Assurance Case (AC) Role in DevSecOps Pipeline: An Example

Abstract

Show potential role of a pipeline-oriented (DevSecOps) assurance case (AC): Prior use of ACs focused on gaining release decision from oversight body. Show potential value/benefits of a pipeline-oriented AC: Justify exit criteria for pipeline stages; Define evidence needed to meet (evolving) exit criteria; Provide basis for reassurance activity, e.g.,; What evidence needs to be refreshed to maintain confidence that (relevant) exit criteria continue to be met. A properly annotated AC defines exit criteria for each pipeline stage as well as showing how each stage contributes to overall system assurance.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 13, 2021
Accession Number
AD1154997

Entities

People

  • Bob Ellison
  • Carol C. Woody
  • Chuck Weinstock
  • John B. Goodenough

Organizations

  • Carnegie Mellon University

Tags

DTIC Thesaurus Topics

  • Authentication
  • Availability
  • Contracts
  • Contrast
  • Copyrights
  • Department Of Defense
  • Engineering
  • Governments
  • Guarantees
  • Materials
  • National Governments
  • Patents
  • Pipelines
  • Resource Management
  • Software Development
  • Universities
  • Validation

Readers

  • Combustion and Flow Dynamics.
  • Materials Science and Engineering.
  • Software Engineering.