Knowledge Driven Privacy by Design for IoT
Augmenting Software Design Processes using Automated Privacy-aware Internet of Things Application Design Techniques
Internet of Things (IoT) applications development and design process is more complicated than others, such as the one for desktop, web, or mobile. That’s because IoT applications need both software and hardware to cooperate across multiple nodes with different capabilities. Moreover, it requires different software engineers with different expertise to cooperate (e.g., frontend, backend, database). Due to the above complications, non-functional requirements, such as security and privacy, tend to be overlooked.
Yearly, a significant number of devices and applications are connecting to the internet, which raises potential privacy risks. Typically, IoT applications collect and analyse personal data that can be used to derive sensitive information about individuals. However, thus far, privacy concerns have not been explicitly considered (i.e., as united way), despite isolated solutions (i.e., specific privacy preserving technique that address specific problem), in software engineering processes when designing and developing IoT applications, partly due to a lack of Privacy-by-Design (PbD) methods for the IoT.
The primary objective of this project is to develop a method (using Knowledge-based AI) that assist software engineers by automatically incorporating Privacy by Design (PbD) techniques into a given IoT application design.
PETRAS National Centre of Excellence for IoT Systems Cybersecurity is a consortium of eleven
leading UK universities which will work together over the next three years to explore
issues in privacy, ethics, trust, reliability, acceptability, and security.
The Sage Group plc, commonly known as Sage, is a British multinational enterprise software company based in Newcastle upon Tyne, England. It is the UK's second largest technology company and is the world's third-largest supplier of enterprise resource planning software.
The Open Web Application Security Project (OWASP) is an online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security.
An online threat modelling web application including system diagramming and a rule engine to auto-generate threats/mitigations. The focus will be on great UX a powerful rule engine and alignment with other development lifecycle tools.