Welcome to the InfoSci Platform
Reference Hub8
Towards a Secure DevOps Approach for Cyber-Physical Systems: An Industrial Perspective

Towards a Secure DevOps Approach for Cyber-Physical Systems: An Industrial Perspective

Pekka Abrahamsson, Goetz Botterweck, Hadi Ghanbari, Martin Gilje Jaatun, Petri Kettunen, Tommi J. Mikkonen, Anila Mjeda, Jürgen Münch, Anh Nguyen Duc, Barbara Russo, Xiaofeng Wang
Copyright: © 2020 |Volume: 11 |Issue: 2 |Pages: 20
ISSN: 2640-4265|EISSN: 2640-4273|EISBN13: 9781799809180|DOI: 10.4018/IJSSSP.2020070103
Cite Article Cite Article

MLA

Abrahamsson, Pekka, et al. "Towards a Secure DevOps Approach for Cyber-Physical Systems: An Industrial Perspective." IJSSSP vol.11, no.2 2020: pp.38-57. http://doi.org/10.4018/IJSSSP.2020070103

APA

Abrahamsson, P., Botterweck, G., Ghanbari, H., Jaatun, M. G., Kettunen, P., Mikkonen, T. J., Mjeda, A., Münch, J., Duc, A. N., Russo, B., & Wang, X. (2020). Towards a Secure DevOps Approach for Cyber-Physical Systems: An Industrial Perspective. International Journal of Systems and Software Security and Protection (IJSSSP), 11(2), 38-57. http://doi.org/10.4018/IJSSSP.2020070103

Chicago

Abrahamsson, Pekka, et al. "Towards a Secure DevOps Approach for Cyber-Physical Systems: An Industrial Perspective," International Journal of Systems and Software Security and Protection (IJSSSP) 11, no.2: 38-57. http://doi.org/10.4018/IJSSSP.2020070103

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

With the expansion of cyber-physical systems (CPSs) across critical and regulated industries, systems must be continuously updated to remain resilient. At the same time, they should be extremely secure and safe to operate and use. The DevOps approach caters to business demands of more speed and smartness in production, but it is extremely challenging to implement DevOps due to the complexity of critical CPSs and requirements from regulatory authorities. In this study, expert opinions from 33 European companies expose the gap in the current state of practice on DevOps-oriented continuous development and maintenance. The study contributes to research and practice by identifying a set of needs. Subsequently, the authors propose a novel approach called Secure DevOps and provide several avenues for further research and development in this area. The study shows that, because security is a cross-cutting property in complex CPSs, its proficient management requires system-wide competencies and capabilities across the CPSs development and operation.