Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Prepared by :
Anish Cheriyan, Director, Huawei
Prepared By Anish Cheriyan,
Director, Huawei Technologies
Topics
• DevOps & SecOps
• Practices in Detail
• Summary
Background
• Embedded Development.
• Network Management System
• Protocol Stack
Traditional Quality Assurance
Gated Approach for Quality Assurance
Requirem
ent
Design
Coding
Unit Test
Functiona
l Testin...
DevOps
DevOps is a set of practices intended
to reduce the time between
committing a change to a system
and the change bei...
Security
Picture Courtesy:
http://threatgeek.typepad.com/.a/6a0147e41f3c0a97
0b01a73dba51f6970d-pi
‘To err is human, to re...
SecOps
SecOps built into the Deployment
Pipeline. Dev & Ops Collaborate and
ensure desired level of Security
Picture Court...
Case Study
• Consider and CRM System which uses a Modeling tool
to automate the business processes.
• The system which has...
Short Feedback Loops
DevOps
Delivery
Deploym
ent
Picture Coutesy: https://www.flickr.com/photos/
•Requirement
documentation at right
granularity
•OPS Perspective-
deployability,
modifiability,
monitoribility
Requirement...
. Architecture
Readiness for CD-
deployability,
modifiability,
monitoribility ,
testability
. Continuous
Delivery
Architec...
Infrastructure Readiness
•Environment
Provisioning based on
customer requirement
analysis (OPS)
•Right Tool Usage (VM,
Con...
Build Pipeline
http://blog.xebialabs.com/2016/02/09/how-ing-increased-software-deployments-to-twice-a-day/continuous-deplo...
SystemArchitecture
L1
CIArhitecture
L2
DeploymentPipeline
L3
C1
C2
C3
M1
C1 Continuous
Integration System
C2 Continuous
In...
Quality Assurance in the Pipeline
Inspectio
n /Static
QA
Test QA
Security
Assuranc
e
Configura
tion QA
'ities'
Assuranc
e
Inspection/Static QA
Simian Rules for managing
the rules
Test QA
Read at : http://www.thinkinginagile.com/2015/07/agile-testing-practices-mapped-to.html
Security Assurance
Static/Dyna
mic
Analysis
(Fortify,
Coverity)
Scanning
(Nessus, Nmap)
Security
Test (Threat
Model)
Attack
Configuration QA
• Single Source Repository
for all items
• Build Script Quality
(abstraction,
modularization, coding
guid...
Analysis of the Build Pipeline
Build
Private
Build
Version
Build
Function
Build
ities
Build
Deploym
ent Build
Build 01 Pas...
Test your Deployment pipeline
Repea
tabilit
y
Perfor
mance
Reliabi
lity
Recov
erabili
ty
Intero
perabil
ity
Testabi
lity
M...
Cross Cutting Collaboration
Summary
• Continuous attention to technical excellence
and good design enhances agility
• Lets Build Quality & Security in...
Thank You
@anishcheriyan
www.anishcheriyan.com
Upcoming SlideShare
Loading in …5
×

Quality assurance in dev ops and secops world

184 views

Published on

This talk focused on how the quality assurance practices need to be seen in different view when the software delivery is done in DevOps and SecOps Approach. SecOps stands for Security Operations. I will talk about the practices like Architecture and Infrastructure readiness , Quality Assurance / Security Assurance and Test Quality Assurance in the pipeline, Dev and Ops Collaboration, Quantitative analysis of the Continuous Delivery System , Periodic Assessment for System Refactoring Pattern, Causal Analysis feedback (Defects, Problems Learning) to CD System.

Published in: Engineering
  • Be the first to comment

Quality assurance in dev ops and secops world

  1. 1. Prepared by : Anish Cheriyan, Director, Huawei Prepared By Anish Cheriyan, Director, Huawei Technologies
  2. 2. Topics • DevOps & SecOps • Practices in Detail • Summary
  3. 3. Background • Embedded Development. • Network Management System • Protocol Stack
  4. 4. Traditional Quality Assurance Gated Approach for Quality Assurance Requirem ent Design Coding Unit Test Functiona l Testing includes ities Independ ent V&V Launch
  5. 5. DevOps DevOps is a set of practices intended to reduce the time between committing a change to a system and the change being placed into normal production, while ensuring high quality
  6. 6. Security Picture Courtesy: http://threatgeek.typepad.com/.a/6a0147e41f3c0a97 0b01a73dba51f6970d-pi ‘To err is human, to really screw up you need root password’
  7. 7. SecOps SecOps built into the Deployment Pipeline. Dev & Ops Collaborate and ensure desired level of Security Picture Courtesy: http://threatgeek.typepad.com/.a/6a0147e41f3c0a97 0b01a73dba51f6970d-pi
  8. 8. Case Study • Consider and CRM System which uses a Modeling tool to automate the business processes. • The system which has two key parts-Workflow Engine and Workflow Modeling tool (UI) team . Workflow Engine works based on the rule engine. Modeling Tool uses the Engine. Total team size is around 60. • What are factors you will consider to designing your Continuous Delivery Architecture.
  9. 9. Short Feedback Loops DevOps Delivery Deploym ent Picture Coutesy: https://www.flickr.com/photos/
  10. 10. •Requirement documentation at right granularity •OPS Perspective- deployability, modifiability, monitoribility Requirements Picture Coutesy: https://www.flickr.com/photos/libramano/9372711893/
  11. 11. . Architecture Readiness for CD- deployability, modifiability, monitoribility , testability . Continuous Delivery Architecture . Build Pipeline Architecture Picture Coutesy: https://www.flickr.com/
  12. 12. Infrastructure Readiness •Environment Provisioning based on customer requirement analysis (OPS) •Right Tool Usage (VM, Container like Docker etc) for the respective requirement
  13. 13. Build Pipeline http://blog.xebialabs.com/2016/02/09/how-ing-increased-software-deployments-to-twice-a-day/continuous-deployment-pipeline/
  14. 14. SystemArchitecture L1 CIArhitecture L2 DeploymentPipeline L3 C1 C2 C3 M1 C1 Continuous Integration System C2 Continuous Integration System C3 Continuous Integration System C1 Deployment Pipeline C2 Deployment Pipeline C3 Deployment Pipeline Hierarchical Approach for CD and DevOps
  15. 15. Quality Assurance in the Pipeline Inspectio n /Static QA Test QA Security Assuranc e Configura tion QA 'ities' Assuranc e
  16. 16. Inspection/Static QA Simian Rules for managing the rules
  17. 17. Test QA Read at : http://www.thinkinginagile.com/2015/07/agile-testing-practices-mapped-to.html
  18. 18. Security Assurance Static/Dyna mic Analysis (Fortify, Coverity) Scanning (Nessus, Nmap) Security Test (Threat Model) Attack
  19. 19. Configuration QA • Single Source Repository for all items • Build Script Quality (abstraction, modularization, coding guidelines) (Automatic or manual way)
  20. 20. Analysis of the Build Pipeline Build Private Build Version Build Function Build ities Build Deploym ent Build Build 01 Pass Pass Fail Fail Fail Build 02 Pass Pass Pass Fail Fail Build 03 Pass Pass Fail Fail Fail Build 04 Pass Pass Pass Fail Fail Build 05 Pass Pass Fail Fail Fail Build 06 Pass Pass Fail Fail Fail Build 07 Pass Pass Fail Fail Fail
  21. 21. Test your Deployment pipeline Repea tabilit y Perfor mance Reliabi lity Recov erabili ty Intero perabil ity Testabi lity Modifi ability
  22. 22. Cross Cutting Collaboration
  23. 23. Summary • Continuous attention to technical excellence and good design enhances agility • Lets Build Quality & Security in..
  24. 24. Thank You @anishcheriyan www.anishcheriyan.com

×