Towards Comprehensive Legislative Requirements for Cyber Physical Systems Testing in the European Union

While procedures prevail on the European market for the greater good of its citizens, it might be daunting when trying to introduce a product, whether innovative or not. In the current world, Cyber-Physical Systems (CPSs) are ubiquitous in our daily lives. Cars can provide intrusive assistance as they can brake or turn wheels on their own, buildings are getting smarter to optimize energy consumption, smart cities are emerging to facilitate information sharing and orchestrate the response to emergency situations, etc. As the presence of such tools will grow in the coming years and people will rely even more on CPSs, we certainly need to ensure that they are safe and reliable for users or everybody else, which is why regulations are so important. However, compliance should not act as a barrier to new actors coming to the European market. Nor should it prevent current actors from keeping systems deemed compliant when introduced while obsolete at the time they are used. While the individual elements we point out might not bring novelty in the various research areas we cover (EU policies, requirements engineering, business engineering, and software engineering), this paper identifies the challenges related to building and testing a CPS with respect to applicable laws and discusses the difficulty of automating the response to those challenges, such as finding a relevant legal text, paying for mentioned materials or identifying the level of compliance to a legal text. Our analysis of the holistic context when considering the compliance testing of CPS provides an overview enabling more effective decision-making as well.