DESIGNING A SECURE ARCHITECTURE FOR AUTOMATED TESTING PLATFORMS: AN EMPIRICAL EVALUATION OF SECURITY FRAMEWORK COMPONENTS
Keywords:
Automated Testing, Secure Architecture, Container Security, Secrets Management, Access Control, DevSecOps, Software Supply Chain, PLS-SEMAbstract
Automated testing platforms have become essential components of modern software development pipelines, yet security vulnerabilities in these systems pose significant risks to organizational software supply chains. This study empirically evaluates security architecture components for automated testing platforms using a quantitative research design. Data were collected from 198 software engineering professionals across 52 technology organizations. Partial Least Squares Structural Equation Modeling (PLS-SEM) was employed to examine relationships between container isolation, access control mechanisms, secrets management, and platform security effectiveness. Results indicate that container isolation (beta = 0.423, p < 0.001) and secrets management (beta = 0.398, p < 0.001) significantly enhance platform security. Access control demonstrates positive effects on unauthorized access prevention (beta = 0.356, p < 0.01). The proposed secure architecture achieves 41.7% reduction in security incidents compared to conventional testing platforms. This research provides evidence-based guidance for designing secure automated testing architectures that protect software supply chains while maintaining development velocity.
References
1. Hair, J. F., Ringle, C. M., & Sarstedt, M. (2019). Partial least squares structural equation modeling (PLS-SEM). In Handbook of Market Research, 1-40. Springer.
2. Myagmar, S., Lee, A. J., & Yurcik, W. (2005). Threat modeling as a basis for security requirements. In Symposium on Requirements Engineering for Information Security.
3. Sharma, S., & Barenkamp, M. (2022). DevSecOps: A multivocal literature review. In 18th International Conference on Software Architecture Companion, 93-100.
4. Rahman, A. A., & Williams, L. (2019). Security practices in DevOps. In IEEE/ACM International Conference on Technical Debt, 59-68.
5. Kumar, R., & Goyal, R. (2019). Modeling continuous security: A conceptual model for integrating security in CI/CD pipeline. In 4th International Conference on Internet of Things, 1-6.
6. Diaz, J., & Laukkanen, E. (2021). DevOps in practice: A multiple case study of large organizations. In 44th Euromicro Conference on Software Engineering and Advanced Applications, 184-191.
