DevOps-driven Security Architectures
With the rise of the complexity of cyber-attacks and cybersecurity requirements, building software-intensive systems that are inherently secure (i.e., trustworthy systems) is increasingly challenging. The matter gets worse in the age of DevOps, as development and deployment of software-intensive systems happen at the breakneck pace. Given the widespread industrial interests in DevOps, it is becoming important for practitioners and researchers to understand "how", "when", and "by whom" security should be integrated and practiced into DevOps (e.g., DevSecOps). On the other hand, it is proclaimed that integrating security policies, practices, and measurements early in design (i.e., the architecture of a software system) is critical for establishing secure DevOps (i.e., truly implementing DevSecOps).
With this survey, we want to learn about software architectures that enable and integrate security in DevOps environment.
Here, we refer to this class of software architectures as DevOps-driven security architectures. Your answers will help us to build an evidence-based body of knowledge to support further development and adoption of security in DevOps through DevOps-driven security architectures.
We would be greatly appreciative if you can kindly complete the survey. The survey should take 5 minutes. This survey is anonymous. You will not be identified in the potential publications in the future.
Mojtaba Shahin, Monash University, Australia
Matthew Skelton, Conflux, UK
Peng Liang, Wuhan University, China
Muhammad Waseem, Wuhan University, China
Ali Rezaei Nassab, Sirjan University of Technology, Iran
Simon Maple, Snyk.io, UK
If you have any question, please contact us:
Q1. What is your current job title?
Q2. How many years have you worked in the IT/software industry (decimals okay)?
Q3. In 1-2 sentences, how would you describe a DevOps-driven security architecture?
Q4. What is a good DevOps-driven security architecture?
Q5. What are the attributes of a security software architecture?
Q6. Who is responsible to integrate security into DevOps?
Q7. [Optional] Do you have any general comments about the project or survey questions that you wish to share with us?
Never submit passwords through Google Forms.
This content is neither created nor endorsed by Google.
Terms of Service