Privacy Friendly End-User Development for IoT
Project Overview
This project investigates how privacy-by-design schemes can be mapped to legal obligations under global data protection regulations and transformed into reusable software components that integrate with mainstream IoT development tools. As IoT applications proliferate across domestic, industrial, and public environments, developers face increasing pressure to ensure their systems comply with privacy regulations such as GDPR from the outset. However, most developers lack specialised privacy expertise, and existing development frameworks provide limited support for embedding privacy protections into application logic. The research addresses this gap by analysing the relationship between privacy laws and technical privacy-by-design schemes, producing a comprehensive mapping that identifies which engineering practices satisfy specific regulatory requirements. These mappings are then operationalised as reusable privacy-preserving components that can be incorporated into end-user development environments, including visual programming platforms commonly used in IoT prototyping.
To encourage adoption, the project employs gamification techniques that award developers who embed privacy-preserving components during the build process. This approach creates positive incentives for privacy-conscious development practices, making compliance with data protection regulations a natural and rewarding part of the IoT application development workflow rather than an afterthought.
The Canella platform, developed as part of this research, provides a privacy-aware end-to-end integrated IoT development ecosystem. The project contributes to the PETRAS National Centre of Excellence for IoT Systems Cybersecurity and has produced publications addressing developer perspectives on privacy laws, end-user development tools for privacy, and integrated IoT development ecosystems.
Team
Partners
Repositories
privacy-nodes-library
Node-RED privacy nodes implementing access control, anonymization, encryption, location coarsening, storage minimization, raw data reduction, secure communication, and law validation. Example flows illustrate usage; tests verify node registration.
privacy-blocks-library
Library for building privacy-centric IoT applications with Blockly. Each block implements privacy techniques like location granularity, data minimization, data retention, anonymization, encrypted storage/communication and access control. TypeScript sources compile to JS; examples show flows like smart home demo and Docker setup.
privacy-patterns-booklet
LaTeX source for the "Privacy Patterns for Internet of Things" handbook. Includes chapters, numerous pattern definitions, images, bibliography, and a compiled PDF. Use these materials to explore privacy-preserving design strategies and tailor your own documentation.
canella-platform
Canella is a privacy-focused IoT development environment combining Blockly@rduino and Node-RED. It offers custom blocks and nodes that enforce data minimization, anonymization, access control, encryption, and compliance validation. The platform provides visual programming tools and real-time feedback to help build secure IoT workflows.
pbd-knowledge-platform
Next.js platform for modelling Privacy by Design knowledge. Provides user authentication, principle and relationship tracking, question generation, email alerts and visualization. Uses Prisma, SQLite and Tailwind with modular components for easy extension and deployment.
pbd-schemes-analysis
Visualization and interaction tool for examining relationships among privacy-by-design elements. Provides Plotly scripts to build Sankey diagrams and a Flask web app for collecting user assessments. Data is stored in a SQLite database with HTML templates for a simple UI.