Tailoring privacy aspects into the software development process has become a key concern and challenge for the industry. Privacy engineering has emerged as a research framework that focuses on adapting privacy into organizational and technical measures [ 1 ]. Privacy engineering is integrated into the software development life cycle (SDLC), including the requirements and design phase. The requirements phase can therefore be referred to as privacy requirement engineering. Many privacy requirements engineering methodologies depend heavily on a waterfall-style approach that can be time-consuming and not tailored to the agile speed that much of the industry is currently taking. Researchers have studied these challenges and clearly state the conflicting nature of agile software development (ASD) and privacy engineering [ 2 ].

The agile turn makes modeling privacy threats or designing a privacy-aware system become more challenging [ 3 ]. According to the findings of a study on legal compliance within agile teams, the teams did not know how to identify privacy principles in user requirements [ 4 ]. They believe it is challenging to incorporate privacy considerations into the development process [ 4 ]. To overcome this, researchers are developing the method that can suit to the agile process [ 5 ], or proposing the lean process on privacy engineering. [ 6 ]. Tool support is also proposed as a way to capture the privacy requirement in agile situation [ 7 ].

Intelligent software engineering (ISE) has long been used in ASD [ 8 ]. Perkusich [ 8 ] refers ISE as "the application of intelligent techniques to software engineering". In addition, they defined intelligent technique as "a technique that explores data (from digital artifacts or domain experts) for knowledge discovery, reasoning, learning, planning, natural language processing, perception or supporting decision-making". The implementation of the ISE has the purpose of helping better manage and even accelerate the agile process, including software requirement and design [ 8 ]. Advances in intelligent techniques, such as natural language processing (NLP), have accelerated the adoption of intelligent techniques in requirements engineering [ 9, 10 ].

The potential of ISE, however, has not been realized to assist privacy engineering in ASD. The empirical research on agile teams found that they prefer to be assisted with techniques and tools to perform privacy requirement elicitation [ 4 ]. They also get some dificulties in capturing privacy aspects in textual user stories [ 4 ]. There is a clear opportunity to bridge the gap between the advancement of IS techniques such as NLP with privacy requirement engineering [ 11 ]. We hypothesize that IS-enabled tools will be able to overcome these challenges. To the best of our knowledge, there is still a lack of research that sees the implementation of IS in privacy engineering.

The privacy engineering aspect of this research is focused on the requirement and design phases. Several methodologies exist to elicit privacy requirements, including threat modeling and privacy impact assessment. However, as indicated in the introduction, agile teams continue to face challenges with incorporating this into the development process [ 4 ]. Therefore, we intend to build an intelligent system (IS) that is able to assist agile teams in privacy requirements and design activities. We begin our research by investigating how IS might be used to help the requirement and design phases of agile privacy engineering. This includes identifying the current practice of privacy requirements and design engineering, as well as the kind of intelligent techniques suitable for supporting it.

Obtaining privacy requirements typically requires following several steps, such as identifying assets, identifying personal data, modeling the system, analyzing data flow, identifying threats, and eliciting requirements according to specific privacy principles. The amount of work required for some of these processes is considered a challenge by some software teams [ 2 ]. Once the privacy requirements are defined, it can be dificult for software teams to choose from a number of design patterns or privacy enhancement technologies (PET) in order to meet the requirements. An empirical evaluation of our IS technique must be performed to demonstrate the methodology’s rigor. The intelligent technique that we will implement must meet specific criteria, such as recall [ 12 ], so that it can be used to support agile teams.

The efort to integrate privacy in the software development process has been studied by providing frameworks and methodologies. One of the most popular research to treat privacy is the risk management approach. However, the practice of risk management is still conducted in a traditional plan-driven way [ 13 ]. The approach to address privacy in the ASD context has been made in a limited amount of research [ 14, 7 ]. PRIPARE project has provided a handbook for applying privacy by design to ASD [ 14 ], while OASIS projects focus on the documentation [ 15 ]. PRIPARE project proposes incremental privacy and security, sprint zero, and privacy security sprints, while OASIS project mentions applying proactive and iterative, which derived the first principle of the original privacy by design.

Privacy is considered to be closely linked to security and risk management in software systems [ 16 ]. The research by Dam et al. [ 17 ] tries to automatically inspect code vulnerabilities to reduce the risk of security infringement. They use a deep learning model called Long Short Term Memory (LSTM) to learn the semantic and syntactic representation of the code that can lead to vulnerabilities. The use of the deep learning model has been shown to outperform the previous approach for some intelligent system tasks.

The potential for automating the privacy process has been studied in several research [ 18, 11 ]. Study by Zimmermann [ 18 ] identifies the potential of automation in a privacy engineering context, especially the privacy impact assessment process. They argued that automatic selection of privacy patterns for a given set of specifications is advantageous to the privacy engineer. Aberkanne [ 11 ] explicitly mentions the potential use of the Natural Language Processing model to support the privacy requirement engineering. Utilizing the reusable elements [ 19 ] from design patterns, techniques, methods or tools can help achieve this goal. Design patterns claimed to play an important role on enabling adaptation to privacy compliance [ 20 ]. However, software practitioners still had dificulties connecting the requirement of regulation with a suitable technical measure such as design pattern [ 21 ]. Recommendation systems ought to be the solution to the array of choices in the design pattern. Semi-automation approach through an online questionnaire or wizard has been studied and implemented by Colesky et al. [ 22 ] to get a suitable privacy design pattern based on the knowledge base [ 23 ]. Nevertheless, an integrated solution that streamlines assets, data flow, and privacy requirements while providing an appropriate privacy design pattern can be beneficial.

Incorporating intelligent systems to ASD has been studied comprehensively in a systematic literature review conducted by Perkusich [ 8 ]. Most of these techniques are applied to support the management of ASD, such as improving the estimation of efort and delay risk prediction [ 24 ]. Intelligent systems also impact the other areas of ASD, such as software requirements, software design, software quality, and testing with a lesser amount of study. Regarding security in ASD, only one study uses fuzzy logic to combine security activities with ASD [ 25 ]. In a more recent research, Villazimar [26] uses NLP to match a text feature from a user story with security properties and security requirements. However, a specific study on applying the intelligent system to privacy in ASD is not mentioned in the study [ 8 ].

This research’s main objective is to provide an intelligent system to help the agile team integrate privacy aspects into their software system. Tool support would be necessary to allow an easy adaptation for agile teams. Therefore, we took the design science research framework, which aims to create new and innovative artifacts [27]. Along with the design science research, we aim to use the experimental design [28] method to measure our objectives. We plan to answer the first problem in several cycles, which targets the requirement and design phase in privacy engineering. In each cycle, an evaluation will be conducted to ensure the rigor of the proposed artifact.

We propose an Intelligent System (IS) concept to support decision-making on privacy requirements by utilizing the reusable knowledge from privacy framework, privacy patterns, and legal requirements. Privacy as one of the requirements in software development already has an abundance of reusable knowledge [ 19 ]. Tools that can assist requirement analyst in managing the requirement is needed. Connecting IS with reusable privacy knowledge is the focus of the proposed approach. The IS is in the form of (1) Personal data identification from user stories, (2) Automatic Data Flow Diagram Generation, (3) Privacy requirement recommendation systems, and (4) Privacy design pattern recommendation system.

The success of the proposed approach will be measured through experimental design. The system performance for automatic privacy entities detection, automatic data flow diagram generation, privacy requirement recommendation, and design recommendation system will be evaluated using precision, recall, and F-Measure. We will perform a controlled experiment on the requirement and design phase to compare the speed, leanness, and learning when intelligent systems are incorporated to build privacy-aware software systems.

Our solution centered around the user stories as the primary input. Thus, we mainly use the Natural Language Processing (NLP) methods to identify the needs of privacy requirements. The ifnal output is a set of privacy requirements and design recommendations to support privacy integration into software under development. We aim to reduce the manual efort on the privacy engineering process by assisting it with some automatic approaches.

The first module detects the personal data attributes in the user story using Named Entity Recognition (NER). This becomes the basis for the generation of Privacy-Aware Data Flow Diagram (DFD). The technical measure or solution for privacy requirements can be derived from mapping the DFD elements with the privacy-enhancing technologies (PET) and privacy patterns. LINDDUN [29] has provided the mapping from privacy requirement to the suggested technical solution in the form of PET. In terms of privacy patterns, a well-documented catalog is already established in privacypattern.org. Our work will combine the previously known knowledge base to recommend a suitable technical solution. Our approach tries to minimize the presents of data privacy experts or prior knowledge about privacy. The recommendation system will use a content-based recommendation system based on the similarity between the requirement and the description of PET and the Privacy Pattern. In addition, we will also use the knowledge-based recommendation system in the form ontology-based recommendation system and constraint-based recommendation system.

Integrating privacy into agile software development is still an open problem. According to Aberkanne, the use of NLP can become a potential solution for automating some processes in GDPR compliance [ 11 ]. We aim to solve this gap by proposing IS approaches such as NLP and recommendation systems targeting privacy engineering activities, which are requirement generation and threat modeling [ 3, 30 ]. Additionally, we hope to streamline the privacy requirement into a usable design pattern through the use of a knowledge base. We build the IS artifact using a design science framework. Lastly, we intend to conduct a novel evaluation that assesses our IS adaptation using experimental design [28].

The first phase of our research is to obtain knowledge bases (KB) to support the information systems artifacts that we will build. We intend to use publicly accessible knowledge, including frameworks, instruments, methods, dictionaries, and data sets. We divide the initial phase into four iterations.

The first iteration is dedicated to developing the knowledge base for the NER module. We identify personal data by referencing dictionaries ofered by Data Privacy Vocabulary teams. Additionally, we are developing our annotation data set to recognize data subjects and process entities in user stories. Based on this knowledge base, we create our first information system artifact powered by a state-of-the-art machine learning model for NER. This article was published in ESPRE 2021 [31]. The second iteration will utilize the NER module to create a Privacy-Aware Data Flow Diagram (DFD). We use publicly available tools to generate the relationship between entities in a collection of user stories. We conducted a preliminary assessment and will publish our research preview in the REFSQ 2022. In the future, we intend to perform additional evaluations. The third and fourth iterations will develop an information system model to support privacy requirements and design recommendations. These third and fourth iterations are a work in progress.

Our second phase of research will determine the influence of our privacy engineering approach on ASD, particularly in terms of agility degree. Since we believe that this type of empirical evaluation is new to agile privacy engineering, we would like to leverage the knowledge and insights of the doctoral symposium community regarding this evaluation.

The purpose of this proposal is to establish a research agenda for incorporating privacy into agile software development methodologies through the use of an intelligent system. We ofer a novel perspective on the ISE model’s privacy requirements and design phases. Our primary objective is to create an artifact that enables agile teams to rapidly meet desirable privacy and design recommendations. We also aim to streamline the requirement into the correct privacy design pattern. We hope this research will have an impact to provide a solution to overcome the challenge of integrating privacy into the agile software development process.

The author acknowledge the scholarship granted by the Indonesia Endowment Fund for Education (IEFE/LPDP), Ministry of Finance, Republic of Indonesia and the support received from the University of Vienna, Faculty of Computer Science. [26] H. Villamizar, M. Kalinowski, A. Garcia, D. Mendez, An eficient approach for reviewing security-related aspects in agile requirements specifications of web applications, Requirements Engineering 25 (2020) 439–468. URL: https://doi.org/10.1007/s00766-020-00338-w. doi:10.1007/s00766-020-00338-w. [27] A. R. Hevner, S. T. March, J. Park, S. Ram, Design science in information systems research,

MIS quarterly (2004) 75–105. [28] S. L. Pfleeger, Experimental design and analysis in software engineering, Annals of

Software Engineering 1 (1995) 219–253. [29] M. Deng, K. Wuyts, R. Scandariato, B. Preneel, W. Joosen, A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements, Requirements Engineering 16 (2011) 3–32. URL: https://doi.org/10.1007/s00766-010-0115-7. doi:10.1007/s00766-010-0115-7. [30] D. Soares Cruzes, M. Gilje Jaatun, K. Bernsmed, I. A. Tondel, Challenges and experiences with applying microsoft threat modeling in agile development projects, Proceedings 25th Australasian Software Engineering Conference, ASWEC 2018 (2018) 111–120. doi:10. 1109/ASWEC.2018.00023. [31] G. B. Herwanto, G. Quirchmayr, A. M. Tjoa, A named entity recognition based approach for privacy requirements engineering, in: 2021 IEEE 29th International Requirements Engineering Conference Workshops (REW), 2021, pp. 406–411. doi:10.1109/REW53955. 2021.00072.