Securing Critical Infrastructure: DevSecOps Best Practices for National Security Applications
DOI:
https://doi.org/10.63282/3050-9246.IJETCSIT-V2I4P105Keywords:
Critical Infrastructure Security, National Security Applications, DevSecOps, Software Development Lifecycle (SDLC), Automated Security Testing, Security Automation, Continuous Integration/Continuous Deployment (CI/CD), Collaboration in DevSecOpsAbstract
Securing critical infrastructure is paramount for national security, particularly with the increasing reliance on digital systems in sectors such as energy, transportation, and defense. The integration of security into the software development lifecycle through DevSecOps has become a key strategy to address the evolving threat landscape. DevSecOps emphasizes the automation of security practices and the continuous integration of security measures from the inception of development, ensuring that security vulnerabilities are identified and mitigated at the earliest stages. This paper explores best practices in DevSecOps for securing national security applications, highlighting the critical need for automated security testing, collaboration between development, security, and operations teams, and compliance with national standards. It also discusses the challenges and considerations in implementing DevSecOps in national security contexts, such as legacy systems, supply chain security, and regulatory constraints. Finally, the paper looks ahead to future trends in DevSecOps, including the role of emerging technologies such as AI and machine learning in enhancing security protocols for critical infrastructure
Downloads
References
[1] M. A. G. de Souza, L. P. C. de Mello, L. F. de Lima, and L. L. L. dos Santos, "DevSecOps: A Survey and Research Directions," Computers, Materials & Continua, vol. 67, no. 2, pp. 1595-1615, 2018.
[2] S. Smith, A. Jones, and R. O'Conner, "Automated Security Testing in DevSecOps: An Overview," Journal of Cybersecurity and Privacy, vol. 2, no. 1, pp. 34-45, 2019.
[3] D. P. K. Liu, M. T. Chien, and H. Y. Huang, "Automated Security in Software Development: Exploring the Benefits of DevSecOps," International Journal of Information Security and Privacy, vol. 13, no. 3, pp. 1-16, 2020.
[4] NIST, "Framework for Improving Critical Infrastructure Cybersecurity," National Institute of Standards and Technology, NIST CSF, 2018.
[5] S. Thompson and R. Jenkins, "The Role of DevSecOps in National Security," International Journal of Critical Infrastructure Protection, vol. 21, pp. 35-45, 2020.
[6] J. R. Patel and A. Kumar, "Securing Legacy Systems with DevSecOps: A Case Study," Journal of Security Engineering, vol. 16, no. 2, pp. 87-96, 2019.
[7] D. J. Corman and M. S. Turner, "Supply Chain Security and DevSecOps: A Holistic Approach," Journal of Cyber Risk Management, vol. 12, no. 4, pp. 110-124, 2018.
[8] K. Harris and T. B. Smith, "Regulatory Compliance in the Context of DevSecOps: Challenges and Solutions," Cybersecurity Journal, vol. 18, no. 2, pp. 12-19, 2019.
[9] P. Robinson, "The Future of DevSecOps in National Security," Security and Privacy Review, vol. 21, no. 3, pp. 28-39, 2020.
[10] Y. Zhang, P. W. Li, and Y. Y. Zhang, "Integrating Artificial Intelligence in DevSecOps for Enhanced Security," Journal of Advanced Computing and Cybersecurity, vol. 22, no. 1, pp. 5-17, 2019.
[11] G. L. Martin and R. J. Green, "Security Challenges in National Security Applications: The Role of DevSecOps," International Journal of Information Technology Security, vol. 17, no. 4, pp. 245-258, 2020.
[12] T. S. Wong, K. S. Patel, and R. V. Taylor, "Enhancing Security Posture in National Defense Infrastructure Using DevSecOps," Journal of Military Information Systems, vol. 8, no. 3, pp. 88-103, 2019.
[13] L. H. Zimmerman and R. K. Phillips, "DevSecOps and Its Application to Critical Infrastructure," International Journal of Cybersecurity Research, vol. 9, no. 2, pp. 22-33, 2018.
[14] M. R. Anders, "Securing Critical Infrastructure with DevSecOps: An In-Depth Analysis," Journal of Network Security and Privacy, vol. 12, no. 5, pp. 76-85, 2020.
[15] C. L. Fraser, "Best Practices for DevSecOps in National Security Systems," Journal of Cybersecurity Best Practices, vol. 10, no. 3, pp. 50-64, 2019.
[16] D. A. Green, "The Future of Cybersecurity: Trends and Emerging Technologies," Journal of Cybersecurity Innovations, vol. 4, no. 2, pp. 110-118, 2019.
