Compliance flow - managing the compliance of dynamic and complex processes

To develop a reliable system or product, the current best practice for the development process is typically embodied in standards and guidelines, such as IEC61508 for safety and ISO9001 for quality assurance. Generally, the standard proposes a framework, which deals in a systematic manner with all the activities necessary to achieve the required quality. However, every application of a given standard is different because of differences in project details. One serious limitation of current workflow systems is the lack of the ability to ensure that the specification and execution of a process are compliant with the standard. This paper presents the treatment of managing process compliance in the Compliance Flow system. Process-based reasoning is used to identify compliance errors within a user-defined process by matching it against the standard model during both process specification and process execution. Examples drawing on a version of IEC61508 are used to illustrate the mechanism of modelling and compliance checks. A case study of the development of a light-guard is discussed.