Circulation: 2013-Jun-18
Quotation Due: 2013-Jul-15
ONVIF TSC Projects “NOP” Request for Quotation
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Page | 1

1. Introduction ........................................................................................................................................... 3
2. Project Purpose ......................................................................................................................................... 3
3. Service Requested ..................................................................................................................................... 3
4. Description of Requested Service .............................................................................................................. 4
5. Execution of Service .................................................................................................................................. 5
6. Protective Rights ........................................................................................................................................ 6
7. Confidentiality ........................................................................................................................................... 6
8. Quotation .................................................................................................................................................. 7
9. References ................................................................................................................................................. 7
10. Contacts ..................................................................................................................................................... 9
ONVIF TSC Projects “NOP” Request for Quotation
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Page | 2

ONVIF™ is an open industry forum for the development of a global standard for the interface of IP-based physical security products. Information about ONVIF, its objectives and members can be found on http://www.onvif.org/ .
The ONVIF Device Test Tool is used by the members of ONVIF to test conformance of IP-based physical security products with the ONVIF Test Specification, which in turn is based on the ONVIF Network Interface
Specifications and WSDL and XML schemas, as described in the ONVIF Conformance Process Specification.
The purpose of this project is to release an updated version of the ONVIF Device Test Tool and ONVIF Test
Specification for Profile S, continue the development for Profile G and Profile C for conformance, and release and implement a test specification for the ONVIF Advanced Security Specification.
This project will deliver a final official version of the ONVIF Device Test Tool and ONVIF Test Specification.

Update existing Test Specification and Test Tool based on four distinct Scope-of-Works: Project
OktoberFest for the Maintenance WG, Project Peroni for the Profile G WG, Project
Newcastle for the Profile C WG and Project Oktoberfest for the Security Testing WG; and will require multiple general improvements to the ONVIF Device Test Tool, test case writing for the
ONVIF Test Specification as well as implementation of these test cases in the ONVIF Device Test
Tool.

Coordinate the development effort made by the other ONVIF working groups working with the
Contractor. The Maintenance WG is responsible for the integration and coordination of the different ONVIF working group development efforts on the ONVIF Device Test Tool and ONVIF Test
Specification, and will be the main point of contact to the Contractor in case of conflicts between projects run in parallel.

Prepare documents for public release.
For a detailed description of the service requested, see Section 4 , Description of Requested Service.
ONVIF TSC Projects “NOP” Request for Quotation
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Page | 3

The service being requested MUST fulfil the following requirements. Requirement levels MUST be interpreted as described in RFC 2119 1 “Key words for use in RFCs to indicate requirement levels”.
1.
The project MUST be developed in accordance with the schedule outlined in Appendix A .
2.
Any deviations from the schedule outlined in Appendix A MUST be approved by ONVIF.
3.
The project MUST include the work items outlined in Appendix D ,
Appendix E
, Appendix F
and
Appendix G . The Maintenance WG, Profile G WG, Profile C WG and Security Testing WG can at any
time decide to drop or postpone a work item; the Contractor MUST rollback the changes if any progress was made on the work item at no additional charge.
4.
The project MUST deliver an updated ONVIF Device Test Tool and documentation as outlined in
Appendix B
and Appendix C .
5.
The project MUST follow the technical requirements outlined in Appendix G during the ONVIF Device
Test Tool development.
6.
The project MUST deliver an updated ONVIF Test Specification as outlined in Appendix B
and Appendix
C .
7.
The project MUST respect the style and structure of the ONVIF Test Specification when updating the documents.
8.
The scope of the project deliverables will be adjusted if necessary to keep the release date of the
official release (see Appendix A ) without endangering the quality of the release. However the
Contractor is expected to complete the requirements outlined in Appendix D ,
Appendix E
, Appendix F
and Appendix G
even if another release is required after delivery of the official release.
9.
The final deliverables MUST pass a review before the service is considered delivered.
10.
If any changes are made to this RfQ or to relevant reference documents that will result in significant work increase for the contractor, then the contractor and the relevant work group MUST discuss the appropriate actions. The appropriate actions MAY be to remove other work items or to add to the contractors work effort. If the joint decision be to add to the contractors work effort, then this SHOULD be covered with a new contract. The contractor MUST supply the cost for such additional work, stated in price per hour, in the response to this RfQ
11.
Any further maintenance and expansion work done to the ONVIF Device Test Tool and/or ONVIF Test
Specification is subject to further quotations and separate contracts. A renewed cooperation of the
1 See: http://www.ietf.org/rfc/rfc2119.txt
ONVIF TSC Projects “NOP” Request for Quotation
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Page | 4

Contractor and ONVIF for these tasks over many development steps is possible and where possible appreciated, however not guaranteed.
Additional requirements for the Security Testing Scope-of-work:
12.
The contractor MUST be prepared to handle minor changes to the [ONVIF Advanced Security Service
Specification] that underlies the [ONVIF Advanced Security Service Test Specification]. WG Security
Testing will announce these changes, if any, by July 31, 2013.
13.
Test cases MUST NOT make explicit nor implicit assumptions on the device under test (DUT) configuration beyond the prerequisites mandated in the ONVIF Advanced Security Service Test
Specification.
14.
All changes of the DUT configuration that are made in the course of a test case MUST be reversed before the test case terminates.
15.
Test case definitions MUST support sequential execution of test cases.
16.
Test case definitions SHOULD support concurrent execution of different test cases.
17.
Test case definitions SHOULD support multiple concurrent executions of the same test case.
18.
The best practices for writing security test cases detailed at https://wush.net/trac/onvifext/wiki/best_practices_security_test_case_writing MUST be followed.
The execution of the service must fulfil the following requirements:
1.
The service must be executed by capable and qualified employees or sub-contractors under the same rules.
2.
The Contractor must provide a weekly progress report to the Maintenance WG, Profile G WG Profile C,
WG and Security Testing WG outlining the tasks performed and the issues encountered.
3.
Interpretation issues encountered during development or test case writing MUST be forwarded to and
handled by the corresponding working group based on the responsibilities listed in Appendix C .
4.
The Service MUST be executed in accordance with applicable import / export regulations for cryptographic algorithms and their implementations.
5.
Throughout the project the Maintenance WG, Profile G WG, Profile C WG or Security Testing WG might call for telephone conferences and/or face-to-face meetings with the Contractor to address any
ONVIF TSC Projects “NOP” Request for Quotation
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Page | 5

possible open questions and to review the progress. The Contractor MUST attend those requested telephone conferences and face-to-face meetings. a.
The Contractor MUST attend the ONVIF face-to-face meeting in San Diego (US), Sep 17-20,
2013. b.
The Contractor may be required to attend the ONVIF face-to-face meeting in Shenzhen (China),
Oct 28-31, 2013. c.
At least one technical resource and one manager assigned to the project must be legally authorized to travel to those destinations.
1.
ONVIF will hold all rights to the ONVIF Device Test Tool software (the development results), its source code, documentation, and related inventions, achieved by employees and sub-contractors of the
Contractor.
2.
ONVIF will obtain exclusive and discretional rights of use without any territorial restrictions or time limits.
3.
The Contractor notifies ONVIF if and where it intends to use material in the ONVIF Device Test Tool which is affecting rights of a third party.
4.
The Contractor will ensure in an appropriate way that ONVIF can claim inventions made by employees and sub-contractors of the Contractor.
1.
The Contractor must sign a non-disclosure agreement (NDA) with ONVIF prior to the initiation of the project. This NDA is for ONVIF to share draft technical specifications as well as other necessary nonpublic information of ONVIF, needed to fulfil this requested service.
2.
The Contractor must keep all development results and related documents strictly confidential and must release them only to the ONVIF office and the assigned technical contacts of ONVIF.
ONVIF TSC Projects “NOP” Request for Quotation
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Page | 6

The quotation MUST at least contain the following information:
1.
Cost of requested service and all other related cost.
2.
Estimate for a service-based block of 150 hours in addition to the work required for the different
Scope-of-Works. This is a work buffer that might be use partially or not at all depending on the need of the Profile G and Profile C workgroups for new work items not already included in this RfQ.
3.
Estimate for travel expenses for two representative of the Contractor. Travel request for this project: San Diego (US), Sep 17-20, 2013 and Shenzhen (China), Oct 28-31, 2013.
The following ONVIF documents MUST be used as a reference in the project:

Profile S Specification

Profile G Specification – RC

Profile C Specification – RC

Network Interface Specifications version 2.3

Feature Discovery Specification v13.06

Test Case Summary for Profile S Conformance v13.06

Test Specification v13.06 o Test Specification o Base Test Specification o Media Test Specification o Real Time Streaming Test Specification o PTZ Test Specification o Imaging Test Specification

Profile G Test Specification – RC o Recording Search Test Specification - RC o Replay Control Test Specification – RC o Recording Control Test Specification – RC o Receiver Test Specification – RC

Profile C Test Specification – RC o Access Control Test Specification – RC o Door control Test Specification – RC

Profile C Technical Documentation
ONVIF TSC Projects “NOP” Request for Quotation
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Page | 7

o Profile C Coverage Map o Access Control Service o Door Control Service

Advanced Security Documentation o ONVIF Advanced Security Service Specification Version 1.0_RC1 o ONVIF Advanced Security Service Test Specification Version 0.9

Conformance Process Specification v2.0

Interpretation Guidelines for Test Specification and Test Tool

Application Programmers Guide
These documents are to be delivered together with this document or upon request by the Contractor.
These documents MAY be replaced with newer versions after the start of the project. In such a case the
Maintenance WG, Profile G WG, Profile C WG or Security Testing WG will inform the Contractor and discuss appropriate actions.
ONVIF TSC Projects “NOP” Request for Quotation
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Page | 8

General contact:
ONVIF
Stan Moyer, Vice President, Executive Director smoyer@inventures.com
2400 Camino Ramon, Suite 375
San Ramon, CA 94583
Phone: +1.925.275.6621
Fax: +1.925.275.6691 www.onvif.org
Technical Contacts:
Technical issues and questions concerning the ONVIF specifications, schemas, and this Request for
Quotation MUST be addressed to:
ONVIF TSC Maintenance WG
Hugo Brisson, Chairman, Maintenance Working Group
Phone: +1-514-332-4000 ext. 6336
E-mail: hbrisson@genetec.com
ONVIF TSC Profile G WG
Steven G. Dillingham, Chairman, Profile G Working Group
Phone: +1-508-485-2900 x43
E-mail: msdillingham@vidsys.com
ONVIF TSC Profile C WG
Baldvin Gislason Bern, Chairman, Profile C Working Group
E-mail: baldvin.gislason.bern@axis.com
ONVIF TSC Security Testing WG
Dirk Stegemann, Chairman, Security Testing Working Group
Phone: +49 89 6290 1629
E-Mail: dirk.stegemann@de.bosch.com
ONVIF TSC Projects “NOP” Request for Quotation
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Page | 9

Due dates correspond to end of day in UTC time. See Appendix B for definition of deliverables.
24-Jun-2013
19-Jul-2013
Circulation of this Request for Quotation
Quotation due to be received by the ONVIF Office, Maintenance WG, Profile G WG,
29-Jul-2013
05-Aug-2013
09-Aug-2013
02-Sep-2013
Profile C WG and Security Testing WG by e-mail [ Contacts ].
Contractor selected, agreement signed, and project start
Delivery of ONVIF Advanced Security Service Test Specification Review
Delivery of Test Cases Overview
Delivery of ONVIF Device Test Tool 1 st Prototype
Delivery of Test Cases Draft 02-Sep-2013
17 to 20-Sep-2013
07-Oct-2013
San-Diego F2F Meeting (presence of vendor might be required)
Delivery of ONVIF Device Test Tool 2 nd Prototype
07-Oct-2013 Delivery of ONVIF Test Specification 1 st Draft
28-Oct-2013 Shenzhen F2F Meeting (presence of vendor might be required)
11-Nov-2013 Delivery of ONVIF Device Test Tool 3 rd Prototype
11-Nov-2013 Delivery of ONVIF Test Specification 2 nd Draft
02-Dec-2013 Delivery of ONVIF Device Test Tool Release Candidate
02-Dec-2013
16-Dec-2013
16-Dec-2013
20-Dec-2013
Delivery of ONVIF Test Specification Release Candidate
Delivery of ONVIF Device Test Tool Final Release
Delivery of ONVIF Test Specification Final Release
Project closure
Appendix A - Timeline for Service
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Appendix A - Page | 1

Due Date
05-Aug-2013
09-Aug-2013
02-Sep-2013
02-Sep-2013
Name
Advanced
Security Service
Test
Specification
Review
Test Cases
Overview
ONVIF Device
Test Tool 1
Prototype st
Test Cases Draft
07-Oct-2013 ONVIF Device
Test Tool 2 nd
Prototype
07-Oct-2013 ONVIF Test
Specification 1 st
Draft
11-Nov-2013 ONVIFm Device
Test Tool 3 rd
Prototype
11-Nov-2013 ONVIF Test
Specification
2 nd Draft
02-Dec-2013 ONVIF Device
Test Tool
Release
Candidate
02-Dec-2013 ONVIF Test
Specification
Release
Candidate
16-Dec-2013 ONVIF Device
Test Tool Final
Release
16-Dec-2013 ONVIF Test
Specification
Final Release
Appendix B - Definition of Deliverables
Description

Review existing [ONVIF Advanced Security Service Test
Specification] with special focus on errors, ambiguities and adherence to the Best practices for writing security test cases.

Make proposals for specification improvements.

Focus on existing test cases; do not propose new test cases.

Listing of all new test cases with short description based on the Scope of Work documents provided in this RfQ.

Should include informative points such as; Test Label, Technical
Specification Coverage, Command Under Test, WSDL Reference and
Test Purpose; but not include Test Steps and Test Sequence.

Partial implementation of Test Cases and features. Only tested Test
Cases and features should be delivered.

List of test cases and features implemented in the prototype must also be provided.

Every new Test Case in draft form.

Four separate document: one for Maintenance WG, one for Profile G
WG, one for Profile C WG and one for Security Testing WG.

Partial implementation of Test Cases and features. Only tested Test
Cases and features should be delivered. Should have reached at least
50% scope coverage.

Every new Test Case integrated into their corresponding ONVIF Test
Specification document in draft form.






All Test Cases and features implemented. Only tested Test Cases and features should be delivered. Should have reached at least 90% scope coverage.
Every new Test Cases integrated into their corresponding ONVIF Test
Specification document in draft form.
Total List of Test Cases must also be provided.
Only stable (no blocking ticket opened) Test Cases and Features are included in this delivery.
From that point on, only fixes requested by WG are allowed. delivery.

Total List of Test Cases must be updated.

From that point on, only fixes requested by WG are allowed.

All tickets for the Kingfisher, Leffe and Miller milestones have been

Only stable Test (no blocking ticket opened) Cases are included in this addressed or postponed.
All tickets for the Kingfisher, Leffe and Miller milestones have been addressed or postponed.
June, 2013
Copyright © ONVIF 2013. All rights reserved. Appendix B - Page | 1

Delivery
Package
Test
Specification
Item
PTZ Test Specification
Replay Test Specification
Target
Test Specification (High level document)
Test Specification Release
Notes
Base Test Specification
Public
Public
Public
Media Test Specification
Real Time Streaming Test
Specification
Imaging Test Specification
Public
Public
Public
Public
Public
Editing
Responsibility
Maintenance WG
Maintenance WG
Contractor
Contractor
Contractor
Contractor
Contractor
Contractor
Receiver Test Specification Public
Recording Control Test
Specification
Search Test Specification
Public
Public
Door Control Test
Specification
Access Control Test
Specification
Advanced Security Service
Test Specification
Total List of Test Cases
Public
Public
Public
WG
Contractor
Contractor
Contractor
Contractor
Contractor
Contractor
ONVIF Device
Test Tool
Profile
Total List of Test Cases for
Advanced Security Service
Feature Discovery
Specification
Binaries
Source Code
Help Files
Installation Guide
Internal Release Notes
Official Release Notes
Errata Document
Profile S Specification
WG
Public
Contractor
Contractor
Contractor
ONVIF Members Contractor
WG (limited) Contractor
ONVIF Members
ONVIF Members
Contractor
Contractor
WG Contractor
ONVIF Members Maintenance WG
ONVIF Members Maintenance WG
Public Maintenance WG
Maintenance WG Test Case Summary for
Profile S Conformance
Profile G Specification
Public
Public
Test Case Summary for
Profile G Conformance
Appendix C - Delivery Packages and Responsibilities
Public
Profile G WG
Profile G WG
Copyright © ONVIF 2013. All rights reserved.
Review
Responsibility
Maintenance WG
All WGs
All WGs
Maintenance WG
Maintenance WG
Maintenance WG
Maintenance WG
Profile G WG
Profile G WG
Profile G WG
Profile G WG
Profile C WG
Profile C WG
Security Testing WG
All WGs
Security Testing WG
All WGs
All WGs
All WGs
Maintenance WG
Maintenance WG
All WGs
All WGs
Maintenance WG
Maintenance WG
Maintenance WG
Profile G WG
Profile G WG
June, 2013
Appendix C - Page | 1

Delivery
Package
Item
Profile C Specification
Test Case Summary for
Profile C Conformance
Target
Public
Public
Editing
Responsibility
Profile C WG
Profile C WG
Review
Responsibility
Profile C WG
Profile C WG
Appendix C - Delivery Packages and Responsibilities
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Appendix C - Page | 2

The Maintenance WG uses a ticket system to manage all work items for the Contractor and for the working group. The tickets can be consulted at https://wush.net/trac/onvif-ext/report/1 . Only tickets targeted at the Milestone OktoberFest are part of this Scope-of-work.
The Contractor must follow the instructions detailed here https://wush.net/trac/onvifext/wiki/best_practices_vendor_company when working with the tickets.
Ticket
#298
Summary
Promote Profile C and Profile G to Conformance task
Type blocker
Priority
Description
The December release of the ONVIF Device Test Tool must contain Profile C and Profile G for Conformance.
Work Item for Contractor
- Enable Profile C and Profile G for Conformance
- Propose and implement update to the auto-generated DoC for multiple profiles conformance
- Be ready to undo changes if the Profile G or Profile C workgroup ask for an extension before a profile can be used in Conformance.
Ticket
#296
Summary
Add event test for PullMessage as keep alive task
Type
High
Priority
Description
In section 9.5 point 5 of the core specification there is a method described for using PullMessages as a keep-alive for the pull messages subscription. This is something we would like to use in the security test cases.
Work Item for Contractor
Write and implement a test case for PullMessage as a keep-alive method.
Appendix D - Project OktoberFest – Scope-of-work
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Appendix D - Page | 1

Ticket
#96
Summary
Issue with IPv6 Multicast test cases.
Type
ChangeRequest
Description
Issue with IPv6 test cases on Windows XP systems.
Work Item for Contractor
Win XP to be removed from the requirement list of the OS'es on which the test tool should run.
Following Test cases to be moved to conformance:
- RTSS-1-2-4
- RTSS-1-2-5
- RTSS-1-2-6
- RTSS-2-2-4
- RTSS-2-2-6
- RTSS-2-2-8
- RTSS-3-2-2
- RTSS-3-2-4
- RTSS-3-2-6
Priority
Medium
Ticket
#225
Summary
IP Filtering test cases
Type
ChangeRequest
Priority
Medium
Description
Currently there are no test cases in the Device Test Tool for the IP Filtering feature. This feature is both
Conditional in Profile S and Profile C, so I think it would be a good idea to add some test cases for the feature.
Work Item for Contractor
Write and implement test cases for the IP Filtering Feature which consist of the following APIs:

GetIPAddressFilter

SetIPAddressFilter

AddIPAddressFilter

RemoveIPAddressFilter
These test cases shall only cover the API, e.g. with simple set/get test cases. These test cases shall not include functional testing of IP Filtering Feature, i.e. there is no need for complex tests that verify that the
DUT accepts/denies certain IP addresses.
Appendix D - Project OktoberFest – Scope-of-work
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Appendix D - Page | 2

Ticket
#282
Summary
Test tool behaviour during IPCONFIG test cases
Type
ChangeRequest
Priority
Medium
Description
IPCONFIG-1-1-1 test case deals with IPv4 Static IP Configuration
This test case sets the mode of the IPv4 interface to static address.After verifying the settings, Test Tool restores the previous network interface settings.
There are 2 cases here:
1. Network Interface of the device has a static IPv4 address before the execution of this test case
2. Network Interface of the device has a DHCP enabled IPv4 address before the execution of this test case
In case 2, ONVIF Test tool changes the network interface setting to static and restores back to DHCP.On restoration, there can be a possibility that the DHCP address received by the device may not be same as when the test case had started.[Owing to DHCP server's settings]
In such a scenario, the test tool continues to use the same address as before[i.e.the one used for IPCONFIG
1-1-1]for the next test IPCONFIG-1-1-2. Subsequent test cases fail due to this.
Work Item for Contractor
Implement support for scenario 2:
2 possible solutions are:
1. Test tool uses the appropriate address for IPCONFIG-1-1-2 and so on, by checking if the Network interface setting before the test case IPCONFIG-1-1-1 was DHCP.
2. The Test specification shall mandate that the device shall have a Static IPv4 address always for its network interface before execution of IPCONFIG-1-1-1.
Appendix D - Project OktoberFest – Scope-of-work
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Appendix D - Page | 3

Ticket
#283
Summary
Enhancement of Test Results Output Tab
Type enhancement
Priority
Medium
Description
Certain Test cases have many test steps. [Example: RTSS-1-1-26]
In case of test case failures, identification of the failed test step in the Output Tab can be made easier with some enhancements.
Work Item for Contractor
Recommend and implement enhancements to the Test Results Output tab. Should at minimum include:
1. Test Results Output tab to be provided with a String Search option (ctrl-f)
2. Test steps that fail to be highlighted [Make bold or Use Red Color] for easy identification.
Ticket
#284
Summary
Enhancement for Test case selection
Type enhancement
Priority
Medium
Description
When Tests are in progress (In diagnostic mode), Test cases cannot be deselected or new test cases cannot be selected.
Allowing this selection/deselection would be a 'good-to-have' feature.
Work Item for Contractor
Support adding and removing test case in Diagnostic mode during a test run.
Ticket
#290
Summary
Additional Info Field for Test Report
Type enhancement
Description
TSC has requested additional fields of information in the test report to facilitate product search.
Work Item for Contractor
Implement modifications as requested by TSC. At the moment we need fields for:


Technical Support Website / General Support Mailing List (string based)
Product Type (enum values to be defined by TSC)
Priority
Medium
Appendix D - Project OktoberFest – Scope-of-work
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Appendix D - Page | 4

Ticket Summary
#299 Refactoring of IPCONFIG-1-1-4
Type
ChangeRequest
Priority
Medium
Description
As per ticket # 251 of Project Kingfisher and subsequent discussions, refactoring of IPCONFIG-1-1-4 is required. This has been planned to be done as a part of Project Oktoberfest.
Work Item for Contractor
New test case needs to be written and implemented for IPv4 Link Local Address test case.
See ticket #251 for full discussion on the topic.
Ticket
#322
Summary
Add filter and/or sort feature to Test Case
Summary documents.
Type enhancement
Priority
Medium
Description
The "Test Case Summary For Profile C/S/G Conformance" documents would be much more useful if it was possible to filter and sort the columns in the tables. If the same information was available in another format (such as web site data tables or an Excel datasheet) then this would greatly improve its usability.
Work Item for Contractor
Provide the information in Test Case Summary documents in a format that allows filter and sort.
Ticket
#222
Summary
EVENT-2-1-3 and EVENT-3-1-3 should accept
InvalidTopicExpressionFault
Type
ChangeRequest
Priority
Low
Description
The test cases EVENT-3-1-3 REALTIME PULLPOINT SUBSCRIPTION - INVALID TOPIC EXPRESSION and EVENT-
2-1-3 BASIC NOTIFICATION INTERFACE - INVALID TOPIC EXPRESSION currently accepts InvalidFilterFault and
TopicNotSupported fault. I feel that InvalidTopicExpressionFault should also be accepted as a valid fault.
Work Item for Contractor
Add InvalidTopicExpressionFault as an acceptable fault for the test cases EVENT-2-1-3 and EVENT-3-1-3
Appendix D - Project OktoberFest – Scope-of-work
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Appendix D - Page | 5

Ticket Summary
#303 Unicast IPv6 Test cases
Type
ChangeRequest
Priority
Low
Description
We have Multicast IPv6 Test cases in the tool, but there are no Unicast IPv6 Test cases. I think in Project
Oktoberfest, we can develop them. This will make the set of real time streaming testcases more complete.
Work Item for Contractor
Write and implement new test cases for Unicast IPv6 streaming.
Appendix D - Project OktoberFest – Scope-of-work
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Appendix D - Page | 6

The Profile G WG uses a ticket system to manage all work items for the Contractor and for the working group. The tickets can be consulted at https://wush.net/trac/onvif-ext/report/1 . Only tickets targeted at the Milestone Peroni are part of this Scope-of-work.
The Contractor must follow the instructions detailed here https://wush.net/trac/onvifext/wiki/best_practices_vendor_company when working with the tickets.
Ticket
#292
Summary
Feature Discovery Mechanism for Live Streaming task
Type
High
Priority
Description
We need to establish a feature discovery mechanism for Live Streaming (GetStreamUri? and
SetSynchronizationPoint?) as Profile G does not require those two api commands.
Option A: Add a capability.
Option B: Trial and error feature discovery.
Work Item for Contractor
Implement the feature discovery for live streaming according to the workgroup decision.
Appendix E - Project Peroni – Scope-of-work
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Appendix E - Page | 1

Ticket
#148
Summary
Design & implement testcases for all Recording
Control Events.
Type
ChangeRequest
Priority
Medium
Description
New test cases for generation of required events of Recording Control module using Pullpoint Subscription were created but couldn’t be validated during previous project.
Work Item for Contractor
Move the following test cases to Conformance:

[RECORDING-5-1-1] RECORDING CONTROL – JOB STATE EVENT

[RECORDING-5-1-2] RECORDING CONTROL – JOB STATE CHANGE EVENT

[RECORDING-5-1-3] RECORDING CONTROL – RECORDING CONFIGURATION EVENT

[RECORDING-5-1-4] RECORDING CONTROL – TRACK CONFIGURATION EVENT

[RECORDING-5-1-5] RECORDING CONTROL – RECORDING JOB CONFIGURATION EVENT

[RECORDING-5-1-6] RECORDING CONTROL – CREATE RECORDING EVENT

[RECORDING-5-1-7] RECORDING CONTROL – DELETE RECORDING EVENT

[RECORDING-5-1-8] RECORDING CONTROL – CREATE TRACK EVENT

[RECORDING-5-1-9] RECORDING CONTROL – DELETE TRACK EVENT

[RECORDING-5-1-10] RECORDING CONTROL – CREATE TRACK EVENT (CREATE RECORDING)

[RECORDING-5-1-11] RECORDING CONTROL – DELETE TRACK EVENT (DELETE RECORDING)

[RECORDING-5-1-12] RECORDING CONTROL – CREATE TRACK EVENT (CREATE TRACK)

[RECORDING-5-1-13] RECORDING CONTROL – CREATE TRACK EVENT (DELETE TRACK)

[RECORDING-5-1-14] RECORDING CONTROL – DELETE TRACK DATA EVENT
Appendix E - Project Peroni – Scope-of-work
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Appendix E - Page | 2

Ticket
#254
Summary
Implementation of GetRecordingOptions
Required
Type
ChangeRequest
Priority
Medium
Description
A new command has been added to Recording Control Service Specification v2.2.1. The command name is
GetRecordingOptions?. The following information can be obtained from it"
1) Jobs a) SpareJobs? - Currently available jobs for recording.
2) Tracks a) SpareAudio? - Currently available audio tracks that can be created. b) SpareVideo? - Currently available video tracks that can be created. c) SpareMetadata? - Currently available metadata tracks that can be created. d) SpareTotal? - SpareAudio? + SpareVideo? + SpareMetadata?.
After implementing this command. Please modify the tracks and job related test cases accordingly.
A typical scenario :
A device can create only extra audio tracks, video tracks creation and metadata tracks creation is not possible. In such a case the device will fail the testcase RECORDING-3-1-2.
Work Item for Contractor
- Dynamic Tracks test cases will be affected.
- Initial Test Setup might be affected.
- Dynamic Recording Jobs test cases will be affected.
- We do not see the need for a new test case, only modification to existing test cases is required.
Appendix E - Project Peroni – Scope-of-work
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Appendix E - Page | 3

Ticket
#288
Summary
Profile G Features for DoC
Type
ChangeRequest
Priority
Medium
Description
Below are some of the topics raised as a features/options for the Profile G DoC for Project Peroni SoW

Media Service / Receiver Service

Metadata Search

Dynamic Recordings

Dynamic Tracks

Search by PTZ position

Audio
Work Item for Contractor
Add section for Profile G in DoC with a list of Conditional Features similar to Profile S.
Ticket
#295
Summary
PTZPosition Search - How to handle ptz position space
Type
ChangeRequest
Priority
Medium
Description
In the PTZPosition Search feature it is possible for a device to return a position given a specific space, there is no clear guideline on how to handle this space from a client perspective.
How should the Profile G address this problem:
Option A - Require an Absolute PTZ position space
Option B - Establish a way for a client to query the spaces without having the whole PTZ service
Work Item for Contractor
Apply modifications to PTZ Position Search test cases if needed depending on TC decision.
Appendix E - Project Peroni – Scope-of-work
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Appendix E - Page | 4

This is an outline of the deliverables in project Miller. The main objective of project Newcastle is to deliver all necessary specifications and Test Tool updates needed for ONVIF Profile C.
The ONVIF Technical Services Committee: Profile C work group is responsible for Profile C and project
Newcastle. The work group MAY provide newer versions of the below reference documents together with the RfQ or at the start of the project. If any such newer version contains changes that require significant increase in work effort for the contractor, then the contractor and the work group will discuss the
appropriate actions according to section 4 Description of Requested Service above.
1.
Test Specification: Update Seek test cases according to ticket decisions (reference document - see below).
2.
Device Test Tool: Implement updated Seek test cases.
Draft test cases for Seek: https://wush.net/trac/onvifext/browser/Project%20JackHammer/Test%20Specifications/ONVIF%20Event%20Test%20Specification%20
-%20Seek/ONVIF_Event_Test_Specification_Seek_reviewed20130124.docx
Tickets that are waiting for clarification from TC: https://wush.net/trac/onvif-ext/ticket/173 https://wush.net/trac/onvif-ext/ticket/174 https://wush.net/trac/onvif-ext/ticket/175
Appendix F – Project Newcastle – Scope-of-work
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Appendix F - Page | 1

The Security Testing WG uses a ticket system to manage all work items for the Contractor and for the
Working Group. The tickets can be consulted at https://wush.net/trac/onvif-ext/report/1 . Only tickets targeted at the Milestone Oktoberfest-Security are part of this scope-of-work.
The contractor must follow the instructions detailed at https://wush.net/trac/onvifext/wiki/best_practices_vendor_company when working with the tickets.
The existing test cases in the [ONVIF Advanced Security Service Test Specification] SHALL be addressed with the following priorities out of the sorted set {blocker, critical, major, minor, trivial} with blocker being the highest priority.
Test Label
Create RSA key pair – status using polling
Create RSA key pair – status using event
Check RSK key pair private key status
Get all keys
Delete key
Create PKCS#10
Create self-signed certificate
Upload certificate – keystore contains private key
Upload certificate – keystore contains private key (negative test)
Upload certificate – keystore does not contain private key
Get certificate – self-signed
Get certificate – CA
Get all certificates – self signed
Get all certificates – CA
Delete certificate – self signed
Delete certificate – CA
Create certification path – self sigend
Create certification path – CA
Get certification path – self signed
Get certification path – CA
Get all certification paths – self signed
Get all certification paths - CA
Delete certification path – self signed
Delete certification path – CA
Add server certificate assignment – self signed
Add server certificate assignment – CA
Replace server certificate assignment – self signed
Replace server certificate assignment – CA
Get assigned server certificate – self signed
Get assigned server certificate – CA
Appendix G – Project OktoberFest-Security – Scope-of-work
Copyright © ONVIF 2013. All rights reserved.
Blocker
Critical
Blocker
Critical
Critical
Critical
Critical
Critical
Blocker
Critical
Blocker
Critical
Critical
Critical
Critical
Critical
Priority
Blocker
Major
Critical
Critical
Blocker
Critical
Blocker
Critical
Major
Major
Critical
Critical
Critical
Critical
June, 2013
Appendix G - Page | 1

Remove server certificate assignment – self signed
Remove server certificate assignment – CA
Referential integrity – TLS server certificate – self signed
Referential integrity – TLS server certificate – CA
Blocker
Critical
Major
Major
Appendix G – Project OktoberFest-Security – Scope-of-work
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Appendix G - Page | 2

1.
The ONVIF Device Test Tool v13.06 MUST be used as a base for this project.
2.
The existing functionality of the ONVIF Device Test Tool v13.06 MUST NOT be altered other than to incorporate the functions and operations requested herein or where Maintenance WG explicitly approves the changes.
3.
Implementations of cryptographic algorithms that are required to implement the advanced security service test cases MUST NOT be integrated into the ONVIF Device Test Tool.
4.
The ONVIF Device Test Tool MUST be prepared to be shipped without implementations of cryptographic algorithms that are required to implement the Advanced Security Service test cases.
5.
The structure and coding practice MUST adhere that of the MSDN: Design Guidelines for Class
Library Developers, to be easily amended and maintained.
6.
The software source code MUST be documented in good practice in English in the standard .NET source code comments scheme. Documentation MUST at least clearly cover classes, methods, parameters, return values, and exceptions. The level of details of the documentation must be such that ONVIF, or a knowledgeable third party requested by ONVIF, can further develop and/or amend the software.
7.
Implementation MUST be done in C# [C-Sharp] according to respective standards ECMA-334 and
ISO/IEC 23270 and SHOULD use the .NET [dotnet] framework.
8.
The executable application, the source code and the accompanying documentation MUST be delivered in electronic form to the workgroups, using the External Wiki
(https://wush.net/trac/onvif-ext) before the project closure or on request by the working group.
9.
The workgroups MUST report defects against the executable application, the source code and the accompanying documentation using the External Wiki ( https://wush.net/trac/onvif-ext ).
10.
User interaction during execution of tests SHOULD be avoided where possible. Introduction of user interaction MUST be approved by the Maintenance WG.
11.
Update images and text for Help pages of ONVIF Device Test Tool.
12.
Minimum hardware requirements a.
Ordinary Intel x86 architecture based PC b.
One Ethernet network interface c.
Contractor to quantify: Memory and HDD space requirements
13.
Software requirements a.
Operating system: 32-bit and 64-bit versions of Windows 7 Professional and later versions. b.
Graphical User interface in American English language
Appendix H - Technical Requirements for the ONVIF Device Test Tool
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Appendix H - Page | 1

1.
Document and execute test cases to validate the behaviour of the ONVIF Device Test Tool, including but not restricted to: a.
Correctness of documents generated by the Tool. b.
Correctness of test procedure in Conformance Mode. c.
Execute Test Tool with prototype hardware provided by members of ONVIF. d.
Generation of DoC only with full success run.
2.
Provide a “lessons learned” document regarding any relevant problems or issues found during development, including but not restricted to: a.
Correctness of WSDL files. b.
Correctness of technical specifications. c.
Ambiguity or limitations of the specifications.
Appendix I - Outline of Quality Related Deliverables
Copyright © ONVIF 2013. All rights reserved.
June, 2013
Appendix I - Page | 1