Given the frenetic growth rate of software systems, vendors must carefully design their systems for scalability. Scalability, however, has multiple dimensions. Such systems need to be able to scale in terms of their performance: handling more requests, more data, and more customers with low and predictable latency. And they must be able to scale in terms of their functionality: providing more features and services in response to stakeholder needs. And they need to do all of this while safeguarding the security and privacy of data and providing high levels of availability, as users are unforgiving of vulnerabilities and platform outages.
For example, the consequences of software vulnerabilities cost an average of $200 million per year for industries headquartered in the US alone and is faced by any software company (which nowadays essentially means any company). The costs associated with the exploitation of software vulnerabilities are steadily increasing, regardless of the prominence and claimed level of preparedness for involved companies.
Although many software research fields are investigating the topic thoroughly and from different angles, we still see a shortage of software tools, overarching trade-off analysis techniques, and approaches to evaluate the level of cybersecurity over software, its infrastructure, its DevOps application lifecycle management pipelines, and the organisational structure around. In the scope of ABCD we argue that software architecture does provide such an overarching trade-off analysis basis, a baseline for end-to-end overall assessment, as well as a starting point to reason on organisational structures. This notwithstanding, we recognize that much work still lies ahead before such grand challenge is properly addressed, and several grand research questions remain unanswered, for example:
The goal and expected outcome of this first edition of the workshop will be to build a tightly knit working group around the topics covered in this workshop such that these notions and challenges may be addressed over time, and regularly discussed over the years as joint research agendas progress. This edition of the workshop aims specifically at building such a group around a proposed “Architecture-Based Continuity in DevOps” manifesto which will likely contain: