Privacy Engineering - Regulatory Compliance Lab (PERC-Lab)
In PERC Lab, we work on the Regulatory Compliance Software Engineering (RCSE) as one of the emerging areas in Software Engineering. We leverage requirements engineering, natural language processing (NLP), machine learning (ML) and privacy by design techniques to tackle the challenges of security and privacy of software systems, mobile applications and smart devices (the Internet of Things, Cyber-Physical Systems or wearable devices). We develop frameworks, methods and tools to solve some of the problems software analysts, designers and developers face in terms of protecting the privacy of the end-user, complying with the exisitng and new privacy-related regulations and developing secure software systems or applications.
With emerging use of Internet of Thing (IoT) and Cyber-Physical Systems, much more data of the user is being collected, used and shared. However, due to the lengthiness of privacy policies and new field of IoT, many users may not be aware of the potential privacy breaches and/or misuses.
We perform research from three different angles: (1) End-user (2) Software analyst and developers and (3) Regulatory bodies. Our objective is to develop software systems, mobile applications and IoT devices that consider privacy and security at all levels of software development life-cycle, from requirements and design to implementation. We aim to develop methods and tools for providing informed notice to the users about their privacy and giving them real choices, analyze and mine regulations across multiple-jurisdictions to develop a knowledge repository for privacy and legal requirements, and design and develop methods for implementing privacy requirements in software systems, mobile apps and IoT devices.
Keywords: Security and Privacy; Requirements and Software Engineering; Legal Compliance; Internet of Things; Cyber-Physical Systems; Natural Language Processing; Privacy by Design.
For a summary of different research projects please visit Projects.