<div dir="ltr">Marc,<div><br></div><div>This is certainly of interest to OSSG. There were some people talking about doing security testing before the last summit, but I haven't heard much about that recently. Please do join us for the meeting tomorrow and we can discuss in some more detail. I'll see if I can encourage the other parties to participate as well.</div>
<div><br></div><div>Cheers,</div><div>-bryan</div><div><br></div><div><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Feb 5, 2014 at 6:54 AM, Koderer, Marc <span dir="ltr"><<a href="mailto:m.koderer@telekom.de" target="_blank">m.koderer@telekom.de</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello Security Team,<br>
<br>
David and I are currently working on an automated framework for negative<br>
testing in Tempest. This frameworks generates tests out of json schema<br>
definitions (see <a href="https://review.openstack.org/#/c/64733/" target="_blank">https://review.openstack.org/#/c/64733/</a> and<br>
<a href="https://blueprints.launchpad.net/tempest/+spec/negative-tests" target="_blank">https://blueprints.launchpad.net/tempest/+spec/negative-tests</a>).<br>
<br>
During discussion we came to the idea that it would be quite easy to build a<br>
security fuzzy test framework out of existing pieces in Tempest. If we'd run<br>
the negative tests in our stress test framework that launches a certain number<br>
of concurrent worker processes. At the end of a run we could use Tempest again<br>
to validate that all services are up and running.<br>
<br>
Is this topic potentially interesting for this group?<br>
I saw on your launchpad task board that your are planning something similar:<br>
"Develop stress tests that can be integrated with current testing"<br>
Did somebody already spend some effort in that area?<br>
<br>
I'd like to join your meeting tomorrow and discuss about it.<br>
<br>
Regards<br>
Marc<br>
<br>
DEUTSCHE TELEKOM AG<br>
Digital Business Unit, Cloud Services (P&I)<br>
Marc Koderer<br>
Cloud Technology Software Developer<br>
T-Online-Allee 1, 64211 Darmstadt<br>
E-Mail: <a href="mailto:m.koderer@telekom.de">m.koderer@telekom.de</a><br>
<a href="http://www.telekom.com" target="_blank">www.telekom.com</a><br>
<br>
LIFE IS FOR SHARING.<br>
<br>
DEUTSCHE TELEKOM AG<br>
Supervisory Board: Prof. Dr. Ulrich Lehner (Chairman)<br>
Board of Management: René Obermann (Chairman),<br>
Reinhard Clemens, Niek Jan van Damme, Timotheus Höttges,<br>
Dr. Thomas Kremer, Claudia Nemat, Prof. Dr. Marion Schick<br>
Commercial register: Amtsgericht Bonn HRB 6794<br>
Registered office: Bonn<br>
<br>
BIG CHANGES START SMALL – CONSERVE RESOURCES BY NOT PRINTING EVERY E-MAIL.<br>
_______________________________________________<br>
Openstack-security mailing list<br>
<a href="mailto:Openstack-security@lists.openstack.org">Openstack-security@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security</a><br>
</blockquote></div><br></div>