Pdp4 e forum
0 likes40 views
This document discusses methods and tools for privacy and data protection engineering compliance with GDPR. It presents an overview of the PDP4E project which aims to provide engineers with privacy and data protection tools aligned with their needs and mindset. The contributions from different disciplines like risk management, requirements engineering, model-driven design, and assurance are explained. A methodological approach using complementary modeling views from these disciplines is proposed to systematically address privacy and data protection throughout the engineering lifecycle.
Pdp4 e forum
- 10. PDP4E Forum PDP4E response: what engineers need “Endow engineers with privacy and data protection tools aligned to their mindset” Methods Tools Knowledge bases Demonstrators Community 10/03/2020
- 11. PDP4E Forum PDP4E response: what engineers need “Endow engineers with privacy and data protection tools aligned to their mindset” Metamodels Knowledge Bases Smart grid demonstrator Fintech demonstrator Requirements engineering Risk management Model-driven design Assurance and certification TRL6 TRL7 Byproducts Connected vehicle demonstrator Smart grid demonstrator Methods Tools Knowledge bases Demonstrators Community 10/03/2020
- 12. PDP4E Forum PDP4E response: what engineers need “Endow engineers with privacy and data protection tools aligned to their mindset” Metamodels Knowledge Bases Smart grid demonstrator Fintech demonstrator Requirements engineering Risk management Model-driven design Assurance and certification TRL6 TRL7 Byproducts Connected vehicle demonstrator Smart grid demonstrator Methods Tools Knowledge bases Demonstrators Community 10/03/2020
- 15. PDP4E Forum Contribution from Risk Management Methods & tools for PDP Risk Management Multilateral Risk Management • Data protection impact assessment risk trees (LINDDUN) • Risks to rights and freedoms of the data subjects (+4U) • Security impact analysis and security measures (STRIDE) • Derived business risks • … beyond risks of non-compliance • … but not everything is a risk Support execution of (D)PIAs: • Identify personal data categories • Identify threats • Estimate risk factors • Evaluate and prioritize risks • Address risks: choice of controls, countermeasures, PETs • Document risks and risk management 10/03/2020
- 17. PDP4E Forum Contribution from Requirements Engineering Methods & tools for PDP Requirements Engineering Requirements elicitation • Privacy goals and properties • Regulations (GDPR): principles, rights, obligations, measures • Standards (ISO29100) • … in the context of functional reqs. Techniques • Functional specification as requirements-oriented DFDs • Simplified Problem-frame based method • Operationalization process and hyerarchical taxonomy of meta- requirements 10/03/2020
- 19. PDP4E Forum Contribution from Model-Driven Design Methods & tools for PDP Model- Driven Design Data mapping and inventory Enriched models • Structural (data categories and properties) • Behavioural (processing activities and data flows) • Architectural (deployment) Architectural analysis and strategies • Minimization • Separation • Aggregation • … Model-based Testing 10/03/2020
- 21. PDP4E Forum Contribution from Assurance Methods & tools for PDP Assurance Regulatory framework model • GDPR, EDPB guidance, ISO… • People: roles • Processes and activities • Formal requirements Reusable argumentation models • Processing activities • Protection activities Demonstrate compliance • Capture evidence • Associate to reqs and artefacts • Trace to regulation • Argument compliance 10/03/2020
- 23. PDP4E Forum Contribution from Method engineering PDP Method engineering Privacy Method Engineering • Putting it all together • Dependencies between one another • Methodologies and method fragments: work products, roles, tools, tasks, activities, processes • Activities: management, analysis, design, implementation, testing, deployment, operation, maintenance, and disposal Adaptability • Development methodologies or SDLC • Software engineering tools • Regulations (WP29/EDPB guidance, codes of conduct, derogations, non-EU…) Inherent toolset flexibility • Modularity and loose coupling • MDE and metamodelling • Evolving knowledge base • Flexible background tools • Open-source distribution • Flexible methodology 10/03/2020
- 27. PDP4E Forum Complementary modelling views and disciplines • Assets model • Threats model • Controls model ❖ Vuln./threat trees 10/03/2020 Risk management
- 28. PDP4E Forum Complementary modelling views and disciplines •Problem frames models (optional) •Requirements model ❖ Meta-requirements taxonomy • Assets model • Threats model • Controls model ❖ Vuln./threat trees 10/03/2020 Risk management Requirements engineering
- 29. PDP4E Forum Complementary modelling views and disciplines •Reference framework •Argumentation •Assurance case and compliance model •Evidence model ❖ Argumentation patterns •Problem frames models (optional) •Requirements model ❖ Meta-requirements taxonomy • Assets model • Threats model • Controls model ❖ Vuln./threat trees 10/03/2020 Process assurance & method engineering Risk management Requirements engineering
- 30. PDP4E Forum Complementary modelling views and disciplines •Structural (data) model e.g. •which data is personal? •is it sensitive? •what is the basis for collection? •Procedural (dataflow) model e.g. •which processes deal with personal data? •which processing operations it is being subject to? •which data flows between operations? •for what purpose it is being used? •who is authorized to access that data? •Architectural model •who stores and processes data? •under which jurisdiction? ❖ Minimization strategies and patterns •Reference framework •Argumentation •Assurance case and compliance model •Evidence model ❖ Argumentation patterns •Problem frames models (optional) •Requirements model ❖ Meta-requirements taxonomy • Assets model • Threats model • Controls model ❖ Vuln./threat trees 10/03/2020 System analysis & iterative design Process assurance & method engineering Risk management Requirements engineering
- 31. PDP4E Forum Complementary modelling views and disciplines •Structural (data) model e.g. •which data is personal? •is it sensitive? •what is the basis for collection? •Procedural (dataflow) model e.g. •which processes deal with personal data? •which processing operations it is being subject to? •which data flows between operations? •for what purpose it is being used? •who is authorized to access that data? •Architectural model •who stores and processes data? •under which jurisdiction? ❖ Minimization strategies and patterns •Reference framework •Argumentation •Assurance case and compliance model •Evidence model ❖ Argumentation patterns •Problem frames models (optional) •Requirements model ❖ Meta-requirements taxonomy • Assets model • Threats model • Controls model ❖ Vuln./threat trees 10/03/2020 System analysis & iterative design Process assurance & method engineering Risk management Requirements engineering
- 34. PDP4E Forum Method specification (SIPOC) 10/03/2020 SUPPLIER INPUT PROCESS OUTPUT CUSTOMER DEVELOPER IMPLEMENTATION UPDATES RISK MANAGEMENT IMPLEMENTATION ASSESS RISKS DEFINE CONTROLS ASSESS RESIDUAL RISKS CONTINUOUSLY MONITOR RISKS ARCHITECT DEVELOPER DPO PRODUCT OWNER DETERMINE NEED FOR DPIA DETERMINE RISK TREATMENT IDENTIFY THREATS LIST OF CONTROLS RISK MANAGEMENT PLAN TECHNICAL DPIA ARCHITECT DEFINITION OF ASSETS RISK ANALYST PRODUCT OWNER THREAT SOURCES PROCESSING OPERATIONS PRODUCT OWNER ARCHITECT RISK ANALYST SYSTEMS ASSURANCE ENGINEER