Text
Book
The idea behind this book (CyberSecurity in a DevOps Environment)came during a group meeting in one of the VeriDevOps European project meetings. We came to a realization that while there exist so many research articles that detail activities related to software security analysis, some more in-depth view of a DevOps cycle including security requirements formalization, verification and continuous monitoring was needed to present the current state of the art and practice in the field based on the analysis of the literature up to date.
CyberSecurity in a DevOps Environment
The book aims to provide a comprehensive and systematic overview of the current state of the art and practice in software security analysis, covering topics such as security requirements specification, verification, and continuous monitoring. The book also discusses the challenges and opportunities for future research and practice in this emerging field.
This book consists of three parts, each covering a different aspect of security engineering in the DevOps context. The first part, "Security Requirements", deals with how to specify and analyze security issues in a formal way. The second part, "Prevention at Development Time", offers a practical and industrial perspective on how to design, develop and verify secure applications. The third part, "Protection at Operations", introduces tools for continuous monitoring of security events and incidents.
Part I
Security Requirements Engineering
Security Requirements Engineering is a vital discipline that ensures the development of secure and resilient systems. It involves identifying, analyzing, and specifying security requirements to protect critical assets from potential threats and vulnerabilities.
This part of the book explores the recent state-of-the-art updates in taxonomies, and NLP methods applied to Security Requirements Engineering. We delve into the latest advancements and their practical implications in managing security requirements. Moreover, illustrative examples are provided to demonstrate how the methods can be effectively integrated to streamline the security requirement engineering process.
Part II
Prevention at Development Time
This part focuses on preventing vulnerabilities during the software development process, by providing first a survey of existing methods for vulnerability detection and response, followed by two novel approaches for security test generation and vulnerability identification in the source code, suitable for industrial systems. The three chapters included in this part are briefly summarized in the following.
Part III
Protection at Operations
Protection at operation involves implementing various techniques to enhance security and mitigate risks in real-time environments. Intrusion detection and anomaly detection are crucial components of protection at operations, aimed at identifying unauthorized or abnormal activities that may indicate security threats. These detections mechanisms utilize techniques such as complex event processing, which involves analyzing and correlating events in real-time to identify patterns and detect potential threats. Additionally, the concept of explainability plays a vital role in protection at operation by providing insights into the decision-making process of detection algorithms, helping security professionals understand and interpret the results. The combination of intrusion detection, anomaly detection, complex event processing, and explainability contributes to a comprehensive approach to ensure robust protection in operational environments.