Context
Digitalization is becoming essential in many areas, such as energy, healthcare, smart cities and agriculture. Technologies such as IoT, AI, data spaces, Edge2Cloud, digital twins and IT continuum are emerging, all promising flexible integration in these areas. However, there are crucial cross-cutting aspects that ensure the delivery of safe and trustworthy products and services in each area: safety, security (cybersecurity) and privacy.
Integrating diverse principles and concepts, such as ecosystems, systems of systems, and trustworthiness, is a major challenge. Secure environments and trustworthiness are essential to gain citizen acceptance of digital services. The new concept of systems of systems and/or ecosystems arises from the complexity of integrating diverse technological systems, involving many stakeholders and interactions. Two cooperating systems managed independently can create emerging risks from a cybersecurity and data protection perspective.
It is therefore important to implement comprehensive security and privacy management for the entire ecosystem, taking into account both the ecosystem as a whole and the individual systems that compose it. ISO/IEC 27570 – Privacy guidelines for smart cities is a revolutionary standard that presents a standardized “privacy blueprint” for this specific domain, integrating an ecosystem perspective.
To address this need, Trialog developed a security and privacy management methodology, initially called SPOCS, which was used within the INTERCONNECT project in more than eight pilot projects in different countries. This methodology has since evolved and is now officially known as the Privacy and Security Plan (PSP).
The PSP is an operational plan designed to guide stakeholders in managing privacy and cybersecurity concerns within a project and its ecosystem. It provides guidelines, supports iterative processes, and produces structured and comparable results.
Methodology
There are many different methodologies for security or privacy analysis, but there is no single methodology that comprehensively encompasses both aspects.
The most relevant standards regarding security aspects include the ISO/IEC 27000 series (27001 – Requirements for information security management systems, 27002 – Code of practice for information security controls, 27005 – Information security risk management, 27110 – Guidelines for developing a cybersecurity framework, 27400 – Security and privacy guidelines for IoT), NIST 7628 – Guidelines for smart grid cybersecurity, and the NIST Cybersecurity Framework. In addition, specific methods such as STRIDE categorize security threats.
On the other hand, there are many standards that cover privacy aspects in different areas. These include the ISO/IEC standards:
- 27403 – IoT Security and Privacy – Guidelines for IoT – Home Automation;
- 27550 – Privacy Engineering for Systems Lifecycle Processes;
- 27561 – Model and method for operationalizing confidentiality for engineering (POMME);
- 27701 – Extension to ISO/IEC 27001 and ISO/IEC 27002 – Management of confidential information – Requirements and guidelines;
- 29134 – Guidelines for Privacy Impact Assessment, 31700 – Privacy by Design of Consumer Goods and Services;
and the NIST Privacy Framework or NISTIR 8062 – An Introduction to Privacy Engineering and Risk Management in Federal Systems, as well as the PRIPARE Privacy and Security by Design Methodology Handbook.
There are also comprehensive methods like LINDDUN, which is renowned for privacy and data protection analysis.
The PSP methodology builds on this standardization framework and on relevant methods for privacy and security analysis. It is tailored to each project, ecosystem or client, and considers four main activities that feed each other: (I) PSP preparation, (II) privacy analysis, (III) security analysis and (IV) KPI reporting and monitoring. The adaptation and implementation of the PSP methodology is illustrated by the following processes.
Adaptation and implementation of the PSP methodology for a project
Strengthening privacy and cybersecurity
One of the main goals of the PSP is to help project stakeholders manage both privacy and cybersecurity issues. To do this, the privacy assessment is used as an input for the cybersecurity analysis and the integration of threats and privacy controls into the threat model. This approach allows to initially assess the privacy requirements of a system and then ensure that these requirements meet the appropriate level of security. Treating them separately could lead to security controls that overlook the presence of personal data or to privacy controls that compromise the overall security of the system.
PSP Activities
The PSP offers trainings for each step to raise awareness about privacy and security. These trainings also serve as an introduction to the methodology used for a thorough privacy and security analysis. In addition, workshops are conducted by Trialog’s senior consultants, who are experienced in these fields and provide support and guidance on activities such as Privacy Impact Assessment (PIA) and Security Risk Analysis. The analyses are based on the most commonly used and well-known methods and standards, such as ISO/IEC 29134 – Guidelines for Privacy Impact Assessment, LINDDUN, STRIDE and the NIST Framework. The PSP is constantly improving as a dynamic plan, regularly revised and measured by standardized key performance indicators.
A plan to guide stakeholders in collaborative projects
The PSP offers comprehensive support, not only through senior consultants in workshops, but also through a new PSP tool. This tool, now in its second version, has been tested in projects such as ENERGICA and PARMENIDES. The PSP tool supports the entire methodology applied to the life cycle of a project. It includes a dashboard that summarizes each activity, displays the progress of questionnaires and results, while providing contextual guidelines and assistance at each stage of the PSP, as detailed below.
The PSP Dashboard, an example of “Preparing a PSP”
questionnaire and contextual guide, all implemented within the framework of the PAMENIDES project
Future prospects
the HEDGE-IoT project, where the PSP will be enhanced to support the integration of AI security and safety. This enhancement aims to ensure that, if relevant controls are implemented, the project pilots will be compliant with the AI Act. The enhancements will address various aspects, including robustness, security, data quality, compliance with local regulations, governance, risk management, controllability, transparency, explainability and ethics.
