autonomous systems. LogiKEy's unifying formal framework is based on semantical embeddings of deontic logics, logic combinations and ethico-legal domain theories in expressive classic higher-order logic (HOL). This meta-logical approach enables the provision of powerful tool support in LogiKEy: off-the-shelf theorem provers and model finders for HOL are assisting the LogiKEy designer of ethical intelligent agents to flexibly experiment with underlying logics and their combinations, with ethico-legal domain theories, and with concrete examples---all at the same time. Continuous improvements of these off-the-shelf provers, without further ado, leverage the reasoning performance in LogiKEy. Case studies, in which the LogiKEy framework and methodology has been applied and tested, give evidence that HOL's undecidability often does not hinder efficient experimentation.Comment: 50 pages; 10 figure

The General Data Protection Regulation: Requirements, Architectures, and Constraints

The General Data Protection Regulation (GDPR) in the European Union is the most famous recently enacted privacy regulation. Despite of the regulation's legal, political, and technological ramifications, relatively little research has been carried out for better understanding the GDPR's practical implications for requirements engineering and software architectures. Building on a grounded theory approach with close ties to the Finnish software industry, this paper contributes to the sealing of this gap in previous research. Three questions are asked and answered in the context of software development organizations. First, the paper elaborates nine practical constraints under which many small and medium-sized enterprises (SMEs) often operate when implementing solutions that address the new regulatory demands. Second, the paper elicits nine regulatory requirements from the GDPR for software architectures. Third, the paper presents an implementation for a software architecture that complies both with the requirements elicited and the constraints elaborated.Comment: Forthcoming in the 27th IEEE International Requirements Engineering Conference (RE'19), Jeju Island, IEE

Argumentation-based Reasoning about Plans, Maintenance Goals and Norms

Peer reviewedPostprin

Crisis as a Window of Opportunity for Regulatory Shifts and Institutional Reform: Insights from Policy Framing in European Financial Sector Regulation

This article examines the European response to complex financial crises. In particular it traces the debate on the revision of the financial services supervision, and demonstrates a major and abrupt shift in European financial governance with regard to two very important dimensions of every regulatory system: the locus and form of institutionalization (where the EU underwent a shift from a decentralized and network-based to a centralised and institutionalised regime), and the regulatory approach (where the EU embraces harmonization and standardisation after decades of support for mutual recognition). To illustrate these substantial shifts we conduct longitudinal qualitative content analysis of the European Council’s Presidency Conclusions from the start of the 1990s to 2013, and we study the position papers presented by banks and banking associations in the so-called De Larosière consultation round of 2009 (which determined the future of financial services supervision in the EU). In the aftermath of the crisis, we find surprising consensus for both: support for central institutions and harmonization

Safety arguments for next generation location aware computing

Concerns over the accuracy, availability, integrity and continuity of Global Navigation Satellite Systems (GNSS) have limited the integration of GPS and GLONASS for safety-critical applications. More recent augmentation systems, such as the European Geostationary Navigation Overlay Service (EGNOS) and the North American Wide Area Augmentation System (WAAS) have begun to address these concerns. Augmentation architectures build on the existing GPS/GLONASS infrastructures to support locationbased services in Safety of Life (SoL) applications. Much of the technical development has been directed by air traffic management requirements, in anticipation of the more extensive support to be offered by GPS III and Galileo. WAAS has already been approved to provide vertical guidance against ICAO safety performance criteria for aviation applications. During the next twelve months, we will see the full certification of EGNOS for SoL applications. This paper identifies strong similarities between the safety assessment techniques used in Europe and North America. Both have relied on hazard analysis techniques to derive estimates of the Probability of Hazardously Misleading Information (PHMI). Later sections identify significant differences between the approaches adopted in application development. Integrated fault trees have been developed by regulatory and commercial organisations to consider both infrastructure hazards and their impact on non-precision RNAV/VNAV approaches using WAAS. In contrast, EUROCONTROL and the European Space Agency have developed a more modular approach to safety-case development for EGNOS. It remains to be seen whether the European or North American strategy offers the greatest support as satellite based augmentation systems are used within a growing range of SoL applications from railway signalling through to Unmanned Airborne Systems. The key contribution of this paper is to focus attention on the safety arguments that might support this wider class of location based services