Internet of Things (IoT) applications development and design process is more complicated than others, such as the one for desktop, web, or mobile. That’s because IoT applications need both software and hardware to cooperate across multiple nodes with different capabilities. Moreover, it requires different software engineers with different expertise to cooperate (e.g., frontend, backend, database). Due to the above complications, non-functional requirements, such as security and privacy, tend to be overlooked.
Yearly, a significant number of devices and applications are connecting to the internet, which raises potential privacy risks. Typically, IoT applications collect and analyse personal data that can be used to derive sensitive information about individuals. However, thus far, privacy concerns have not been explicitly considered (i.e., as united way), despite isolated solutions (i.e., specific privacy preserving technique that address specific problem), in software engineering processes when designing and developing IoT applications, partly due to a lack of Privacy-by-Design (PbD) methods for the IoT.
The primary objective of this project is to develop a design method (facilitate through a tool) that incorporate privacy-preserving techniques into the early phases of the software development lifecycle efficiently, effectively and collaboratively. We envision our tool to be collaboratively used by business analysists, requirement engineers, user experience designers, and software engineers together during the process of creating privacy by design IoT application designs. Our secondary objective is to explore whether such a tool (with minor alteration) could also be used to enhance privacy education of high school and university students.