A systematic literature review on DevOps capabilities and areas

Businesses today need to respond to customer needs at an unprecedented speed. Driven by this need for speed, many companies are rushing to the DevOps movement. DevOps, the combination of Development and Operations, is a new way of thinking in the software engineering domain that recently received much attention. Since DevOps has recently been introduced as a new term and novel concept, no common understanding of what it means has yet been achieved. Therefore, the definitions of DevOps often are only partly relevant to the concept. This research presents a systematic literature review to identify the determining factors contributing to the implementation of DevOps, including the main capabilities and areas with which it evolves.info:eu-repo/semantics/acceptedVersio

A maturity model for DevOps

Nowadays, businesses aim to respond to customer needs at unprecedented speed. Thus, many companies are rushing to the DevOps movement. DevOps is the combination of Development and Operations and a new way of thinking in the software engineering domain. However, no common understanding of what it means has yet been achieved. Also, no adoption models or fine-grained maturity models to assist DevOps maturation and implementation were identified. Therefore, this research attempt to fill these gaps. A systematic literature review is performed to identify the determining factors contributing to the implementation of DevOps, including the main capabilities and areas with which it evolves. Then, two sets of interviews with DevOps experts were performed and their experience used to build the DevOps Maturity Model. The DevOps maturity model was then developed grounded on scientific and professional viewpoints. Once developed the Maturity Model was demonstrated in a real organisation.info:eu-repo/semantics/acceptedVersio

DevOps Main Area and Core Capabilities Adopting DevOps in the Last Decade: A Systematic Literature Review

DevOps is a collaboration between software development and operation that utilizes frameworks like continuous integration, microservices, continuous delivery, and continuous deployment for an agile software development process. DevOps has principles like automation, iteration, and continuous release and development. This research aims to know DevOps development in the last decade and know how potentially adopt the DevOps development process. This study uses the Systematic Literature Review (SLR) method to locate, evaluate, and summarize pertinent works that were published in the public domain between 2012-2022. The result of this review will be used by researchers and practitioners as a piece of knowledge about the DevOps core capabilities and main areas of DevOps from adopting DevOps in the last decade

Maturity model for DevOps

Businesses today need to respond to customer needs at unprecedented speed. Driven by this need for speed, many companies are rushing to the DevOps movement. DevOps, the combination of Development and Operations, is a new way of thinking in the software engineering domain that recently received much attention. Since DevOps has recently been introduced as a new term and novel concept, no common understanding of what it means has yet been achieved. Therefore, the definitions of DevOps often are only a part relevant to the concept. When further observing DevOps, it could be seen as a movement, but is still young and not yet formally defined. Also, no adoption models or fine-grained maturity models showing what to consider to adopt DevOps and how to mature it were identified. As a consequence, this research attempted to fill these gaps and consequently brought forward a Systematic Literature Review to identify the determining factors contributing to the implementation of DevOps, including the main capabilities and areas with which it evolves. This resulted in a list of practices per area and capability that was used in the interviews with DevOps practitioners that, with their experience, contributed to define the maturity of those DevOps practices. This combination of factors was used to construct a DevOps maturity model showing the areas and capabilities to be taken into account in the adoption and maturation of DevOps.Hoje em dia, as empresas precisam de responder às necessidades dos clientes a uma velocidade sem precedentes. Impulsionadas por esta necessidade de velocidade, muitas empresas apressam-se para o movimento DevOps. O DevOps, a combinação de Desenvolvimento e Operações, é uma nova maneira de pensar no domínio da engenharia de software que recentemente recebeu muita atenção. Desde que o DevOps foi introduzido como um novo termo e um novo conceito, ainda não foi alcançado um entendimento comum do que significa. Portanto, as definições do DevOps geralmente são apenas uma parte relevante para o conceito. Ao observar o DevOps, o fenómeno aborda questões culturais e técnicas para obter uma produção mais rápida de software, tem um âmbito amplo e pode ser visto como um movimento, mas ainda é jovem e ainda não está formalmente definido. Além disso, não foram identificados modelos de adoção ou modelos de maturidade refinados que mostrem o que considerar para adotar o DevOps e como fazê-lo crescer. Como consequência, esta pesquisa tentou preencher essas lacunas e, consequentemente, apresentou uma Revisão sistemática da literatura para identificar os fatores determinantes que contribuem para a implementação de DevOps, incluindo os principais recursos e áreas com os quais ele evolui. Isto resultou numa lista de práticas por área e por capacidade, que foi utilizado como base nas entrevistas realizadas com peritos em DevOps que, com a sua experiência, ajudaram a atribuir níveis de maturidade a cada prática. Esta combinação de fatores foi usada para construir um modelo de maturidade de DevOps mostrando as áreas e as capacidades a serem levados em consideração na sua adoção e maturação

Critical success factors for DevOps adoption in information systems development

Adopting DevOps is challenging since it makes a significant paradigm shift in the Information Systems Development process. DevOps is a trending approach attached to the Agile Software Development Methodology, which facilitates adaptation to the customers\u27 rapidly-changing requirements. It keeps one front step by introducing software operators who support the transmission between software and implementation into the software development team by confirming faster development, quality assurance, and easy maintenance of Information Systems. However, software development companies reported challenges in adopting DevOps. It is critical to control those challenges while getting hold of the benefits by studying Critical Success Factors (CSF) for adopting DevOps. This study aimed to analyze the use of DevOps approach in IS developments by exploring CSFs of DevOps. A systematic literature review was applied to identify CSFs. These factors were confirmed by interviewing DevOps practitioners while identifying more frequent CSFs in the software development industry. Finally, the research presents a conceptual model for CSFs of DevOps, which is a guide to reap the DevOps benefits while reducing the hurdles for enhancing the success of Information Systems. The conceptual model presents CSFs of DevOps by grouping them into four areas: collaborative culture, DevOps practices, proficient DevOps team, and Metrics & Measurement

Critical success factors for DevOps adoption in information systems development

Adopting DevOps is challenging since it makes a significant paradigm shift in the Information Systems Development process. DevOps is a trending approach attached to the Agile Software Development Methodology, which facilitates adaptation to the customers' rapidly-changing requirements. It keeps one front step by introducing software operators who support the transmission between software and implementation into the software development team by confirming faster development, quality assurance, and easy maintenance of Information Systems (IS). However, software development companies reported challenges in adopting DevOps. It is critical to control those challenges while getting hold of the benefits by studying Critical Success Factors (CSF) for adopting DevOps. This study aimed to analyze the use of DevOps approach in IS developments by exploring CSFs of DevOps. A systematic literature review was applied to identify CSFs. These factors were confirmed by interviewing DevOps practitioners while identifying more frequent CSFs in the software development industry. Finally, the research presents a conceptual model for CSFs of DevOps, which is a guide to reap the DevOps benefits while reducing the hurdles for enhancing the success of IS. The conceptual model presents CSFs of DevOps by grouping them into four areas: collaborative culture, DevOps practices, proficient DevOps team, and metrics & measurement

Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems

Compliance with the new European General Data Protection Regulation (Regulation (EU) 2016/679) and security assurance are currently two major challenges of Cloud-based systems. GDPR compliance implies both privacy and security mechanisms definition, enforcement and control, including evidence collection. This paper presents a novel DevOps framework aimed at supporting Cloud consumers in designing, deploying and operating (multi)Cloud systems that include the necessary privacy and security controls for ensuring transparency to end-users, third parties in service provision (if any) and law enforcement authorities. The framework relies on the risk-driven specification at design time of privacy and security level objectives in the system Service Level Agreement (SLA) and in their continuous monitoring and enforcement at runtime.The research leading to these results has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644429 and No 780351, MUSA project and ENACT project, respectively. We would also like to acknowledge all the members of the MUSA Consortium and ENACT Consortium for their valuable help

DevOps model in practice: Applying a novel reference model to support and encourage the adoption of DevOps in a software development company as case study

DevOps has emerged as an approach to help organizations automate, cost optimization, increase profitability, improve the stability of the software development process and the responsiveness of organizations, and create a more agile development and release pipeline. However, its adoption, maintenance and evaluation continue to be a challenge for software organizations, due to the absence of solutions that formalize process elements in a detailed way, such as: practices, roles, artifacts, objectives, among others. This paper presents a DevOps Model, this model to support the adoption of DevOps, which provides a set of fundamental and complementary values, principles, dimensions, and practices. The practices suggest a set of items such as purpose, specific objectives and expected artifacts. The elements defined in proposed DevOps Model arise from the elements found in the studies analyzed through a systematic mapping study. Model evaluation was carried out through a software development company as case study. The results obtained have allowed the case study company to evaluate, diagnose and identify improvement opportunities to be carried out in the processes and projects where a DevOps-based approach is used, the above in a practical, useful, and adequate way that allows this type of companies and with a low use of resources, both economic investment and time. This is how the DevOps Model could guide professionals and organizations towards a better understanding of DevOps, in addition to minimizing the subjectivity and error of its interpretation, adoption and evaluation

Collaborative Application Security Testing for DevSecOps: An Empirical Analysis of Challenges, Best Practices and Tool Support

DevSecOps is a software development paradigm that places a high emphasis on the culture of collaboration between developers (Dev), security (Sec) and operations (Ops) teams to deliver secure software continuously and rapidly. Adopting this paradigm effectively, therefore, requires an understanding of the challenges, best practices and available solutions for collaboration among these functional teams. However, collaborative aspects related to these teams have received very little empirical attention in the DevSecOps literature. Hence, we present a study focusing on a key security activity, Application Security Testing (AST), in which practitioners face difficulties performing collaborative work in a DevSecOps environment. Our study made novel use of 48 systematically selected webinars, technical talks and panel discussions as a data source to qualitatively analyse software practitioner discussions on the most recent trends and emerging solutions in this highly evolving field. We find that the lack of features that facilitate collaboration built into the AST tools themselves is a key tool-related challenge in DevSecOps. In addition, the lack of clarity related to role definitions, shared goals, and ownership also hinders Collaborative AST (CoAST). We also captured a range of best practices for collaboration (e.g., Shift-left security), emerging communication methods (e.g., ChatOps), and new team structures (e.g., hybrid teams) for CoAST. Finally, our study identified several requirements for new tool features and specific gap areas for future research to provide better support for CoAST in DevSecOps.Comment: Submitted to the Empirical Software Engineering journal_v