Automated Data for DevSecOps Programs

Thumbnail Image
Authors
Nichols, William Richard
Yasar, Hasan
Antunes, Luiz
Miller, Christopher L.
McCarthy, Robert
Subjects
Advisors
Date of Issue
2022-05-02
Date
2022-05-02
Publisher
Monterey, California. Naval Postgraduate School
Language
Abstract
Automation in DevSecOps (DSO) transforms the practice of building, deploying, and managing software intensive programs. Although this automation supports continuous delivery and rapid builds, the persistent manual collection of information delays (by weeks) the release of program status metrics and the decisions they are intended to inform. Emerging DSO metrics (e.g., deployment rates, lead times) provide insight into how software development is progressing but fall short of replacing program control metrics for assessing progress (e.g., burn rates against spend targets, integration capability tar-get dates, and schedule for the minimum viable capability release). By instrumenting the (potentially in-teracting) DSO pipelines and supporting environments, the continuous measurement of status, identifica-tion of emerging risks, and probabilistic projections are possible and practical. In this paper, we discuss our research on the information modeling, measurement, metrics, and indicators necessary to establish a continuous program control capability that can keep pace with DSO management needs. We discuss the importance of interactive visualization dashboards for addressing program information needs. We also identify and address the gaps and barriers in the current state of the practice. Finally, we recommend future research needs based on our initial findings.
Type
Conference Paper
Description
Excerpt from the Proceedings of the Nineteenth Annual Acquisition Research Symposium
URI
https://hdl.handle.net/10945/70388
Series/Report No
Department
Organization
Acquisition Research Program (ARP)
Identifiers
NPS Report Number
SYM-AM-22-071
Sponsors
Funder
Format
Citation
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
Copyright is reserved by the copyright owner.
Collections
Conferences
Load more