Results

The PIACERE solution provides:

A new generation DevSecOps framework for infrastructural code (IaC) supporting the creation of such code, increasing its quality, security, trustworthiness and evolvability while ensuring the business continuity by providing self-healing mechanisms anticipating to failures and violations, and self-learning from the conditions that triggered such re-adaptations.

IaC DevSec

Result: DevOps Modelling Language [DOML]

Creation of IaC models based on the NFRs

Definition of the topology and properties of the infrastructure
Abstraction from the specifities of the IaC language and protocol
Extendible

Result: Infrastructural Code Generator [ICG]

Automatic IaC generation based on the models

Most prominent target IaC environments and languages (e.g. Terraform, Ansible, TOSCA)
Code generation for provisioning and deployment orchestrators, configuration management environments, monitoring platforms and networks APIs.

Result: Verification Tool [VT]

Models and code vertification

Verification of the models
Code syntactic correctness, consistency and ability to fulfil specific non-functional properties verification
SAST and security inspector components

Captura de Pantalla 2023-05-11 a las 14.44.56

IaC design, development and verification

Integration of the IaC Sec Dev process

IaC SecOps

Result: Canary environment, IaC Optimized Platform

IaC simulation

Isolated execution and testing of Infrastructure as Code behavior
Identification of potential vulnerabilities and bottlenecks
Catalogue of services and infrastructural elements
Optimization combination of services and infrastructural elements

Result: IaC Execution Platform

Automatic IaC execution

Creation of the deployment plan
Interdependencies management
Distribution to the subsystems that perform the actual provisioning (e.g. creating virtual machines using proper IaaS connector, installing software packages or adjusting application configuration using Ansible)

Result: runtime monitoring, Self-learning and self-healing mechanisms

IaC intelligent monitoring

Execution logs
Run time security verification
QoS assurance through self learning and self-healing mechanisms

Captura de Pantalla 2023-05-11 a las 14.48.07

Automatic re-deployment and adaptation

To ensure that their infrastructural code is always conforming to the SLAs committed with the end-user even if the environmental situation changes