Journal des technologies de l'information et du génie logiciel
Libre accès

Abstrait

Software Self-Healing Mechanism to Mitigate Security Vulnerabilities Using CI/CD Pipeline

Shumaila Hussain1*, Junaid Baber2, Muhammad Nadeem3, Shariqa Fakhar2

The software security vulnerabilities are reported frequently by CWE. These vulnerabilities result in huge financial loss to technological industry due to patches development and redistribution to handle the arising vulnerabilities. In this study we have proposed a platform or language independent software self-healing mechanism using CI/CD pipeline and CWE guidelines to automatically mitigate the software security vulnerabilities. We have selected improper input validation security vulnerability to implement the proposed mechanism. The improper input validation is listed at 4th position among the top 25 most impactful vulnerabilities by CWE. The prototype developed using the proposed software self-healing mechanism is capable of identifying the vulnerabilities and automatically healing them. The proposed software self-healing mechanism is cost effective and efficient way to mitigate the software security vulnerabilities