Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Bücher
Zeitschriften
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
MTZ-Fachkongress

Antriebe und Energiesysteme von morgen


Austausch von Automobil- und Energiewirtschaft

Am 14./15. Mai geht es in Chemnitz um die Mobilitätswende durch Elektro- und Wasserstofffahrzeuge.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Buchtitelbild

Open Access 2024 | OriginalPaper | Buchkapitel

DevOps Challenges and Risk Mitigation Strategies by DevOps Professionals Teams

verfasst von : Nasreen Azad

Erschienen in: Software Business

Verlag: Springer Nature Switzerland

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
insite
INHALT
download
DOWNLOAD
print
DRUCKEN
insite
SUCHEN
loading …

Abstract

DevOps is a team culture and organizational practice that eliminates inefficiencies and bottlenecks in the DevOps infrastructure. While many companies are adopting DevOps practices, it can still be risky. We conducted 26 interviews with DevOps professionals around the globe and found four major risks associated with DevOps practices: Organizational risks (Intra-organizational collaboration and communication, strategic planning), Social and cultural risks (Team Dynamics, Cultural shift), Technical risks (Integration, Build and test automation), Ethics and security breaches in DevOps environment (Ethical risks, Data collection ethics, Ethical decision making). Our research also identified several risk mitigation strategies namely continuous testing, using infrastructure as code, security audit and monitoring, disaster recovery planning, cross-functional training, proper documentation, continuous learning, continuous improvement etc. that companies can adopt for better performance and efficiency.

1 Introduction

In traditional software development, separate teams handle operations, security, and quality assurance. However, conflicts between development and operations teams can arise while delivering software [5]. Upon observing the software development process, it becomes clear that operations require a high level of security and stability, while simultaneously expecting developers to minimize changes to upcoming products. Nevertheless, developers must frequently work on new features, upgrade existing ones, and make changes to meet customers’ evolving needs with confidence [5]. As development teams strive to release new versions faster, operations teams may be reluctant to accept many changes in old versions, leading to conflicting situations [2]. These sort of conflicts can reduce the software development process and makes the release slower [5].
DevOps is an emerging concept and is a blend word of operations and development that is used to eliminate the gaps between Dev and Ops teams so that collaboration and communication can flow clearly with the sharing approaches for the software development life cycle [2]. According to Debois, DevOps concepts work for medium to large-size organizations and help companies to bridge the gaps between teams [8]. DevOps is a mixture that improves collaboration and communications to solve critical problems for the software development phase [1]. While working on software development, the teams could meet many challenges and risks and DevOps provides support to eliminate the conflicting issues between teams [1]
Implementing continuous deployment of software has opened up new opportunities for companies, but it has also presented numerous challenges and risks [17]. When a company decides to adopt DevOps, they may encounter various challenges in different stages of the software cycle, such as organizational, cultural, social, technical, and managerial challenges [2]. Since the adoption of DevOps can be a difficult process for companies, they can support the process by incorporating technological changes, implementing new processes, hiring trained personnel and consultants, and being open to innovation. The adoption of DevOps in a company is a distinct process that produces many risks and mitigation strategy impact multiple aspects of DevOps practices [2].
However, there are limitations of the DevOps literature as there are a small number of research studies dedicated to DevOps risks and mitigation strategies for the software development cycle. Moreover, there are no clear risk mitigation strategies described in the literature. Therefore, we are interested in focusing on understanding the various risk factors along with the mitigation strategies proposed by the industry professionals in using DevOps in IT organizations. The author believes that identified risks and risk mitigation strategies will be a great contribution to companies, and DevOps practitioners to understand how to perform effective risk management in a DevOps environment.
The remaining of this study is organized as follows. Section 2 presents DevOps concepts, DevOps implementation and benefits, DevOps risks and risk mitigation process, and their related literature. It is followed by the description of the empirical data collection and the research process in Sect. 3. Section 4 presents the results, Sect. 5 discusses their impacts, and Sect. 6 concludes the study.

2.1 DevOps Concept

Professionals describe DevOps as a software engineering culture, work practice or even a philosophy. If we observe the scientific community, different views, perceptions and stances have been developed and suggested regarding DevOps. DevOps describes how cross-functional teams work together to build, test and release faster software more reliably [18]. Automation plays a vital role in DevOps operations as its goal is to improve collaboration between two teams in terms of software development.

2.2 DevOps Implementation and Benefit

Organizations are increasingly adopting DevOps practices to enhance their software delivery process [23]. By effectively implementing and adopting DevOps principles, the gap between development and operations teams can be minimized. The development process triggers software deployment, which is crucial for software organizations to move software into production [8]. The key aspect of DevOps in an organization is to ensure continuous delivery and deployment, resulting in faster software delivery cycles [10]. As a result, DevOps has become an essential part of modern software development, providing organizations with a competitive edge and enabling them to stay ahead in the market.
Krey et al. [15] have identified six major challenges faced by small and medium-sized enterprises in DevOps implementation: costs, risks, scope, quality, business value, and time. However, a lack of communication among teams can be a major contributor to unsuccessful DevOps adoption. Operations teams have specific responsibilities, and they often don’t pass or monitor different performance metrics that could help developers execute tasks [21].
Companies are increasingly adopting DevOps practices in response to customer and user expectations for software applications that meet their needs [13]. To meet this demand, organizations are striving to release frequently and deploy faster, but this requires an efficient process environment and proper utilization of resources. DevOps helps address miscommunications and gaps in the process with four guiding principles: automation, culture, collaboration, and measurement [13]. Gupta et al. [13] also identified four variables that impact the implementation process: source control, automation, cohesive teams, and continuous delivery. By addressing these factors, organizations can successfully implement and adopt DevOps practices.

2.3 DevOps Risks and Risk Mitigation

Effective collaboration between development teams and operations teams is crucial for successful software development and deployment. To facilitate this, it is important to have a common set of tools used by both teams, as using different toolsets can create problems and inefficiencies in the collaboration process [6]. Communication between the Dev and Ops teams is also of utmost importance, as lack of communication can lead to delays in the operating process of both teams [21]. DevOps leverages a variety of tools to streamline the software development process. However, the COVID-19 pandemic has forced most of the work to go remote, which has had a significant impact on the working process [20]. It is important to note that electronic tools alone cannot solve all problems and some issues are best addressed in person. Furthermore, integrating different tools can be challenging and require additional maintenance and execution efforts [5].
Companies can employ various strategies to effectively address risks and challenges. One such strategy is to move away from the traditional Dev and Ops mindset and embrace continuous delivery practices. Adopting microservices-based infrastructure and architecture, implementing test automation techniques, prioritizing tools, delegating release ownership to teams, and fostering a culture of continuous learning are also effective strategies. Jones et al. [14] recommend the introduction of job crafting as a means to help DevOps professionals achieve their personal goals. Job crafting is an individualized design process that allows employees to proactively modify job characteristics to align personal growth with work objectives. Through job crafting, employees gain greater control over their tasks, determine how their work is perceived, and shape the social context and relationships within the workplace [4]. According to Jones et al. [14], task, relational, and cognitive job crafting can significantly enhance work performance while adopting DevOps in companies. Liete et al. [16] suggest three approaches for implementing DevOps adoption in companies: department collaboration, DevOps teams, and cross-functional teams.

2.4 Research Questions

The aim of this paper is to identify the challenges and risks that IT companies face when adopting DevOps, and how they mitigate these risks by implementing various strategies. We have conducted in-depth interviews (N=26) with DevOps professionals from different companies around the world to investigate these issues. As a result, we will try to answer the following research questions in this paper:
  • RQ1: What are the risks associated with DevOps practices in organizations?
  • RQ2: What strategies are used by professionals for risk mitigation?

3 Research Approach

3.1 Data Collection

Throughout our research, we had the privilege of interviewing multiple accomplished DevOps professionals in order to gather valuable data. Our research methodology involved conducting thorough interviews to pinpoint prevalent obstacles and potential hazards that professionals face, examine professional practices, address security concerns, and deeply explore the ethical considerations within DevOps teams. To ensure our interviews were comprehensive, we created a set of 18 questions organized into three themes: challenges and risks overview with mitigation, security risk and mitigation, and team ethics and mitigation strategies from technical, social, and cultural viewpoints.
During the course of the study, respondents represented companies ranging from 80 to 15,000 employees. The respondents held various positions within their respective organizations, including Head of Technology, Tech Lead, Scrum Master, Site Reliability Engineer, DevOps Engineer, Software Specialist, Business Analyst, Cloud Engineer, Technical Project Manager, and Software Engineer. With working experience in the software development industry ranging from one to twenty years, respondents were contacted via email for participation in the interview. The interviews were scheduled for a duration of thirty minutes, during which in-depth questions were asked, focusing on specific areas of DevOps practices. The researcher worked diligently to ensure that the data collected was accurate and relevant to the study’s objectives.
During the interview process, we ensured that each interviewee provided their consent to being recorded. For those who declined to be recorded, we respectfully opted to take notes instead. In total, we conducted 26 interviews with distinguished DevOps professionals occupying diverse roles across numerous companies. These interviews were conducted during the first quarter of 2023, specifically from March to April. Subsequently, we performed a comprehensive analysis of the findings based on the interviews. The 26 interviewed individuals represented 26 distinct companies, which we labeled with different alphabets in the presentation of our results.
Table 1.
Coding used for interview data
List of codes
Description of codes
Quotes from Professionals
Lack of tacit knowledge
The knowledge base for the system is not strong (tacit knowledge), a knowledgeable person left might impact the company negatively. Losing one key person may ruin the whole process
“In our team different skillset people are working. When someone goes they also take the expertise and knowledge with them, which creates difficulties in teamwork.”
Miscommunication between clients and developers
communication between the clients and developer makes the project run smoothly or otherwise creates miscommunication and unclear perception
“Miscommunication is a drawback for DevOps practices when there is a communication gap that leads to a project failure and makes the project risky to execute.”
Security in the DevOps environment
DevOps security is a set of practices, tools, and cultural approaches that bring together software development, software operations, and security all together to make the process faster and more secure
“To make a project successful it is important to maintain the security from the very beginning of the development process”
Human error on DevOps risks
Human errors are one of the most unpredictable situations for any DevOps team which might create several risks for DevOps environment.
“Human error is difficult to eliminate but if teams maintain some steps then there will be less human error ”
Handling ethical issues while working in teams
DevOps team members need to have the appropriate knowledge and training to understand and address ethical issues that may arise in operations
“It is essential to have proper training and knowledge while working in DevOps teams. The companies have training for team members so that they know how to handle difficult situations”

3.2 Data Analysis

For analyzing the data, we have used the Gioia method presented by Gioia et al. [12]. An iterative process has been followed which ensures the repetition of steps for the data analysis. We have followed open coding for extracting data from the interviews. As a guideline, we have followed Strauss and Cobin [22]for assigning codes for the analysis. We started the coding process with the interview transcripts, then we marked specific areas and assigned the codes suggested by [19]. For the first-round coding, we used the research questions as guidelines. From the empirical data, we checked what are the similar codes in the various segments of the data. Then we checked the dissimilarities present in the codes and identified those codes.
In our research, We utilized constant comparison and followed the grounded theory approach [22]. We have prepared a table that showcases the coding activities created from the interview data, providing an explicit understanding of the coding process. The table includes a detailed list of codes, their corresponding descriptions, and quotes from professionals. An exemplary table called Table 1 illustrates the coding activities. This table can be used as a reference to gain insights about the coding methodology.
After the first coding ended, we moved to the second phase of coding. In the second phase, we have started categorizing the first phase codes. According to Charmaz, to create second-order codes for concepts it is necessary to categorize the first-phase codes [7]. Then we merged the first-phase codes with second-phase codes [11]. To make the data analysis process accurate we have also used memoing techniques. Memoing helped us to understand more insights and perspectives of professionals’ views regarding critical success factors and organizational practice. A total of 910 pages were generated from the interview data transcription. According to our understanding, we have used an iterative process for data analysis [22].
In the third phase of the data analysis, we have aggregated the themes into four main aggregate categories including Organizational risk, Cultural and Social risk, and Technical risk and Ethics and security breach risk. In Fig. 1, we have shown the data analysis process with themes.

4 Results

In this section, we will highlight different risk factors associated with technical, organizational, social, and cultural risks while practicing DevOps in teams and organizations. We will also discuss how the professionals handle several DevOps implementation and adoption risks while working in teams and how the risks are mitigated.

4.1 Organizational Risks

Intra-organizational Collaboration and Communication. Recognizing a lack of understanding about the project among team members is essential. Miscommunication caused by unclear project knowledge among those outside of IT teams or the project can significantly jeopardize its success. Additionally, our research indicates that poor communication between clients and developers poses another risk to project success. Inadequate communication creates challenges, misunderstandings, and unclear perceptions, making it imperative to prioritize clear and effective communication throughout the project’s development.
A professional quoted:
“In our teams, there are sometimes miscommunications, and due to that DevOps practices get hampered (Development and Operations) and lack of collaboration between clients and developer teams make the process risky, improper communication creates difficulties for better outcomes”.
Strategic Planning. Based on the extensive research by Azad and Hyrynsalmi Azad and Hyrynsalmi [2], the product management team is responsible for maintaining the business requirements, while the technology team handles the technical requirements, emphasizing the need for meticulous planning related to resources, initiatives, and budget for the overall software process. It is crucial for the IT and business plan to share similar goals and objectives. Adopting continuous development and continuous delivery would ensure top-notch quality of the product. Therefore, strategic planning should prioritize company pressure, change management, meeting deadlines, and reducing the time to market Azad and Hyrynsalmi [2].
Our findings suggest that improper allocation of budget for the toolset is a risk for DevOps practices. The budget allocation for toolsets is important because wrong choices create risks for the project. According to professionals risky change and development are challenging for the teams. People in the team are reluctant to new changes as those are uncomfortable and people fear changes.
A professional quoted that:
“Risk mitigation through automated testing and quality assurance is essential for the development process. If automated tests are in place, a developer can immediately get feedback about their newly written programs/features. Then the process becomes less risky”.
Quality assurance acts as a bridge between development and operations teams and supports developers by testing new iterations in real-time with continuous quality checks to keep the testing cycle running smoothly.
Another professional quoted that:
“Balancing security and risk management for the DevOps process is crucial. For good balancing the team needs to make sure that they do not release anything if not properly tested”.

4.2 Social and Cultural Risks

Social and cultural risk factors are one of the leading factors for DevOps risks in the organization [2]. Below we discuss the team dynamics and social and cultural shifts risks.
Team Dynamics. In teams when there is a lack of tacit knowledge then the knowledge base is not strong. If a knowledgeable person leaves, it might impact the company negatively specifically the team dynamics might be hampered. Losing one key person may ruin the whole process and create a setback in the working environment.
A professional quoted that:
“When a team has skilled and knowledgable people with a diversified culture that helps the team to progress better. A sudden change like someone leaving the team might slow down the process as DevOps teams are connected with each other and that’s the way the team progress”.
Cultural Shift. When the team is reluctant to accept organizational culture that impacts DevOps practices hugely. According to the professionals, security must be considered a part of DevOps from the beginning. The team should make a list of DevOps best practices document and follow strictly and avoid; discussing sensitive information in public places can support a good culture. This makes the process less risky and impacts positively as an organizational culture.
A professional quoted that:
“Lack of collaboration and organizational culture does not help for better building products for clients. The company culture should be collaborative, flexible, and supportive. To make it secured from the beginning DevSecOps should be a part of the process”.

4.3 Technical Risks

There are several technical risks associated with DevOps practices. Some of those include improper code review by team members, security in a DevOps environment, and human error as a DevOps risk.
Integration. Continuous integration is essential for doing several automated actions that help the system work together for the pipeline. Some of the pipeline stages include package generation, automated test execution, code verification, and deployment for the production and development environments. The developers are the responsible actors for defining pipeline structures. On the other hand, operators are responsible for defining collaboration for deployment phases. Developers are also responsible for the continuous integration. When there is an improper code review by team members that impacts the review process hugely. When developers take shortcuts and input unmaintainable codes to fix issues by ignoring the consequences they need to handle a lot more bugs and issues later on.
Build and Test Automation with Security. DevOps security is a set of practices, tools, and cultural approaches that bring together software development, software operations, and security all together to make the process faster and more secure. Security in the DevOps environment is one of the vital things to consider for software development. According to the professionals having a proper DevOps architecture and plan, writing test code while developing software, and automated tests should be from the beginning and CI/CD stages - Development, Staging and production.
A professional quoted that:
“Uh, of the project experiences within the company they at first understand the requirements and set up the tools which are actually secured. So the important thing is that selection of the tools that make a secured environment for the development process”.
According to our findings, the professionals stated that security vulnerabilities in DevOps pipelines are risky for the companies. Security vulnerabilities include missing data inscription, missing authentication for critical functions, and buffer overflows with insecure interactions between software companies. Whatever the developer has done and if the test is an improper code review, it is the number one risk for the process.
A professional quoted that:
“For maintaining security vulnerabilities, developers need to check if the web service is running and the Azure function can send requests and get the response back each hour. There should be access restrictions so only certain IPs are allowed if that is required”.
Human errors are one of the most unpredictable situations for any DevOps team which might create several risks for the DevOps environment. There are many steps as a part of DevOps work. People may forget to test certain codes or follow best practices. Maybe one port remains open by mistake, Data Storage is open to public access, Databases does not have IP restrictions, forgets to stop an expensive during holiday/weekend, no cost tracking of the cloud services. These errors could impact the development process hugely.

4.4 Ethics and Security Breach in DevOps Environment

Ethical Risks. Handling ethical issues while working in teams is considered as one of the most important aspects of working in a DevOps environment. DevOps team members need to have the appropriate knowledge and training to understand and address ethical issues that may arise in operations. According to the professionals, DevOps practices align with organizational values and ethics helping the teams to work efficiently.
A professional quoted that:
“DevOps practices align with our organization’s values and ethical principles and require timely release features, Deployment frequencies, Time to recover in case of any issues, data protection, and scalability. ”.
Data Collection Ethics. Data collection ethics is essential for any software development process. Privacy and security of users’ data in the DevOps process is important. To maintain privacy and security it should be aligned with the company’s values, culture, and security checks.
A professional quoted that:
“For ethical considerations, a company should take into account where, and how to collect, store, and analyze data in our DevOps operations”.
Ehical Decision Making. To maintain the issues with security breaches in the DevOps environment, even before starting a project there should be a secure architecture and make sure the system has been implemented according to the architecture. That makes the system secure. The professionals stated that addressing ethical dilemmas in DevOps operations is something to consider from the beginning of the software development process. This is a matter of team discussion including team members, managers, clients, or maybe other teams as well. Everyone should work as a team and be aligned with the company’s business and ethical values.
A professional quoted that:
“Involve users and other stakeholders in ethical decision-making processes related to our DevOps operations is essential. A good communication can solve most of the issues. ”

4.5 Risk Mitigation Strategies by Professionals

To mitigate risks and improve performance, there are various approaches that professionals can adopt. Respondents have highlighted different strategies that can assist in managing organizational risks. According to the research findings some of the risk mitigation strategies could be continuous testing, using infrastructure as a code, security audit and monitoring, disaster recovery planning, cross-functional training, proper documentation, continuous learning, continuous improvement, making process visible to the team members, prioritize personnel so they feel valued, enforce security policy, introduce DecsecOps, involvements of experts from outside, and improved management strategies. In the example Table 2, we have given a short list of risks and risk mitigation strategies proposed by the professionals.
It is imperative to establish a comprehensive framework that can effectively address the issues of security and ethics. To achieve this, it is crucial to facilitate effective communication and establish a robust system of governance. An effective security system or a set of cybersecurity approaches should be implemented to ensure that the security processes are straightforward, transparent, and comprehensible. The security process should encompass a wide range of issues, including code review, access restrictions, and management configuration, among others.
In order to produce a well-secured application, it’s crucial for DevOps teams and security teams to work closely together. This collaboration helps to ensure that robust policies and effective tools are implemented to protect the application from potential security threats. By working together, DevOps and security teams can identify potential vulnerabilities in the application and take proactive steps to address them. Additionally, this collaboration can help to streamline the development process by incorporating security measures early on, reducing the likelihood of costly delays or security breaches down the line.
According to the respondents, the challenges for DevOps adoption is insufficient knowledge in industries and the engineers also have a knowledge gap. Though they might have some strong understanding or knowledge or background in some specific part of the software development but DevOps practices still needs to be understood by many of them. DevOps needs proper communication with software developer. The engineers witness that sometimes a developer only working on his coding but when deployment comes, he doesn’t have really much idea what’s happening in the back end or in the cloud system and also the automation is unclear to him.

5 Discussion

5.1 Key Findings

This study addresses two aspects of DevOps. Firstly, the risk factors identified by industry professionals and, secondly, risk mitigation strategies for DevOps risks. Our findings also discuss security issues and organizational ethics along with risk factors in DevOps operations. From the interviews with professionals, we have learned several DevOps practical risks faced by organizations. However, these risk factors are not universal. These are the professional’s own views regarding the risks and the ways to mitigate them when necessary.
According to our findings, there are four major risk factors including organizational risk factors, social and cultural risk factors, technical risk factors, and ethics and security breach factors.
Table 2.
DevOps risks and risk mitigation strategies
DevOps risk
Risk mitigation strategies
Lack of idea about the project
Make the process visible and transparent so that people can relate with the work
Tacit knowledge is not strong
Giving priorities to the resources so that key personas feel valued, if they are working for other systems the company should find someone so that the extra load is relieved, and they can concentrate fully on their project
Sudden change in team culture
By using change management, it is possible to eliminate the work impact, Teams need to have acceptable, and some resources might not work efficiently. Teams need to cope with the existing situation
The Budget allocation for toolsets is important because wrong choices create risks for the project
Experts should be involved who are good at tool agnostics and experienced in shortlisting what could work for the environment
Lack of Communication with Developers and the clients
Better management strategies required so that everyone has a clear idea about the process
Improper code review by team members
This code review should be effective and it should be associated with the proper test
Misunderstanding between Development and Operations teams poses a significant obstacle to the success of the DevOps process. According to research, there is a lack of coordination among team members when working together [1, 2, 15, 21]. This lack of communication can hinder the adoption of DevOps, making the process unsuccessful [1, 15]. One of the most significant risks faced by DevOps teams is the need to balance performance and the speed of releases [3]. Professionals have reported that fast release cycles can enhance performance while reducing the time required for development [3].
Based on the feedback received from participants, it is clear that implementing DevOps in a company can be a difficult and risky task, which may result in an unsuccessful implementation. Employees often struggle to accept and adapt to changes, leading to confusion and delays. The process of change is perceived as complex and time-consuming, which adds to the challenge of implementing DevOps [2, 15].
Lack of focus or differences in development is another challenge for DevOps practices. Often devlopers faced that there is a lack of focus in the development process. They are not sure of what they are doing, there could be miscommunication with team members. There could be misconceptions between development teams and operations team members. Due to these reasons, differences occur in the development process [1, 3, 15, 21].
Creating proper test and production environments is a significant challenge. Both testing and production environments are crucial for the production process, and it is essential to have a well-designed testing process for the code. The production environment should support the testing process seamlessly. Poor integration can hamper the testing process, which is why it is essential to set up proper test setups to ensure that the rest of the process functions effectively [9].
Choosing the right tools for DevOps operations is another obstacle companies face. They select the tools based on their project needs and requirements. However, finding or selecting the appropriate tools is often difficult for companies.

5.2 Research Limitations

We witnessed certain limitations in conducting the research. First of all, the research did not consider the psychological aspects of the DevOps working environment and could not cover the emotional aspects of employees working in teams.
Second, In the study, practices of IT organizations were observed but the focus was developed countries IT practices. Therefore, if we could consider developing countries’ DevOps operations then we could compare the scenario of developed and developing countries’ IT practices to understand better views on DevOps challenges and risk mitigation strategies.
Third, due to lack of time we could not conduct longitudinal studies. A prospective study would be a great way to focus on DevOps practices which might help the researchers to understand management practices with experts’ perspectives over time.
Fourth, our topic is narrowed to DevOps operations and organizational practices. Due to this reason, the domain became more specific. Identifying DevOps professionals for interviews was specifically a real challenge. We had to use various techniques to find professionals for interviews. Finding professionals was difficult and considered one of this research’s major limitation, as there is a possibility of response bias and selection bias.
Fifth, the respondents could not share some information that they consider confidential for their companies. Due to those issues, we could not ask them questions as planned.

5.3 Future Research

We have identified several areas in the DevOps domain that require further study.
  • Performing a comparative study In the future, we will perform a comparative study that covers different IT organizations using DevOps practices. As we know different organizations have different DevOps practices and the challenge and risk mitigation factors might not be the same for all organizations. The implementation and adoption of DevOps might vary for various organizations.
  • Conducting longitudinal research DevOps collaboration culture is one of the core concepts for DevOps practices. We could try to focus on a longitudinal research study by observing for an extended period of time. Thus, we can get better insights and overviews of DevOps collaboration culture in organizations.
  • Research model for identifying risks and mitigation strategies for success factors We propose the development of a novel model that addresses DevOps challenges and incorporates critical success factors. Such a model would serve as a valuable framework for identifying and mitigating various risks within the organization. By leveraging this model, we can establish a comprehensive understanding of the factors that contribute to success in this domain and develop effective strategies for addressing any challenges that arise.
  • Combining DevOps and MLOPs for better performance The incorporation of artificial intelligence (AI) within DevOps presents a promising opportunity to elevate performance to new heights. By leveraging AI in the software development life cycle, DevOps can streamline operations, resulting in more expedient development and improved operational cycle performance. This translates to a more positive user experience, as new AI features are implemented within DevOps. Moreover, the utilization of machine learning algorithms enables the collection of data from a multitude of sources, further enhancing the potential of AI and DevOps. This research area holds much promise, as it opens up new avenues for developing a diverse range of AI models within DevOps.
  • Developing scales for conducting survey Developing scales for measuring success and risk factors could be a great approach for doing future research. We observed that there were few studies that focused on scale development. These scales could be a great tool for quantitative surveys to collect data from professionals.

6 Conclusions

The seamless collaboration between development and operations teams, fostered by the DevOps cultural movement, is critical in streamlining the software development life cycle. Our extensive research, which included 26 semi-structured interviews with DevOps professionals, has identified numerous risk factors with mitigation strategies encountered during the implementation and adoption phase of DevOps. Our research has identified four main risk factors and several risk mitigation strategies by companies that practice DevOps. It is of utmost importance that this study guides future research agendas and delves further into the DevOps domain.
Open Access This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://​creativecommons.​org/​licenses/​by/​4.​0/​), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.
The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.
Vorheriges Kapitel Experimentation in Early-Stage Video Game Startups: Practices and Challenges
Nächstes Kapitel Positive Customer Experience is Enhanced by Effective Agile Practices
insite
INHALT
download
DOWNLOAD
print
DRUCKEN
Literatur
1.
Azad, N.: Understanding devops critical success factors and organizational practices. In: 2022 IEEE/ACM International Workshop on Software-Intensive Business (IWSiB), pp. 83–90. IEEE (2022)
2.
Azad, N., Hyrynsalmi, S.: What are critical success factors of devops projects? a systematic literature review. In: Wang, X., Martini, A., Nguyen-Duc, A., Stray, V. (eds.) Software Business. 12th International Conference, ICSOB 2021, Drammen, Norway, December 2–3, 2021, Proceedings, pp. 221–237. Springer (2021)
3.
Bass, L., Weber, I., Zhu, L.: DevOps: A software architect’s perspective. Addison-Wesley Professional (2015)
4.
Berg, J.M., Dutton, J.E., Wrzesniewski, A.: Job crafting and meaningful work (2013)
5.
Bezemer, C.P., et al.: How is performance addressed in devops? In: Proceedings of the 2019 ACM/SPEC International Conference on Performance Engineering, pp. 45–50 (2019)
6.
Bou Ghantous, G., Gill, A.: Devops: Concepts, practices, tools, benefits and challenges. PACIS2017 (2017)
7.
Charmaz, K.: ‘discovering’chronic illness: using grounded theory. Social Sci. Med. 30(11), 1161–1172 (1990)CrossRef
8.
Debois, P., et al.: Devops: a software revolution in the making. J. Inform. Technol. Manage. 24(8), 3–39 (2011)
9.
Ebert, C., Gallardo, G., Hernantes, J., Serrano, N.: Devops. IEEE Softw. 33(3), 94–100 (2016)CrossRef
10.
Fitzgerald, B., Stol, K.J.: Continuous software engineering: a roadmap and agenda. J. Syst. Softw. 123, 176–189 (2017)CrossRef
11.
Gartner, I.: Gartner it glossary devops. Gartner IT Glossary (2017)
12.
Gioia, D.A., Patvardhan, S.D., Hamilton, A.L., Corley, K.G.: Organizational identity formation and change. Acad. Manag. Ann. 7(1), 123–193 (2013)CrossRef
13.
Gupta, V., Kapur, P.K., Kumar, D.: Modeling and measuring attributes influencing devops implementation in an enterprise using structural equation modeling. Inf. Softw. Technol. 92, 75–91 (2017)CrossRef
14.
Jones, S., Noppen, J., Lettice, F.: Management challenges for devops adoption within UK smes. In: Proceedings of the 2nd International Workshop on quality-aware devops, pp. 7–11 (2016)
15.
Krey, M., Kabbout, A., Osmani, L., Saliji, A.: Devops adoption: challenges & barriers. In: 55th Hawaii International Conference on System Sciences (HICSS), virtual, 3–7 January 2022, pp. 7297–7309. University of Hawai’i at Manoa (2022)
16.
Leite, L., Rocha, C., Kon, F., Milojicic, D., Meirelles, P.: A survey of devops concepts and challenges. ACM Comput. Surv. (CSUR) 52(6), 1–35 (2019)CrossRef
17.
Lwakatare, L.E., Kuvaja, P., Oivo, M.: Dimensions of DevOps. In: Lassenius, C., Dingsøyr, T., Paasivaara, M. (eds.) Agile Processes in Software Engineering and Extreme Programming: 16th International Conference, XP 2015, Helsinki, Finland, May 25-29, 2015, Proceedings, pp. 212–217. Springer International Publishing, Cham (2015). https://​doi.​org/​10.​1007/​978-3-319-18612-2_​19CrossRef
18.
Macarthy, R.W., Bass, J.M.: An empirical taxonomy of devops in practice. In: 2020 46th Euromicro Conference on Software Engineering and Advanced Applications (SEAA), pp. 221–228. IEEE (2020)
19.
Miles, M.B., Huberman, A.M.: Qualitative data analysis: An expanded sourcebook. sage (1994)
20.
21.
Riungu-Kalliosaari, L., Mäkinen, S., Lwakatare, L.E., Tiihonen, J., Männistö, T.: DevOps adoption benefits and challenges in practice: a case study. In: Abrahamsson, P., Jedlitschka, A., Nguyen Duc, A., Felderer, M., Amasaki, S., Mikkonen, T. (eds.) Product-Focused Software Process Improvement, pp. 590–597. Springer International Publishing, Cham (2016). https://​doi.​org/​10.​1007/​978-3-319-49094-6_​44CrossRef
22.
Strauss, A., Corbin, J.: Basics of qualitative research techniques (1998)
23.
Velasquez, N.F., Kim, G., Kersten, N., Humble, J.: State of devops report (2014)
Metadaten
Titel
DevOps Challenges and Risk Mitigation Strategies by DevOps Professionals Teams
verfasst von
Nasreen Azad
Copyright-Jahr
2024
Buch
Software Business

Print ISBN: 978-3-031-53226-9

Electronic ISBN: 978-3-031-53227-6

Copyright-Jahr: 2024

DOI
https://doi.org/10.1007/978-3-031-53227-6_26

Premium Partner

    Bildnachweise