Presentation by Hui Song, Senior Scientist, SINTEF. We would like to share our research journey towards enabling DevOps for IoT applications, and how Open Source makes the journey feasible and fun. DevOps is widely adopted for developing cloud applications, which supports developers in continuously placing software changes directly to production. As companies are including IoT and Edge devices into their IT infrastructures, supporting DevOps for IoT is a must. However, IoT challenges some fundamental assumptions behind DevOps, such as the homogeneous infrastructure and centralized governance, and therefore, breaking-through research is needed. Funded by H2020, 30 people from 12 partners crossing academia and industry gathered to solve these fundamental challenges, which results in full-stack open source tools for automatic deployment, learning-based operation and security monitoring of IoT applications, and risk management of the development process. The tools are evaluated on industrial use cases in intelligent transportation, smart building, and eHealth. The mass open source tools and communities around IoT development provides the sound foundation for this design research and the opportunities for the further exploitation of the results. In particular, we are proud of spinning off a start-up to commercialize the risk management services in the open source + SaaS model.

1. www.enact-project.eu
1
Enabling DevOps for IoT software
development: A research journey powered
by Open Source
Hui Song, Nicolas Ferry, SINTEF, Norway
Recorded on May 17, 2020

2. www.enact-project.eu
2
The ENACT project
Problem Research Innovation
DevOps for IoT
Open Source

3. www.enact-project.eu
3
The Problem: software development for IOT
Software development IoT Software development

4. www.enact-project.eu
4
DevOps in a nutshell
• DevOps core values:
• Culture: Practice of operation and
development engineers participating
together in the entire system lifecycle
• Automation: Infrastructure as Code,
Continuous Delivery
• Feedback: Measure everything,
feedback from Ops to Dev
CODE
BUILD TEST
RELEASE &
DEPLOY
OPERATE

5. www.enact-project.eu
5
DevOps is challenging for IoT
Distribution and Diversity
• Heterogeneous and unstable devices, software, stacks, etc.
Multi-context & scalability
• Distributed components running in different context.
• More context means higher exposure to trustworthiness treats.
Actuators
• Impact on the physical world!

6. www.enact-project.eu
6
The Research
ENACT will deliver a set of loosely coupled tools
to support the continuous development and
operation of trustworthy Smart IoT Systems

7. www.enact-project.eu
7
ENACT DevOps for Smart IoT Systems
CODE
BUILD TEST
RELEASE &
DEPLOY
OPERATE
Continuous Risk Management
(business and non-functional risks)
Thing Functional
Modelling,
Actuation conflict
managers
Automatic building
of ENACT generated code &
Software diversification
SIS simulation and security,
privacy and scalability testing
Continuous deployment of trustworthy SIS
& security mechanisms
Context-aware
Access control,
Security control,
Adaptation
improvement
Security and privacy
monitoring,
Behavioral drift analysis,
Deployment status,
Root cause analysis

8. www.enact-project.eu
8
A more complete pipeline
1 Modelling architecture
c1
c2
c3
c1
c1
c3
M1
GeneSISThingML
Risk Management
c1
c2
c3
c1
c1
Actuation Conflict
Management
Virtual node
1 (RAM=64MB,
CPU=400MHz)
Virtual node
2 (RAM=256MB,
CPU=800MHz)
c1
c3
c2
Test and simulation
2
3
4
5
Risk assessment
Component logic modelling
Actuation conflict identification & mgt
Test & simulation
1
2
3
4
5

9. www.enact-project.eu
9
And at the "Ops"
c1
c2
c3
c1
c1
c3
M1
GeneSIS
Online learning
Behavioral
Drift
Analysis
Root cause
analysis
Security
& privacy
Monitoring
DivEnact
c1
c2
c3
c1
c1
c3
M1
Datacenter IoT device
Machine1 Machine2
VM1
VM2
Container1 Container2
LoadBalancer App1
App2
DB
calls
hosted
Device
App3
batch
ART high
Slow IO
Access control
c1
c2
c3
c1
c1
c3
M1Security
& privacy
Control

10. www.enact-project.eu
10
Don't re-invent the wheel. Improve/adapt/customize it

11. www.enact-project.eu
11
Open source tools behind the research
ENACT Tools

12. www.enact-project.eu
12
• Challenges
• Large number of sub-systems
• Different contexts -> Diverse software
• Main innovation
• Decoupling between deployment model
and particular device groups
• Typical operations for DevOps teams
• Achievements
• Integration with Microsoft IoT Hub
• Working with multiple companies for
further development
• Integration with GeneSIS for the "last-
mile deployment" Code
A fleet of similar device-sets
(The TellU use case!)
CODE
BUILD TEST
RELEASE &
DEPLOY
OPERATE
An example: DivEnact

13. www.enact-project.eu
13
Research behind DivEnact
Fleet assignment
Fleet monitoringDevice deployment
device1 device2 device3 device4
Deployment plan 1
Deployment plan 2
Z3 theory prover

14. www.enact-project.eu
14
Innovation: Building DevOps toolchain
for 3 teams from different domains
Rail Domain Smart Building eHealth
Enhancing train integrity
control
Smart Energy Efficiency and
Smart User Comfort
applications
Personal health gateway
Customization to end user
needs

15. www.enact-project.eu
15
Continuous Risk Management
• Start-up created in January 2019 in ENACT in collaboration with H2020
PDP4E project (focused on GDPR and privacy aspects)
• Offers: Easy-to-use solution to continuously control risks in complex
digital systems and collect evidence of risk control efficiency
• Early Adopters: eHealth and construction (internal & external to ENACT)
Measure mitigation
effectiveness through
evidence collection
Continuous and real-time
analysis and automation
for risk assessment
Support for legal regulation
compliance with multiple
stakeholders

16. www.enact-project.eu
16
Innovation through Open Source
The ENACT DevOps Framework on

17. www.enact-project.eu
17
Conclusion
• Novel research is needed to support DevOps for IoT
• Open source tools provides strong support for software engineering
research
• We also use open source as the carrier of further innovation
Thank you very much!