Augmenting Software Engineers' Capabilities Towards Developing Privacy Law-Friendly Internet of Things (IoT) Applications using End-User Development Paradigm
Internet of Things (IoT) applications development and design process is more complicated than others, such as desktop, web, or mobile. That’s because IoT applications need both software and hardware to cooperate across multiple nodes with different capabilities. Moreover, it requires different software engineers with different expertise to cooperate (e.g., frontend, backend, database). Due to the above complications, non-functional requirements, such as privacy tend to be overlooked.
In order to address this issue, we need to find a way to support and motivate software developers. In this project, we primarily focus on privacy. We aim to address this problem using two methods. First, we need to develop easy to use privacy-preserving software components (some form of modules) that developers can incorporate into their IoT application development process. These privacy-preserving components should be reusable and generic enough to be used across multiple domains and applications. Furthermore, these privacy-preserving techniques should be integrated into existing IoT software development tools (i.e., popular IDEs and software frameworks). Secondly, we will use gamification techniques to motivate the software developers to incorporate more and more reusable privacy-preserving components within their IoT applications. This gamification framework will also be integrated into popular IoT software development tools. This project has three main objectives:
Systematically analyse privacy by design schemes to find out how they can be used to satisfy and comply with privacy laws around the world in the context of IoT.
Explore how different types of privacy by design schemes and elements within them (such as privacy strategies, principles, guidelines, and patterns) can be transformed into reusable privacy-preserving components.
Based on the above findings, we aim to develop a series of reusable privacy-preserving components that can be easily adapted into the IoT application development process.
Develop a framework to examine and operationalise each privacy-preserving component in order to quantify them towards developing a gamification-based education method.
PETRAS National Centre of Excellence for IoT Systems Cybersecurity is a consortium of eleven
leading UK universities which will work together over the next three years to explore
critical
issues in privacy, ethics, trust, reliability, acceptability, and security.
Outcomes
Journal
Atheer Aljeraisy, Omer Rana, and Charith Perera,
Empowering IoT Developers with Privacy-Preserving End-User Development Tools,
ACM Interactive, Mobile, Wearable and Ubiquitous Technologies (IMWUT), Volume 8, Issue 3, Article No: 90, August 2024, pp. 1–47.
Conference
Atheer Aljeraisy, Omer Rana, and Charith Perera Canella: Privacy-Aware End-to-End Integrated IoT Development Ecosystem, In Proceedings of IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events (PerCom Workshops), pp 279-281, 2023
Journal
Atheer Aljeraisy, Masoud Barati, Omer Rana, Charith Perera Privacy Laws and Privacy by Design Schemes for theInternet of Things: A Developer’s Perspective, ACM Computing Surveys (CSUR), Volume 54, Issue 5 (102), June 2021 (38)