Description
Software must adhere to relevant laws, regulations and applicable standards. The growing software industry demands an increase for software services, software providers face the challenge of managing software compliance. Traditionally, compliance checking was a manual process; however, this has evolved

Software must adhere to relevant laws, regulations and applicable standards. The growing software industry demands an increase for software services, software providers face the challenge of managing software compliance. Traditionally, compliance checking was a manual process; however, this has evolved as a result of the implementation of new software development methodologies. In this thesis, an approach based on the DevSecOps methodology to automate software compliance in continuous integration and continuous development pipeline, by leveraging emerging technologies, such as smart contracts and large-language models is presented. Additionally, the processes and challenges involved in implementing software compliance within an organization for compliance automation and facilitate continuous audits are discussed. In this thesis, an illustrative example is presented to demonstrate the approach with a simulation of HIPAA compliance implementation. In this thesis, comparison between the proposed approach and existing centralized approaches for software compliance is present. A baseline comparison is made with existing approaches that address the same challenges and a comparison analysis is presented. The proposed approach accurately provides continuous insights on changing and complex compliance requirements by reducing errors associated with manual compliance, and addresses the challenges discussed in the thesis. This approach can significantly improve the state of automatic compliance by continuously investigating, identifying, reporting, and auditing compliance related issues in software development practices.
Reuse Permissions
  • Downloads
    PDF (2.3 MB)

    Details

    Title
    • Automated Software Compliance Using Smart Contracts and Large Language Models in Continuous Integration and Continuous Deployment with DevSecOps
    Contributors
    Date Created
    2024
    Resource Type
  • Text
  • Collections this item is in
    Note
    • Partial requirement for: M.S., Arizona State University, 2024
    • Field of study: Software Engineering

    Machine-readable links