Difference between revisions of "OWASP Season of Code 2009"

From OWASP
Jump to: navigation, search
(OVERVIEW)
m
 
(18 intermediate revisions by 2 users not shown)
Line 24: Line 24:
 
<br>
 
<br>
 
* '''Main Links'''  
 
* '''Main Links'''  
 +
* [http://globalprojectscommittee.wordpress.com/ GPC's blog]
 
* [[OWASP Season of Code 2009 - Press Release|Press Release ]]   
 
* [[OWASP Season of Code 2009 - Press Release|Press Release ]]   
 
* [[OWASP Season of Code 2009 - Applications|View Submitted Applications]]  
 
* [[OWASP Season of Code 2009 - Applications|View Submitted Applications]]  
Line 37: Line 38:
 
== UPDATES ==
 
== UPDATES ==
  
*'''MAY 6:''' DRUM ROLL!!!!!!!!!!!!!!!!!!!! '''THE OWASP SEASON OF CODE 2009 WILL BE PRE LAUNCHED AT [[OWASP AppSec Europe 2009 - Poland|OWASP APPSEC EUROPE 2009 - POLAND]]!'''
+
*'''MAY 6:''' DRUM ROLL!!!!!!!!!!!!!!!!!!!! '''THE OWASP SEASON OF CODE 2009 HAS BEEN PRE LAUNCHED AT [[OWASP AppSec Europe 2009 - Poland|OWASP APPSEC EUROPE 2009 - POLAND]]!'''
** '''Deadline for project release applications: 15th June.'''
+
** '''Deadline for project release applications: TBD'''
  
 
== OVERVIEW ==
 
== OVERVIEW ==
*OWASP is now launching its Season of Code 2009 (OWASP SoC 09) with a provisional budget US$90,000, following the previous [[:OWASP Summer of Code 2008|OWASP Summer of Code 2008]], in which 33 projects were approved and a budget of more than US$125,000 have been made available, the [[OWASP Spring Of Code 2007|OWASP Spring of Code 2007]] (SpoC 07), in which 21 projects were sponsored with a budget of US$117,500, and the [[OWASP Autumn Of Code 2006|OWASP Autumn of Code 2006]] (AoC 06), in which 9 projects were sponsored with a budget  of US$20,000.  
+
OWASP is now launching its Season of Code 2009 (OWASP SoC 09) with a provisional budget US$90,000, following the previous [[:OWASP Summer of Code 2008|OWASP Summer of Code 2008]], in which 33 projects were approved and a budget of more than US$125,000 have been made available, the [[OWASP Spring Of Code 2007|OWASP Spring of Code 2007]] (SpoC 07), in which 21 projects were sponsored with a budget of US$117,500, and the [[OWASP Autumn Of Code 2006|OWASP Autumn of Code 2006]] (AoC 06), in which 9 projects were sponsored with a budget  of US$20,000. The OWASP SoC 2009 is an OWASP grant program to encourage participants/developers to work together on OWASP (and web security) related projects.  
  
*The OWASP SoC 2009 is an open sponsorship program were participants/developers are paid to work on OWASP (and web security) related projects. Although we welcome any project proposals (from improving Quality of [[:Category:OWASP Project|existing OWASP projects]] to new innovative research), the areas below will be preferred:
+
=== Strategic Focus ===
** OWASP Education Pack - (The Education Committee)
+
OWASP SoC 2009 introduces a shift in grant structure from previous Seasons of Code. Going forward, we would like to see Season of Code grants used towards operating expenses. The driving idea behind this shift is that OWASP, as an organization, has plenty of technical talent and knowledge. As a result, our money is best spent on things that we cannot already do right now as an organization. These expenses include things like marketing our best projects, printing promotional samples of our best OWASP documents, graphic design, travel expenses to hold mini-summits, etc.
** Enterprise usability of OWASP projects - (Projects Committee)
+
** Additional Sources of Funding - (Membership & Chapters Committee)
+
** Marketing & PR - Industry & Conferences Committee
+
** Additional Sources of Funding - (Membership & Chapters Committee)       
+
  
* On the allocated projects areas the respective committee will be involved on the application selection and will act as the 2nd reviewer accordingly with the assessment criteria V2.
+
With this goal in mind, all project proposals should include a budget detailing how much money the team is expecting (up to 20k) and how they plan on using those funds. While all projects will be reviewed by the SoC Jury, preference will be given to projects that use the funds for expenses incurred outside of the OWASP community. The SoC Jury will provide feedback on proposals whose allocations and costs are deemed to be too high.
 +
 
 +
Although we welcome any project proposals (from improving Quality of [[:Category:OWASP Project|existing OWASP projects]] to new innovative research), the areas below will be preferred:
 +
# '''OWASP Education Pack''' - ([[:Global Education Committee|Education Committee]])
 +
# '''Enterprise usability of OWASP projects''' - ([[:Category:Global Projects Committee|Projects Committee]])
 +
# '''Additional Sources of Funding''' - ([[:Global Membership Committee|Membership]] & [[Global Chapter Committee|Chapters Committee]])
 +
# '''Marketing & PR''' - ([[:Global Industry Committee|Industry]] & [[:Global Conferences Committee|Conferences Committee]])
 +
 
 +
In particular, any projects that wishes to participate in the current SoC with the goal of improving their project quality is welcome to submit an application. Several project leaders have already indicated that they would like to do this even without SoC grant funds. For proposals that do not request SoC grant funds, we will do our best to offer alternative rewards in the form of project promotion (recognition, featured placement on the OWASP website, speaking slots to highlight projects at OWASP conferences, etc).
 +
 
 +
* On the allocated projects areas the respective committee, above pointed out, will be involved on the application selection and will act as the 2nd reviewer accordingly with the [[:Assessment Criteria v2.0|OWASP Assessment Criteria V2]].
  
* Joint proposals (up to 20k) are highly encouraged.
 
 
*The OWASP SoC 2009 is also an opportunity for external individual or company sponsors to challenge the participants/developers to work in areas in which they are willing to invest additional funding - see [[OWASP Season of Code Sponsorship]] for further information.
 
*The OWASP SoC 2009 is also an opportunity for external individual or company sponsors to challenge the participants/developers to work in areas in which they are willing to invest additional funding - see [[OWASP Season of Code Sponsorship]] for further information.
  
Line 64: Line 70:
 
* Ideas to work can be chosen from:
 
* Ideas to work can be chosen from:
 
** The prioritized areas:
 
** The prioritized areas:
*** OWASP Education Pack (main contact: Education Committee)
+
*** '''1. OWASP Education Pack''' - ([[:Global Education Committee|Education Committee]])  
*** Enterprise usability of OWASP projects (main contact: Projects Committee)
+
*** '''2. Enterprise usability of OWASP projects''' - ([[:Category:Global Projects Committee|Projects Committee]])  
*** Additional Sources of Funding (main contact: Membership & Chapters Committee)
+
*** '''3. Additional Sources of Funding''' - ([[:Global Membership Committee|Membership]] & [[Global Chapter Committee|Chapters Committee]])
*** Marketing & PR (main contact: Industry & Conferences Committee)
+
*** '''4. Marketing & PR''' - ([[:Global Industry Committee|Industry]] & [[:Global Conferences Committee|Conferences Committee]])
*** Additional Sources of Funding (main contact: Membership & Chapters Committee)
+
 
** Participants/developers’ own interest and choice, as long as the OWASP main objectives are considered;  
 
** Participants/developers’ own interest and choice, as long as the OWASP main objectives are considered;  
 
** [[:Category:OWASP Project|Existing OWASP Projects]];  
 
** [[:Category:OWASP Project|Existing OWASP Projects]];  
Line 81: Line 86:
 
== SCHEDULE ==
 
== SCHEDULE ==
 
* 13th May – OWASP SoC 09 is pre launched at [[OWASP AppSec Europe 2009 - Poland|OWASP AppSec Europe 2009 - Poland]]!'''  
 
* 13th May – OWASP SoC 09 is pre launched at [[OWASP AppSec Europe 2009 - Poland|OWASP AppSec Europe 2009 - Poland]]!'''  
* 20th May - OWASP SoC 09 is officially launched. Start date for submitting applications.
+
* TBD - OWASP SoC 09 is officially launched. Start date for submitting applications.  
* 15th June - Deadline for project release applications.
+
* TBD - Deadline for project release applications.  
* 1st July – Publishing of selected applications and start of OWASP SoC 09 project releases.  
+
* TBD – Publishing of selected applications and start of OWASP SoC 09 project releases.  
* 1st October - Participants to report on project status - 50% mark.
+
* TBD - Participants to report on project status - 50% mark.  
* 1st January - Project completion. Participants should deliver final project release report.
+
* TBD - Project completion. Participants should deliver final project release report.
  
 
== JURY ==
 
== JURY ==
The OWASP SoC 09 jury is constituted by the OWASP Board Members ([[User:Jeff_Williams|Jeff Williams]], [[:User:Wichers|Dave Wichers]], [[:User:Tbrennan|Tom Brennan]], [[:User:Sdeleersnyder|Sebastien Deleersnyder]] and [[:User:Dinis.cruz|Dinis Cruz]]) plus respective [[:Global Committee Pages|Committee]].
+
The OWASP SoC 09 jury is constituted by the OWASP Board Members ([[User:Jeff_Williams|Jeff Williams]], [[:User:Wichers|Dave Wichers]], [[:User:Tbrennan|Tom Brennan]], [[:User:Sdeleersnyder|Sebastien Deleersnyder]] and [[:User:Dinis.cruz|Dinis Cruz]]) plus respective [[:Global Committee Pages|Committee]] representative.
  
 
== SELECTION CRITERIA ==
 
== SELECTION CRITERIA ==
 
* The participant must create a roadmap for the project release that includes technical requirements, functional requirements, and quality requirements. Preference will be given to proposals that use the existing [[:Assessment_Criteria_v2.0|OWASP Beta and Stable requirements]] for quality supplemented with their own technical and functional requirements.
 
* The participant must create a roadmap for the project release that includes technical requirements, functional requirements, and quality requirements. Preference will be given to proposals that use the existing [[:Assessment_Criteria_v2.0|OWASP Beta and Stable requirements]] for quality supplemented with their own technical and functional requirements.
 +
* If requesting SoC grant funds, the participant must include a budget of anticipated expenses.
 
* There are two methods to select OWASP SoC 09 project releases:
 
* There are two methods to select OWASP SoC 09 project releases:
 
** By direct majority vote by the Jury;
 
** By direct majority vote by the Jury;
Line 107: Line 113:
  
 
== OPERATIONAL RULES ==
 
== OPERATIONAL RULES ==
* Proposals are submitted using online form (with all details publicly posted)
+
* Proposals are submitted using online form (with all details publicly posted).
* The participant should propose one reviewer (for details on the proposed reviewer responsibilities, see TDB see {assessment criteria reviewer role link})
+
* The participant should propose one reviewer (for details on the proposed reviewer responsibilities, see TDB see {assessment criteria reviewer role link}).
 
* Each and every project release should have its SoC Project Release page always completely updated with all information regarding the project release status.  
 
* Each and every project release should have its SoC Project Release page always completely updated with all information regarding the project release status.  
 
* The SoC Project Release's final deliveries will be evaluated by the assigned reviewers. However, the Jury will provide final oversight.  
 
* The SoC Project Release's final deliveries will be evaluated by the assigned reviewers. However, the Jury will provide final oversight.  
* Payments will be made, via Pay Pal, in two instalments, respectively 50% halfway and 50% on completion of the project release. (basically, if you do not deliver you will NOT be paid)
+
* Invoicing of expenses can be done directly through Alison, our OWASP accountant. Grants amounts will be approved by the SoC Jury. Participants are expected to stay reasonably close to their line item budgets; significant deviations or re-allocations from individual line items will be approved by the respective Global Committee managing the project so long as the deviation does not result in the costs exceeding the original grant amount. Any costs above and beyond the original grant amount must be approved by the SoC Jury.
  
 
== GENERAL RULES ==
 
== GENERAL RULES ==
Line 125: Line 131:
 
* Note: The referred budget allocation is just a guideline and the final values will be adjusted based on the successful proposals.
 
* Note: The referred budget allocation is just a guideline and the final values will be adjusted based on the successful proposals.
  
 +
== FAQ ==
  
* [[OWASP Season of Code 2009 Old Frame|'''OWASP Season of Code - Previous version''']]
+
=== Why are you changing the way SoC Grants work? ===
 +
===  But I like getting paid for my work for OWASP! ===
  
 
[[Category:OWASP Season of Code]]
 
[[Category:OWASP Season of Code]]

Latest revision as of 09:21, 17 June 2009

This is a DRAFT page still under review by the Global Projects Committee



THEME: IMPROVING THE QUALITY AND USABILITY OF OWASP



Contents

Seasons of Code-5.jpg
A set of logos to choose from




.



UPDATES

  • MAY 6: DRUM ROLL!!!!!!!!!!!!!!!!!!!! THE OWASP SEASON OF CODE 2009 HAS BEEN PRE LAUNCHED AT OWASP APPSEC EUROPE 2009 - POLAND!
    • Deadline for project release applications: TBD

OVERVIEW

OWASP is now launching its Season of Code 2009 (OWASP SoC 09) with a provisional budget US$90,000, following the previous OWASP Summer of Code 2008, in which 33 projects were approved and a budget of more than US$125,000 have been made available, the OWASP Spring of Code 2007 (SpoC 07), in which 21 projects were sponsored with a budget of US$117,500, and the OWASP Autumn of Code 2006 (AoC 06), in which 9 projects were sponsored with a budget of US$20,000. The OWASP SoC 2009 is an OWASP grant program to encourage participants/developers to work together on OWASP (and web security) related projects.

Strategic Focus

OWASP SoC 2009 introduces a shift in grant structure from previous Seasons of Code. Going forward, we would like to see Season of Code grants used towards operating expenses. The driving idea behind this shift is that OWASP, as an organization, has plenty of technical talent and knowledge. As a result, our money is best spent on things that we cannot already do right now as an organization. These expenses include things like marketing our best projects, printing promotional samples of our best OWASP documents, graphic design, travel expenses to hold mini-summits, etc.

With this goal in mind, all project proposals should include a budget detailing how much money the team is expecting (up to 20k) and how they plan on using those funds. While all projects will be reviewed by the SoC Jury, preference will be given to projects that use the funds for expenses incurred outside of the OWASP community. The SoC Jury will provide feedback on proposals whose allocations and costs are deemed to be too high.

Although we welcome any project proposals (from improving Quality of existing OWASP projects to new innovative research), the areas below will be preferred:

  1. OWASP Education Pack - (Education Committee)
  2. Enterprise usability of OWASP projects - (Projects Committee)
  3. Additional Sources of Funding - (Membership & Chapters Committee)
  4. Marketing & PR - (Industry & Conferences Committee)

In particular, any projects that wishes to participate in the current SoC with the goal of improving their project quality is welcome to submit an application. Several project leaders have already indicated that they would like to do this even without SoC grant funds. For proposals that do not request SoC grant funds, we will do our best to offer alternative rewards in the form of project promotion (recognition, featured placement on the OWASP website, speaking slots to highlight projects at OWASP conferences, etc).

  • On the allocated projects areas the respective committee, above pointed out, will be involved on the application selection and will act as the 2nd reviewer accordingly with the OWASP Assessment Criteria V2.
  • The OWASP SoC 2009 is also an opportunity for external individual or company sponsors to challenge the participants/developers to work in areas in which they are willing to invest additional funding - see OWASP Season of Code Sponsorship for further information.

WHO CAN APPLY?

  • The only requirement is that the candidate(s) show the potential to accomplish the project release's objectives/deliveries and the commitment to dedicate the time required to complete it within the SoC deadlines.
  • Current active OWASP Project Contributors (including Project leaders) are encouraged to apply.
  • No member of the OWASP board or OWASP Global Projects Committee is allowed to apply for a OWASP SoC 09 sponsorship.
  • There are no any other restrictions on who can apply for a OWASP SoC 09 sponsorship.

HOW TO PARTICIPATE (TO DEVELOPERS)

  • Ideas to work can be chosen from:
  • To submit an application to develop a project release you have to copy this this form and to publish it here.
    • Please see also OWASP SoC 08, OWASP SpoC 07 and OWASP AoC 06 for contents to be included in the Application.
    • Note that no sensitive personal details should be posted in that page, i.e., full name, postal address, email, and so on.
  • Once your application is published on the WIKI, send an email to Global Projects Committee with the following details:
    • Project and release names;
    • Contact details, i.e., full name, postal address and email.
  • The Global Projects Committee can be contacted for further discussion on issues related to OWASP SoC 09 applications, i.e., project ideas, review of draft applications, etc..

SCHEDULE

  • 13th May – OWASP SoC 09 is pre launched at OWASP AppSec Europe 2009 - Poland!
  • TBD - OWASP SoC 09 is officially launched. Start date for submitting applications.
  • TBD - Deadline for project release applications.
  • TBD – Publishing of selected applications and start of OWASP SoC 09 project releases.
  • TBD - Participants to report on project status - 50% mark.
  • TBD - Project completion. Participants should deliver final project release report.

JURY

The OWASP SoC 09 jury is constituted by the OWASP Board Members (Jeff Williams, Dave Wichers, Tom Brennan, Sebastien Deleersnyder and Dinis Cruz) plus respective Committee representative.

SELECTION CRITERIA

  • The participant must create a roadmap for the project release that includes technical requirements, functional requirements, and quality requirements. Preference will be given to proposals that use the existing OWASP Beta and Stable requirements for quality supplemented with their own technical and functional requirements.
  • If requesting SoC grant funds, the participant must include a budget of anticipated expenses.
  • There are two methods to select OWASP SoC 09 project releases:
    • By direct majority vote by the Jury;
    • By selection rating using the criteria defined below.
      • Each project release will receive a rating from 1 to 5 on the following categories by each Jury. The final result will be the total value.
        • On the Project Release:
          • Complete status - What will be the final Completeness State? (According with the OWASP Assessment Criteria v2.0)
          • Complexity - What is the project release Complexity and Size?
          • Member Value - How big is the potential added value to OWASP Members?
          • Brand Value - How big is the potential added value to the OWASP Brand?
        • On the Candidate:
          • Past Work - Value of past contributions to OWASP Projects;
          • Deliverability - Proven capability to deliver;
          • Quality of Proposal - Global quality of the proposal submitted.

OPERATIONAL RULES

  • Proposals are submitted using online form (with all details publicly posted).
  • The participant should propose one reviewer (for details on the proposed reviewer responsibilities, see TDB see {assessment criteria reviewer role link}).
  • Each and every project release should have its SoC Project Release page always completely updated with all information regarding the project release status.
  • The SoC Project Release's final deliveries will be evaluated by the assigned reviewers. However, the Jury will provide final oversight.
  • Invoicing of expenses can be done directly through Alison, our OWASP accountant. Grants amounts will be approved by the SoC Jury. Participants are expected to stay reasonably close to their line item budgets; significant deviations or re-allocations from individual line items will be approved by the respective Global Committee managing the project so long as the deviation does not result in the costs exceeding the original grant amount. Any costs above and beyond the original grant amount must be approved by the SoC Jury.

GENERAL RULES

  • By taking part on OWASP SoC 09, the participant will authorize OWASP to host and advertise without any limitations his participation and all related contents including proposal and all deliveries.
  • All tools, documentation, or any other materials whatsoever, created by the participants within OWASP SoC 09 context must be released under an Open Source Initiative approved license. However, the participant may mirror development on her/his personal infrastructure at her/his option.
  • Participants and OWASP is free to use the results, including code, of the SoC's 09 code in any way they choose provided it is not in conflict with the license under which the code was developed.
  • Any situation arising not included in the above mentioned set of rules will be decided according to the discretionary judgement of OWASP Board.

OWASP SOC 09 BUDGET

  • The initial Budget for SoC 09 will be US$90,000, and it is funded by OWASP.
  • In parallel with the Request for Proposals, OWASP is also launching a sponsorship drive in which sponsors will have the option to choose which project releases they would like to support.
  • The funds available will be allocated to select project releases. However, strong proposals will be accepted by majority vote of the OWASP Board before the final application selection. Remaining budget will be allocated to remaining applications.
  • Note: The referred budget allocation is just a guideline and the final values will be adjusted based on the successful proposals.

FAQ

Why are you changing the way SoC Grants work?

But I like getting paid for my work for OWASP!