Bibliographische Detailangaben
| Titel: |
AI for DevSecOps: A Landscape and Future Opportunities. |
| Autoren: |
Fu, Michael, Pasuksmit, Jirat, Tantithamthavorn, Chakkrit |
| Quelle: |
ACM Transactions on Software Engineering & Methodology; May2025, Vol. 34 Issue 4, p1-61, 61p |
| Schlagwörter: |
ARTIFICIAL intelligence, MACHINE learning, SAFETY standards, AUTOMATION software, COMPUTER software development, INQUIRY (Theory of knowledge), DEEP learning |
| Abstract: |
DevOps has emerged as one of the most rapidly evolving software development paradigms. With the growing concerns surrounding security in software systems, the DevSecOps paradigm has gained prominence, urging practitioners to incorporate security practices seamlessly into the DevOps workflow. However, integrating security into the DevOps workflow can impact agility and impede delivery speed. Recently, the advancement of artificial intelligence (AI) has revolutionized automation in various software domains, including software security. AI-driven security approaches, particularly those leveraging machine learning or deep learning, hold promise in automating security workflows. They have the potential to reduce manual efforts and can be incorporated into DevOps practices to support consistent delivery speed while aligning with the principles of the DevSecOps paradigm. This article seeks to contribute to the critical intersection of AI and DevSecOps by presenting a comprehensive landscape of AI-driven security techniques applicable to DevOps and identifying avenues for enhancing security, trust, and efficiency in software development processes. We analyzed 99 research papers spanning from 2017 to 2023. Specifically, we address two key research questions (RQs). In RQ1, we identified 12 security tasks associated with the DevSecOps process and reviewed existing AI-driven security approaches, the problems they addressed, and the 65 benchmarks used to evaluate those approaches. Drawing insights from our findings, in RQ2, we discussed state-of-the-art AI-driven security approaches, highlighted 15 challenges in existing research, and proposed 15 corresponding avenues for future opportunities. [ABSTRACT FROM AUTHOR] |
|
Copyright of ACM Transactions on Software Engineering & Methodology is the property of Association for Computing Machinery and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.) |
| Datenbank: |
Complementary Index |
Full Text Finder 
Nájsť tento článok vo Web of Science