https://www.mdu.se/

mdu.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
VeriDevOps Software Methodology: Security Verification and Validation for DevOps Practices
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.ORCID iD: 0000-0003-2416-4205
Åbo Akademi University, Turku, Finland.
SOFTEAM, Paris, France.
Montimage, Paris, France.
2023 (English)In: ACM International Conference Proceeding Series, Association for Computing Machinery , 2023, article id 135Conference paper, Published paper (Refereed)
Abstract [en]

VeriDevOps offers a methodology and a set of integrated mechanisms that significantly improve automation in DevOps to protect systems at operations time and prevent security issues at development time by (1) specifying security requirements, (2) generating trace monitors, (3) locating root causes of vulnerabilities, and (4) identifying security flaws in code and designs. This paper presents a methodology that enhances productivity and enables the continuous integration/delivery of trustworthy systems. We outline the methodology, its application to relevant scenarios, and offer recommendations for engineers and managers adopting the VeriDevOps approach. Practitioners applying the VeriDevOps methodology should include security modeling in the DevOps process, integrate security verification throughout all stages, utilize automated test generation tools for security requirements, and implement a comprehensive security monitoring system, with regular review and update procedures to maintain relevance and effectiveness.

Place, publisher, year, edition, pages
Association for Computing Machinery , 2023. article id 135
Keywords [en]
DevOps, monitoring, security, testing, verification, Cryptography, Software testing, Development time, Operation time, Root cause, Security flaws, Security issues, Security requirements, Security verification, Software methodologies, Verification-and-validation
National Category
Software Engineering
Identifiers
URN: urn:nbn:se:mdh:diva-65197DOI: 10.1145/3600160.3605054ISI: 001122662500131Scopus ID: 2-s2.0-85169691183ISBN: 9798400707728 (print)OAI: oai:DiVA.org:mdh-65197DiVA, id: diva2:1822121
Conference
18th International Conference on Availability, Reliability and Security, ARES 2023, Benevento, Italy, 29 August through 1 September 2023
Available from: 2023-12-21 Created: 2023-12-21 Last updated: 2024-02-26Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Enoiu, Eduard Paul

Search in DiVA

By author/editor
Enoiu, Eduard Paul
By organisation
Embedded Systems
Software Engineering

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 16 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf