{"id":"https://openalex.org/W7117658717","doi":"https://doi.org/10.3390/jcp6010007","title":"Engineering Explainable AI Systems for GDPR-Aligned Decision Transparency: A Modular Framework for Continuous Compliance","display_name":"Engineering Explainable AI Systems for GDPR-Aligned Decision Transparency: A Modular Framework for Continuous Compliance","publication_year":2025,"publication_date":"2025-12-30","ids":{"openalex":"https://openalex.org/W7117658717","doi":"https://doi.org/10.3390/jcp6010007"},"language":"en","primary_location":{"id":"doi:10.3390/jcp6010007","is_oa":true,"landing_page_url":"https://doi.org/10.3390/jcp6010007","pdf_url":"https://www.mdpi.com/2624-800X/6/1/7/pdf","source":{"id":"https://openalex.org/S4210232532","display_name":"Journal of Cybersecurity and Privacy","issn_l":"2624-800X","issn":["2624-800X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity and Privacy","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/2624-800X/6/1/7/pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5121640933","display_name":"Antonio Goncalves","orcid":null},"institutions":[{"id":"https://openalex.org/I921685582","display_name":"Escola Naval","ror":"https://ror.org/01ev6gy70","country_code":"PT","type":"education","lineage":["https://openalex.org/I921685582"]}],"countries":["PT"],"is_corresponding":true,"raw_author_name":"Antonio Goncalves","raw_affiliation_strings":["Centro de Investiga\u00e7\u00e3o Naval (CINAV), Military University Institute (IUM) (Portuguese Naval Academy), 2810-001 Almada, Portugal"],"affiliations":[{"raw_affiliation_string":"Centro de Investiga\u00e7\u00e3o Naval (CINAV), Military University Institute (IUM) (Portuguese Naval Academy), 2810-001 Almada, Portugal","institution_ids":["https://openalex.org/I921685582"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5121640636","display_name":"Anacleto Correia","orcid":null},"institutions":[{"id":"https://openalex.org/I921685582","display_name":"Escola Naval","ror":"https://ror.org/01ev6gy70","country_code":"PT","type":"education","lineage":["https://openalex.org/I921685582"]}],"countries":["PT"],"is_corresponding":false,"raw_author_name":"Anacleto Correia","raw_affiliation_strings":["Centro de Investiga\u00e7\u00e3o Naval (CINAV), Military University Institute (IUM) (Portuguese Naval Academy), 2810-001 Almada, Portugal"],"affiliations":[{"raw_affiliation_string":"Centro de Investiga\u00e7\u00e3o Naval (CINAV), Military University Institute (IUM) (Portuguese Naval Academy), 2810-001 Almada, Portugal","institution_ids":["https://openalex.org/I921685582"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5121640933"],"corresponding_institution_ids":["https://openalex.org/I921685582"],"apc_list":{"value":1000,"currency":"CHF","value_usd":1082},"apc_paid":{"value":1000,"currency":"CHF","value_usd":1082},"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.83707843,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"6","issue":"1","first_page":"7","last_page":"7"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12026","display_name":"Explainable Artificial Intelligence (XAI)","score":0.616599977016449,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12026","display_name":"Explainable Artificial Intelligence (XAI)","score":0.616599977016449,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.13300000131130219,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10883","display_name":"Ethics and Social Impacts of AI","score":0.0877000018954277,"subfield":{"id":"https://openalex.org/subfields/3311","display_name":"Safety Research"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/modular-design","display_name":"Modular design","score":0.6675999760627747},{"id":"https://openalex.org/keywords/blueprint","display_name":"Blueprint","score":0.6671000123023987},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.47440001368522644},{"id":"https://openalex.org/keywords/table","display_name":"Table (database)","score":0.460999995470047},{"id":"https://openalex.org/keywords/audit","display_name":"Audit","score":0.4519999921321869},{"id":"https://openalex.org/keywords/corporate-governance","display_name":"Corporate governance","score":0.4465000033378601},{"id":"https://openalex.org/keywords/applications-of-artificial-intelligence","display_name":"Applications of artificial intelligence","score":0.352400004863739},{"id":"https://openalex.org/keywords/interface","display_name":"Interface (matter)","score":0.3407000005245209}],"concepts":[{"id":"https://openalex.org/C101468663","wikidata":"https://www.wikidata.org/wiki/Q1620158","display_name":"Modular design","level":2,"score":0.6675999760627747},{"id":"https://openalex.org/C155911762","wikidata":"https://www.wikidata.org/wiki/Q422321","display_name":"Blueprint","level":2,"score":0.6671000123023987},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6363000273704529},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.47440001368522644},{"id":"https://openalex.org/C45235069","wikidata":"https://www.wikidata.org/wiki/Q278425","display_name":"Table (database)","level":2,"score":0.460999995470047},{"id":"https://openalex.org/C199521495","wikidata":"https://www.wikidata.org/wiki/Q181487","display_name":"Audit","level":2,"score":0.4519999921321869},{"id":"https://openalex.org/C39389867","wikidata":"https://www.wikidata.org/wiki/Q380767","display_name":"Corporate governance","level":2,"score":0.4465000033378601},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4018000066280365},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.38019999861717224},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.367000013589859},{"id":"https://openalex.org/C157170001","wikidata":"https://www.wikidata.org/wiki/Q4781507","display_name":"Applications of artificial intelligence","level":2,"score":0.352400004863739},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.3452000021934509},{"id":"https://openalex.org/C113843644","wikidata":"https://www.wikidata.org/wiki/Q901882","display_name":"Interface (matter)","level":4,"score":0.3407000005245209},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.3352000117301941},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.3156999945640564},{"id":"https://openalex.org/C2910001868","wikidata":"https://www.wikidata.org/wiki/Q458","display_name":"European union","level":2,"score":0.3138999938964844},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.31060001254081726},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.30559998750686646},{"id":"https://openalex.org/C2781460075","wikidata":"https://www.wikidata.org/wiki/Q1399332","display_name":"Compliance (psychology)","level":2,"score":0.30000001192092896},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.2856999933719635},{"id":"https://openalex.org/C107327155","wikidata":"https://www.wikidata.org/wiki/Q330268","display_name":"Decision support system","level":2,"score":0.28220000863075256},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.27090001106262207},{"id":"https://openalex.org/C196879817","wikidata":"https://www.wikidata.org/wiki/Q872685","display_name":"Data governance","level":4,"score":0.2703999876976013},{"id":"https://openalex.org/C166052673","wikidata":"https://www.wikidata.org/wiki/Q83021","display_name":"Empirical evidence","level":2,"score":0.2685999870300293},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.26440000534057617},{"id":"https://openalex.org/C539667460","wikidata":"https://www.wikidata.org/wiki/Q2414942","display_name":"Management science","level":1,"score":0.26429998874664307},{"id":"https://openalex.org/C98025372","wikidata":"https://www.wikidata.org/wiki/Q477538","display_name":"Systems architecture","level":3,"score":0.25679999589920044}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.3390/jcp6010007","is_oa":true,"landing_page_url":"https://doi.org/10.3390/jcp6010007","pdf_url":"https://www.mdpi.com/2624-800X/6/1/7/pdf","source":{"id":"https://openalex.org/S4210232532","display_name":"Journal of Cybersecurity and Privacy","issn_l":"2624-800X","issn":["2624-800X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity and Privacy","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:aef1e5216c0d408a87d9139b859dcd49","is_oa":true,"landing_page_url":"https://doaj.org/article/aef1e5216c0d408a87d9139b859dcd49","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Journal of Cybersecurity and Privacy, Vol 6, Iss 1, p 7 (2025)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.3390/jcp6010007","is_oa":true,"landing_page_url":"https://doi.org/10.3390/jcp6010007","pdf_url":"https://www.mdpi.com/2624-800X/6/1/7/pdf","source":{"id":"https://openalex.org/S4210232532","display_name":"Journal of Cybersecurity and Privacy","issn_l":"2624-800X","issn":["2624-800X"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity and Privacy","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W7117658717.pdf","grobid_xml":"https://content.openalex.org/works/W7117658717.grobid-xml"},"referenced_works_count":7,"referenced_works":["https://openalex.org/W3116286104","https://openalex.org/W3172362366","https://openalex.org/W4407405508","https://openalex.org/W4408929508","https://openalex.org/W4411243228","https://openalex.org/W4412202257","https://openalex.org/W4412594747"],"related_works":[],"abstract_inverted_index":{"Explainability":[0],"is":[1,177,190],"increasingly":[2],"expected":[3],"to":[4,36,78,136,166],"support":[5],"not":[6,147],"only":[7],"interpretation,":[8],"but":[9],"also":[10,152],"accountability,":[11],"human":[12],"oversight,":[13],"and":[14,43,65,93,122,125,140,163,195,201],"auditability":[15,202],"in":[16,23,171,192],"high-risk":[17],"Artificial":[18,87],"Intelligence":[19,88],"(AI)":[20],"systems.":[21],"However,":[22],"many":[24],"deployments,":[25],"explanations":[26],"are":[27],"generated":[28,191],"as":[29],"isolated":[30],"technical":[31,67,109],"reports,":[32],"remaining":[33],"weakly":[34],"connected":[35],"decision":[37],"provenance,":[38],"governance":[39,113,141],"actions,":[40],"audit":[41],"logs,":[42],"regulatory":[44,134],"documentation.":[45],"This":[46],"short":[47],"communication":[48,145],"introduces":[49,153],"XAI-Compliance-by-Design,":[50],"a":[51,104,127,178],"modular":[52,105],"engineering":[53],"framework":[54,101],"for":[55,119],"explainable":[56],"artificial":[57],"intelligence":[58],"(XAI)":[59],"systems":[60],"that":[61,107,181],"routes":[62],"explainability":[63],"outputs":[64],"related":[66],"traces":[68],"into":[69],"structured,":[70],"audit-ready":[71],"evidence":[72,110,138,184],"throughout":[73],"the":[74,84,94,175,193],"AI":[75,91],"lifecycle,":[76],"designed":[77],"align":[79],"with":[80],"key":[81],"obligations":[82],"under":[83],"European":[85],"Union":[86],"Act":[89],"(EU":[90],"Act)":[92],"General":[95],"Data":[96],"Protection":[97],"Regulation":[98],"(GDPR).":[99],"The":[100],"specifies":[102],"(i)":[103],"architecture":[106],"separates":[108],"generation":[111],"from":[112],"consumption":[114],"through":[115],"explicit":[116],"interface":[117],"points":[118],"emitting,":[120],"storing,":[121],"querying":[123],"evidence,":[124],"(ii)":[126],"Technical\u2013Regulatory":[128],"Correspondence":[129],"Matrix\u2014a":[130],"mapping":[131],"table":[132],"linking":[133],"anchors":[135],"concrete":[137],"artefacts":[139,165],"triggers.":[142],"As":[143],"this":[144],"does":[146],"report":[148],"measured":[149],"results,":[150],"it":[151,189,197],"an":[154],"Evidence-by-Design":[155],"evaluation":[156],"protocol":[157],"defining":[158],"measurable":[159],"indicators,":[160],"baseline":[161],"configurations,":[162],"required":[164],"enable":[167],"reproducible":[168],"empirical":[169],"validation":[170],"future":[172],"work.":[173],"Overall,":[174],"contribution":[176],"practical":[179],"blueprint":[180],"clarifies":[182],"what":[183],"must":[185],"be":[186],"produced,":[187],"where":[188],"pipeline,":[194],"how":[196],"supports":[198],"continuous":[199],"compliance":[200],"efforts":[203],"without":[204],"relying":[205],"on":[206],"post":[207],"hoc":[208],"explanations.":[209]},"counts_by_year":[],"updated_date":"2026-03-14T06:41:57.775601","created_date":"2025-12-31T00:00:00"}