SecQDevOps

Recent advancements in quantum computing have significantly increased interest in, and demand for, more quantum technologies and solutions for several sectors and fields. Unfortunately, despite its potential, quantum computing requires dependable, robust, and secure infrastructure to support its quantum algorithms – infrastructure which is often missing due to the rapid development of many quantum technologies and practices. The EU-funded SecQdevOps project will develop a secure, continuous DevOps pipeline, specially designed to accommodate quantum hardware and software development, to overcome these key issues. To achieve this, it will use quantum high-level programming languages, in combination with secure, hardware-aware compiles, to provide real-time vulnerability detection and automated security assessments, vastly increasing resilience to cyber threats.

The emergence of quantum computing as a transformative technology has made secure hardware and software development an imperative. Quantum computing’s potential depends on robust, secure infrastructures that support quantum algorithms while addressing vulnerabilities. However, rapid development often prioritizes functionality and speed over security, creating gaps in comprehensive quantum-specific security practices, as highlighted by agencies like ENISA and NIST. Such gaps pose risks due to quantum algorithms' complex attack surfaces, which traditional security solutions cannot adequately address. This challenge is especially pertinent in the European Union (EU), where it is essential to integrate security engineering in both software and hardware development, ensuring compliance with EU standards and providing auditable quantum systems. The SecQdevOps project tackles these critical issues by creating a secure, continuous DevOps pipeline explicitly designed for quantum software and hardware development. Leveraging quantum high-level programming languages like Qiskit and Eclipse QRISP, alongside secure hardware-aware compilers, SecQdevOps provides automated security assessments and real-time vulnerability detection to build efficient, trustworthy quantum applications resilient to cyber threats. A unique aspect of SecQdevOps is the Internet of Quantum Things (IoQT), a distributed platform that connects emulated quantum devices across multiple secure nodes for collaborative testing and development, offering a secure “playground” for next-generation developers.