Releases typically occur every 6 months.
A release will use the last TSC approved security requirements that were approved at least 6 month prior to the release.
Exceptions must be submitted a minimum of 21 days prior to release
Note: Critical vulnerabilities/security items, as categorized by the Akraino Security Sub-Committee, must be fixed even if found inside lock out window.

Image Removed

Maturity Review: Security Requirements Criteria

...

Release 4 (Target Date November 30, 2020) Incubation Requirements:

Month	6/2020	7/2020	11/2020
Release			Rel. 4
Security Requirement Update	v. 1.0
Minimum Security Requirement			v. 1.0
Maximum Security Requirement			v. 1.0
		Release 4 Minimum Security Requirement Lock Out Window

Image Added

Exception granted in cases of non-applicability.
Exception granted in cases where another security mechanism specified in the blueprint and implemented mitigates the risk.
Exceptions requested for cases above must be approved by the security sub-committee.
Exceptions require a maximum of 21 days to review.
The formal email date received, requesting a maturity review would be the Maturity Request date and this would define the set of security requirements that apply.
Note: Critical vulnerabilities/security items, as categorized by the Akraino Security Sub-Committee, must be fixed even if found inside lock out window.

Current Maturity Requirements:

Month	6/2020	7/2020	8/2020	9/2020	10/2020	11/2020	12/2020
Maturity Request
Security Requirement Update	v. 1.0
Minimum Security Requirement		v. 1.0	v. 1.0	v. 1.0	v. 1.0	v. 1.0	v. 1.0
Maximum Security Requirement		v. 1.0	v. 1.0	v. 1.0	v. 1.0	v. 1.0	v. 1.0
		Release 4 Minimum Security Requirement Lock Out Window

...

Vuls

Vuls will be integrated with Blueprint Validation Framework (Bluval User Guide)

...