OWASP Season of Code 2009

UPDATES

 * MAY 6: DRUM ROLL!!!!!!!!!!!!!!!!!!!! THE OWASP SEASON OF CODE 2009 WILL BE LAUNCHED AT OWASP APPSEC EUROPE 2009 - POLAND!
 * Deadline for project applications: (TBD)

OVERVIEW

 * OWASP is now launching its Season of Code 2009 (OWASP SoC 09), following the previous OWASP Summer of Code 2008, in which 33 projects were approved and a budget of more than US$125,000 have been made available, the OWASP Spring of Code 2007 (SpoC 07), in which 21 projects were sponsored with a budget of US$117,500, and the OWASP Autumn of Code 2006 (AoC 06), in which 9 projects were sponsored with a budget of US$20,000.


 * The OWASP SoC 2009 is an open sponsorship program were participants/developers are paid to work on OWASP (and web security) related projects. Applications to improve the quality of existing tool and documentation projects or develop projects prioritized will be preferred.


 * The OWASP SoC 2009 is also an opportunity for external individual or company sponsors to challenge the participants/developers to work in areas in which they are willing to invest additional funding - see OWASP Season of Code Sponsorship for further information.

WHO CAN APPLY?

 * The only requirement is that the candidate shows the potential to accomplish the project's objectives/deliveries and the commitment to dedicate the time required to complete it in the appropriate period.
 * Current active OWASP Project Contributors (including Project leaders) are encouraged to apply.
 * No member of the OWASP board or OWASP Global Projects Committee is allowed to apply for a OWASP SoC 09 sponsorship.
 * There are no any other restrictions on who can apply for a OWASP SoC 09 sponsorship.

HOW TO PARTICIPATE (TO DEVELOPERS)

 * Ideas to work can be chosen from:
 * Participants/developers’ own interest and choice, as long as the OWASP main objectives are considered;
 * Projects prioritized (TBD) by the OWASP Board to be done with OWASP SoC 09 funds;
 * Existing OWASP Projects;
 * To submit a project you have to post it on the {link on online application submission form} (note that your submission will be automatically published ONLINE : {link to online view of the submitted forms}
 * Please see OWASP SoC 08, OWASP SpoC 07 and OWASP AoC 06 for contents to be included in the Application (TO BE CHANGED).
 * Note that no sensitive personal details should be posted in that page, i.e., full name, postal address, email, and so on.
 * Once your application is published on the WIKI, send an email to [mailto:global-projects-committee@lists.owasp.org Global Projects Committee] with the following details:
 * Project name;
 * Contact details, i.e., full name, postal address and email.
 * The [mailto:global-projects-committee@lists.owasp.org Global Projects Committee] can be contacted for further discussion on issues related to OWASP SoC 09 applications, i.e., project ideas, review of draft applications, etc..

SCHEDULE

 * 13th May – OWASP SoC 09 is pre launched at OWASP AppSec Europe 2009 - Poland!'''
 * 20th May - OWASP SoC 09 is officially launched. Start date for submitting applications.
 * 15th June - Deadline for project applications.
 * 1st July – Publishing of selected applications and start of OWASP SoC 09 projects.
 * 1st October - Participants to report on project status - 50% mark.
 * 1st January - Project completion. Participants should deliver final project report.

JURY AND SELECTION CRITERIA
Jury: OWASP Board Members (Jeff Williams, Dave Wichers, Tom Brennan, Sebastien Deleersnyder and Dinis Cruz) plus OWASP Global Projects Committee (Dinis Cruz, Matt Tesauro, Pravir Chandra, Jason Li, Leonardo Mitelli). Selection Criteria: The participant must create a roadmap for the project that includes technical requirements, functional requirements, and quality requirements. Preference will be given to proposals that use the existing OWASP Beta and Stable requirements for quality supplemented with their own technical and functional requirements.
 * There are two methods to select OWASP SoC 09 projects:
 * By direct majority vote (5 out of 9) by the Jury;
 * By selection rating using the criteria defined below.
 * Each project will receive a rating from 1 to 5 on the following categories by each Jury. The final result will be the total value.
 * On the Project:
 * Complete status - What will be the final Completeness State? (According with the OWASP Assessment_Criteria_v2.0)
 * Complexity - What is the project Complexity and Size?
 * Member Value - How big is the potential added value to OWASP Members?
 * Brand Value - How big is the potential added value to the OWASP Brand?
 * On the Candidate:
 * Past Work - Value of past contributions to OWASP Projects;
 * Deliverability - Proven capability to deliver;
 * Quality of Proposal - Global quality of the proposal submitted.

OPERATIONAL RULES

 * Proposals are submitted using online form (with all details publicly posted)
 * The participant should propose two reviewers (for details on the proposed reviewer responsibilities, see TDB see {assessment criteria reviewer role link})
 * Each and every project should have its SoC Project Release page always completely updated with all information regarding the project status.
 * The SoC Project Release's final deliveries will be evaluated by the assigned reviewers. However, the Jury will provide final oversight.
 * Payments will be made, via Pay Pal, in two instalments, respectively 50% halfway and 50% on completion of the project. (basically, if you do not deliver you will NOT be paid)

GENERAL RULES

 * By taking part on OWASP SoC 09, the participant will authorize OWASP to host and advertise without any limitations his participation and all related contents including proposal and all deliveries.
 * All tools, documentation, or any other materials whatsoever, created by the participants within OWASP SoC 09 context must be released under an Open Source Initiative approved license. However, the participant may mirror development on her/his personal infrastructure at her/his option.
 * Participants and OWASP is free to use the results, including code, of the SoC's 09 code in any way they choose provided it is not in conflict with the license under which the code was developed.
 * Any situation arising not included in the above mentioned set of rules will be decided according to the discretionary judgement of OWASP Board.

OWASP SOC 09 BUDGET

 * The initial Budget for SoC 09 will be US$90,000, and it is funded by OWASP.
 * In parallel with the Request for Proposals, OWASP is also launching a sponsorship drive (sponsors have the option to choose which projects they would like to support).
 * The funds available will be allocated to select projects. However, strong proposals will be accepted by majority vote of the OWASP Board before the final project selection. Remaining budget will be allocated to remaining projects.
 * Note: The referred budget allocation is just a guideline and the final values will be adjusted based on the successful proposals.


 * OWASP Season of Code - Previous version