Privacy-Preserving Architectures with Probabilistic Guaranties

Violations of the privacy of users can happen if data protection is not a fundamental part of the development process of a software system. The principle of Privacy by Design (PbD) therefore stipulates the consideration of privacy as a default feature. We have developed an integrated tool environment called CAPVerDE that provides a formal description language of software architectures and helps a designer by automatically verifying data minimization properties at the architectural level. Our logic includes probabilistic properties that introduce uncertainty into the architectures. These properties can be used to model attack scenarios that rely on chance. This paper presents the logic of the description language of CAPVerDE and illustrates the verification process by applying it to a smart energy metering scenario.