Project Plan: ONAP Security Requirements - SDC

Goals

This project will focus to address the remaining Security requirements defined by the ONAP SECCOM Community based on JIRA Backlog

Perform the necessary migration/upgrade to packages according to the SDC security vulnerability report

^{(Due dates are roughly estimated and are subject to change ±)}

#	Activity	Due Date	Status

#	Activity	Due Date	Status
1.	Set up SDC local development environment and run Sanity tests. Get familiar with SDC components and understand he interaction among them	Jun 22, 2020	Complete
2.	Upgrade maven dependencies to more recent versions so they don’t include security vulnerabilities	Jul 13, 2020	ACTIVE
3.	Generate certificates with AAF in deploy time and integrate them	Aug 3, 2020	PENDING
4.	Getting CII badges (passing/silver/gold)	Aug 10, 2020	PENDING
5.	Fixing security tickets and ONAP JIRA Security Issues (OJSI)	Aug 31, 2020	PENDING
6.	Bounce checking special characters for SDC APIs	Sep 7, 2020	PENDING
7.	Migrating Junit 4 to 5	Sep 28, 2020	PENDING
8.	Java 11 migration	Oct 26, 2020	PENDING
9.	Complete pending tasks + Summary report	Nov 13, 2020	PENDING

Implement the required migrations (Update used packages and dependencies, Junit4→Junit5, and migrate to Java 11)
Implement any required code modifications due to the upgrade/migration
Fix security tickets and OJSI

Week 6

Set up SDC local development environment and run Sanity tests

Get familiar with SDC components and understand he interaction among them

Upgrade maven dependencies to more recent versions so they don’t include security vulnerabilities

Week 12

Generate certificates with AAF in deploy time and integrate them

Getting CII badges (passing/silver/gold)

Week 18

Fixing security tickets and ONAP JIRA Security Issues (OJSI)

Bounce checking special characters for SDC APIs

Migrating Junit 4 to 5

Week 24

Java 11 migration

Complete pending tasks + Summary report

Mentee: @Amir Ibrahim Amin Mohamad