Rules and Guidelines
Want to participate in the discussions? Please read our Community Rules and Guidelines. Need some help? Visit Support and Answers.

  • Locked Locked
  • Replies 1 reply
  • Subscribers 16 subscribers
  • Views 660 views
  • Users 0 members are here
Options
You may also be interested in
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DevSecOps in a safety-related environment

Andrew Rylah

Many new practices are seeing increased use across domains. And it’s natural for managers and engineers working in these domains to want to adopt new approaches which potentially offer improvements to product quality and the efficiency of their teams.

One such example is DevSecOps (a portmanteau of development, security and operations) which is a collection of concepts and practices intended to break down the silos between developers, security professionals and operations specialists within an organisation. Breaking down silos provides a more-integrated way of developing, shipping and monitoring products and services.

The end result of this holistic approach to building and delivering software is improved quality, increased end-user satisfaction, and a higher degree of assurance that the product is secure from a cyber security perspective. DevSecOps can also present an opportunity to increase the automation of verification & validation activities, enabling teams to focus their effort on complex issues.

 The IET Engineering Safety Policy Panel has produced a short flyer, highlighting the promises of DevSecOps practices as well as considerations for the use of DevSecOps in the safety-related environment. This includes questions that organisations should ask when considering the adoption of DevSecOps practices. We want to be clear - this isn’t intended to be detailed guidance, merely to present some of the key concepts and questions around the subject.

A further, long-form guidance document will follow at a later date with detailed guidance to give organisations within the safety-related environment a deeper understanding of key questions, considerations, and activities to make the most effective use of DevSecOps, as well as common pitfalls to avoid when adopting it.

We welcome all feedback and would be especially interested to hear from practitioners in this area (particularly from safety-related industries!) who want to help us develop the long-form guidance.

Download the flyer for free: DevSecOps in a safety-related environment

Parents Reply Children
No Data

Community Rules & Guidelines