Privacy Knowledge Base for Supporting Decision-Making in Software Development

Integrating security and privacy requirements at every stage of the software development cycle is critical to guarantee the confidentiality, integrity and availability of the system and consequently of the data. Developers need to be supported in this challenge, as many different skills are required to respond effectively to the growing number of cyber-attacks. In such a context, this research study endeavors to define the key elements that support decision-making in privacy oriented software development. A Privacy Knowledge Base (PKB) is defined to support developers’ decisions in all software development phases, and a prototype (PKB-Tool) is developed to operationally integrate privacy and security requirements into the development of new systems and the re-engineering of legacy systems. An ongoing experimentation in the context of an industrial project is presented to validate the efficacy of the 5 key elements in supporting developers in integrating privacy and security requirements in the software life cycle.