Static Analysis of Infrastructure as Code: a Survey
2022 IEEE 19th International Conference on Software Architecture Companion (ICSA-C)(2022)
Abstract
The increasing use of Infrastructure as Code (IaC) in DevOps leads to benefits in speed and reliability of deployment operation, but extends to infrastructure challenges typical of software systems. IaC scripts can contain defects that result in security and reliability issues in the deployed infrastructure: techniques for detecting and preventing them are needed. We analyze and survey the current state of research in this respect by conducting a literature review on static analysis techniques for IaC. We describe analysis techniques, defect categories and platforms targeted by tools in the literature.
MoreTranslated text
Key words
infrastructure as code,cloud computing,static analysis,model checking,verification,survey
AI Read Science
Must-Reading Tree
Example
Generate MRT to find the research sequence of this paper
Chat Paper
Summary is being generated by the instructions you defined