Towards Privacy-aware Software Reuse

As software becomes more complex, reusing and integrating artifacts from existing projects that may be taken from open or organization-proprietary repositories is becoming an increasingly important practice. This practice requires an in-depth understanding of the projects to be reused and particularly their common and variable features and their non-functional requirements. Different approaches have been suggested to analyze similarity and variability of different kinds of artifacts (mainly, requirements and code), e.g., clone detection and feature mining. These approaches, however, mainly address functional aspects of the software artifacts, while mostly neglecting aspects dictated by non-functional requirements. The recent progress with the General Data Protection Regulation (GDPR) highlights the importance of handling privacy concerns in software development. However, existing approaches do not directly refer to privacy challenges in software reuse. In this paper we propose integrating these two lines of research and introduce a privacy-aware software reuse approach. Particularly, we suggest to extend VarMeR - Variability Mechanisms Recommender - which analyzes software similarity based on exhibited behaviors and recommends on polymorphism-inspired reuse mechanisms, with privacy awareness considerations. These considerations are reflected in "privacy levels" of the reused artifacts.