Privacy risk analysis in the IoT domain Juan Hern´ andez-Serrano, Jose L. Mu˜ noz, Olga Le´ on Universitat Politcnica de Catalunya Barcelona, Spain Lars Mikkelsen, Hans-Peter Schwefel Aalborg Universitet Aalborg, Denmark Arne Br¨ oring Siemens AG Munich, Germany Abstract—Most IoT systems are using or exchanging user related information between system components. This means that privacy is a key factor in these systems. Privacy, both in terms of not allowing unauthorized access to information, but also in terms of handling sensitive information correctly and responsibly. As IoT systems typically are comprised of many software and hardware distributed components, ensuring privacy is a chal- lenging task. This paper proposes a risk rating methodology for identifying and rating privacy risks, and demonstrates how to apply this methodology in an IoT use case set in the context of the EU H2020 BIG IoT project. It is also demonstrated how to handle the results of the risk rating methodology. Index Terms—Risk assessment; Internet of Things; IoT; secu- rity; privacy; I. I NTRODUCTION In the past years, the Internet of Things (IoT) has largely ex- panded and the number of IoT devices is evermore increasing. Today, IoT use cases span over a wide variety of application domains, ranging from smart homes over e-health systems to industrial environments. Things used in such applications are made available through IoT platforms. These platforms can be located on the device, fog, or cloud level. A multitude of such platforms exist today. In order to enable cross-platform and even cross-domain application de- velopment, different initiatives are determined to form IoT ecosystems. An example for such an ecosystem initiative is the European H2020 BIG IoT project 1 [1]. BIG IoT has two main objectives. The first one is defining a shared interface, i.e., the so-called BIG IoT API comprising common functionalities such as service discovery, access, and event handling. This API needs to be supported by all partici- pating platforms, often in addition to their existing proprietary interface, as illustrated in figure 1. The second objective is establishing a centralized marketplace where platforms as well as value-adding services can be registered, searched, and subscribed by applications. In the BIG IoT project, these technologies are deployed in multiple pilot scenarios and involving various IoT platforms, services, and applications from the Smart Cities domain. Besides the evident benefits that can be achieved by such IoT ecosystems, dealing with security and privacy in the IoT is more challenging and more complex than it is in conventional networks, mainly by 4 reasons: 1) a very dynamic set of services and applications intensively handling data types with also very dynamic formats; 2) a multitude of usage scenarios, 1 http://big-iot.eu Figure 1. The BIG IoT approach for building an ecosystem of IoT platforms (source: [2]). 2 stakeholder settings for data provisioning and usage; 3) the high speed of information propagation and tool development in an IoT ecosystem; and 4) the lack of a simple security methodology that does not rely on long lists of factors that are complex to apply. The continued growth of IoT ecosystems will heavily de- pend on properly addressing the security and privacy chal- lenges that come from them. Among the different security and privacy requirements that have been identified to ignite a secure and reliable IoT ecosystem [2], privacy by design is key. Indeed, it has been literally requested (“Data protection by design” - DPD) in the Article 25 of the General Data Protection Regulation [3], which will become enforceable from May 2018. DPD refers to building privacy features from the very beginning of the design process instead of modifying or adding new features at a later stage. This fact involves the consideration of privacy in the full software development life cycle (SDLC). Notice that introducing privacy in the SDLC does not necessarily imply added costs. The cost of a data breach differs for every organization. As stated in [4], on average, all organizations in European countries such as France 2 Icons by Freepik from http://www.flaticon.com