This project has received funding from the European Union to create trustworthy infrastructure as code. It aims to help organizations fully embrace the infrastructure-as-code approach through the DevSecOps philosophy by making the creation of infrastructure code more accessible, secure, and reliable. The project will develop tools to help with modeling, verifying, deploying, monitoring, and updating infrastructure code to ensure business continuity and security. It is coordinated by TECNALIA and aims to validate its framework in three application domains over three years.
1. This project has received funding from the European
Union’s Horizon 2020 research and innovation
programme under grant agreement No. 101000162.
PIACERE General
Presentation
Leire Orue-Echevarria (TECNALIA)
2. 2
General Information
15/05/2021
GA 101000162
PIACERE - Programming trustworthy
Infrastructure As Code in a sEcuRE framework
➔December 2020-2023 (36 months)
➔Overall budget: 4.424.250 euros
➔Project coordinator: TECNALIA
➔Technical coordinator: XLAB
3. 3
Overall objective
To enable most organizations to fully embrace the Infrastructure-
as-Code (IaC) approach, through the DevSecOps philosophy,
by making the creation of such code more accessible to designers,
developers and operators (DevSecOps teams), increasing the
quality, security, trustworthiness and evolvability of
infrastructural code while ensuring its business continuity by
providing self-healing mechanisms anticipating to failures
and violations, and self-learning from the conditions that
triggered such re-adaptations.
15/05/2021
GA 101000162
4. 4
Main objectives
15/05/2021
GA 101000162
Help the DevSecOps teams to plan the development of the infrastructural models and to create
the IaC, by providing them with a simple definition of abstractions of execution environments
Provide the DevSecOps Teams with the tools to verify the correctness of the infrastructural
models and the trustworthiness and security of the IaC and the associated software components
Provide the DevSecOps teams with the tools and environments to simulate, package,
release and configure an optimized deployment of the IaC
Support DevSecOps teams with the mechanisms and tools to continuously monitor, self-
learn and plan for (self-)healing and optimize the executable IaC
Validate that the PIACERE framework is suitable to address the needs for infrastructural code in
a variety of application domains
5. 5
Context and motivation
15/05/2021
GA 101000162
Virtualization
Cloud Computing
Continuum
(Sec) DevOps
philosophy
Infrastructure as Code (IaC)
Enables the automation of several deployment, configuration and management
tasks that otherwise would have to be performed manually by an operator
Templates Scripts Policies Network
elements
Cloud
infrastructure
6. 6
Context and motivation: general
challenges
15/05/2021
GA 101000162
Large variety of competing tools with different programming languages for writing
infrastructural code
Focused on a single or a small set of automation steps and of types of resources (e.g. VMs)
Focused on cloud computing leaving aside other computational resources such as the edge
Not really an end-to-end solution covering Devs and the Ops
Trustworthiness and security aspects of the IaC are often left for the end of the cycle
7. 7
Approach and workflow
15/05/2021
GA 101000162
IaC
Support to easily model the
resources, network and
infrastructural requirements
Automatic code
generation for the
required specific
infrastructure
Model and code level
verification
Security inspection of the
IaC and imported sw
components
Behaviour simulation of the IaC based on
an optimized deployment configuration
Automatic IaC execution to
orchestrate the deployment
Monitor IaC at run-time
and predict failures that
may trigger self-helaing
mehanisms
Monitor run time
security
The main objective of the PIACERE project is thus to provide means (tools, methods and
techniques) to enable most organizations to fully embrace the Infrastructure-as-Code
approach, through the DevSecOps philosophy
8. 8
IaC DevSec
15/05/2021
GA 101000162
IaC design, development and verification
• Integration of the IaC Sec Dev process
Creation of IaC models based on
the NFRs
• Definition of the topology and
properties of the infrastructure
• Abstraction from the specifities
of the IaC language and
protocol
• Extendible
Automatic IaC generation based on
the models
• Most prominent target IaC environments
and languages (e.g. Terraform, Ansible,
TOSCA)
• Code generation for provisioning and
deployment orchestrators, configuration
management environments, monitoring
platforms and networks APIs.
Models and code vertification
• Verification of the models
• Code syntactic correctness,
consistency and ability to fulfil
specific non-functional properties
verification
• SAST and security inspector
components
IaC Development
Modelling Code generation
9. 9
IaC SecOps
15/05/2021
GA 101000162
IaC simulation
• Isolated execution and testing of
Infrastructure as Code behavior
• Identification of potential
vulnerabilities and bottlenecks
• Catalogue of services and
infrastructural elements
• Optimization combination of services
and infrastructural elements
Automatic IaC execution
• Creation of the deployment plan
• Interdependencies management
• Distribution to the subsystems that
perform the actual provisioning (e.g.
creating virtual machines using proper
IaaS connector, installing software
packages or adjusting application
configuration using Ansible)
IaC intelligent monitoring
• Execution logs
• Run time security verification
• QoS assurance through self
learning and self-healing
mechanisms
Automatic re-deployment and adaptation
• To ensure that their infrastructural code is always conforming to the SLAs committed with the end-user even
if the environmental situation changes
IaC (Pre-)deployment IaC Operation
11. 11
PIACERE Key Results
15/05/2021
GA 101000162
DevSecOps
Modelling
Language
(DOML)
Verification
Tool
(DOML-E)
Infrastructural
Code
Generator
IaC code
security
inspector
Component
Security
inspector
Key results for IaC
design and creation
Integrated
Development
Environment
Key results for
trustworthy and
secure IaC
development
IaC Development
Modelling Code generation
IaC Development
Models and code verification
12. 12
PIACERE Key Results
15/05/2021
GA 101000162
Canary
Sandbox
Environment
IaC
Optimized
Platform
IaC Execution
Platform
Self-learning
and self-
healing
mechanisms
Runtime
security
monitoring
Key results for
optimized pre-
deployment of IaC
Key results for real-
time monitored and
self-healing IaC
IaC (Pre-)deployment
IaC Operation
13. 13
PIACERE Key Results
15/05/2021
GA 101000162
PIACERE DevSecOps
Framework
Validated in 3 application
domains
Slovenian Ministry of Public Administration
Critical Maritime Infrastructures Public Safety on IoT in 5G
IaC design and creation Trustworthy and secure IaC development
Optimized pre-deployment of IaC Monitored and self-healing IaC
15. 15
PIACERE Innovations
15/05/2021
GA 101000162
Infrastructur
e modeling
and
abstraction
IaC
verification
and
simulation
Security
concerns in
IaC
IaC
monitoring,
self-learning
and self-
healing
IaC
solutions
IaC solutions
➔ Support for different IaC tools in a single IDE
➔ Integration of heterogeneous resources and infrastrucutural elements
➔ Extendible approach for the new technologies to come
16. 16
PIACERE Innovations
15/05/2021
GA 101000162
Infrastructur
e modeling
and
abstraction
IaC
verification
and
simulation
Security
concerns in
IaC
IaC monitoring,
self-learning
and self-
healing
IaC
solutions
Infrastructure modeling and abstraction
➔ Independence from the target IaC tool
➔ Possibility to easily extend the languages supported
➔ A smart modeling environment
17. 17
PIACERE Innovations
15/05/2021
GA 101000162
Infrastructur
e modeling
and
abstraction
IaC
verification
and
simulation
Security
concerns in
IaC
IaC
monitoring,
self-learning
and self-
healing
IaC
solutions
IaC verification and simulation
➔ Model consistency checking as well as the fulfilment of critical safety and reliability properties
➔ Best practices and guidelines for infrastructural code testing not depending on DSL
➔ Canary environment: Abstractions to model infrastructural and deployment specifications
(information flow, cloud provisioning and configuration and the application deployment)
18. 18
PIACERE Innovations
15/05/2021
GA 101000162
Infrastructur
e modeling
and
abstraction
IaC
verification
and
simulation
Security
concerns in
IaC
IaC
solutions
Security concerns in IaC
➔ IaC-SAST with detectors for dangerous IaC code patterns
➔ Automated on-the-fly security analysis of application code
➔ Checking cryptographic libraries for vulnerability to attacks
➔ DAST support for detecting vulnerabilities in the environment before the
applications are deployed to production
IaC
monitoring,
self-learning
and self-
healing
19. 19
PIACERE Innovations
15/05/2021
GA 101000162
IaC monitoring, self-learning and self-healing
➔ Swarm Intelligence multi-objective meta-heuristics to the IaC domain
➔ Integrated online learning and concept drift detection
➔ Dynamic adaptation of the fitness function of the problem to create more robust
solutions
Infrastructur
e modeling
and
abstraction
IaC
verification
and
simulation
Security
concerns in
IaC
IaC
solutions
IaC
monitoring,
self-learning
and self-
healing
20. 20 ▌
PIACERE Innovations
Infrastructur
e modeling
and
abstraction
IaC
verification
and
simulation
Security
concerns in
IaC
IaC
monitoring,
self-learning
and self-
healing
IaC
solutions
IaC monitoring, self-learning and self-healing
➔ Swarm Intelligence multi-objective meta-heuristics to the IaC domain
➔ Integrated online learning and concept drift detection
➔ Dynamic adaptation of the fitness function of the problem to create more robust
solutions
22. 22
Benefits
15/05/2021
GA 101000162
PIACERE will enable organizations to fully embrace
the Infrastructure-as-Code approach by:
Making the creation of such infrastructural code more
accessible to the DevSecOps teams
Increasing the quality, security, trustworthiness and
evolvability of infrastructural code
Ensuring business continuity by providing self-healing
mechanisms anticipation of failures and violations
Allowing IaC to self-learn from previous conditions that
triggered un-expected situations