This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "SpoC 007 - Owasp Orizon Project"
From OWASP
(New page: === News === 13<sup>th</sup> July 2007 - The project status as Spoc 2007 start is summarized in the following: <ul> <li>java sources are translated into XML using JDK6 APIs;</li> <li>Orizo...) |
(→SpoC 2007 Goals) |
||
Line 46: | Line 46: | ||
<th>Included in Orizon release</th> | <th>Included in Orizon release</th> | ||
<th>Estimated inclusion time</th> | <th>Estimated inclusion time</th> | ||
+ | </tr> | ||
+ | <tr> | ||
+ | <td>Static analysis</td> | ||
+ | <td>30%</td> | ||
+ | <td>0.65</td> | ||
+ | <td>August 2007 (the beginning of)</td> | ||
</tr> | </tr> | ||
<tr> | <tr> |
Revision as of 10:39, 13 July 2007
News
13th July 2007 - The project status as Spoc 2007 start is summarized in the following:
- java sources are translated into XML using JDK6 APIs;
- Orizon classes are in a refactoring stage in order to reflect a better approach in design phase;
- library containing checks is now a Zip file instead of a plain XML file. The library file will contain "receipts", XML files containing security checks grouped by category.
What is missing by now is some checks. I'm looking the web in order to collect "coding best practices" and trying to formalize them in XML.
Next actions
Id | Description | Priority | Blocking? |
---|---|---|---|
OR-1 | Collecting safe coding best practices | High | No |
OR-2 | Creating APIs for XML reports | Low | No |
OR-3 | Creating code to handle dynamic test cases generation | Medium | No |
SpoC 2007 Goals
Goal | Completeness (%) | Included in Orizon release | Estimated inclusion time |
---|---|---|---|
Static analysis | 30% | 0.65 | August 2007 (the beginning of) |
Dynamic analysis | 0% | 0.75 | August 2007 (late, may be around 28-30) |
Creating a library with 30 checks included | 5% | 0.80 | September 2007 (mid of) |
Support for C language | 0% | 0.80 | September 2007 (mid of) |
Capability to export results in XML with customizable CSS | 0% | 0.90 | October 2007 |