Skip to main content

2025 | OriginalPaper | Buchkapitel

AI Act High-Risk Requirements Readiness: Industrial Perspectives and Case Company Insights

verfasst von : Matthias Wagner, Rushali Gupta, Markus Borg, Emelie Engström, Michal Lysek

Erschienen in: Product-Focused Software Process Improvement. Industry-, Workshop-, and Doctoral Symposium Papers

Verlag: Springer Nature Switzerland

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

The AI Act’s (AIA) requirements for high-risk AI systems affect many aspects of modern software systems. Knowing which AIA-related technical challenges are relevant to different companies is essential to focus compliance-oriented research on the aspects that matter. We therefore conducted an interview study in collaboration with a case company that specializes in network video solutions within the security and surveillance industry. External experts enrich the study for a broader industry perspective. The goal was to analyze the case company’s readiness for the AIA’s high-risk requirements, based on methods and techniques already established prior to the legislation. Our results yielded a positive sentiment towards the regulation and the planning security that it brings, although a high workload was expected. We identified a solid foundation with well-established practices to build upon for the requirements on cybersecurity, human oversight, record-keeping, and technical documentation. However, we also report several open challenges, mainly connected to the requirement on data quality and governance, followed by accuracy, robustness, and cybersecurity. The AIA specifically demands a post-market monitoring system (Art 72) and the right to an explanation of individual decision-making (Art 86). These two obligations were identified as especially challenging by the respondents. The result of this study is expected to steer future compliance-oriented work toward pressing challenges.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literatur
2.
Zurück zum Zitat Adams, W.C.: Conducting Semi-Structured Interviews. In: Handbook of Practical Program Evaluation, chap. 19, pp. 492–505. John Wiley & Sons, Ltd (2015) Adams, W.C.: Conducting Semi-Structured Interviews. In: Handbook of Practical Program Evaluation, chap. 19, pp. 492–505. John Wiley & Sons, Ltd (2015)
5.
Zurück zum Zitat Floridi, L., Holweg, M., Taddeo, M., Amaya Silva, J., Mökander, J., Wen, Y.: CapAI - A Procedure for Conducting Conformity Assessment of AI Systems in Line with the EU Artificial Intelligence Act (Mar 2022) Floridi, L., Holweg, M., Taddeo, M., Amaya Silva, J., Mökander, J., Wen, Y.: CapAI - A Procedure for Conducting Conformity Assessment of AI Systems in Line with the EU Artificial Intelligence Act (Mar 2022)
6.
Zurück zum Zitat Harbers, M., Detweiler, C., Neerincx, M.A.: Embedding Stakeholder Values in the Requirements Engineering Process. In: Fricker, S.A., Schneider, K. (eds.) Requirements Engineering: Foundation for Software Quality. pp. 318–332. Springer International Publishing, Cham (2015) Harbers, M., Detweiler, C., Neerincx, M.A.: Embedding Stakeholder Values in the Requirements Engineering Process. In: Fricker, S.A., Schneider, K. (eds.) Requirements Engineering: Foundation for Software Quality. pp. 318–332. Springer International Publishing, Cham (2015)
7.
Zurück zum Zitat Kahdan, M., Hartwich, N., Salge, T., Cichy, P.: Navigating Uncertain Waters: How Organizations Respond to Institutional Pressure in Times of the Looming EU AI Act. In: Int’l. Conf. on Information Systems (ICIS) (2023) Kahdan, M., Hartwich, N., Salge, T., Cichy, P.: Navigating Uncertain Waters: How Organizations Respond to Institutional Pressure in Times of the Looming EU AI Act. In: Int’l. Conf. on Information Systems (ICIS) (2023)
8.
Zurück zum Zitat Kallio, H., Pietilä, A.M., Johnson, M., Kangasniemi, M.: Systematic methodological review: Developing a framework for a qualitative semi-structured interview guide. J. Adv. Nurs. 72(12), 2954–2965 (2016)CrossRef Kallio, H., Pietilä, A.M., Johnson, M., Kangasniemi, M.: Systematic methodological review: Developing a framework for a qualitative semi-structured interview guide. J. Adv. Nurs. 72(12), 2954–2965 (2016)CrossRef
9.
Zurück zum Zitat Kelly, J., Zafar, S., Heidemann, L., Zacchi, J., Espinoza, D., Mata, N.: Navigating the EU AI Act: A Methodological Approach to Compliance for Safety-critical Products (Mar 2024) Kelly, J., Zafar, S., Heidemann, L., Zacchi, J., Espinoza, D., Mata, N.: Navigating the EU AI Act: A Methodological Approach to Compliance for Safety-critical Products (Mar 2024)
10.
Zurück zum Zitat Laux, J.: Institutionalised distrust and human oversight of artificial intelligence: Towards a democratic design of AI governance under the European Union AI Act. AI and Society (2023) Laux, J.: Institutionalised distrust and human oversight of artificial intelligence: Towards a democratic design of AI governance under the European Union AI Act. AI and Society (2023)
11.
Zurück zum Zitat Liza, F.: Challenges of Enforcing Regulations in Artificial Intelligence Act - Analyzing Quantity Requirement in Data and Data Governance. In: CEUR Workshop Proceedings. vol. 3221 (2022) Liza, F.: Challenges of Enforcing Regulations in Artificial Intelligence Act - Analyzing Quantity Requirement in Data and Data Governance. In: CEUR Workshop Proceedings. vol. 3221 (2022)
12.
Zurück zum Zitat Panigutti, C., Hamon, R., Hupont, I., Fernandez Llorca, D., Fano Yela, D., Junklewitz, H., Scalzo, S., Mazzini, G., Sanchez, I., Soler Garrido, J., Gomez, E.: The role of explainable AI in the context of the AI Act. In: Proceedings of the 2023 ACM Conference on Fairness, Accountability, and Transparency. pp. 1139–1150. FAccT ’23, Association for Computing Machinery, New York, NY, USA (Jun 2023) Panigutti, C., Hamon, R., Hupont, I., Fernandez Llorca, D., Fano Yela, D., Junklewitz, H., Scalzo, S., Mazzini, G., Sanchez, I., Soler Garrido, J., Gomez, E.: The role of explainable AI in the context of the AI Act. In: Proceedings of the 2023 ACM Conference on Fairness, Accountability, and Transparency. pp. 1139–1150. FAccT ’23, Association for Computing Machinery, New York, NY, USA (Jun 2023)
13.
Zurück zum Zitat Schuett, J.: Risk Management in the Artificial Intelligence Act. European Journal of Risk Regulation (2023) Schuett, J.: Risk Management in the Artificial Intelligence Act. European Journal of Risk Regulation (2023)
14.
Zurück zum Zitat Sovrano, F., Sapienza, S., Palmirani, M., Vitali, F.: Metrics, Explainability and the European AI Act Proposal. J 5(1), 126–138 (Mar 2022) Sovrano, F., Sapienza, S., Palmirani, M., Vitali, F.: Metrics, Explainability and the European AI Act Proposal. J 5(1), 126–138 (Mar 2022)
15.
Zurück zum Zitat Tjoa, S., Temper, P.K.M., Temper, M., Zanol, J., Wagner, M., Holzinger, A.: AIRMan: An Artificial Intelligence (AI) Risk Management System. In: 2022 Int’l. Conf. on Advanced Enterprise Information System (AEIS). pp. 72–81 (Dec 2022) Tjoa, S., Temper, P.K.M., Temper, M., Zanol, J., Wagner, M., Holzinger, A.: AIRMan: An Artificial Intelligence (AI) Risk Management System. In: 2022 Int’l. Conf. on Advanced Enterprise Information System (AEIS). pp. 72–81 (Dec 2022)
16.
Zurück zum Zitat Ufert, F., Goldberg, Z.: How SMEs Ought to Operationalize AI Risk Assessments Under the AI Act. In: CEUR Workshop Proceedings. vol. 3456, pp. 51–59 (2023) Ufert, F., Goldberg, Z.: How SMEs Ought to Operationalize AI Risk Assessments Under the AI Act. In: CEUR Workshop Proceedings. vol. 3456, pp. 51–59 (2023)
17.
Zurück zum Zitat van Dijck, G.: Predicting Recidivism Risk Meets AI Act. Eur. J. Crim. Policy Res. 28(3), 407–423 (2022)CrossRef van Dijck, G.: Predicting Recidivism Risk Meets AI Act. Eur. J. Crim. Policy Res. 28(3), 407–423 (2022)CrossRef
18.
Zurück zum Zitat Veale, M., Borgesius, F.Z.: Demystifying the Draft EU Artificial Intelligence Act – Analysing the good, the bad, and the unclear elements of the proposed approach. Computer Law Review International 22(4), 97–112 (2021)CrossRef Veale, M., Borgesius, F.Z.: Demystifying the Draft EU Artificial Intelligence Act – Analysing the good, the bad, and the unclear elements of the proposed approach. Computer Law Review International 22(4), 97–112 (2021)CrossRef
19.
Zurück zum Zitat Verdecchia, R., Engström, E., Lago, P., Runeson, P., Song, Q.: Threats to validity in software engineering research: A critical reflection. Inf. Softw. Technol. 164, 107329 (2023)CrossRef Verdecchia, R., Engström, E., Lago, P., Runeson, P., Song, Q.: Threats to validity in software engineering research: A critical reflection. Inf. Softw. Technol. 164, 107329 (2023)CrossRef
20.
Zurück zum Zitat Wagner, M., Borg, M., Runeson, P.: Navigating the Upcoming European Union AI Act. IEEE Softw. 41(1), 19–24 (2024)CrossRef Wagner, M., Borg, M., Runeson, P.: Navigating the Upcoming European Union AI Act. IEEE Softw. 41(1), 19–24 (2024)CrossRef
22.
Zurück zum Zitat Wörsdörfer, M.: Mitigating the adverse effects of AI with the European Union’s artificial intelligence act: Hype or hope? Glob. Bus. Organ. Excell. 43(3), 106–126 (2024)CrossRef Wörsdörfer, M.: Mitigating the adverse effects of AI with the European Union’s artificial intelligence act: Hype or hope? Glob. Bus. Organ. Excell. 43(3), 106–126 (2024)CrossRef
23.
Zurück zum Zitat Zargoush, M., Sameh, A., Javadi, M., Shabani, S., Ghazalbash, S., Perri, D.: The impact of recency and adequacy of historical information on sepsis predictions using machine learning. Sci. Rep. 11(1), 20869 (2021)CrossRef Zargoush, M., Sameh, A., Javadi, M., Shabani, S., Ghazalbash, S., Perri, D.: The impact of recency and adequacy of historical information on sepsis predictions using machine learning. Sci. Rep. 11(1), 20869 (2021)CrossRef
Metadaten
Titel
AI Act High-Risk Requirements Readiness: Industrial Perspectives and Case Company Insights
verfasst von
Matthias Wagner
Rushali Gupta
Markus Borg
Emelie Engström
Michal Lysek
Copyright-Jahr
2025
DOI
https://doi.org/10.1007/978-3-031-78392-0_5