New regulations such as the EU Cyber Resilience Act (CRA) introduce detailed requirements for security in digital products and connected systems. Meeting these requirements demands structured documentation, systematic checks, and efficient management of compliance data. Instead of manual assessment, innovative technical tools can support engineers by automating parts of this process.
This thesis focuses on designing and implementing a software tool that supports cybersecurity compliance assessment. While the CRA serves as an example use case, the tool should be generic enough to work with different standards and regulatory frameworks. The system will combine traditional data management with modern AI/LLM technologies to assist in analyzing requirements, mapping them to technical evidence, and generating compliance insights.
Student Target Groups:
- Students of ICE/Telematics;
- Students of Computer Science;
- Students of Software Engineering.
Thesis Type:
- Master Thesis / Bachelor Thesis
Goal and Tasks:
The main goal of this thesis is to investigate how modern AI technologies can assist in compliance assessment process, and to design a simple technical platform that can manage regulatory requirements, link them with system data, and provide meaningful insights. The work will explore how AI techniques can improve compliance processes by automating requirement interpretation, supporting natural language queries, or generating draft compliance reports.
- Research existing open-source compliance management and dashboard solutions.
- Design and implement a database and APIs for storing regulatory requirements and assessment results.
- Explore the integration of AI/LLM technologies for requirement interpretation, mapping, or query support.
- Develop a user interface for entering, managing, and visualizing compliance data.
- Demonstrate the tool using the Cyber Resilience Act as a practical use case.
- Prepare and deliver an oral presentation summarizing the results and conclusions.
Recommended Prior Knowledge:
- Basic knowledge of IT security, databases, and software engineering.
- Interest in AI/LLM applications is an advantage.
Start:
Contact: