Please find below the Minutes of Meetings and recording for the SECCOM meeting that was held on 25th of July 2023.
| Jira No | Summary | Description | Status | Solution |
|---|---|---|---|---|
ONAP disaggregation impact on SECCOM activities | Byung provided presentation on disaggregation that was initially discussed: ONAP - Streamlining the process-2023-7-18-v2.pptx Separation of marketing and component versions - proposal by Florian to be further elaborated at the OOM meeting on Wednesday. Proposal: Break ONAP's monolithic version schema Helm charts dependencies to be analyzed (by Andreas): With known major version and version provided by the project SCA scans could be provided automatically. Do we maintain a single CI/CD pipeline or individual per project. Different namespace must be possible. ONAP components interfaces abstraction (to serve both ONAP but alno non-ONAP) would require an additional development efforts to build adapters - it brings some risk. TM Forum brings some defined APIs. Security controls out of ONAP:
Logging and logs management need to be carefuly considered as one of pilars of security. Ceremony is needed at ONAP level that finishes and summarizes efforts for a solution. | started | To be continued at ARCCOM and OOM meetings. | |
NEXT SECCOM MEETING CALL WILL BE HELD ON 1st of August 2023. | 5Y security questionnaire by Policy. |
Recordings:
SECCOM presentation: