FLARE — Monitoring for the Regulatory Requirements of a Drone Case Study
摘要
As regulatory requirements for software systems in the European Union continue to evolve, there is growing pressure to embed mechanisms into deployed systems that ensure both operational trustworthiness and legal accountability. Frameworks such as the AI Act and the Cyber Resilience Act introduce obligations related to cybersecurity, incident response, transparency, and auditability, particularly for high-risk and autonomous systems. These demands go beyond traditional verification and increasingly call for runtime components capable of monitoring behaviour, detecting non-compliance, and preserving forensic evidence. In this work, we present FLARE, a runtime verification tool that combines automated monitoring with tamper-evident logging to support regulatory compliance. Building on existing runtime verification techniques, FLARE enables the construction of both a system harness that monitors live interactions with the environment and flags policy violations; and a forensic node, capable of recording verifiable logs. We demonstrate the application of FLARE on a waste-identification and localisation drone, a cyber-physical system subject to multiple legal and safety constraints. Our case study shows how FLARE can support legal and operational requirements while introducing minimal overhead, providing a practical path towards compliance-aware software instrumentation.