A Privacy-Aware V-Model for Software Development

After the adoption of new data protection regulations, like GDPR, proper treatment of privacy throughout the system development lifecycle has become a must. In this paper, we discuss several aspects to more easily and effectively integrate privacy engineering in system development and how to bring the notion of privacy-by-design into practice. We propose the new W-model as a privacy-aware extension of the V-model frequently used in software engineering. One stage of the W-model deals with analyzing privacy in the system where privacy engineers conduct a privacy impact assessment in order to elicit privacy threats and to find a suitable countermeasure to remedy each threat. With respect to finding suitable countermeasures, we provide requirements the countermeasures need to meet in order to be selected. In addition, we introduce a cost function that assists privacy engineers in selecting the most suitable countermeasure. Furthermore, we point out several open issues that future work needs to address.

[1]  José M. del Álamo,et al.  Privacy Engineering: Shaping an Emerging Field of Research and Practice , 2016, IEEE Security & Privacy.

[2]  Andrew C. Simpson,et al.  Towards a Principled Approach for Engineering Privacy by Design , 2017, APF.

[3]  Kevin Forsberg,et al.  The Relationship of System Engineering to the Project Cycle , 1991 .

[4]  Wouter Joosen,et al.  Poster: Knowledge-Enriched Security and Privacy Threat Modeling , 2018, 2018 IEEE/ACM 40th International Conference on Software Engineering: Companion (ICSE-Companion).

[5]  Rakesh Rana,et al.  Increasing Efficiency of ISO 26262 Verification and Validation by Combining Fault Injection and Mutation Testing with Model based Development , 2016, ICSOFT.

[6]  Josep Domingo-Ferrer,et al.  Privacy and Data Protection by Design - from policy to engineering , 2014, ArXiv.

[7]  Antonio Kung PEARs: Privacy Enhancing ARchitectures , 2014, APF.

[8]  Seda Gürses,et al.  Privacy after the Agile Turn , 2016 .

[9]  Seda Guerses,et al.  Energineering privacy by Design Reloaded , 2016 .

[10]  Seda F. Gürses Can you engineer privacy? , 2014, CACM.

[11]  Wouter Joosen,et al.  SPARTA: Security & Privacy Architecture Through Risk-Driven Threat Assessment , 2018, 2018 IEEE International Conference on Software Architecture Companion (ICSA-C).

[12]  Carmela Troncoso,et al.  Engineering Privacy by Design , 2011 .

[13]  Sarah Spiekermann,et al.  The challenges of privacy by design , 2012, Commun. ACM.

[14]  Marco Kuhrmann,et al.  Application of the V-Modell XT - Report from a Pilot Project , 2005, ISPW.

[15]  Riccardo Scandariato,et al.  A Privacy-Aware Conceptual Model for Handling Personal Data , 2016, ISoLA.

[16]  David Wright,et al.  PRIPARE: Integrating Privacy Best Practices into a Privacy Engineering Methodology , 2015, 2015 IEEE Security and Privacy Workshops.

[17]  Rafa Galvez,et al.  The Odyssey: Modeling Privacy Threats in a Brave New World , 2018, 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW).

[18]  Herbert Hanselmann,et al.  Challenges in automotive software engineering , 2008, ICSE Companion '08.

[19]  Wouter Joosen,et al.  A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements , 2011, Requirements Engineering.

[20]  Wouter Joosen,et al.  Interaction-Based Privacy Threat Elicitation , 2018, 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW).