Research Lines:
PIACERE is a H2020 research project funded by the European Commission with the main objective of programming reliable infrastructures using Infrastructure-as-Code (IaC) in a secure framework.
PIACERE aims to increase the productivity of DevOps teams in the development and operation of IaC through the provisioning of an integrated DevSecOps framework that will allow them to program IaC as if they were programming any software application.
PIACERE will support the different DevSecOps activities through a single integrated environment to develop (IDE) infrastructural code that will unify the automation of the main DevSecOps activities and will shorten the learning curve for new DevSecOps teams. PIACERE will allow DevSecOps teams to model different infrastructure environments, by means of abstractions, through a new DevOps Modeling Language (DOML). In addition, it will also provide an extensible Infrastructure Code Generator (ICG), translating DOML into source files for several existing IaC tools.
Another key innovation of PIACERE is a comprehensive toolkit for verification and trustworthiness. Firstly, a verification tool (VT), that will apply static analysis to both the abstract model and the related infrastructure code, to perform consistency checks and other quality verifications according to identified best practices. Secondly, an IaC Code Security Inspector that will offer a form of Static Analysis Security Testing (SAST) by checking the IaC code against known cybersecurity issues. Thirdly, a Component Security Inspector that, by analysing also the IaC code, reports potential vulnerabilities and proposes potential fixes. Fourthly, a Canary environment that will allow unit testing of the behavior of the infrastructural code by simulating the conditions of the production environment and identifying some of the most common anti-patterns.
In the Ops part of the DevSecOps lifecycle, PIACERE also features several key innovations: The Optimized Platform (IOP) will present the DevSecOps teams with the most appropriate deployment configurations that best meet their defined constraints out of their catalogue of services, resources and infrastructural elements by means of optimization algorithms. The Execution Platform will automatically plan, prepare and provision the infrastructure and plan, prepare and install the corresponding software elements needed for the application to seamlessly run. At runtime, PIACERE will continuously monitor the metrics associated with the defined measurable NFRs and will be able to self-learn, implementing machine learning algorithms and realizing an incremental learning strategy.
The PIACERE approach and toolset will be assessed in three real use cases: the deployment of a scenario for the Slovenian Ministry of Public Administration, the management of critical maritime infrastructures and a case of public safety on IoT in 5G.
The PIACERE consortium assembles a balanced set of academic and industrial partners, which play key roles in the EU SecDevOps ecosystem: Ericsson, Prodevelop, Politecnico di Milano, HPE, Xlab, gov.si, 7bulls.com and Tecnalia are from four different countries, representing Northern and Southern Europe. Tecnalia has been entrusted with the leadership of the consortium.