SlideShare a Scribd company logo

Piacere general presentation

PIACERE
PIACERE

This project has received funding from the European Union to create trustworthy infrastructure as code. It aims to help organizations fully embrace the infrastructure-as-code approach through the DevSecOps philosophy by making the creation of infrastructure code more accessible, secure, and reliable. The project will develop tools to help with modeling, verifying, deploying, monitoring, and updating infrastructure code to ensure business continuity and security. It is coordinated by TECNALIA and aims to validate its framework in three application domains over three years.

Software
1 of 23
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 101000162. PIACERE General Presentation Leire Orue-Echevarria (TECNALIA)
2 General Information 15/05/2021 GA 101000162 PIACERE - Programming trustworthy Infrastructure As Code in a sEcuRE framework ➔December 2020-2023 (36 months) ➔Overall budget: 4.424.250 euros ➔Project coordinator: TECNALIA ➔Technical coordinator: XLAB
3 Overall objective  To enable most organizations to fully embrace the Infrastructure- as-Code (IaC) approach, through the DevSecOps philosophy, by making the creation of such code more accessible to designers, developers and operators (DevSecOps teams), increasing the quality, security, trustworthiness and evolvability of infrastructural code while ensuring its business continuity by providing self-healing mechanisms anticipating to failures and violations, and self-learning from the conditions that triggered such re-adaptations. 15/05/2021 GA 101000162
4 Main objectives 15/05/2021 GA 101000162 Help the DevSecOps teams to plan the development of the infrastructural models and to create the IaC, by providing them with a simple definition of abstractions of execution environments Provide the DevSecOps Teams with the tools to verify the correctness of the infrastructural models and the trustworthiness and security of the IaC and the associated software components Provide the DevSecOps teams with the tools and environments to simulate, package, release and configure an optimized deployment of the IaC Support DevSecOps teams with the mechanisms and tools to continuously monitor, self- learn and plan for (self-)healing and optimize the executable IaC Validate that the PIACERE framework is suitable to address the needs for infrastructural code in a variety of application domains
5 Context and motivation 15/05/2021 GA 101000162 Virtualization Cloud Computing Continuum (Sec) DevOps philosophy Infrastructure as Code (IaC) Enables the automation of several deployment, configuration and management tasks that otherwise would have to be performed manually by an operator Templates Scripts Policies Network elements Cloud infrastructure
6 Context and motivation: general challenges 15/05/2021 GA 101000162 Large variety of competing tools with different programming languages for writing infrastructural code Focused on a single or a small set of automation steps and of types of resources (e.g. VMs) Focused on cloud computing leaving aside other computational resources such as the edge Not really an end-to-end solution covering Devs and the Ops Trustworthiness and security aspects of the IaC are often left for the end of the cycle
7 Approach and workflow 15/05/2021 GA 101000162 IaC Support to easily model the resources, network and infrastructural requirements Automatic code generation for the required specific infrastructure Model and code level verification Security inspection of the IaC and imported sw components Behaviour simulation of the IaC based on an optimized deployment configuration Automatic IaC execution to orchestrate the deployment Monitor IaC at run-time and predict failures that may trigger self-helaing mehanisms Monitor run time security The main objective of the PIACERE project is thus to provide means (tools, methods and techniques) to enable most organizations to fully embrace the Infrastructure-as-Code approach, through the DevSecOps philosophy
8 IaC DevSec 15/05/2021 GA 101000162 IaC design, development and verification • Integration of the IaC Sec Dev process Creation of IaC models based on the NFRs • Definition of the topology and properties of the infrastructure • Abstraction from the specifities of the IaC language and protocol • Extendible Automatic IaC generation based on the models • Most prominent target IaC environments and languages (e.g. Terraform, Ansible, TOSCA) • Code generation for provisioning and deployment orchestrators, configuration management environments, monitoring platforms and networks APIs. Models and code vertification • Verification of the models • Code syntactic correctness, consistency and ability to fulfil specific non-functional properties verification • SAST and security inspector components IaC Development Modelling Code generation
9 IaC SecOps 15/05/2021 GA 101000162 IaC simulation • Isolated execution and testing of Infrastructure as Code behavior • Identification of potential vulnerabilities and bottlenecks • Catalogue of services and infrastructural elements • Optimization combination of services and infrastructural elements Automatic IaC execution • Creation of the deployment plan • Interdependencies management • Distribution to the subsystems that perform the actual provisioning (e.g. creating virtual machines using proper IaaS connector, installing software packages or adjusting application configuration using Ansible) IaC intelligent monitoring • Execution logs • Run time security verification • QoS assurance through self learning and self-healing mechanisms Automatic re-deployment and adaptation • To ensure that their infrastructural code is always conforming to the SLAs committed with the end-user even if the environmental situation changes IaC (Pre-)deployment IaC Operation
10 PIACERE Approach 15/05/2021 GA 101000162
11 PIACERE Key Results 15/05/2021 GA 101000162 DevSecOps Modelling Language (DOML) Verification Tool (DOML-E) Infrastructural Code Generator IaC code security inspector Component Security inspector Key results for IaC design and creation Integrated Development Environment Key results for trustworthy and secure IaC development IaC Development Modelling Code generation IaC Development Models and code verification
12 PIACERE Key Results 15/05/2021 GA 101000162 Canary Sandbox Environment IaC Optimized Platform IaC Execution Platform Self-learning and self- healing mechanisms Runtime security monitoring Key results for optimized pre- deployment of IaC Key results for real- time monitored and self-healing IaC IaC (Pre-)deployment IaC Operation
13 PIACERE Key Results 15/05/2021 GA 101000162 PIACERE DevSecOps Framework Validated in 3 application domains Slovenian Ministry of Public Administration Critical Maritime Infrastructures Public Safety on IoT in 5G IaC design and creation Trustworthy and secure IaC development Optimized pre-deployment of IaC Monitored and self-healing IaC
14 PIACERE Innovations 15/05/2021 GA 101000162 Infrastructur e modeling and abstraction IaC verification and simulation Security concerns in IaC IaC monitoring, self-learning and self- healing IaC solutions
15 PIACERE Innovations 15/05/2021 GA 101000162 Infrastructur e modeling and abstraction IaC verification and simulation Security concerns in IaC IaC monitoring, self-learning and self- healing IaC solutions IaC solutions ➔ Support for different IaC tools in a single IDE ➔ Integration of heterogeneous resources and infrastrucutural elements ➔ Extendible approach for the new technologies to come
16 PIACERE Innovations 15/05/2021 GA 101000162 Infrastructur e modeling and abstraction IaC verification and simulation Security concerns in IaC IaC monitoring, self-learning and self- healing IaC solutions Infrastructure modeling and abstraction ➔ Independence from the target IaC tool ➔ Possibility to easily extend the languages supported ➔ A smart modeling environment
17 PIACERE Innovations 15/05/2021 GA 101000162 Infrastructur e modeling and abstraction IaC verification and simulation Security concerns in IaC IaC monitoring, self-learning and self- healing IaC solutions IaC verification and simulation ➔ Model consistency checking as well as the fulfilment of critical safety and reliability properties ➔ Best practices and guidelines for infrastructural code testing not depending on DSL ➔ Canary environment: Abstractions to model infrastructural and deployment specifications (information flow, cloud provisioning and configuration and the application deployment)
18 PIACERE Innovations 15/05/2021 GA 101000162 Infrastructur e modeling and abstraction IaC verification and simulation Security concerns in IaC IaC solutions Security concerns in IaC ➔ IaC-SAST with detectors for dangerous IaC code patterns ➔ Automated on-the-fly security analysis of application code ➔ Checking cryptographic libraries for vulnerability to attacks ➔ DAST support for detecting vulnerabilities in the environment before the applications are deployed to production IaC monitoring, self-learning and self- healing
19 PIACERE Innovations 15/05/2021 GA 101000162 IaC monitoring, self-learning and self-healing ➔ Swarm Intelligence multi-objective meta-heuristics to the IaC domain ➔ Integrated online learning and concept drift detection ➔ Dynamic adaptation of the fitness function of the problem to create more robust solutions Infrastructur e modeling and abstraction IaC verification and simulation Security concerns in IaC IaC solutions IaC monitoring, self-learning and self- healing
20 ▌ PIACERE Innovations Infrastructur e modeling and abstraction IaC verification and simulation Security concerns in IaC IaC monitoring, self-learning and self- healing IaC solutions IaC monitoring, self-learning and self-healing ➔ Swarm Intelligence multi-objective meta-heuristics to the IaC domain ➔ Integrated online learning and concept drift detection ➔ Dynamic adaptation of the fitness function of the problem to create more robust solutions
21 Target users 15/05/2021 GA 101000162 Target users ➔Developers of IaC ➔ Operators of IaC Infrastructural Code
22 Benefits 15/05/2021 GA 101000162 PIACERE will enable organizations to fully embrace the Infrastructure-as-Code approach by:  Making the creation of such infrastructural code more accessible to the DevSecOps teams  Increasing the quality, security, trustworthiness and evolvability of infrastructural code  Ensuring business continuity by providing self-healing mechanisms anticipation of failures and violations  Allowing IaC to self-learn from previous conditions that triggered un-expected situations
Thank you! Website // Contact

Recommended

WhiteSource Webinar What's New With WhiteSource in December 2018
WhiteSource Webinar What's New With WhiteSource in December 2018WhiteSource Webinar What's New With WhiteSource in December 2018
WhiteSource Webinar What's New With WhiteSource in December 2018WhiteSource
 
WhiteSource Webinar-New Research Reveals Key Strategy to Manage Open Source S...
WhiteSource Webinar-New Research Reveals Key Strategy to Manage Open Source S...WhiteSource Webinar-New Research Reveals Key Strategy to Manage Open Source S...
WhiteSource Webinar-New Research Reveals Key Strategy to Manage Open Source S...WhiteSource
 
Pentest as a Service Impact 2020
Pentest as a Service Impact 2020Pentest as a Service Impact 2020
Pentest as a Service Impact 2020DevOps.com
 
Find Out What's New With WhiteSource May 2018- A WhiteSource Webinar
Find Out What's New With WhiteSource May 2018- A WhiteSource WebinarFind Out What's New With WhiteSource May 2018- A WhiteSource Webinar
Find Out What's New With WhiteSource May 2018- A WhiteSource WebinarWhiteSource
 
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...centralohioissa
 
Best Practices for Driving Software Quality through a Federated Application S...
Best Practices for Driving Software Quality through a Federated Application S...Best Practices for Driving Software Quality through a Federated Application S...
Best Practices for Driving Software Quality through a Federated Application S...DevOps.com
 
José Vila - ¿Otro parche más? No, por favor. [rooted2018]
José Vila - ¿Otro parche más? No, por favor. [rooted2018]José Vila - ¿Otro parche más? No, por favor. [rooted2018]
José Vila - ¿Otro parche más? No, por favor. [rooted2018]RootedCON
 
The Subversive Six: Hidden Risk Points in ICS
The Subversive Six: Hidden Risk Points in ICSThe Subversive Six: Hidden Risk Points in ICS
The Subversive Six: Hidden Risk Points in ICSTripwire
 

Recommended

WhiteSource Webinar What's New With WhiteSource in December 2018
WhiteSource Webinar What's New With WhiteSource in December 2018WhiteSource Webinar What's New With WhiteSource in December 2018
WhiteSource Webinar What's New With WhiteSource in December 2018WhiteSource
 
WhiteSource Webinar-New Research Reveals Key Strategy to Manage Open Source S...
WhiteSource Webinar-New Research Reveals Key Strategy to Manage Open Source S...WhiteSource Webinar-New Research Reveals Key Strategy to Manage Open Source S...
WhiteSource Webinar-New Research Reveals Key Strategy to Manage Open Source S...WhiteSource
 
Pentest as a Service Impact 2020
Pentest as a Service Impact 2020Pentest as a Service Impact 2020
Pentest as a Service Impact 2020DevOps.com
 
Find Out What's New With WhiteSource May 2018- A WhiteSource Webinar
Find Out What's New With WhiteSource May 2018- A WhiteSource WebinarFind Out What's New With WhiteSource May 2018- A WhiteSource Webinar
Find Out What's New With WhiteSource May 2018- A WhiteSource WebinarWhiteSource
 
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...
Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...centralohioissa
 
Best Practices for Driving Software Quality through a Federated Application S...
Best Practices for Driving Software Quality through a Federated Application S...Best Practices for Driving Software Quality through a Federated Application S...
Best Practices for Driving Software Quality through a Federated Application S...DevOps.com
 
José Vila - ¿Otro parche más? No, por favor. [rooted2018]
José Vila - ¿Otro parche más? No, por favor. [rooted2018]José Vila - ¿Otro parche más? No, por favor. [rooted2018]
José Vila - ¿Otro parche más? No, por favor. [rooted2018]RootedCON
 
The Subversive Six: Hidden Risk Points in ICS
The Subversive Six: Hidden Risk Points in ICSThe Subversive Six: Hidden Risk Points in ICS
The Subversive Six: Hidden Risk Points in ICSTripwire
 
Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021lior mazor
 
Application security meetup - cloud security best practices 24062021
Application security meetup - cloud security best practices 24062021Application security meetup - cloud security best practices 24062021
Application security meetup - cloud security best practices 24062021lior mazor
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...LabSharegroup
 
2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and PredictionsDevOps.com
 
Kevin Glavin - Continuous Integration, Continuous Delivery, and Deployment (C...
Kevin Glavin - Continuous Integration, Continuous Delivery, and Deployment (C...Kevin Glavin - Continuous Integration, Continuous Delivery, and Deployment (C...
Kevin Glavin - Continuous Integration, Continuous Delivery, and Deployment (C...centralohioissa
 
A Stratagem on Strategy: Rolling Security Testing into Product Testing
A Stratagem on Strategy: Rolling Security Testing into Product TestingA Stratagem on Strategy: Rolling Security Testing into Product Testing
A Stratagem on Strategy: Rolling Security Testing into Product TestingKevin Fealey
 
Modernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source SoftwareModernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source SoftwareDevOps.com
 
Find Out What's New With WhiteSource September 2018- A WhiteSource Webinar
Find Out What's New With WhiteSource September 2018- A WhiteSource WebinarFind Out What's New With WhiteSource September 2018- A WhiteSource Webinar
Find Out What's New With WhiteSource September 2018- A WhiteSource WebinarWhiteSource
 
Using Data Science for Cybersecurity
Using Data Science for CybersecurityUsing Data Science for Cybersecurity
Using Data Science for CybersecurityVMware Tanzu
 
Securing and automating your application infrastructure meetup 23112021 b
Securing and automating your application infrastructure meetup 23112021 bSecuring and automating your application infrastructure meetup 23112021 b
Securing and automating your application infrastructure meetup 23112021 blior mazor
 
Building Elastic into security operations
Building Elastic into security operationsBuilding Elastic into security operations
Building Elastic into security operationsElasticsearch
 
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps From Zero to DevSecOps: How to Implement Security at the Speed of DevOps
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps WhiteSource
 
Secure Code review - Veracode SaaS Platform - Saudi Green Method
Secure Code review - Veracode SaaS Platform - Saudi Green MethodSecure Code review - Veracode SaaS Platform - Saudi Green Method
Secure Code review - Veracode SaaS Platform - Saudi Green MethodSalil Kumar Subramony
 
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...DevOps.com
 
Bolt IoT Platform: How to build IoT products and prototypes easily.
Bolt IoT Platform: How to build IoT products and prototypes easily.Bolt IoT Platform: How to build IoT products and prototypes easily.
Bolt IoT Platform: How to build IoT products and prototypes easily.Pranav Pai Vernekar
 
Software Security Assurance for DevOps
Software Security Assurance for DevOpsSoftware Security Assurance for DevOps
Software Security Assurance for DevOpsBlack Duck by Synopsys
 
Simplicity in Hybrid IT Environments – A Security Oxymoron?
Simplicity in Hybrid IT Environments – A Security Oxymoron?Simplicity in Hybrid IT Environments – A Security Oxymoron?
Simplicity in Hybrid IT Environments – A Security Oxymoron?Tripwire
 
Webinar – Risk-based adaptive DevSecOps
Webinar – Risk-based adaptive DevSecOps Webinar – Risk-based adaptive DevSecOps
Webinar – Risk-based adaptive DevSecOps Synopsys Software Integrity Group
 
Implement Combinatorial Test Patterns for Better Mobile and IoT Testing
Implement Combinatorial Test Patterns for Better Mobile and IoT TestingImplement Combinatorial Test Patterns for Better Mobile and IoT Testing
Implement Combinatorial Test Patterns for Better Mobile and IoT TestingJosiah Renaudin
 
Practical DevSecOps - Arief Karfianto
Practical DevSecOps - Arief KarfiantoPractical DevSecOps - Arief Karfianto
Practical DevSecOps - Arief Karfiantoidsecconf
 
PIACERE - DevSecOps Automated
PIACERE - DevSecOps AutomatedPIACERE - DevSecOps Automated
PIACERE - DevSecOps AutomatedPIACERE
 
Anand_Honeywell_11yrs
Anand_Honeywell_11yrsAnand_Honeywell_11yrs
Anand_Honeywell_11yrsAnand Patil
 

More Related Content

What's hot

Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021lior mazor
 
Application security meetup - cloud security best practices 24062021
Application security meetup - cloud security best practices 24062021Application security meetup - cloud security best practices 24062021
Application security meetup - cloud security best practices 24062021lior mazor
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...LabSharegroup
 
2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and PredictionsDevOps.com
 
Kevin Glavin - Continuous Integration, Continuous Delivery, and Deployment (C...
Kevin Glavin - Continuous Integration, Continuous Delivery, and Deployment (C...Kevin Glavin - Continuous Integration, Continuous Delivery, and Deployment (C...
Kevin Glavin - Continuous Integration, Continuous Delivery, and Deployment (C...centralohioissa
 
A Stratagem on Strategy: Rolling Security Testing into Product Testing
A Stratagem on Strategy: Rolling Security Testing into Product TestingA Stratagem on Strategy: Rolling Security Testing into Product Testing
A Stratagem on Strategy: Rolling Security Testing into Product TestingKevin Fealey
 
Modernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source SoftwareModernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source SoftwareDevOps.com
 
Find Out What's New With WhiteSource September 2018- A WhiteSource Webinar
Find Out What's New With WhiteSource September 2018- A WhiteSource WebinarFind Out What's New With WhiteSource September 2018- A WhiteSource Webinar
Find Out What's New With WhiteSource September 2018- A WhiteSource WebinarWhiteSource
 
Using Data Science for Cybersecurity
Using Data Science for CybersecurityUsing Data Science for Cybersecurity
Using Data Science for CybersecurityVMware Tanzu
 
Securing and automating your application infrastructure meetup 23112021 b
Securing and automating your application infrastructure meetup 23112021 bSecuring and automating your application infrastructure meetup 23112021 b
Securing and automating your application infrastructure meetup 23112021 blior mazor
 
Building Elastic into security operations
Building Elastic into security operationsBuilding Elastic into security operations
Building Elastic into security operationsElasticsearch
 
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps From Zero to DevSecOps: How to Implement Security at the Speed of DevOps
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps WhiteSource
 
Secure Code review - Veracode SaaS Platform - Saudi Green Method
Secure Code review - Veracode SaaS Platform - Saudi Green MethodSecure Code review - Veracode SaaS Platform - Saudi Green Method
Secure Code review - Veracode SaaS Platform - Saudi Green MethodSalil Kumar Subramony
 
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...DevOps.com
 
Bolt IoT Platform: How to build IoT products and prototypes easily.
Bolt IoT Platform: How to build IoT products and prototypes easily.Bolt IoT Platform: How to build IoT products and prototypes easily.
Bolt IoT Platform: How to build IoT products and prototypes easily.Pranav Pai Vernekar
 
Software Security Assurance for DevOps
Software Security Assurance for DevOpsSoftware Security Assurance for DevOps
Software Security Assurance for DevOpsBlack Duck by Synopsys
 
Simplicity in Hybrid IT Environments – A Security Oxymoron?
Simplicity in Hybrid IT Environments – A Security Oxymoron?Simplicity in Hybrid IT Environments – A Security Oxymoron?
Simplicity in Hybrid IT Environments – A Security Oxymoron?Tripwire
 
Implement Combinatorial Test Patterns for Better Mobile and IoT Testing
Implement Combinatorial Test Patterns for Better Mobile and IoT TestingImplement Combinatorial Test Patterns for Better Mobile and IoT Testing
Implement Combinatorial Test Patterns for Better Mobile and IoT TestingJosiah Renaudin
 
Practical DevSecOps - Arief Karfianto
Practical DevSecOps - Arief KarfiantoPractical DevSecOps - Arief Karfianto
Practical DevSecOps - Arief Karfiantoidsecconf
 

What's hot (20)

Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021
 
Application security meetup - cloud security best practices 24062021
Application security meetup - cloud security best practices 24062021Application security meetup - cloud security best practices 24062021
Application security meetup - cloud security best practices 24062021
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...
 
2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions
 
Kevin Glavin - Continuous Integration, Continuous Delivery, and Deployment (C...
Kevin Glavin - Continuous Integration, Continuous Delivery, and Deployment (C...Kevin Glavin - Continuous Integration, Continuous Delivery, and Deployment (C...
Kevin Glavin - Continuous Integration, Continuous Delivery, and Deployment (C...
 
A Stratagem on Strategy: Rolling Security Testing into Product Testing
A Stratagem on Strategy: Rolling Security Testing into Product TestingA Stratagem on Strategy: Rolling Security Testing into Product Testing
A Stratagem on Strategy: Rolling Security Testing into Product Testing
 
Modernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source SoftwareModernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source Software
 
Find Out What's New With WhiteSource September 2018- A WhiteSource Webinar
Find Out What's New With WhiteSource September 2018- A WhiteSource WebinarFind Out What's New With WhiteSource September 2018- A WhiteSource Webinar
Find Out What's New With WhiteSource September 2018- A WhiteSource Webinar
 
Using Data Science for Cybersecurity
Using Data Science for CybersecurityUsing Data Science for Cybersecurity
Using Data Science for Cybersecurity
 
Securing and automating your application infrastructure meetup 23112021 b
Securing and automating your application infrastructure meetup 23112021 bSecuring and automating your application infrastructure meetup 23112021 b
Securing and automating your application infrastructure meetup 23112021 b
 
Building Elastic into security operations
Building Elastic into security operationsBuilding Elastic into security operations
Building Elastic into security operations
 
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps From Zero to DevSecOps: How to Implement Security at the Speed of DevOps
From Zero to DevSecOps: How to Implement Security at the Speed of DevOps
 
Secure Code review - Veracode SaaS Platform - Saudi Green Method
Secure Code review - Veracode SaaS Platform - Saudi Green MethodSecure Code review - Veracode SaaS Platform - Saudi Green Method
Secure Code review - Veracode SaaS Platform - Saudi Green Method
 
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
 
Bolt IoT Platform: How to build IoT products and prototypes easily.
Bolt IoT Platform: How to build IoT products and prototypes easily.Bolt IoT Platform: How to build IoT products and prototypes easily.
Bolt IoT Platform: How to build IoT products and prototypes easily.
 
Software Security Assurance for DevOps
Software Security Assurance for DevOpsSoftware Security Assurance for DevOps
Software Security Assurance for DevOps
 
Simplicity in Hybrid IT Environments – A Security Oxymoron?
Simplicity in Hybrid IT Environments – A Security Oxymoron?Simplicity in Hybrid IT Environments – A Security Oxymoron?
Simplicity in Hybrid IT Environments – A Security Oxymoron?
 
Webinar – Risk-based adaptive DevSecOps
Webinar – Risk-based adaptive DevSecOps Webinar – Risk-based adaptive DevSecOps
Webinar – Risk-based adaptive DevSecOps
 
Implement Combinatorial Test Patterns for Better Mobile and IoT Testing
Implement Combinatorial Test Patterns for Better Mobile and IoT TestingImplement Combinatorial Test Patterns for Better Mobile and IoT Testing
Implement Combinatorial Test Patterns for Better Mobile and IoT Testing
 
Practical DevSecOps - Arief Karfianto
Practical DevSecOps - Arief KarfiantoPractical DevSecOps - Arief Karfianto
Practical DevSecOps - Arief Karfianto
 

Similar to Piacere general presentation

PIACERE - DevSecOps Automated
PIACERE - DevSecOps AutomatedPIACERE - DevSecOps Automated
PIACERE - DevSecOps AutomatedPIACERE
 
Anand_Honeywell_11yrs
Anand_Honeywell_11yrsAnand_Honeywell_11yrs
Anand_Honeywell_11yrsAnand Patil
 
Testing infrastructure as code
Testing infrastructure as codeTesting infrastructure as code
Testing infrastructure as codePrancer Io
 
Continuous (Non-)Functional Testing of Microservices on K8s
Continuous (Non-)Functional Testing of Microservices on K8sContinuous (Non-)Functional Testing of Microservices on K8s
Continuous (Non-)Functional Testing of Microservices on K8sQAware GmbH
 
ABN AMRO DevSecOps Journey
ABN AMRO DevSecOps JourneyABN AMRO DevSecOps Journey
ABN AMRO DevSecOps JourneyDerek E. Weeks
 
Web Development in Advanced Threat Prevention
Web Development in Advanced Threat PreventionWeb Development in Advanced Threat Prevention
Web Development in Advanced Threat PreventionIRJET Journal
 
John Haggins Res2015
John Haggins Res2015John Haggins Res2015
John Haggins Res2015John Haggins
 
Gervais Peter Resume Oct :2015
Gervais Peter Resume Oct :2015Gervais Peter Resume Oct :2015
Gervais Peter Resume Oct :2015Peter Gervais
 
Summit 16: NetIDE: Integrating and Orchestrating SDN Controllers
Summit 16: NetIDE: Integrating and Orchestrating SDN ControllersSummit 16: NetIDE: Integrating and Orchestrating SDN Controllers
Summit 16: NetIDE: Integrating and Orchestrating SDN ControllersOPNFV
 
CNCF Introduction - Feb 2018
CNCF Introduction - Feb 2018CNCF Introduction - Feb 2018
CNCF Introduction - Feb 2018Krishna-Kumar
 
Effective Information Flow Control as a Service: EIFCaaS
Effective Information Flow Control as a Service: EIFCaaSEffective Information Flow Control as a Service: EIFCaaS
Effective Information Flow Control as a Service: EIFCaaSIRJET Journal
 
Web Application Security for Continuous Delivery Pipelines
Web Application Security for Continuous Delivery PipelinesWeb Application Security for Continuous Delivery Pipelines
Web Application Security for Continuous Delivery PipelinesAvi Networks
 
Overview of asp .net
Overview of asp .netOverview of asp .net
Overview of asp .netSajan Sahu
 
Analyzing Optimal Practises for Web Frameworks
Analyzing Optimal Practises for Web FrameworksAnalyzing Optimal Practises for Web Frameworks
Analyzing Optimal Practises for Web FrameworksIRJET Journal
 
VMworld 2013: Architecting the Software-Defined Data Center
VMworld 2013: Architecting the Software-Defined Data Center VMworld 2013: Architecting the Software-Defined Data Center
VMworld 2013: Architecting the Software-Defined Data Center VMworld
 

Similar to Piacere general presentation (20)

PIACERE - DevSecOps Automated
PIACERE - DevSecOps AutomatedPIACERE - DevSecOps Automated
PIACERE - DevSecOps Automated
 
Anand_Honeywell_11yrs
Anand_Honeywell_11yrsAnand_Honeywell_11yrs
Anand_Honeywell_11yrs
 
.NetKS Catalogue
.NetKS Catalogue.NetKS Catalogue
.NetKS Catalogue
 
Testing infrastructure as code
Testing infrastructure as codeTesting infrastructure as code
Testing infrastructure as code
 
Continuous (Non-)Functional Testing of Microservices on K8s
Continuous (Non-)Functional Testing of Microservices on K8sContinuous (Non-)Functional Testing of Microservices on K8s
Continuous (Non-)Functional Testing of Microservices on K8s
 
ABN AMRO DevSecOps Journey
ABN AMRO DevSecOps JourneyABN AMRO DevSecOps Journey
ABN AMRO DevSecOps Journey
 
Web Development in Advanced Threat Prevention
Web Development in Advanced Threat PreventionWeb Development in Advanced Threat Prevention
Web Development in Advanced Threat Prevention
 
Building converged plantwide ethernet architectures
Building converged plantwide ethernet architecturesBuilding converged plantwide ethernet architectures
Building converged plantwide ethernet architectures
 
IoT and M2M Safety and Security
IoT and M2M Safety and Security IoT and M2M Safety and Security
IoT and M2M Safety and Security
 
Balaji Resume
Balaji ResumeBalaji Resume
Balaji Resume
 
John Haggins Res2015
John Haggins Res2015John Haggins Res2015
John Haggins Res2015
 
Gervais Peter Resume Oct :2015
Gervais Peter Resume Oct :2015Gervais Peter Resume Oct :2015
Gervais Peter Resume Oct :2015
 
Summit 16: NetIDE: Integrating and Orchestrating SDN Controllers
Summit 16: NetIDE: Integrating and Orchestrating SDN ControllersSummit 16: NetIDE: Integrating and Orchestrating SDN Controllers
Summit 16: NetIDE: Integrating and Orchestrating SDN Controllers
 
CNCF Introduction - Feb 2018
CNCF Introduction - Feb 2018CNCF Introduction - Feb 2018
CNCF Introduction - Feb 2018
 
Effective Information Flow Control as a Service: EIFCaaS
Effective Information Flow Control as a Service: EIFCaaSEffective Information Flow Control as a Service: EIFCaaS
Effective Information Flow Control as a Service: EIFCaaS
 
Web Application Security for Continuous Delivery Pipelines
Web Application Security for Continuous Delivery PipelinesWeb Application Security for Continuous Delivery Pipelines
Web Application Security for Continuous Delivery Pipelines
 
Overview of asp .net
Overview of asp .netOverview of asp .net
Overview of asp .net
 
Analyzing Optimal Practises for Web Frameworks
Analyzing Optimal Practises for Web FrameworksAnalyzing Optimal Practises for Web Frameworks
Analyzing Optimal Practises for Web Frameworks
 
VMworld 2013: Architecting the Software-Defined Data Center
VMworld 2013: Architecting the Software-Defined Data Center VMworld 2013: Architecting the Software-Defined Data Center
VMworld 2013: Architecting the Software-Defined Data Center
 
Profile_Ahmad2
Profile_Ahmad2Profile_Ahmad2
Profile_Ahmad2
 

More from PIACERE

PIACERE project overview, summary of objectives v2
PIACERE project overview, summary of objectives v2PIACERE project overview, summary of objectives v2
PIACERE project overview, summary of objectives v2PIACERE
 
eSAAM2023-PIACERE Integrated Development Environment
eSAAM2023-PIACERE Integrated Development EnvironmenteSAAM2023-PIACERE Integrated Development Environment
eSAAM2023-PIACERE Integrated Development EnvironmentPIACERE
 
PIACERE project at EClipse Con 2023
PIACERE project at EClipse Con 2023PIACERE project at EClipse Con 2023
PIACERE project at EClipse Con 2023PIACERE
 
PIACERE ICG Gaia-X Event Bilbao
PIACERE ICG Gaia-X Event BilbaoPIACERE ICG Gaia-X Event Bilbao
PIACERE ICG Gaia-X Event BilbaoPIACERE
 
CCM Brussels PIACERE presentation (2023-05-09)
CCM Brussels PIACERE presentation (2023-05-09)CCM Brussels PIACERE presentation (2023-05-09)
CCM Brussels PIACERE presentation (2023-05-09)PIACERE
 
Piacere presentation in Databeers
Piacere presentation in DatabeersPiacere presentation in Databeers
Piacere presentation in DatabeersPIACERE
 
PIACERE presentation during the WORLD CIST 2023
PIACERE presentation during the WORLD CIST 2023PIACERE presentation during the WORLD CIST 2023
PIACERE presentation during the WORLD CIST 2023PIACERE
 

More from PIACERE (7)

PIACERE project overview, summary of objectives v2
PIACERE project overview, summary of objectives v2PIACERE project overview, summary of objectives v2
PIACERE project overview, summary of objectives v2
 
eSAAM2023-PIACERE Integrated Development Environment
eSAAM2023-PIACERE Integrated Development EnvironmenteSAAM2023-PIACERE Integrated Development Environment
eSAAM2023-PIACERE Integrated Development Environment
 
PIACERE project at EClipse Con 2023
PIACERE project at EClipse Con 2023PIACERE project at EClipse Con 2023
PIACERE project at EClipse Con 2023
 
PIACERE ICG Gaia-X Event Bilbao
PIACERE ICG Gaia-X Event BilbaoPIACERE ICG Gaia-X Event Bilbao
PIACERE ICG Gaia-X Event Bilbao
 
CCM Brussels PIACERE presentation (2023-05-09)
CCM Brussels PIACERE presentation (2023-05-09)CCM Brussels PIACERE presentation (2023-05-09)
CCM Brussels PIACERE presentation (2023-05-09)
 
Piacere presentation in Databeers
Piacere presentation in DatabeersPiacere presentation in Databeers
Piacere presentation in Databeers
 
PIACERE presentation during the WORLD CIST 2023
PIACERE presentation during the WORLD CIST 2023PIACERE presentation during the WORLD CIST 2023
PIACERE presentation during the WORLD CIST 2023
 

Recently uploaded

DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyFrank van der Linden
 
Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Intelisync
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 

Recently uploaded (20)

DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The Ugly
 
Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 

Piacere general presentation

  • 1. This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 101000162. PIACERE General Presentation Leire Orue-Echevarria (TECNALIA)
  • 2. 2 General Information 15/05/2021 GA 101000162 PIACERE - Programming trustworthy Infrastructure As Code in a sEcuRE framework ➔December 2020-2023 (36 months) ➔Overall budget: 4.424.250 euros ➔Project coordinator: TECNALIA ➔Technical coordinator: XLAB
  • 3. 3 Overall objective  To enable most organizations to fully embrace the Infrastructure- as-Code (IaC) approach, through the DevSecOps philosophy, by making the creation of such code more accessible to designers, developers and operators (DevSecOps teams), increasing the quality, security, trustworthiness and evolvability of infrastructural code while ensuring its business continuity by providing self-healing mechanisms anticipating to failures and violations, and self-learning from the conditions that triggered such re-adaptations. 15/05/2021 GA 101000162
  • 4. 4 Main objectives 15/05/2021 GA 101000162 Help the DevSecOps teams to plan the development of the infrastructural models and to create the IaC, by providing them with a simple definition of abstractions of execution environments Provide the DevSecOps Teams with the tools to verify the correctness of the infrastructural models and the trustworthiness and security of the IaC and the associated software components Provide the DevSecOps teams with the tools and environments to simulate, package, release and configure an optimized deployment of the IaC Support DevSecOps teams with the mechanisms and tools to continuously monitor, self- learn and plan for (self-)healing and optimize the executable IaC Validate that the PIACERE framework is suitable to address the needs for infrastructural code in a variety of application domains
  • 5. 5 Context and motivation 15/05/2021 GA 101000162 Virtualization Cloud Computing Continuum (Sec) DevOps philosophy Infrastructure as Code (IaC) Enables the automation of several deployment, configuration and management tasks that otherwise would have to be performed manually by an operator Templates Scripts Policies Network elements Cloud infrastructure
  • 6. 6 Context and motivation: general challenges 15/05/2021 GA 101000162 Large variety of competing tools with different programming languages for writing infrastructural code Focused on a single or a small set of automation steps and of types of resources (e.g. VMs) Focused on cloud computing leaving aside other computational resources such as the edge Not really an end-to-end solution covering Devs and the Ops Trustworthiness and security aspects of the IaC are often left for the end of the cycle
  • 7. 7 Approach and workflow 15/05/2021 GA 101000162 IaC Support to easily model the resources, network and infrastructural requirements Automatic code generation for the required specific infrastructure Model and code level verification Security inspection of the IaC and imported sw components Behaviour simulation of the IaC based on an optimized deployment configuration Automatic IaC execution to orchestrate the deployment Monitor IaC at run-time and predict failures that may trigger self-helaing mehanisms Monitor run time security The main objective of the PIACERE project is thus to provide means (tools, methods and techniques) to enable most organizations to fully embrace the Infrastructure-as-Code approach, through the DevSecOps philosophy
  • 8. 8 IaC DevSec 15/05/2021 GA 101000162 IaC design, development and verification • Integration of the IaC Sec Dev process Creation of IaC models based on the NFRs • Definition of the topology and properties of the infrastructure • Abstraction from the specifities of the IaC language and protocol • Extendible Automatic IaC generation based on the models • Most prominent target IaC environments and languages (e.g. Terraform, Ansible, TOSCA) • Code generation for provisioning and deployment orchestrators, configuration management environments, monitoring platforms and networks APIs. Models and code vertification • Verification of the models • Code syntactic correctness, consistency and ability to fulfil specific non-functional properties verification • SAST and security inspector components IaC Development Modelling Code generation
  • 9. 9 IaC SecOps 15/05/2021 GA 101000162 IaC simulation • Isolated execution and testing of Infrastructure as Code behavior • Identification of potential vulnerabilities and bottlenecks • Catalogue of services and infrastructural elements • Optimization combination of services and infrastructural elements Automatic IaC execution • Creation of the deployment plan • Interdependencies management • Distribution to the subsystems that perform the actual provisioning (e.g. creating virtual machines using proper IaaS connector, installing software packages or adjusting application configuration using Ansible) IaC intelligent monitoring • Execution logs • Run time security verification • QoS assurance through self learning and self-healing mechanisms Automatic re-deployment and adaptation • To ensure that their infrastructural code is always conforming to the SLAs committed with the end-user even if the environmental situation changes IaC (Pre-)deployment IaC Operation
  • 11. 11 PIACERE Key Results 15/05/2021 GA 101000162 DevSecOps Modelling Language (DOML) Verification Tool (DOML-E) Infrastructural Code Generator IaC code security inspector Component Security inspector Key results for IaC design and creation Integrated Development Environment Key results for trustworthy and secure IaC development IaC Development Modelling Code generation IaC Development Models and code verification
  • 12. 12 PIACERE Key Results 15/05/2021 GA 101000162 Canary Sandbox Environment IaC Optimized Platform IaC Execution Platform Self-learning and self- healing mechanisms Runtime security monitoring Key results for optimized pre- deployment of IaC Key results for real- time monitored and self-healing IaC IaC (Pre-)deployment IaC Operation
  • 13. 13 PIACERE Key Results 15/05/2021 GA 101000162 PIACERE DevSecOps Framework Validated in 3 application domains Slovenian Ministry of Public Administration Critical Maritime Infrastructures Public Safety on IoT in 5G IaC design and creation Trustworthy and secure IaC development Optimized pre-deployment of IaC Monitored and self-healing IaC
  • 14. 14 PIACERE Innovations 15/05/2021 GA 101000162 Infrastructur e modeling and abstraction IaC verification and simulation Security concerns in IaC IaC monitoring, self-learning and self- healing IaC solutions
  • 15. 15 PIACERE Innovations 15/05/2021 GA 101000162 Infrastructur e modeling and abstraction IaC verification and simulation Security concerns in IaC IaC monitoring, self-learning and self- healing IaC solutions IaC solutions ➔ Support for different IaC tools in a single IDE ➔ Integration of heterogeneous resources and infrastrucutural elements ➔ Extendible approach for the new technologies to come
  • 16. 16 PIACERE Innovations 15/05/2021 GA 101000162 Infrastructur e modeling and abstraction IaC verification and simulation Security concerns in IaC IaC monitoring, self-learning and self- healing IaC solutions Infrastructure modeling and abstraction ➔ Independence from the target IaC tool ➔ Possibility to easily extend the languages supported ➔ A smart modeling environment
  • 17. 17 PIACERE Innovations 15/05/2021 GA 101000162 Infrastructur e modeling and abstraction IaC verification and simulation Security concerns in IaC IaC monitoring, self-learning and self- healing IaC solutions IaC verification and simulation ➔ Model consistency checking as well as the fulfilment of critical safety and reliability properties ➔ Best practices and guidelines for infrastructural code testing not depending on DSL ➔ Canary environment: Abstractions to model infrastructural and deployment specifications (information flow, cloud provisioning and configuration and the application deployment)
  • 18. 18 PIACERE Innovations 15/05/2021 GA 101000162 Infrastructur e modeling and abstraction IaC verification and simulation Security concerns in IaC IaC solutions Security concerns in IaC ➔ IaC-SAST with detectors for dangerous IaC code patterns ➔ Automated on-the-fly security analysis of application code ➔ Checking cryptographic libraries for vulnerability to attacks ➔ DAST support for detecting vulnerabilities in the environment before the applications are deployed to production IaC monitoring, self-learning and self- healing
  • 19. 19 PIACERE Innovations 15/05/2021 GA 101000162 IaC monitoring, self-learning and self-healing ➔ Swarm Intelligence multi-objective meta-heuristics to the IaC domain ➔ Integrated online learning and concept drift detection ➔ Dynamic adaptation of the fitness function of the problem to create more robust solutions Infrastructur e modeling and abstraction IaC verification and simulation Security concerns in IaC IaC solutions IaC monitoring, self-learning and self- healing
  • 20. 20 ▌ PIACERE Innovations Infrastructur e modeling and abstraction IaC verification and simulation Security concerns in IaC IaC monitoring, self-learning and self- healing IaC solutions IaC monitoring, self-learning and self-healing ➔ Swarm Intelligence multi-objective meta-heuristics to the IaC domain ➔ Integrated online learning and concept drift detection ➔ Dynamic adaptation of the fitness function of the problem to create more robust solutions
  • 21. 21 Target users 15/05/2021 GA 101000162 Target users ➔Developers of IaC ➔ Operators of IaC Infrastructural Code
  • 22. 22 Benefits 15/05/2021 GA 101000162 PIACERE will enable organizations to fully embrace the Infrastructure-as-Code approach by:  Making the creation of such infrastructural code more accessible to the DevSecOps teams  Increasing the quality, security, trustworthiness and evolvability of infrastructural code  Ensuring business continuity by providing self-healing mechanisms anticipation of failures and violations  Allowing IaC to self-learn from previous conditions that triggered un-expected situations