English
Related papers

Related papers: SecDocker: Hardening the Continuous Integration Wo…

200 papers
Enhancing Software Supply Chain Security Through STRIDE-Based Threat Modelling of CI/CD Pipelines

With the increasing adoption of Continuous Integration and Continuous Deployment pipelines, securing software supply chains has become a critical challenge for modern DevOps teams. This study addresses these challenges by applying a…

Software Engineering · Computer Science 2025-06-10 Sowmiya Dhandapani
An Empirical Analysis of Practitioners' Perspectives on Security Tool Integration into DevOps

Background: Security tools play a vital role in enabling developers to build secure software. However, it can be quite challenging to introduce and fully leverage security tools without affecting the speed or frequency of deployments in the…

Cryptography and Security · Computer Science 2021-07-20 Roshan Namal Rajapakse , Mansooreh Zahedi , Muhammad Ali Babar
Towards a Blockchain-Based CI/CD Framework to Enhance Security in Cloud Environments

Security is becoming a pivotal point in cloud platforms. Several divisions, such as business organisations, health care, government, etc., have experienced cyber-attacks on their infrastructures. This research focuses on security issues…

Cryptography and Security · Computer Science 2025-10-21 Sabbir M Saleh , Nazim Madhavji , John Steinbacher
An Empirical Study of Complexity, Heterogeneity, and Compliance of GitHub Actions Workflows

Continuous Integration (CI) has evolved from a tooling strategy to a fundamental mindset in modern CI engineering. It enables teams to develop, test, and deliver software rapidly and collaboratively. Among CI services, GitHub Actions (GHA)…

Software Engineering · Computer Science 2025-07-25 Edward Abrokwah , Taher A. Ghaleb
Docker under Siege: Securing Containers in the Modern Era

Containerization, driven by Docker, has transformed application development and deployment by enhancing efficiency and scalability. However, the rapid adoption of container technologies introduces significant security challenges that…

Cryptography and Security · Computer Science 2025-06-04 Gogulakrishnan Thiyagarajan , Prabhudarshi Nayak
Ambush from All Sides: Understanding Security Threats in Open-Source Software CI/CD Pipelines

The continuous integration and continuous deployment (CI/CD) pipelines are widely adopted on Internet hosting platforms, such as GitHub. With the popularity, the CI/CD pipeline faces various security threats. However, current CI/CD…

Cryptography and Security · Computer Science 2024-02-01 Ziyue Pan , Wenbo Shen , Xingkai Wang , Yutian Yang , Rui Chang , Yao Liu , Chengwei Liu , Yang Liu , Kui Ren
Continuous Integration, Delivery and Deployment: A Systematic Review on Approaches, Tools, Challenges and Practices

Context: Continuous practices, i.e., continuous integration, delivery, and deployment, are the software development industry practices that enable organizations to frequently and reliably release new features and products. With the…

Software Engineering · Computer Science 2017-03-22 Mojtaba Shahin , Muhammad Ali Babar , Liming Zhu
A Systematic Literature Review on Continuous Integration and Deployment (CI/CD) for Secure Cloud Computing

As cloud environments become widespread, cybersecurity has emerged as a top priority across areas such as networks, communication, data privacy, response times, and availability. Various sectors, including industries, healthcare, and…

Software Engineering · Computer Science 2025-06-11 Sabbir M. Saleh , Nazim Madhavji , John Steinbacher
Integration of Security Standards in DevOps Pipelines: An Industry Case Study

In the last decade, companies adopted DevOps as a fast path to deliver software products according to customer expectations, with well aligned teams and in continuous cycles. As a basic practice, DevOps relies on pipelines that simulate…

Software Engineering · Computer Science 2021-05-28 Fabiola Moyón Constante , Rafael Soares , Maria Pinto-Albuquerque , Daniel Méndez , Kristian Beckers
"Good" and "Bad" Failures in Industrial CI/CD -- Balancing Cost and Quality Assurance

Continuous Integration and Continuous Deployment (CI/CD) pipeline automates software development to speed up and enhance the efficiency of engineering software. These workflows consist of various jobs, such as code validation and testing,…

Software Engineering · Computer Science 2025-04-17 Simin Sun , David Friberg , Miroslaw Staron
Survey of Control-Flow Integrity Techniques for Embedded and Real-Time Embedded Systems

Computing systems, including real-time embedded systems, are becoming increasingly connected to allow for more advanced and safer operation. Such embedded systems are resource-constrained, such as lower processing capabilities, as compared…

Cryptography and Security · Computer Science 2022-08-09 Tanmaya Mishra , Thidapat Chantem , Ryan Gerdes
Advancing DevSecOps in SMEs: Challenges and Best Practices for Secure CI/CD Pipelines

This study evaluates the adoption of DevSecOps among small and medium-sized enterprises (SMEs), identifying key challenges, best practices, and future trends. Through a mixed methods approach backed by the Technology Acceptance Model (TAM)…

Cryptography and Security · Computer Science 2025-06-05 Jayaprakashreddy Cheenepalli , John D. Hastings , Khandaker Mamun Ahmed , Chad Fenner
Chronicles of CI/CD: A Deep Dive into its Usage Over Time

DevOps is a combination of methodologies and tools that improves the software development, build, deployment, and monitoring processes by shortening its lifecycle and improving software quality. Part of this process is CI/CD, which embodies…

Software Engineering · Computer Science 2024-02-28 Hugo da Gião , André Flores , Rui Pereira , Jácome Cunha
Microwalk-CI: Practical Side-Channel Analysis for JavaScript Applications

Secret-dependent timing behavior in cryptographic implementations has resulted in exploitable vulnerabilities, undermining their security. Over the years, numerous tools to automatically detect timing leakage or even to prove their absence…

Cryptography and Security · Computer Science 2023-04-25 Jan Wichelmann , Florian Sieck , Anna Pätschke , Thomas Eisenbarth
On Security Measures for Containerized Applications Imaged with Docker

Linux containers have risen in popularity in the last few years, making their way to commercial IT service offerings (such as PaaS), application deployments, and Continuous Delivery/Integration pipelines within various development teams.…

Cryptography and Security · Computer Science 2020-08-12 Samuel P. Mullinix , Erikton Konomi , Renee Davis Townsend , Reza M. Parizi
Toward Automatically Completing GitHub Workflows

Continuous integration and delivery (CI/CD) are nowadays at the core of software development. Their benefits come at the cost of setting up and maintaining the CI/CD pipeline, which requires knowledge and skills often orthogonal to those…

Software Engineering · Computer Science 2023-09-07 Antonio Mastropaolo , Fiorella Zampetti , Gabriele Bavota , Massimiliano Di Penta
Overcoming Challenges to Continuous Integration in HPC

Continuous integration (CI) has become a ubiquitous practice in modern software development, with major code hosting services offering free automation on popular platforms. CI offers major benefits, as it enables detecting bugs in code…

Distributed, Parallel, and Cluster Computing · Computer Science 2023-04-03 Todd Gamblin , Daniel S. Katz
An Empirical Study on Workflows and Security Policies in Popular GitHub Repositories

In open-source projects, anyone can contribute, so it is important to have an active continuous integration and continuous delivery (CI/CD) pipeline in addition to a protocol for reporting security concerns, especially in projects that are…

Software Engineering · Computer Science 2023-10-16 Jessy Ayala , Joshua Garcia
Security Support in Continuous Deployment Pipeline

Continuous Deployment (CD) has emerged as a new practice in the software industry to continuously and automatically deploy software changes into production. Continuous Deployment Pipeline (CDP) supports CD practice by transferring the…

Software Engineering · Computer Science 2017-03-14 Faheem Ullah , Adam Johannes Raft , Mojtaba Shahin , Mansooreh Zahedi , Muhammad Ali Babar
Securing 3rd Party App Integration in Docker-based Cloud Software Ecosystems

Open software ecosystems are beneficial for customers; they benefit from 3rd party services and applications, e.g. analysis of data using apps, developed and deployed by other companies or open-source communities. One significant advantage…

Cryptography and Security · Computer Science 2024-05-21 Christian Binkowski , Stefan Appel , Andreas Aßmuth
‹ Prev 1 2 3 10 Next ›