From 2972f84a02977f19d1cc08599153daddaf527e8d Mon Sep 17 00:00:00 2001
From: Alexandra Konrad <10500694+trisch-me@users.noreply.github.com>
Date: Mon, 6 May 2024 11:20:23 +0200
Subject: [PATCH] Project Proposal: Security semantic conventions (#1838)

* first proposal for security project

* fix spell

* Update projects/security.md

Co-authored-by: Reiley Yang <reyang@microsoft.com>

* add more experts

* add another expert

* add companies names to the spellcheck

* refine project timeline and description

* Update projects/security.md

Co-authored-by: Armin Ruech <7052238+arminru@users.noreply.github.com>

* update sponsor and meeting time

* added slack channel

* add expert

* update slack name

Co-authored-by: Trask Stalnaker <trask.stalnaker@gmail.com>

---------

Co-authored-by: Reiley Yang <reyang@microsoft.com>
Co-authored-by: Armin Ruech <7052238+arminru@users.noreply.github.com>
Co-authored-by: Trask Stalnaker <trask.stalnaker@gmail.com>
Co-authored-by: Severin Neumann <neumanns@cisco.com>
---
 .cspell.yaml            | 16 ++++++++
 projects/env-semconv.md | 69 ++++++++++++++++++++++++++++++++++
 projects/security.md    | 82 +++++++++++++++++++++++++++++++++++++++++
 3 files changed, 167 insertions(+)
 create mode 100644 projects/env-semconv.md
 create mode 100644 projects/security.md

diff --git a/.cspell.yaml b/.cspell.yaml
index 1dc272a75..6ed133b76 100644
--- a/.cspell.yaml
+++ b/.cspell.yaml
@@ -11,18 +11,22 @@ ignoreRegExpList:
     - Google Docs ID
 words:
     - DASD
+    - datadog
     - dynatrace
     - easycla
     - eiffel
+    - elastic
     - emea
     - faas
     - galkleinman
     - gitter
     - gyliu513
     - Hostmetrics
+    - isovalent
     - Liudmila
     - Nale
     - REXX
+    - scaphandre
     - Sysplex
     - acramsay
     - adot
@@ -40,6 +44,7 @@ words:
     - arminru
     - austinlparker
     - beedgen
+    - bertysentry
     - blanco
     - bogdan
     - bogdandrutu
@@ -82,6 +87,7 @@ words:
     - faas
     - fong
     - gitter
+    - gabibeyer
     - henrikrexed
     - hongalex
     - horovits
@@ -104,6 +110,7 @@ words:
     - kubecon
     - kuisathaverat
     - lalitb
+    - lambdanis
     - liatrio
     - lightstep
     - lmolkova
@@ -112,12 +119,16 @@ words:
     - magnusbaeck
     - maintainership
     - mancuso
+    - marceloamaral
     - martinkuba
     - mateuszrzeszutek
     - mayur
     - mayurkale
+    - mdelfabro
     - mhausenblas
     - mirabella
+    - mjwolf
+    - mkorbi
     - molkova
     - msomasu
     - mtwo
@@ -127,6 +138,7 @@ words:
     - neumann
     - neumüller
     - nirga
+    - nikimanoledaki
     - novotny
     - observiq
     - ocelotl
@@ -148,12 +160,14 @@ words:
     - proto
     - pyohannes
     - pytest
+    - raesene
     - reiley
     - reyang
     - rrschulze
     - ruech
     - runtimes
     - rynn
+    - rossf7
     - salnikov
     - scavarda
     - scheler
@@ -169,6 +183,7 @@ words:
     - skyscanner
     - sourabh1007
     - splk
+    - spazzy757
     - srikanthccv
     - stalnaker
     - subdir
@@ -194,6 +209,7 @@ words:
     - trendable
     - triager
     - triagers
+    - trisch-me
     - tsloughter
     - tylerbenson
     - xibz
diff --git a/projects/env-semconv.md b/projects/env-semconv.md
new file mode 100644
index 000000000..58aa81a76
--- /dev/null
+++ b/projects/env-semconv.md
@@ -0,0 +1,69 @@
+### Description
+
+This working group looks to identify and standardize observability for
+sustainability purposes with regards to infrastructure and applications. This
+would look at current tooling around sustainability metrics and standardize the
+meaning and approach for these metrics.
+
+Current efforts of implementations:
+
+- [Kepler](https://github.com/sustainable-computing-io/kepler)
+- [Scaphandre](https://github.com/hubblo-org/scaphandre)
+
+We want to have a unified conventions in order to better facilitate measuring sustainability metrics across different ecosystems.
+
+### Deliverables
+
+- Semantic conventions for sustainability metrics
+- Reference Prototypes metrics
+- Recommended practices for reporting on sustainability metrics within the scope of OpenTelemetry 
+
+### Staffing / Help Wanted
+
+**Project Leads**
+- @spazzy757
+
+**Sponsoring Members**
+- @danielgblanco
+- @pyohannes (delegated by @jpkrohling, as per [project proposal guidelines](https://github.com/open-telemetry/community/blob/main/project-management.md#project-proposal))
+
+**Engineers**
+- @gabibeyer
+- @bertysentry
+- @nikimanoledaki
+- @mkorbi
+- @rossf7
+- @marceloamaral
+
+### Meeting Times
+
+- Meeting Times: Mondays 2:00PM - 3:00PM UCT
+- CNCF Slack [#otel-sustainability-semconv-sig](https://cloud-native.slack.com/archives/C06RTM63YD6) for collaboration
+
+### Timeline
+
+Q3 2024
+
+* Kickoff
+* Experimental semantic conventions
+
+Q4 2024
+
+* Prototype development
+
+1H 2025
+
+* Review and refinement
+* Declare sustainability semantic conventions as stable
+* Create Recommendations
+
+### Labels
+
+- `sustainability`
+
+### Linked Issues and PRs
+- https://github.com/open-telemetry/semantic-conventions/issues/835
+
+### Project Board
+
+- TBD
diff --git a/projects/security.md b/projects/security.md
new file mode 100644
index 000000000..afd223c1f
--- /dev/null
+++ b/projects/security.md
@@ -0,0 +1,82 @@
+# Security Semantic Conventions Working Group
+
+## Description
+
+The purpose of this working group is to bring in the security domain for the OpenTelemetry community. 
+
+As outlined in the [ECS OTEP](https://github.com/open-telemetry/oteps/blob/main/text/0199-support-elastic-common-schema-in-opentelemetry.md), the Elastic Common Schema (ECS) is currently being contributed to the semantic conventions schema. Given the significance of security within ECS, establishing this working group is crucial as it will expedite the donation of ECS fields tailored to security use cases. Beyond expanding the schema, our aim is to craft a clear vision for the instrumentation required.
+
+## Deliverables
+
+* Our current focus is on defining essential semantic conventions for security use cases.
+  * This includes but is not limited to the following namespaces:
+    * [`Code signature`](https://www.elastic.co/guide/en/ecs/current/ecs-code_signature.html)
+    * [`DLL`](https://www.elastic.co/guide/en/ecs/current/ecs-dll.html)
+    * [`DNS`](https://www.elastic.co/guide/en/ecs/current/ecs-dns.html)
+    * [`File`](https://www.elastic.co/guide/en/ecs/current/ecs-file.html)
+    * [`Group`](https://www.elastic.co/guide/en/ecs/current/ecs-group.html)
+    * [`Hash`](https://www.elastic.co/guide/en/ecs/current/ecs-hash.html)
+    * [`Host`](https://www.elastic.co/guide/en/ecs/current/ecs-host.html)
+    * [`Network`](https://www.elastic.co/guide/en/ecs/current/ecs-network.html)
+    * [`Operating System`](https://www.elastic.co/guide/en/ecs/current/ecs-os.html)
+    * [`Package`](https://www.elastic.co/guide/en/ecs/current/ecs-package.html)
+    * [`Process`](https://www.elastic.co/guide/en/ecs/current/ecs-process.html)
+    * [`Registry`](https://www.elastic.co/guide/en/ecs/current/ecs-registry.html)
+    * [`Risk information`](https://www.elastic.co/guide/en/ecs/current/ecs-risk.html)
+    * [`Rule`](https://www.elastic.co/guide/en/ecs/current/ecs-rule.html)
+    * [`Threat`](https://www.elastic.co/guide/en/ecs/current/ecs-threat.html)
+    * [`TLS`](https://www.elastic.co/guide/en/ecs/current/ecs-tls.html)
+    * [`User`](https://www.elastic.co/guide/en/ecs/current/ecs-user.html)
+    * [`Vulnerability`](https://www.elastic.co/guide/en/ecs/current/ecs-vulnerability.html)
+  * Please note that some of the above-mentioned namespaces are already a part of the Semantic Conventions schema. The goal is to expand these namespaces to include additional fields that are relevant to security use cases.
+
+* As new use cases and namespaces are introduced to the semantic conventions, there may be a need for additional instrumentation to accommodate them. It is anticipated that this aspect will expand through an iterative process.
+
+## Staffing / Help Wanted
+
+We are seeking security experts to collaborate with us in expanding the security domain within the community.  
+
+### Required staffing
+
+There is an open [PR](https://github.com/open-telemetry/semantic-conventions/issues/580) to create a `semconv-security-approver` group for all PRs related to security fields.  
+
+* project lead: @trisch-me (Elastic)
+* domain expert: @mjwolf (Elastic)
+* domain expert: @raesene (Datadog)
+* domain expert: @lambdanis (Isovalent)
+* domain expert: @mdelfabro (Dynatrace)
+
+* TC sponsor: @reyang
+* TC sponsor: @jsuereth
+
+Need more 
+- [ ] domain experts
+- [ ] TC 
+- [ ] potentially, maintainers of language-specific instrumentation may be needed if the need arises.
+
+
+## Meeting Times
+
+There is an allocated time in the Semantic Conventions WG for this project.
+- Mondays at 8 AM PST
+
+For async conversation please use #otel-semconv-security slack channel from official CNCF slack workspace.
+
+## Timeline
+
+The goal is to have the security semantic conventions implemented by the end of 2024.
+
+The timeline for this project is as follows:
+December 2023: Initial Draft
+April 2024: Review and Refinement
+May 2024-December 2024: Introducing the Security Semantic Conventions
+
+
+## Labels
+
+* security
+
+## Linked Issues and PRs
+
+* [Donating ECS to OpenTelemetry](https://github.com/open-telemetry/oteps/blob/main/text/0199-support-elastic-common-schema-in-opentelemetry.md)
+* [Creation of semconv-security-approver group](https://github.com/open-telemetry/semantic-conventions/issues/580)