Versions Compared

Old Version 2

changes.mady.by.user Paweł Pawlak

Saved on

compared with

New Version 3

changes.mady.by.user Paweł Pawlak

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Jira No
SummaryDescriptionStatusSolution

Update on Unmaintained Projects task group

Unmaintained Project tg reviewing RACI matrix: https://wiki.onap.org/display/DW/Project+State%3A+Unmaintained

Use Jira TSC epic and project/work group tasks to track the retirement of a capability (project/repos) – create template

OOM contains unused/orphan code: discuss at next unmaintained projects call because it affects security and maintainability (step in the RACI matrix)

DCAEMOD repos are being removed in London

Test RACI process with AAF (unmaintained project) and DCAEMOD (unmaintained repos) – Muddasar will contact Vijay

ongoing

Update on the Security Logging Fields and Global Requirement  

Bob updated PTLs at the 8/22 PTL call

DCAE will deliver logging updates in London

will socialize python & javascript POCs with PTLs: May need python & js POCs

Use language indicator on SonarCloud dashboard to determine programming language

ongoing



SBOM creation 

dcaegen2-collectors-ves SBOM successful

CPS SBOM working

4 successful project SBOMs created

ongoing

Superblueprint

Update from 8/16 Super Blueprint meeting (Muddasar)

  • Use cases to be added, limited resources to go with E2E solution integration.
    • Ultra low latency use case – video monitoring
  • Status of lab infrastructure – decided which labs to use
  • Open source
    • Core: open 5GC & Aarna Networks 5G core based on open source.
    • gNodeB
    • Orchestrator: ONAP
  • Amy will invite Martial to demo his work to SECCOM

Use cases to be added, limited resources to go with E2E solution integration.

Weekly meetings: https://wiki.lfnetworking.org/pages/viewpage.action?pageId=50528282

Architecture: https://wiki.lfnetworking.org/pages/viewpage.action?pageId=53609061

Roadmap: https://wiki.lfnetworking.org/display/LN/5G+Super+Blueprint+Roadmap

Requirements and Use case Advisory Group: https://wiki.lfnetworking.org/display/LN/Requirements+and+Use+Case+Advisory+Group

Use cases: https://wiki.lfnetworking.org/pages/viewpage.action?pageId=68792322

Use cases to be added, limited resources to go with E2E solution integration.

Muddasar tasked with specifying detailed use case requirements for creating secure slices: least privilege

Eric Kline performing streaming analytics on data to use in closed loop slicing automation

ongoingLogistic from program perspective needs to be improved.

OOM

Ericsson OOM team is focused on the ONAP security reference implementation.

Logging reference implementation is second priority work item for now.

Code link was shared with SECCOM before (nordix), but not yet contributed to ONAP




PTL meeting – August 22th

Short meeting (Bob attended)

  • Bob presented logging
  • Upcoming events
  • Release updates



TSC meeting – August 18th

No one on SECCOM call attended


ONE Summit NA  

Pawel and Amy submitted proposal: ONAP’s Recipe for Managing CVEs and Securing Open Source Software

Byung will present service descriptor and potentially new ONAP security architecture with service mesh.




LFN Developer & Testing Forum NA 

Productization of Assured Opensource Software - Muddasar

SBOM implementation and challenges in ONAP - Muddasar

5G orchestration with ONAP, AI and ML. - Maggie


Brian to be asked by Muddasar as co-presenter for SBOM.

SECCOM MEETING CALL WILL BE HELD ON 6th OF September'22. 






Recordings: 

View file
name2022-08-30_SECCOM_week.mp4
height150

SECCOM presentation: