Analyzing and Debugging Normative Requirements via Satisfiability Checking
Nick Feng, Lina Marsso, Sinem Getir Yaman, Yesugen Baatartogtokh, Reem Ayad, Victória Oldemburgo de Mello, Beverley Townsend, Isobel Standen, Ioannis Stefanakos, Calum Imrie, Genaína Nunes Rodrigues, Ana Cavalcanti, Radu Calinescu, Marsha Chechik
TL;DR
This work tackles the challenge of eliciting and validating normative non-functional requirements (N-NFRs) that encode social, legal, ethical, and cultural (SLEEC) norms. It introduces N-Check, a SAT-based pipeline that converts SLEEC DSL rules into FOL$^*$ constraints to detect well-formedness issues (redundancy, vacuous and situational conflicts, restrictiveness, insufficiency) and to generate non-technical diagnostic traces. A key contribution is the combination of emptiness-based analyses with causal FOL$^*$ proofs to identify root causes and provide actionable guidance for non-technical stakeholders, aided by the LEGOS-SLEEC tool. The approach is validated on nine real-world case studies, covering 233 N-NFRs and 62 issues, demonstrating effective detection and practical usefulness for elicitation, reasoning, and debugging in ethical, safe, and compliant system design. Overall, N-Check enables on-the-fly analysis and patch-driven refinement of normative requirements, bridging technical and non-technical perspectives in modern socio-technical systems.
Abstract
As software systems increasingly interact with humans in application domains such as transportation and healthcare, they raise concerns related to the social, legal, ethical, empathetic, and cultural (SLEEC) norms and values of their stakeholders. Normative non-functional requirements (N-NFRs) are used to capture these concerns by setting SLEEC-relevant boundaries for system behavior. Since N-NFRs need to be specified by multiple stakeholders with widely different, non-technical expertise (ethicists, lawyers, regulators, end users, etc.), N-NFR elicitation is very challenging. To address this challenge, we introduce N-Check, a novel tool-supported formal approach to N-NFR analysis and debugging. N-Check employs satisfiability checking to identify a broad spectrum of N-NFR well-formedness issues (WFI), such as conflicts, redundancy, restrictiveness, insufficiency, yielding diagnostics which pinpoint their causes in a user-friendly way that enables non-technical stakeholders to understand and fix them. We show the effectiveness and usability of our approach through nine case studies in which teams of ethicists, lawyers, philosophers, psychologists, safety analysts, and engineers used N-Check to analyse and debug 233 N-NFRs comprising 62 issues for the software underpinning the operation of systems ranging from assistive-care robots and tree-disease detection drones to manufacturing collaborative robots.