Skip to main content
Top

2025 | OriginalPaper | Chapter

AI Act High-Risk Requirements Readiness: Industrial Perspectives and Case Company Insights

Authors : Matthias Wagner, Rushali Gupta, Markus Borg, Emelie Engström, Michal Lysek

Published in: Product-Focused Software Process Improvement. Industry-, Workshop-, and Doctoral Symposium Papers

Publisher: Springer Nature Switzerland

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

The AI Act’s (AIA) requirements for high-risk AI systems affect many aspects of modern software systems. Knowing which AIA-related technical challenges are relevant to different companies is essential to focus compliance-oriented research on the aspects that matter. We therefore conducted an interview study in collaboration with a case company that specializes in network video solutions within the security and surveillance industry. External experts enrich the study for a broader industry perspective. The goal was to analyze the case company’s readiness for the AIA’s high-risk requirements, based on methods and techniques already established prior to the legislation. Our results yielded a positive sentiment towards the regulation and the planning security that it brings, although a high workload was expected. We identified a solid foundation with well-established practices to build upon for the requirements on cybersecurity, human oversight, record-keeping, and technical documentation. However, we also report several open challenges, mainly connected to the requirement on data quality and governance, followed by accuracy, robustness, and cybersecurity. The AIA specifically demands a post-market monitoring system (Art 72) and the right to an explanation of individual decision-making (Art 86). These two obligations were identified as especially challenging by the respondents. The result of this study is expected to steer future compliance-oriented work toward pressing challenges.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literature
2.
go back to reference Adams, W.C.: Conducting Semi-Structured Interviews. In: Handbook of Practical Program Evaluation, chap. 19, pp. 492–505. John Wiley & Sons, Ltd (2015) Adams, W.C.: Conducting Semi-Structured Interviews. In: Handbook of Practical Program Evaluation, chap. 19, pp. 492–505. John Wiley & Sons, Ltd (2015)
5.
go back to reference Floridi, L., Holweg, M., Taddeo, M., Amaya Silva, J., Mökander, J., Wen, Y.: CapAI - A Procedure for Conducting Conformity Assessment of AI Systems in Line with the EU Artificial Intelligence Act (Mar 2022) Floridi, L., Holweg, M., Taddeo, M., Amaya Silva, J., Mökander, J., Wen, Y.: CapAI - A Procedure for Conducting Conformity Assessment of AI Systems in Line with the EU Artificial Intelligence Act (Mar 2022)
6.
go back to reference Harbers, M., Detweiler, C., Neerincx, M.A.: Embedding Stakeholder Values in the Requirements Engineering Process. In: Fricker, S.A., Schneider, K. (eds.) Requirements Engineering: Foundation for Software Quality. pp. 318–332. Springer International Publishing, Cham (2015) Harbers, M., Detweiler, C., Neerincx, M.A.: Embedding Stakeholder Values in the Requirements Engineering Process. In: Fricker, S.A., Schneider, K. (eds.) Requirements Engineering: Foundation for Software Quality. pp. 318–332. Springer International Publishing, Cham (2015)
7.
go back to reference Kahdan, M., Hartwich, N., Salge, T., Cichy, P.: Navigating Uncertain Waters: How Organizations Respond to Institutional Pressure in Times of the Looming EU AI Act. In: Int’l. Conf. on Information Systems (ICIS) (2023) Kahdan, M., Hartwich, N., Salge, T., Cichy, P.: Navigating Uncertain Waters: How Organizations Respond to Institutional Pressure in Times of the Looming EU AI Act. In: Int’l. Conf. on Information Systems (ICIS) (2023)
8.
go back to reference Kallio, H., Pietilä, A.M., Johnson, M., Kangasniemi, M.: Systematic methodological review: Developing a framework for a qualitative semi-structured interview guide. J. Adv. Nurs. 72(12), 2954–2965 (2016)CrossRef Kallio, H., Pietilä, A.M., Johnson, M., Kangasniemi, M.: Systematic methodological review: Developing a framework for a qualitative semi-structured interview guide. J. Adv. Nurs. 72(12), 2954–2965 (2016)CrossRef
9.
go back to reference Kelly, J., Zafar, S., Heidemann, L., Zacchi, J., Espinoza, D., Mata, N.: Navigating the EU AI Act: A Methodological Approach to Compliance for Safety-critical Products (Mar 2024) Kelly, J., Zafar, S., Heidemann, L., Zacchi, J., Espinoza, D., Mata, N.: Navigating the EU AI Act: A Methodological Approach to Compliance for Safety-critical Products (Mar 2024)
10.
go back to reference Laux, J.: Institutionalised distrust and human oversight of artificial intelligence: Towards a democratic design of AI governance under the European Union AI Act. AI and Society (2023) Laux, J.: Institutionalised distrust and human oversight of artificial intelligence: Towards a democratic design of AI governance under the European Union AI Act. AI and Society (2023)
11.
go back to reference Liza, F.: Challenges of Enforcing Regulations in Artificial Intelligence Act - Analyzing Quantity Requirement in Data and Data Governance. In: CEUR Workshop Proceedings. vol. 3221 (2022) Liza, F.: Challenges of Enforcing Regulations in Artificial Intelligence Act - Analyzing Quantity Requirement in Data and Data Governance. In: CEUR Workshop Proceedings. vol. 3221 (2022)
12.
go back to reference Panigutti, C., Hamon, R., Hupont, I., Fernandez Llorca, D., Fano Yela, D., Junklewitz, H., Scalzo, S., Mazzini, G., Sanchez, I., Soler Garrido, J., Gomez, E.: The role of explainable AI in the context of the AI Act. In: Proceedings of the 2023 ACM Conference on Fairness, Accountability, and Transparency. pp. 1139–1150. FAccT ’23, Association for Computing Machinery, New York, NY, USA (Jun 2023) Panigutti, C., Hamon, R., Hupont, I., Fernandez Llorca, D., Fano Yela, D., Junklewitz, H., Scalzo, S., Mazzini, G., Sanchez, I., Soler Garrido, J., Gomez, E.: The role of explainable AI in the context of the AI Act. In: Proceedings of the 2023 ACM Conference on Fairness, Accountability, and Transparency. pp. 1139–1150. FAccT ’23, Association for Computing Machinery, New York, NY, USA (Jun 2023)
13.
go back to reference Schuett, J.: Risk Management in the Artificial Intelligence Act. European Journal of Risk Regulation (2023) Schuett, J.: Risk Management in the Artificial Intelligence Act. European Journal of Risk Regulation (2023)
14.
go back to reference Sovrano, F., Sapienza, S., Palmirani, M., Vitali, F.: Metrics, Explainability and the European AI Act Proposal. J 5(1), 126–138 (Mar 2022) Sovrano, F., Sapienza, S., Palmirani, M., Vitali, F.: Metrics, Explainability and the European AI Act Proposal. J 5(1), 126–138 (Mar 2022)
15.
go back to reference Tjoa, S., Temper, P.K.M., Temper, M., Zanol, J., Wagner, M., Holzinger, A.: AIRMan: An Artificial Intelligence (AI) Risk Management System. In: 2022 Int’l. Conf. on Advanced Enterprise Information System (AEIS). pp. 72–81 (Dec 2022) Tjoa, S., Temper, P.K.M., Temper, M., Zanol, J., Wagner, M., Holzinger, A.: AIRMan: An Artificial Intelligence (AI) Risk Management System. In: 2022 Int’l. Conf. on Advanced Enterprise Information System (AEIS). pp. 72–81 (Dec 2022)
16.
go back to reference Ufert, F., Goldberg, Z.: How SMEs Ought to Operationalize AI Risk Assessments Under the AI Act. In: CEUR Workshop Proceedings. vol. 3456, pp. 51–59 (2023) Ufert, F., Goldberg, Z.: How SMEs Ought to Operationalize AI Risk Assessments Under the AI Act. In: CEUR Workshop Proceedings. vol. 3456, pp. 51–59 (2023)
17.
go back to reference van Dijck, G.: Predicting Recidivism Risk Meets AI Act. Eur. J. Crim. Policy Res. 28(3), 407–423 (2022)CrossRef van Dijck, G.: Predicting Recidivism Risk Meets AI Act. Eur. J. Crim. Policy Res. 28(3), 407–423 (2022)CrossRef
18.
go back to reference Veale, M., Borgesius, F.Z.: Demystifying the Draft EU Artificial Intelligence Act – Analysing the good, the bad, and the unclear elements of the proposed approach. Computer Law Review International 22(4), 97–112 (2021)CrossRef Veale, M., Borgesius, F.Z.: Demystifying the Draft EU Artificial Intelligence Act – Analysing the good, the bad, and the unclear elements of the proposed approach. Computer Law Review International 22(4), 97–112 (2021)CrossRef
19.
go back to reference Verdecchia, R., Engström, E., Lago, P., Runeson, P., Song, Q.: Threats to validity in software engineering research: A critical reflection. Inf. Softw. Technol. 164, 107329 (2023)CrossRef Verdecchia, R., Engström, E., Lago, P., Runeson, P., Song, Q.: Threats to validity in software engineering research: A critical reflection. Inf. Softw. Technol. 164, 107329 (2023)CrossRef
20.
go back to reference Wagner, M., Borg, M., Runeson, P.: Navigating the Upcoming European Union AI Act. IEEE Softw. 41(1), 19–24 (2024)CrossRef Wagner, M., Borg, M., Runeson, P.: Navigating the Upcoming European Union AI Act. IEEE Softw. 41(1), 19–24 (2024)CrossRef
22.
go back to reference Wörsdörfer, M.: Mitigating the adverse effects of AI with the European Union’s artificial intelligence act: Hype or hope? Glob. Bus. Organ. Excell. 43(3), 106–126 (2024)CrossRef Wörsdörfer, M.: Mitigating the adverse effects of AI with the European Union’s artificial intelligence act: Hype or hope? Glob. Bus. Organ. Excell. 43(3), 106–126 (2024)CrossRef
23.
go back to reference Zargoush, M., Sameh, A., Javadi, M., Shabani, S., Ghazalbash, S., Perri, D.: The impact of recency and adequacy of historical information on sepsis predictions using machine learning. Sci. Rep. 11(1), 20869 (2021)CrossRef Zargoush, M., Sameh, A., Javadi, M., Shabani, S., Ghazalbash, S., Perri, D.: The impact of recency and adequacy of historical information on sepsis predictions using machine learning. Sci. Rep. 11(1), 20869 (2021)CrossRef
Metadata
Title
AI Act High-Risk Requirements Readiness: Industrial Perspectives and Case Company Insights
Authors
Matthias Wagner
Rushali Gupta
Markus Borg
Emelie Engström
Michal Lysek
Copyright Year
2025
DOI
https://doi.org/10.1007/978-3-031-78392-0_5

Premium Partner