Master Thesis MSTR-2018-66

BibliographyPaule, Christina: Securing DevOps : detection of vulnerabilities in CD pipelines.
University of Stuttgart, Faculty of Computer Science, Electrical Engineering, and Information Technology, Master Thesis No. 66 (2018).
169 pages, english.
Abstract

Nowadays more and more companies implement the DevOps approach. DevOps was developed to enable more efficient collaboration between development (dev) and operation (ops) teams. An important reason why companies use the DevOps approach is that they aspire to continuously deliver applications using agile methods. The continuous delivery (CD) process can be achieved with the aid of the DevOps approach, of which the CD pipeline is an elementary component. Because of the fact that a new General Data Protection Regulation (GDPR) will enter into force in the European Union in May 2018 many companies are looking at how they can increase the security level of their applications. The regulation requires that companies which process personal data have to secure their applications. An attacker can gain access to personal data if there are vulnerabilities in applications. This problem can be applied to CD pipelines. If CD pipelines have vulnerabilities then an exploitation of vulnerabilities can lead to a damage of the CD pipeline and the delivery process. One example is that the network can be scanned by running injected malicious unit tests. This can have a negative effect on the image of the company which operates and uses CD pipelines. Therefore, the question arises which vulnerabilities are present in CD pipelines and how they can be detected. The theoretical findings of this research are extended by a practical case study. The aim of the case study is to find out how secure the industry CD pipelines are. This aim is achieved by identifying the vulnerabilities in these CD pipelines. The knowledge of developers is used to narrow down this topic. This knowledge is obtained by a survey on which 19 employees of a specific company have participated. The results show, that these developers perform tasks with the CD pipeline, but they rarely deal with security aspects. From the view of developers, the CIA security attributes (confidentiality, integrity, and availability) are the most important ones to consider. To detect vulnerabilities in CD pipelines, the STRIDE threat method was executed on a generalized CD pipeline. The results show that unencrypted connections between CD pipeline components and unrestricted access are possible vulnerabilities for this CD pipeline. Tools are required for continuous automatic detection of the theoretical explored vulnerabilities. The results of this thesis show that there exists at least one tool for the detection or mitigation of vulnerabilities in each CD pipeline stage and component. In the aforementioned case study, the investigation of two CD pipelines which are used in a selected company is performed. The results of this investigation show that both CD pipelines include vulnerabilities which have potentially high risks. The company will try to mitigate all detected vulnerabilities. The mitigation of all vulnerabilities is partly difficult because the two project teams are dependent on the available budget, time, and the provided infrastructure of the customer. This thesis can be used to show companies and organizations with similar CD pipelines how they can reduce the overall risk severity of their CD pipelines. In this thesis, someone can find out which possible vulnerabilities exist in CD pipelines and how they can be detected and mitigated through tools.

Full text and
other links
Volltext
Department(s)University of Stuttgart, Institute of Software Technology, Software Reliability and Security
Superviser(s)van Hoorn, Dr. André; Düllmann, Thomas; Falk, Andreas; Reinhardt, Andreas
Entry dateJune 5, 2019
   Publ. Computer Science