Skip to main content
European Commission logo
Deutsch Deutsch
CORDIS - Forschungsergebnisse der EU
CORDIS
CORDIS Web 30th anniversary CORDIS Web 30th anniversary

VeriDevOps

Projektbeschreibung

Neue Werkzeuge für mehr Sicherheit von DevOps

DevOps ermöglicht es Unternehmen, Anwendungen und Dienste schneller bereitzustellen. Es soll den Entwicklungslebenszyklus von Systemen verkürzen und die kontinuierliche Bereitstellung hochwertiger Software ermöglichen. Derzeitige Systementwicklungsverfahren bauen vermehrt auf serienmäßigen und veralteten Komponenten auf, wodurch diese Systeme anfällig für Sicherheitslücken sind. Da DevOps häufige Software-Lieferungen ermöglicht, müssen Verifizierungsartefakte zeitnah aktualisiert werden, um mit der Prozessgeschwindigkeit mitzuhalten. Das EU-finanzierte Projekt VeriDevOps will Methoden und Werkzeuge für schnellere Feedback-Schleifen zur Verifizierung der Sicherheitsanforderungen – Vertraulichkeit, Integrität, Verfügbarkeit, Authentifizierung und Autorisierung – für groß angelegte cyber-physische Systeme entwickeln.

Ziel

VeriDevOps is about fast, flexible system engineering that efficiently integrates development, delivery, and operations, thus aiming at quality deliveries with short cycle time to address ever evolving challenges.
Current system development practices are increasingly based on using both off-the-shelf and legacy components which make such systems prone to security vulnerabilities.
Since DevOps is promoting frequent software deliveries, verification methods artifacts should be updated in a timely fashion to cope with the pace of the process. VeriDevOps aims at providing faster feedback loop for verifying the security requirements i.e. confidentiality, integrity, availability, authentication, authorization and other quality attributes of large scale cyber-physical systems. VeriDevOps is focusing on optimizing the security verification activities, by automatically creating verifiable models directly from security requirements, and using these models to check security properties on design models and generate artefacts (such as tests or monitors) that can be used (later on) in the DevOps process. More concretely, we will develop methods and tools for: 1) creating security models from textual specifications using natural language processing, 2) automatic security test creation from security models using model-based testing and model-based mutation testing techniques and 3) generating (intelligent/adaptive, ML-based) security monitors for the operational phases. This brings together early security verification through formal modelling as well as test generation, selection, execution and analysis capabilities to enable companies to deliver quality systems with confidence in a fast-paced DevOps environment. Overall, VeriDevOps is using the results of formal verification of security requirements and design models created during the analysis and design phase for test and monitor generation to be used to enhance the feedback mechanisms during development and operation phases.

Schlüsselbegriffe

Aufforderung zur Vorschlagseinreichung

H2020-ICT-2018-20

Andere Projekte für diesen Aufruf anzeigen

Unterauftrag

H2020-ICT-2020-1

Koordinator

MALARDALENS UNIVERSITET
Netto-EU-Beitrag
€ 883 750,00
Adresse
UNIVERSITETSPLAN 1
722 20 VASTERAAS
Schweden

Auf der Karte ansehen

Region
Östra Sverige Östra Mellansverige Västmanlands län
Aktivitätstyp
Higher or Secondary Education Establishments
Links
Gesamtkosten
€ 883 750,00

Beteiligte (7)