PCM Tool: Privacy Requirements Specification in Agile Software Development

  • Mariana Peixoto UFPE
  • Carla Silva UFPE
  • Ricarth Lima UFPE
  • João Araújo UNL
  • Tony Gorschek BTH
  • Jean Silva UFPE


Recent research has pointed out that software developers face difficulties to specify requirements for privacy-sensitive systems. To help addressing this issue, this paper presents a tool, called PCM Tool, that supports the Privacy Criteria Method (PCM) - an approach designed to guide the specification of privacy requirements in agile software development.


Ayala-Rivera, V. and Pasquale, L. (2018). The grace period has ended: An approach to operationalize gdpr requirements. In 26th International Requirements Engineering Conference (RE), pages 136–146. IEEE.

GDPR (2018). General data protection regulation. https://eugdpr.org/.

Hadar, I., Hasson, T., Ayalon, O., Toch, E., Birnhack, M., Sherman, S., and Balissa, A. (2018). Privacy by designers: software developers’ privacy mindset. Empirical Software Engineering, 23(1):259–289.

Hart, S. G. and Staveland, L. E. (1988). Development of nasa-tlx (task load index): Results of empirical and theoretical research. In Advances in psychology, volume 52, pages 139–183. Elsevier.

Kalloniatis, C. (2017). Incorporating privacy in the design of cloud-based systems: a conceptual meta-model. Information & Computer Security, 25(5):614–633.

Kalloniatis, C., Kavakli, E., and Gritzalis, S. (2009). Methods for designing privacy aware information systems: a review. In 13th Panhellenic Conference on Informatics (PCI), pages 185–194. IEEE.

Mai, P. X., Goknil, A., Shar, L. K., Pastore, F., Briand, L. C., and Shaame, S. (2018). Modeling security and privacy requirements: a use case-driven approach. Information and Software Technology, 100:165–182.

Medeiros,J.,Vasconcelos,A.,Silva,C.,andGoulão,M.(2018). Qualityofsoftware requirements specification in agile projects: A cross-case analysis of six companies. Journal of Systems and Software, 142:171–194.

Peixoto, M. M. and Silva, C. (2018). Specifying privacy requirements with goal-oriented modeling languages. In XXXII Brazilian Symposium on Software Engineering (SBES), pages 112–121. ACM.

Peixoto, M. M., Silva, C., Araújo, J., and Gorschek, T. (2019a). Supplementary Material. https://tinyurl.com/y6hsngtz.

Peixoto, M. M., Silva, C., Araújo, J., Gorschek, T., and Vasconcelos, A. (2019b). Submitted and under review. For a copy, ask to mmp2@cin.ufpe.br.

Wagner, S. et al. (2019). Status quo in requirements engineering: A theory and a global family of surveys. ACM Trans. on Software Eng. and Methodology (TOSEM), 28(2):9.

Younas, M., Jawawi, D., Ghani, I., and Kazmi, R. (2017). Non-functional requirements elicitation guideline for agile methods. Journal of Telecommunication, Electronic and Computer Engineering (JTEC), 9(3-4):137–142.
PEIXOTO, Mariana; SILVA, Carla; LIMA, Ricarth; ARAÚJO, João; GORSCHEK, Tony; SILVA, Jean. PCM Tool: Privacy Requirements Specification in Agile Software Development. In: SESSÃO DE FERRAMENTAS - CONGRESSO BRASILEIRO DE SOFTWARE: TEORIA E PRÁTICA (CBSOFT), 1. , 2019, Salvador. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2019 . p. 108-113. DOI: https://doi.org/10.5753/cbsoft_estendido.2019.7666.