Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
RefA: Reference Architecture for Security-compliant DevOps
Technical University of Munich and Siemens Technology.
Blekinge Institute of Technology, Faculty of Computing, Department of Software Engineering.ORCID iD: 0000-0003-0619-6027
Blekinge Institute of Technology, Faculty of Computing, Department of Software Engineering.ORCID iD: 0000-0002-3646-235x
Siemens Technology and Technical University of Munich.
Show others and affiliations
2023 (English)Report (Refereed)
Abstract [en]

This technical report presents RefA, a reference architecture for security-compliant DevOps. RefA consists of a set of models that illustrate the artefacts and practice areas to consider when implementing secure DevOps lifecycles. In addition, RefA describes people, proceses, and technology aspects to be considered in each practice area. Practitioners can use RefA for the purposes of designing and assessing security compliance of their DevOps lifecycles, while researchers may use RefA as a reference for setting up research roadmaps. RefA models result from combining the profound analysis of the IEC 62443-4-1 standard for secure industrial products development, continuous software engineering literature review, and observations made in practice in context of a large industrial company during the past 5 years. The manuscript constitutes original, previously unpublished research.

Place, publisher, year, edition, pages
Karlskrona, 2023. , p. 112
Series
Blekinge Tekniska Högskola Forskningsrapport, ISSN 1103-1581 ; 2023:01
Keywords [en]
DevOps, Secure software engineering, DevSecOps, Security compliance, Continuous software engineering
National Category
Software Engineering
Identifiers
URN: urn:nbn:se:bth-24873ISRN: BTH-RES-01/23-SEOAI: oai:DiVA.org:bth-24873DiVA, id: diva2:1771068
Available from: 2023-06-20 Created: 2023-06-20 Last updated: 2023-06-20Bibliographically approved

Open Access in DiVA

fulltext(4054 kB)478 downloads
File information
File name FULLTEXT01.pdfFile size 4054 kBChecksum SHA-512
404e6a9d404c15d69e8ff41d3cfad50750d2a60e9aee6d4e4fb01f7cd86abd26a4f01835b2aa09c7b68aed08b9db9de1e339b985c382be6f85cf4692b14d2d3e
Type fulltextMimetype application/pdf

Authority records

Mendez, DanielGorschek, Tony

Search in DiVA

By author/editor
Mendez, DanielGorschek, Tony
By organisation
Department of Software Engineering
Software Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 478 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 2814 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf