论文标题
从头开始创建它:一种实用方法,用于增强以DevOps为基础的软件开发环境中的物联网安全性
Creating it from SCRATCh: A Practical Approach for Enhancing the Security of IoT-Systems in a DevOps-enabled Software Development Environment
论文作者
论文摘要
DevOps描述了一种重新组织软件工程中不同学科的方法,以加快软件交付的方式。但是,向组织引入DevOps方法是一项复杂的任务。成功的介绍导致一组结构化的过程描述。尽管有结构,但此过程仍然存在错误:尤其是在个人阶段解决安全问题,而无需考虑相互依存关系。此外,将DevOps方法应用于分布式实体(例如物联网(IoT))很困难,因为该体系结构是用于台式机和云资源的型号。在这项工作中,引入了DevOps流程阶段中使用的工具的概述。从安全性或对物联网的适用性方面的差距得出。基于这些差距,在研究项目划痕过程中正在开发的解决方案以对DevOps-Encroments的利益来提出和讨论。
DevOps describes a method to reorganize the way different disciplines in software engineering work together to speed up software delivery. However, the introduction of DevOps-methods to organisations is a complex task. A successful introduction results in a set of structured process descriptions. Despite the structure, this process leaves margin for error: Especially security issues are addressed in individual stages, without consideration of the interdependence. Furthermore, applying DevOps-methods to distributed entities, such as the Internet of Things (IoT) is difficult as the architecture is tailormade for desktop and cloud resources. In this work, an overview of tooling employed in the stages of DevOps processes is introduced. Gaps in terms of security or applicability to the IoT are derived. Based on these gaps, solutions that are being developed in the course of the research project SCRATCh are presented and discussed in terms of benefit to DevOps-environments.
