Internet of Things Garage

Privacy by Design and Assessment Guidelines

In this project, we explore how our previously proposed guideline can be used to design ‘new’ IoT applications. Specifically, we wanted to explore the Privacy Mindset of software engineers and how our proposed guidelines may help to enhance their Privacy Mindset. We aim to answer following question using both quantitative and qualitative techniques.

The Internet of Things (IoT) systems are designed and developed either as standalone applications from the ground-up or with the help of IoT middleware platforms. They are designed to support different kinds of scenarios, such as smart homes and smart cities. Thus far, privacy concerns have not been explicitly considered by IoT applications and middleware platforms. This is partly due to the lack of systematic methods for designing privacy that can guide the software development process in IoT. In this project, we propose a set of guidelines, (a privacy by design framework) as a well as a methodology, that can be used to assess privacy capabilities and gaps of existing IoT applications as well as middleware platforms.





The European Research Council (ERC) is a public body for funding of scientific and technological research conducted within the European Union (EU).


The Engineering and Physical Sciences Research Council (EPSRC) is a British Research Council that provides government funding for grants to undertake research and postgraduate degrees in engineering and the physical sciences, mainly to universities in the United Kingdom.


Charith Perera, Ciaran Mccormick, Arosha Bandara, Blaine A. Price, Bashar Nuseibeh, Privacy-by-Design Framework for Assessing Internet of Things Applications and Platforms, Proceedings of the 6th ACM International Conference on Internet of Things (IoT) , Stuttgart, Germany, November, 2016, Pages 83-92 (10)