O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.
Methods and Tools for GDPR Compliance through
Privacy and Data
Protection 4 Engineering
PDP4E-Req tool
demonstration
Patri...
11/06/2021 PDP4E
PDP4E Privacy Req. Engineering Method
Tool
Requirement Information
Deduction
ProPAn Artefacts
PDP Goal
Re...
Overall process to elicit GDPR
requirements
Assist Engineers to
manage GDPR
Requirements including
upward and downward
tr...
1. Specify Functional requirements
Goal: Specify functional requirements focusing on processing activities
Example for S...
Functional requirements overview
 Functional requirements model
WP4 PDP4E 5
11/06/2021
2. Transformation into RDFD
• Goal: Functional requirements are translated into RDFD elements:
PDP4E 6
• Data Record Requi...
2. RDFD model overview
02/12/2019 15 PDP4E 7
2. Transformation into RDFD -
Personal Information Diagram
Goal: Specify data involved in processing activities and relat...
2. PID model overview
WP4 PDP4E 9
11/06/2021
3. Validation of RDFD model
 Provide a correct-by-construction RDFD
 Model should be in compliance with GDPR meta-model ...
3. Validation outcomes overview
WP4 PDP4E 11
11/06/2021
Errors/Warnings and concerned model elements 
Error/warning marke...
4. GDPR Requirements
generation
PDP4E 12
 Goal: Generate the GDPR requirements a system should satisfy
 Several categori...
4. Overview of PDP4E-Req interface
WP4 PDP4E 13
11/06/2021
Selection of GDPR category  GDPR requirements generated 
4. Upwards and downwards
traceability and search
Support for req. engineering tasks:
 Find/show functional Requirements ...
4. Upwards and downwards
traceability and search overviews
WP4 PDP4E 15
11/06/2021
Functional and GDPR requirements associ...
Summary of achievements
 PDP4E-Req released as open-source (EPL-2):
https://git.eclipse.org/c/papyrus/org.eclipse.papyru...
Acknowledgements
29/06/2021
This project has received funding from the European Union’s Horizon 2020 research and innovati...
Methods and Tools for GDPR Compliance through
Privacy and Data
Protection 4 Engineering
For more information, visit:
www.p...
Próximos SlideShares
Carregando em…5
×

de

Wp4 tool demonstration_v1 Slide 1 Wp4 tool demonstration_v1 Slide 2 Wp4 tool demonstration_v1 Slide 3 Wp4 tool demonstration_v1 Slide 4 Wp4 tool demonstration_v1 Slide 5 Wp4 tool demonstration_v1 Slide 6 Wp4 tool demonstration_v1 Slide 7 Wp4 tool demonstration_v1 Slide 8 Wp4 tool demonstration_v1 Slide 9 Wp4 tool demonstration_v1 Slide 10 Wp4 tool demonstration_v1 Slide 11 Wp4 tool demonstration_v1 Slide 12 Wp4 tool demonstration_v1 Slide 13 Wp4 tool demonstration_v1 Slide 14 Wp4 tool demonstration_v1 Slide 15 Wp4 tool demonstration_v1 Slide 16 Wp4 tool demonstration_v1 Slide 17 Wp4 tool demonstration_v1 Slide 18
Próximos SlideShares
What to Upload to SlideShare
Avançar
Transfira para ler offline e ver em ecrã inteiro.

0 gostaram

Compartilhar

Baixar para ler offline

Wp4 tool demonstration_v1

Baixar para ler offline

PDPReq tool demonstration

Audiolivros relacionados

Gratuito durante 30 dias do Scribd

Ver tudo
  • Seja a primeira pessoa a gostar disto

Wp4 tool demonstration_v1

  1. 1. Methods and Tools for GDPR Compliance through Privacy and Data Protection 4 Engineering PDP4E-Req tool demonstration Patrick Tessier (CEA) Gabriel Pedroza (CEA) Nicolás E. Díaz Ferreyra (UDE) Maritta Heisel (UDE) Requirements Engineering Tool and Method (WP4)
  2. 2. 11/06/2021 PDP4E PDP4E Privacy Req. Engineering Method Tool Requirement Information Deduction ProPAn Artefacts PDP Goal Requirement Metamodel Data Protection Principle Hansen Generation of Privacy Requirement Candidates Semantic Template Adjust Privacy Requirements Validate Privacy Requirements Requirement Information Privacy Requirement Candidates Adjusted Privacy Requirements Validated Privacy Requirements Method Step External Input Internal Input/output P-DFD ProPAn Taxonomy PDP Metamodel External Input (new) X PDP4E Req WP4
  3. 3. Overall process to elicit GDPR requirements Assist Engineers to manage GDPR Requirements including upward and downward traceability PDP4E 3 11/06/2021 WP4
  4. 4. 1. Specify Functional requirements Goal: Specify functional requirements focusing on processing activities Example for Smart Grid R05-02: Data Scientist shall perform analysis on data available in the data sharing platform. For example, studying grid response to some events in specific locations.  PDP4E-Req tool support: Dedicated extension of Papyrus Req Feature 1: create SysML Requirements Feature 2: ensure Requirements management including traceability WP4 PDP4E 4 11/06/2021
  5. 5. Functional requirements overview  Functional requirements model WP4 PDP4E 5 11/06/2021
  6. 6. 2. Transformation into RDFD • Goal: Functional requirements are translated into RDFD elements: PDP4E 6 • Data Record Requirement (DRR): Collection of data records (e.g. personal data) • Data Process Requirement (DPR): Activities that are performed over data records. • Data Flow Requirement (DFR): Exchange of information between DRR and DPR. PDP4E-Req tool support: Activity-like Diagram to support RDFD models Feature 1: dedicated profile implementing GDPR fundamental notions Feature 2: traceability between RDFDs and functional Requirements ensured 11/06/2021 WP4
  7. 7. 2. RDFD model overview 02/12/2019 15 PDP4E 7
  8. 8. 2. Transformation into RDFD - Personal Information Diagram Goal: Specify data involved in processing activities and relate high-level concepts which are necessary when analyzing : Aggregation of data, Availability of data to different stakeholders, Classify/separate personal -and non personal- Data PDP4E-Req tool support: Dedicated Class-like diagram to support PIDs. Feature 1: dedicated profile based upon GDPR and added privacy notions Feature 2: stereotype to identify personal (non-personal) data PDP4E 8 11/06/2021 WP4
  9. 9. 2. PID model overview WP4 PDP4E 9 11/06/2021
  10. 10. 3. Validation of RDFD model  Provide a correct-by-construction RDFD  Model should be in compliance with GDPR meta-model (and respective provisions)  Each error/warning raises an alert for the requirement engineer to consider  For example, for personal data  Who is the DataSubject?  Who is the responsible for processing (i.e., the controller)? PDP4E-Req tool support: Integrated validation at a click of a button Feature 1: implemented validation rules based on the GDPR profile Feature 2: rules for model completeness validation (e.g., missing elements) Feature 3: rules for model correctness validation (e.g., wrong stereotypes) WP4 PDP4E 10 11/06/2021
  11. 11. 3. Validation outcomes overview WP4 PDP4E 11 11/06/2021 Errors/Warnings and concerned model elements  Error/warning markers on the model elements 
  12. 12. 4. GDPR Requirements generation PDP4E 12  Goal: Generate the GDPR requirements a system should satisfy  Several categories of requirements can be generated  According to GDPR principles/aspects: lawfulness, transparency, safeguards  According to privacy concerns: anonymity, confidentiality PDP4E-Req tool support: automatic generation of GDPR requirements  Feature 1: generation based upon GDPR profile  Feature 2: automatic model structuring to ease requirements exploration  Feature 3: dedicated package to store generated requirements  Feature 4: traceability between functional (system-to-be) and GDPR requirements  Feature 5: interactive help in case model information is missing prior to generation  Feature 6: dedicated interface to ease upwards and downwards requirement search 11/06/2021 WP4
  13. 13. 4. Overview of PDP4E-Req interface WP4 PDP4E 13 11/06/2021 Selection of GDPR category  GDPR requirements generated 
  14. 14. 4. Upwards and downwards traceability and search Support for req. engineering tasks:  Find/show functional Requirements containing GDPR requirements  Show GDPR requirements structure (as a tree)  Help to explore and understand GDPR requirements structure (parents, children)  Model explorer customization to display:  Sub requirements even if there are not in the same package  Display the number of GDPR requirements in the sub-tree  Dedicated view to display set of requirements that should be satisfied.  Color code: blue for GDPR requirements, black for functional requirements  Possibility to filter requirements WP4 PDP4E 14 11/06/2021
  15. 15. 4. Upwards and downwards traceability and search overviews WP4 PDP4E 15 11/06/2021 Functional and GDPR requirements associated  GDPR Requirements View 
  16. 16. Summary of achievements  PDP4E-Req released as open-source (EPL-2): https://git.eclipse.org/c/papyrus/org.eclipse.papyrus-privacydesigner.git/  PDP4E-Req site to facilitate installation: https://ci.eclipse.org/papyrus/view/privacydesigner/job/privacydesigner-2020-06/ PDP4E-Req implements the methodology for RE targeting PDP:  DFD for requirements (RDFD)  Structuration of data and personal data (PID)  Support for model validation (correctness)  Automatic generation of GDPR and data protection requirements  Dedicated GUI to search and navigate into the requirements structure PDP4E 16 11/06/2021 WP4
  17. 17. Acknowledgements 29/06/2021 This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 787034. Purpose and IPR Notice: the material in this support has been mostly prepared by CEA in the scope of PDP4E for explanatory and training purposes. Any partial or full usage of this material in a different context requires written and explicit consent from the respective partners. The property of the contents herein referred (including methods, tools and trademarks) belongs to the respective IPR and copyright holders. PDP4E 17 WP4
  18. 18. Methods and Tools for GDPR Compliance through Privacy and Data Protection 4 Engineering For more information, visit: www.pdp4e-project.org Thank you for your attention Questions? WP Leader: CEA gabriel.pedroza@cea.fr patrick.tessier@cea.fr

PDPReq tool demonstration

Vistos

Vistos totais

62

No Slideshare

0

De incorporações

0

Número de incorporações

0

Ações

Baixados

0

Compartilhados

0

Comentários

0

Curtir

0

×