|
Work item:
|
X.sr-AIDevOps
|
|
Subject/title:
|
Security requirements for AI-based cloud service development and operations
|
|
Status:
|
Under study
|
|
Approval process:
|
TAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
2028-10 (Medium priority)
|
|
Liaison:
|
ITU-T SG13, ISO/IEC JTC 1/SC 27
|
|
Supporting members:
|
State Grid Corporation of China, China Academy of Information and Communications Technology (CAICT), China Telecom
|
|
Summary:
|
As mentioned in [ITU-T Y.3550], AI-driven DevOps management enables capabilities such as intelligent code completion, code review, automated test case generation, root cause localization, early warning analysis, and resource capacity prediction. These capabilities enhance the operational efficiency of Cloud Service Providers (CSPs). However, the deep integration of AI into the full life-cycle of cloud service DevOps introduces risks. In cross-stage collaboration, issues such as misinterpretation of requirements or improper process can lead to unsecure operations. Such threats can escalate attacks with limited impact in traditional environments into systemic security risks, especially occurring on cloud service.
In order to mitigate these security threats, this recommendation focuses on exploring the security issues in AIDevOps, covering key aspects of the cloud service DevOps workflow, including code, test, deploy and release, and operation, analyzing specific security risks, and providing practical and feasible security guidance solutions for AIDevOps.
|
|
Comment:
|
-
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2026-06-10 15:38:45
|
|
Last update:
2026-06-10 15:42:36
|
|