1. Home
GLITCH is a technology-agnostic framework that enables automated detection of IaC smells. GLITCH allows polyglot smell detection by transforming IaC scripts into an intermediate representation, on which different smell detectors can be defined. GLITCH currently supports the detection of 12 different security smells [1, 2] and nine design & implementation smells [3] in scripts written in Puppet, Ansible, Chef, Terraform, or Docker.
[1] Rahman, A., Parnin, C., & Williams, L. (2019, May). The seven sins: Security smells in infrastructure as code scripts. In 2019 IEEE/ACM 41st International Conference on Software Engineering (ICSE) (pp. 164-175). IEEE.
[2] Rahman, A., Rahman, M. R., Parnin, C., & Williams, L. (2021). Security smells in ansible and chef scripts: A replication study. ACM Transactions on Software Engineering and Methodology (TOSEM), 30(1), 1-31.
[3] Schwarz, J., Steffens, A., & Lichter, H. (2018, September). Code smells in infrastructure as code. In 2018 11th International Conference on the Quality of Information and Communications Technology (QUATIC) (pp. 220-228). IEEE.
The envisioned users of GLITCH are:
- system administrators who have to develop or maintain IaC scripts
- scientific researchers, developers and IaC enthusiasts who want to develop and/or research about new analyses for IaC
- software engineering enthusiasts who want to contribute to our tool
☺️