inferno-chromium
commented
3 years ago @coni2k @nuthanmunaiah @naveensrinivasan - fyi in case you have ideas on this problem.
Open inferno-chromium opened 3 years ago
inferno-chromium
commented
3 years ago @coni2k @nuthanmunaiah @naveensrinivasan - fyi in case you have ideas on this problem.
coni2k
commented
3 years ago Thanks for sharing the document @inferno-chromium. I will check the CII links/reports later on. I was already curious about the details; how are you planning to fund the projects once we have a proper output etc. I just joined to the email list, and planning to join to the next meeting. So, hopefully we can meet & discuss these details in the meeting.
nuthanmunaiah
commented
3 years ago @inferno-chromium Have we considered a PageRank-style of computing criticality score? For instance, assuming kernel is a critical project, the criticality score of a project (say foo) that kernel depends on must be compounded given the fact that a vulnerability in foo can have widespread impact given the criticality of kernel.
kerberosmansour
commented
3 years ago I would also like to know which projects (and their criticality) influence the score (think page rank)
https://docs.google.com/document/d/1LQCeihQQ_N6phUSixfAJMUnu5XbTEBjChLFa3CwyWAw/edit#heading=h.uerhnqr9ckrs