Atribuidos 2022 2023

DEI - FCTUC
Gerado a 2024-12-12 13:22:39 (Europe/Lisbon).
Voltar

Titulo Estágio

DevSecMLManyBuzzwordsOps

Áreas de especialidade

Sistemas de Informação

Engenharia de Software

Local do Estágio

DEI-FCTUC

Enquadramento

Many companies have been adopting DevOps, a set of practices that address software development (Dev) and IT operations (Ops). The tighter integration among development, deployment, and maintenance is expected to shorten cycle times and increase quality. More recently, new concerns have emerged, with the increasing incorporation of artificial intelligence (AI) in software products, namely machine learning (ML) techniques. This raises new challenges, such as the development, testing, deploying, and versioning of the models and data used to train them. Also, as cybersecurity becomes critical, the software development process must now employ “security by design” techniques from the onset.

This means that DevOps is quickly morphing into DevSecMLOps, which requires adequate governance of the process, people, and technology involved.

Objetivo

The main objective of this thesis is to study the various areas mentioned above and design a DevSecMLOps process that coherently integrates them. Such a process must be modular and support CMMI-inspired maturity levels for the various areas, enabling the companies adopting it to plan a phased inception and evolution based on business priorities.

This thesis will be integrated in an ongoing project with:
Altice Labs (https://www.alticelabs.com/en/)
Instituto Pedro Nunes (IPN) (https://www.ipn.pt), and
Department of Informatics Engineering (https://www.uc.pt/fctuc/dei/).

Plano de Trabalhos - Semestre 1

The draft plan for the first semester includes:

- Learning about the basic DevOps concept and tools (such as GitLab and BitBucket);

- Learning about the specificities of developing and maintaining software with an AI component;

- Learning about developing software with a “security by design” mindset and privacy regulations, such as General Data Protection Regulation (GDPR) and CloudAct;

- Learning about governance and compliance frameworks, such as Cobit, SOC 2 Type II, ISO 20000;

- Learning about process maturity frameworks;

- Writing the initial chapters of the thesis.

Plano de Trabalhos - Semestre 2

The draft plan for the second semester includes:

- Creating the first draft of the DevSecMLOps process and documentation, and demonstrating how to support it on readily available software tools;

- Experimenting / discussing the process in test use cases and collect feedback;

- Improving the draft the DevSecMLOps process;

- Writing a scientific paper about the work;

- Improving the initial chapters of the thesis based on jury feedback;

- Writing the remaining chapters of the thesis.

Condições

This thesis is supported by a scholarship for candidates demonstrating the skills required to achieve the stated objectives.

The scholarship is framed by FCT rules. The value will be the one for "Bolsa de Licenciado", which, according to the latest information is 835,98€ for full-time. The duration will be 6 months, renewable.

Observações

This thesis will be supervised by:
- Prof. Paulo Rupino da Cunha
- Prof. João Barata
- other colleagues from AI or software security may provide help in their specific areas of expertise.

Orientador

Paulo Rupino da Cunha
rupino@dei.uc.pt 📩