Sammendrag
There is a serious lack of support for trustworthy smart IoT systems within DevOps. Security and privacy are often overlooked in DevOps cultures and almost absent in the context of IoT. In this paper, we focus on the planning stage of DevOps and propose a tool-supported method for risk-driven planning considering security and privacy risks. Our method consists of five steps: establish context, analyse dataflow, model privacy and security risk, develop risk assessment algorithm based on risk model, and execute risk assessment algorithm. Our tool supports this method in the first and the last step and facilitates dynamic risk assessment based on input provided by the user or collected from the monitoring stage into predefined risk models. The output of the tool is a risk assessment which the end users, e.g. developers, can use as decision support to prioritize certain parts of the target under analysis in the next cycle of DevOps. The tool and the method are evaluated in a real-world sm art home case. Our initial evaluation indicates that the approach is comprehensible for our intended users, supports the planning stage in terms of security and privacy risk assessment, and feasible for use in the DevOps practice