1,883 research outputs found
Challenges of DevSecOps
Software development speed has significantly increased in recent years with methodologies like Agile and DevOps that use automation, among other technics, to enable continuous delivery of new features and software updates to the market. This increased speed has given rise to concerns over guaranteeing security at such a pace. To improve security in today’s fast-paced software development, DevSecOps was created as an extension of DevOps. This thesis focuses on the experiences and challenges of organizations and teams striving to implement DevSecOps. We first view our concepts through existing literature. Then, we conduct an online survey of 37 professionals from both security and development backgrounds. The results present the participants’ overall sentiments towards DevSecOps and the challenges they struggle with. We also investigate what kind of solutions have been tried to mitigate these issues and if these solutions have indeed worked
Size Matters: Microservices Research and Applications
In this chapter we offer an overview of microservices providing the
introductory information that a reader should know before continuing reading
this book. We introduce the idea of microservices and we discuss some of the
current research challenges and real-life software applications where the
microservice paradigm play a key role. We have identified a set of areas where
both researcher and developer can propose new ideas and technical solutions.Comment: arXiv admin note: text overlap with arXiv:1706.0735
Report from GI-Dagstuhl Seminar 16394: Software Performance Engineering in the DevOps World
This report documents the program and the outcomes of GI-Dagstuhl Seminar
16394 "Software Performance Engineering in the DevOps World".
The seminar addressed the problem of performance-aware DevOps. Both, DevOps
and performance engineering have been growing trends over the past one to two
years, in no small part due to the rise in importance of identifying
performance anomalies in the operations (Ops) of cloud and big data systems and
feeding these back to the development (Dev). However, so far, the research
community has treated software engineering, performance engineering, and cloud
computing mostly as individual research areas. We aimed to identify
cross-community collaboration, and to set the path for long-lasting
collaborations towards performance-aware DevOps.
The main goal of the seminar was to bring together young researchers (PhD
students in a later stage of their PhD, as well as PostDocs or Junior
Professors) in the areas of (i) software engineering, (ii) performance
engineering, and (iii) cloud computing and big data to present their current
research projects, to exchange experience and expertise, to discuss research
challenges, and to develop ideas for future collaborations
The Making of Cloud Applications An Empirical Study on Software Development for the Cloud
Cloud computing is gaining more and more traction as a deployment and
provisioning model for software. While a large body of research already covers
how to optimally operate a cloud system, we still lack insights into how
professional software engineers actually use clouds, and how the cloud impacts
development practices. This paper reports on the first systematic study on how
software developers build applications in the cloud. We conducted a
mixed-method study, consisting of qualitative interviews of 25 professional
developers and a quantitative survey with 294 responses. Our results show that
adopting the cloud has a profound impact throughout the software development
process, as well as on how developers utilize tools and data in their daily
work. Among other things, we found that (1) developers need better means to
anticipate runtime problems and rigorously define metrics for improved fault
localization and (2) the cloud offers an abundance of operational data,
however, developers still often rely on their experience and intuition rather
than utilizing metrics. From our findings, we extracted a set of guidelines for
cloud development and identified challenges for researchers and tool vendors
Understand Your Chains: Towards Performance Profile-based Network Service Management
Allocating resources to virtualized network functions and services to meet
service level agreements is a challenging task for NFV management and
orchestration systems. This becomes even more challenging when agile
development methodologies, like DevOps, are applied. In such scenarios,
management and orchestration systems are continuously facing new versions of
functions and services which makes it hard to decide how much resources have to
be allocated to them to provide the expected service performance. One solution
for this problem is to support resource allocation decisions with performance
behavior information obtained by profiling techniques applied to such network
functions and services.
In this position paper, we analyze and discuss the components needed to
generate such performance behavior information within the NFV DevOps workflow.
We also outline research questions that identify open issues and missing pieces
for a fully integrated NFV profiling solution. Further, we introduce a novel
profiling mechanism that is able to profile virtualized network functions and
entire network service chains under different resource constraints before they
are deployed on production infrastructure.Comment: Submitted to and accepted by the European Workshop on Software
Defined Networks (EWSDN) 201
- …