OSCAL icon indicating copy to clipboard operation
OSCAL copied to clipboard

Published 20 hours ago verified publisher icon usnistgov

MIDAS Testing Plan Discussion

Open nikitawootten-nist opened this issue 2 years ago • 6 comments

User Story:

As NIST OSCAL developers, our software must comply with the checklist for publication of research code/software, which is based on NIST S 1801.03 (note these are internal NIST links). The checklist includes requirements for testing, specifically:

DEVELOPMENT AND TESTING A testing plan (e.g., unit, integration, acceptance, performance) was developed, followed, and documented. The testing plan and results are available at (insert url) Continuous testing was conducted during updates and new builds. Code includes appropriate IT security and privacy controls.

As @david-waltermire-nist and I discussed on a call earlier today, a discussion is needed to flesh out what a "testing plan" would look like, and how it would be documented.

This issue will focus on "brainstorming" a list of requirements for an OSCAL testing plan for an open source software project. We will hold 1-2 brainstorming sessions to work out a list of requirements and to identify any follow-on work.

Goals:

  • [ ] Establish a baseline of minimum requirements
  • [ ] Develop a checklist or decision tree to drive what details to provide.
  • [ ] Identify a standard of practice for support periods, bug resolution time frames, etc.
    • Consider selection of dependencies
  • [ ] A discussion on the specifics of what an "OSCAL testing plan" would look like and how it should be implemented in NIST OSCAL projects
  • [ ] The test plan document is distributed to the new projects depending on this guidance for a MIDAS release, such as documented in https://github.com/usnistgov/oscal-deep-diff/issues/43
  • [ ] Align with NIST guidance on open source repository documentation.

Dependencies:

N/A

Acceptance Criteria

  • [ ] An initial list of test plan requirements is identified and published to this issue.
  • [ ] Any additional follow-on tasks are created as issues referencing this issue.
  • [ ] All OSCAL website and readme documentation affected by the changes in this issue have been updated. Changes to the OSCAL website can be made in the docs/content directory of your branch.
  • [ ] A Pull Request (PR) is submitted that fully addresses the goals of this User Story. This issue is referenced in the PR.
  • [ ] The CI-CD build process runs without any reported errors on the PR. This can be confirmed by reviewing that all checks have passed in the PR.

nikitawootten-nist avatar Jun 17 '22 19:06 nikitawootten-nist