Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SP-CRA security solutions #331

Merged
merged 20 commits into from
Nov 22, 2023
Merged

SP-CRA security solutions #331

merged 20 commits into from
Nov 22, 2023

Conversation

anshul-tii
Copy link
Contributor

Following files (new and modified) are added.

  1. Enhanced version of SP_CRA_v7.py script: Removes minor performance bugs in the script, better execution, and solves the issue of infinite loops issue
  2. A script containing functional and regression test cases
  3. A script containing performance test cases
  4. Scripts containing security test cases in the context of implementation

joenpera

This comment was marked as resolved.

@joenpera
Copy link
Contributor

joenpera commented Nov 8, 2023

How this thing is started in a device boot? This is now implementing a thing and it is not started

…log file storage directory to temp, other minor fixes, modifications to functional tests script to accomodate sendall changes
@anshul-tii
Copy link
Contributor Author

started

For this, this functionality have nothing to with device boot.

@anshul-tii
Copy link
Contributor Author

empty main.py file in the commit and not proper socket handling (see previous questions).

This I dont think is relevant and It has to do with some future implementatian. My entry point is in the script only

@SelinaTII
Copy link
Collaborator

How this thing is started in a device boot? This is now implementing a thing and it is not started

This feature will be started depending on the configurations received from the provisioning server (the provisioning server should specify which features to turn on Eg: SP-CRA, Jamming, IDS)

@anshul-tii anshul-tii requested a review from joenpera November 8, 2023 10:07
@joenpera
Copy link
Contributor

joenpera commented Nov 8, 2023

In next update of the component or version, it might be a good idea to start to use static typing in some level. Static typing helps to understand what functions should return as type or which type of parameters is expected to be passed in.

Also it would be good to start to use also some python code style checker.

@joenpera
Copy link
Contributor

joenpera commented Nov 8, 2023

How this thing is started in a device boot? This is now implementing a thing and it is not started

This feature will be started depending on the configurations received from the provisioning server (the provisioning server should specify which features to turn on Eg: SP-CRA, Jamming, IDS)

Provisioning server will provide only certificates. Provisioning Server functionality and provided services are defined by Solita.

@anshul-tii
Copy link
Contributor Author

In next update of the component or version, it might be a good idea to start to use static typing in some level. Static typing helps to understand what functions should return as type or which type of parameters is expected to be passed in.

Understood, Thanks for the feedback. I will keep this comment in future.

@joenpera joenpera self-requested a review November 8, 2023 12:34
joenpera

This comment was marked as duplicate.

@joenpera joenpera self-requested a review November 8, 2023 12:37
Copy link
Contributor

@joenpera joenpera left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How SP_CRA_v7.py is started in a device is still open to me and can't approve. Provisioning server is just providing certificates. It is not providing any configurations.

@joenpera joenpera self-requested a review November 8, 2023 12:38
@SelinaTII
Copy link
Collaborator

How this thing is started in a device boot? This is now implementing a thing and it is not started

This feature will be started depending on the configurations received from the provisioning server (the provisioning server should specify which features to turn on Eg: SP-CRA, Jamming, IDS)

Provisioning server will provide only certificates. Provisioning Server functionality and provided services are defined by Solita.

What I understood from the new requirements discussions is that the provisioning server will (with future work) provide the certificates to setup the upper macsec/ batman as well as configurations such as which 2.0 features should be started. I am planning on starting these features from main.py, but as of now it is empty.

…r the execution of the script will be from the main script which hadnles the executio of all additional features
… features.yaml files can be used for feature selection
@joenpera joenpera requested a review from TIISR November 21, 2023 07:02
@joenpera
Copy link
Contributor

joenpera commented Nov 21, 2023

How this thing is started in a device boot? This is now implementing a thing and it is not started

This feature will be started depending on the configurations received from the provisioning server (the provisioning server should specify which features to turn on Eg: SP-CRA, Jamming, IDS)

Provisioning server will provide only certificates. Provisioning Server functionality and provided services are defined by Solita.
@TIISR And with current terms from MDM server?

TIISR here, for some reason GitHub does not let me reply to this particular comment but it lets me edit @joenpera 's comment: until SP-CRA can self-configure and proves to not affect any other software component (otherwise we have too many things to debug all at the same time 🙂) the idea is to have it disabled by default and then on a per-device basis easily enabled by MDM Server configuration applied by MDM Agent in CommsController. To avoid confusion let's please use the "provisioning" word only in reference to the Flight & Mission Operations (FMO) stuff distributed by NATS and only present in some use-cases, as opposed to our MDM present in all use-cases.

@joenpera joenpera self-requested a review November 22, 2023 10:45
@martin-tii martin-tii merged commit 0046760 into develop Nov 22, 2023
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants