- Milestone 0: Preparation of Project Draft Done
- Create a markdown-based IoT Security Testing Guide draft
- Review of the draft, provide feedback - @ all collaborators
- Discuss and implement feedback - @ all collaborators
- Review changes and, if needed, iteratively repeat the previous steps - @ all collaborators
- Prepare OWASP project requirements - @ all collaborators
- Milestone 1: OWASP IoT Security Testing Guide Project Launched
- Submit OWASP project request - @ project leaders
- Approve project request and provide project repositories - @ OWASP project board
- Set up project repositories - @ project leaders
- Peer review of project draft, provide feedback - @ public, all collaborators
- Discuss and implement feedback - @ all collaborators
- Review changes and, if needed, iteratively repeat the previous steps - @ all collaborators
- Milestone 2: Project Team Established and Project Synced With other OWASP Projects
- Meet and sync with other OWASP security testing guide leaders (WSTG, MASTG) - @ project leaders
- Prepare task tracking (Git Issues) to enable tracking, distribution and monitoring of tasks - @ project leaders
- Gather volunteers and establish project team - @ project leaders, project team
- Milestone 3: Baseline Version Released
- Gather feedback from the project team regarding draft version of the guide - @ project team
- Discuss and implement feedback - @ project team
- Review changes and, if needed, iteratively repeat the previous steps - @ project leaders, project team
- Approve and release baseline version - @ project leaders
- Milestone 4 - n: Continuous Development and Release of Modular Expansions
-
Collect feedback and ideas for expansions; compile a list of technologies that future versions of the guide should cover - @ project leaders, project team
-
Prioritize technologies - @ project leaders, core team (feedback of project team welcome)
- Assign team members to work on an expansion module - @ project leaders
- Create a draft expansion module for this guide that includes detailed test cases for the given technology - @ expansion team
- Review this draft, provide feedback - @ assigned reviewers
- Discuss and implement feedback - @ expansion team
- Review changes and, if needed, iteratively repeat the previous steps - @ assigned reviewers, expansion team
- Approve and release expansion module - @ project leaders
-
Iteratively review, expand and update the prioritization list - @ project leaders, core team (feedback of project team welcome)
-
| Role | Description |
|---|---|
| OWASP project board | OWASP project board/committee that reviews and approves new project ideas |
| Collaborators | All collaborators, who are working on the project |
| Project leaders | OWASP project leaders |
| Core team | Part of the team that monitors and updates the prioritized list of planned expansion modules (depending on the project team size and feasibility either the whole project team or only a part of the team will be involved; feedback of all project team members is welcome) |
| Expansion team | Part of the team that is working on a particular expansion module |
| Assigned reviewers | Assigned team members, who are reviewing an expansion module draft |