[gov][pcac]: Correcting the document title

README.rst

@@ -22,9 +22,9 @@ Navigation tips
    selection <https://cntt.readthedocs.io/projects/ra1/en/latest/chapters/chapter05.html>`__.
 -  **check the Anuket conformance of your OpenStack-based deployments?**
    You would be primarily interested in `the OpenStack Testing
-   Cookbook <https://cntt.readthedocs.io/projects/rc1/en/latest/chapters/chapter04.html>`__
+   Cookbook <https://cntt.readthedocs.io/projects/ra1/en/latest/chapters/chapter08.html#openstack-testing-cookbook>`__
    and `the test case descriptions and
-   selection <https://cntt.readthedocs.io/projects/rc1/en/latest/chapters/chapter03.html>`__
+   selection <https://cntt.readthedocs.io/projects/ra1/en/latest/chapters/chapter08.html#conformance-test-suite>`__
    for more details.
 -  **check the Anuket conformance of your Kubernetes-based
    deployments?** You would be primarily interested in `Kubernetes

doc/common/abbreviations.rst

@@ -6,6 +6,7 @@ Abbreviations
 ============== ==========================================================================
 3GPP           3rd Generation Partnership Project
 AAA            Authentication, Authorisation, and Accounting
+AAL            Acceleration Abstraction Layer
 AAP            Anuket Assured Program
 AArch64        64bit ARM architecture
 Acc            Accelerator
@@ -14,6 +15,7 @@ ADC            Application Delivery Controller
 AES            Advanced Encryption Standard
 AES-NI         AES New Instructions
 AI             Artificial Intelligence
+AICPA          American Institute of Certified Public Accountants
 AMF            Access and Mobility management Function
 API            Application Programming Interface
 AR             Augmented Reality
@@ -77,6 +79,7 @@ CSP            Cloud Service Provider
 CU             Centralised Unit (O-RAN context)
 CVC            (LFN) Compliance Verification Committee
 CVE            Common Vulnerabilities and Exposures
+CVSS           Common Vulnerability Scoring System
 DANM           Damn, Another Network Manager
 DBaaS          Data Base as a Service
 DC             Data Center
@@ -122,6 +125,7 @@ FTTx           Fiber to the x
 FW             Fire Wall
 FWD            (Traffic) ForWarDed
 GB             Giga Byte
+GDPR           General Data Protection Regulation
 GFS            Global (Linux) File System
 GGSN           Gateway GPRS Support Node
 Gi or GiB      Gibibyte (1024^3) bytes
@@ -139,6 +143,8 @@ HCP            Hyperscaler Cloud Provider
 HDD            Hard Disk Drive
 HDFS           Hadoop Distributed File System
 HDV            Hardware Delivery Validation
+HEM-clouds     Hybrid, Edge, and Multi-clouds
+HEMP           Hybrid, Edge, and Multi-Cloud unified management Platform
 HLR            Home Location Register
 HOT            (OpenStack) Heat Orchestration Templates
 HSS            Home Subscriber Server
@@ -181,6 +187,8 @@ LBaaS          Load Balancer as a Service
 LCM            LifeCycle Management
 LDAP           Lightweight Directory Access Protocol
 LF             Linux Foundation
+LMS            Log Management Service
+LTD            Less Trusted Domain
 LFN            Linux Foundation Networking
 LLDP           Link Layer Discovery Protocol
 LMA            Logging, Monitoring, and Analytics
@@ -198,6 +206,7 @@ ML2 or ML-2    Modular Layer 2
 MME            Mobility Management Entity
 mMTCs          Massive Machine-Type Communications
 MPLS           Multi-Protocol Label Switching
+MTD            More Trusted Domain
 MRF            Media Resource Function
 MSAN           MultiService Access Node
 MSC            Mobile Switching Center
@@ -338,6 +347,7 @@ SMSC           SMS Center
 SMT            Simultaneous Multi-Threading
 SNAT           Source Network Address Translation
 SNMP           Simple Network Management Protocol
+SOC            System and Organization Controls
 SONiC          Software for Open Networking in the Cloud
 SR-IOV         Single Root Input Output Virtualisation
 SRTM           Static Root of Trust for Measurements
@@ -347,6 +357,7 @@ SSH            Secure SHell protocol
 SSL            Secure Sockets Layer
 SUT            System Under Test
 SW             Software
+TCDI           Trusted Cross-Domain Interface
 TBC            To Be Confirmed
 TC             Test Case
 TCP            Transmission Control Protocol
@@ -386,6 +397,7 @@ vIPS           Virtualised IPS
 VLAN           Virtual LAN
 VM             Virtual Machine
 VMDK           VMware Virtual Machine Disk File
+vNAS           virtual Network Attached Storage
 VMM            Virtual Machine Monitor (or Manager)
 VNF            Virtualised Network Function
 VNFC           Virtualised Network Function Component

doc/common/chapter00.rst

@@ -130,15 +130,27 @@ Architectural Principles
 
 Following are a number of key architectural principles that apply to all Reference Architectures produced by the Anuket project:
 
-1. **Open source preference:** To ensure, by building on technology available in open source projects, that suppliers’ and operators’ investment have a tangible pathway towards a standard and production ready Cloud Infrastructure solution portfolio.
-2. **Open APIs:** To enable interoperability and component substitution, and minimize integration efforts by using openly published API definitions.
-3. **Separation of concerns:** To promote lifecycle independence of different architectural layers and modules (e.g. disaggregation of software from hardware).
-4. **Automated lifecycle management:** To minimize costs of the end-to-end lifecycle, maintenance downtime (target zero downtime), avoid errors and discrepancies resulting from manual processes.
-5. **Automated scalability:** To minimize costs and operational impacts through automated policy-driven scaling of workloads by enabling automated horizontal scalability of workloads.
-6. **Automated closed loop assurance:** To minimize operational costs and simplify Cloud Infrastructure platform operations by using automated fault resolution and performance optimization.
-7. **Cloud nativeness:** To optimise the utilization of resources and enable operational efficiencies.
-8. **Security compliance:** To ensure the architecture follows the industry best security practices and is at all levels compliant to relevant security regulations.
-9. **Resilience and Availability:** To allow High Availability and Resilience for hosted VNFs, and to avoid Single Point of Failure.
+1. **Open-source preference:** for building Cloud Infrastructure
+   solutions, components and tools, using open-source technology.
+2. **Open APIs:** to enable interoperability, component
+   substitution, and minimise integration efforts.
+3. **Separation of concerns:** to promote lifecycle independence of
+   different architectural layers and modules (e.g., disaggregation of
+   software from hardware).
+4. **Automated lifecycle management:** to minimise the
+   end-to-end lifecycle costs, maintenance downtime (target zero
+   downtime), and errors resulting from manual processes.
+5. **Automated scalability:** of workloads to minimise costs and
+   operational impacts.
+6. **Automated closed loop assurance:** for fault resolution,
+   simplification, and cost reduction of cloud operations.
+7. **Cloud nativeness:** to optimise the utilisation of resources
+   and enable operational efficiencies.
+8. **Security compliance:** to ensure the architecture follows
+   the industry best security practices and is at all levels compliant
+   to relevant security regulations.
+9. **Resilience and Availability:** to withstand
+   Single Point of Failure.
 
 Scope
 =====

doc/common/references.rst

@@ -41,6 +41,11 @@ Ref  Doc Number                                              Title
 [32] ITU-T G.8262                                            "Timing characteristics of a synchronous equipment slave clock", Available at `https://www.itu.int/rec/T-REC-G.8262 <https://www.itu.int/rec/T-REC-G.8262>`__
 [33] ITU-T G.8275.2                                          "Precision time protocol telecom profile for time/phase synchronization with partial timing support from the network", Available at `https://www.itu.int/rec/T-REC-G.8275.2 <https://www.itu.int/rec/T-REC-G.8275.2>`__
 [34] GSMA OPG.02                                             "Operator Platform Telco Edge Requirements", Available at `https://www.gsma.com/operatorplatform <https://www.gsma.com/operatorplatform>`__
+[35] O-RAN.WG6.AAL-GAnP-v01.00                               "O-RAN Acceleration Abstraction Layer General Aspects and Principles 1.0”, November 2020", Available at `https://www.o-ran.org <https://www.o-ran.org>`__
+[36] GSMA FS.40-v02.00                                       "5G Security Guide, version 2.0, 20 October 2021”, November 2020", Available at `https://www.gsma.com/security/publications/ <https://www.gsma.com/security/publications/>`__
+[37] ETSI TS 103 457                                         "Interface to offload sensitive functions to a trusted domain”, TS 103 457 - V1.1.1 - CYBER, Available at `https://www.etsi.org/deliver/etsi_ts/103400_103499/103457/01.01.01_60/ts_103457v010101p.pdf <https://www.etsi.org/deliver/etsi_ts/103400_103499/103457/01.01.01_60/ts_103457v010101p.pdf>`__
+[38] RFC 2544                                                "Benchmarking Methodology for Network Interconnect Devices", Available at `https://www.ietf.org/rfc/rfc2544.txt  <https://www.ietf.org/rfc/rfc2544.txt>`__
+[39] O-RAN.WG6                                               "WG6: Cloudification and Orchestration Workgroup specfications", Available at `https://www.o-ran.org <https://www.o-ran.org>`__
 ==== ======================================================= =================================================================================================================================================================================================================================================================================================================================================================================================================================
 
 Cloud Native and Kubernetes References

doc/common/technologies.rst

@@ -53,7 +53,7 @@ Once an IO device is directly assigned to a workload, that workload will then ha
 
 This method provides better performance than the para-virtualised one as no hypervisor is involved but provides less flexibility and less portability.
 
-Having an IO device directly assigned to a workload means that the workload needs to run vendor specific drivers and libraries to be able to access that device which makes the workload less portable and dependent on a specific hardware type from a specific vendor which is not aligned with the overall strategy and goals of the Anuket Project and hence this method of IO Virtualisation must not be used unless explicitly allowed as an exception as part of the transitional plan adopted by the Anuket Project.
+Having an IO device directly assigned to a workload means that the workload needs to run vendor specific drivers and libraries to be able to access that device which makes the workload less portable and dependent on a specific hardware type from a specific vendor.
 
 .. image:: ./figures/tech_vtd.png
    :alt: "Figure 3: Direct Assignment with Virtual Technology"
@@ -72,7 +72,7 @@ For this method to be possible, the IO device need to support Single Root Input
 
 Each of those Virtual Functions can then be independently assigned exclusively to a workload (with the appropriate hardware support of an IOMMU).
 
-Similar to the previous method ("Direct Assignment"), this method provides better performance than para-virtualisation, but lacks the flexibility and the portability sought and therefore must also not be used unless explicitly allowed as an exception as part of the transitional plan adopted by the Anuket Project.
+Similar to the previous method ("Direct Assignment"), this method provides better performance than para-virtualisation, but lacks the flexibility and the portability sought.
 
 .. image:: ./figures/tech_sriov.png
    :alt: "Figure 4: Device Sharing with SR-IOV & Direct Assignment"
@@ -87,7 +87,7 @@ This method basically is a mixture between the software only para-virtualisation
 
 Unlike the software only para-virtualised interfaces, this method provides better performance as it by-passes the hypervisor and unlike Direct Assignment methods, this method doesn’t require proprietary drivers to run in the workload and hence this method makes workloads portable.
 
-However, this method doesn’t provide the same level of flexibility as the software only para-virtualisation method as migrating workloads from one host to another is more challenging due to the hardware presence and the state it holds for the workloads using it and therefore should also not be used unless explicitly allowed as an exception as part of the transitional plan adopted by the Anuket Project.
+However, this method doesn’t provide the same level of flexibility as the software only para-virtualisation method as migrating workloads from one host to another is more challenging due to the hardware presence and the state it holds for the workloads using it.
 
 .. image:: ./figures/tech_virtio_hw.png
    :alt: "Figure 5: Para-Virtualisation method (with hardware support)"

doc/conf.py

@@ -13,7 +13,8 @@
     'ref_cert',
     'ref_impl',
     'ref_model',
-    'tech'
+    'tech',
+    'gov/README.rst'
 ]
 linkcheck_ignore = [
     'https://github.com/cncf/telecom-user-group/blob/master/whitepaper/cloud_native_thinking_for_telecommunications.md#1.4',
@@ -23,14 +24,17 @@
     'ref_model': ('https://cntt.readthedocs.io/projects/rm/en/latest/', None),
     'ref_arch_openstack': ('https://cntt.readthedocs.io/projects/ra1/en/latest/', None),
     'ref_arch_kubernetes': ('https://cntt.readthedocs.io/projects/ra2/en/latest/', None),
-    'ref_cert_RC1': ('https://cntt.readthedocs.io/projects/rc1/en/latest/', None),
     'ref_cert_RC2': ('https://cntt.readthedocs.io/projects/rc2/en/latest/', None),
     'ref_impl_cntt-ri': ('https://cntt.readthedocs.io/projects/ri1/en/latest/', None),
     'ref_impl_cntt-ri2': ('https://cntt.readthedocs.io/projects/ri2/en/latest/', None)
 }
 autosectionlabel_prefix_document = True
 autosectionlabel_maxdepth = 4
 
+numfig = True
+numfig_format = {'figure': 'Figure %s', 'table': 'Table %s',
+                 'code-block': 'Listing %s', 'section': 'Section %s'}
+
 html_theme = "sphinx_material"
 #html_sidebars = {
 #    "**": ["logo-text.html", "globaltoc.html", "localtoc.html", "searchbox.html"]

doc/gov/README.rst

@@ -1,6 +1,6 @@
-====================
-Community Guidelines
-====================
+==========================================================
+Community Guidelines for Anuket Specifications Development
+==========================================================
 
 Table of contents
 -----------------