ASWF TAC Meeting - 13 July, 2022

Video Conference Link

Voting member attendance

  • Kimball Thurston - Chairperson, Weta Digital Limited
  • Bill Roberts, Adobe
  • Gordon Bradley, Autodesk
  • Roy C Anthony, DNEG
  • Matthew Low, DreamWorks Animation
  • Christina Tempelaar-Lietz, Epic Games, Inc.
  • Brian Cipriano, Google & OpenCue Representative
  • Sean C McDuffee, Intel Corporation
  • Larry Gritz, Sony Pictures Imageworks
  • Jean-Francois Panisset, VES Technology Committee
  • Cory Omand, The Walt Disney Studios
  • Daniel Heckenberg - Animal Logic Pty Ltd / Industry Representative
  • Eric Enderton, NVIDIA & Asset Repo Representative
  • Sean Looper, Amazon Web Services
  • Michael Min, Netflix
  • Michael B. Johnson, Apple
  • Greg Denton, Microsoft
  • Sean O’Connell, Advanced Micro Devices
  • Mark Visser, Unity Technologies
  • Ken Museth, OpenVDB Representative
  • Carol Payne, OpenColorIO Representative
  • Cary Phillips, OpenEXR Representative
  • Joshua Minor, OpenTimelineIO Representative
  • Chris Kulla, Open Shading Language Representative
  • Jonathan Stone, MaterialX Representative

Other Attendees

  • John Mertic, LF
  • David Morin, ASWF
  • Michelle Martineau, LF
  • Bill Ballew, DreamWorks Animation
  • Sean Wallitsch, AWS
  • Doug Walker, OCIO / Autodesk
  • Allen Rose, Madison Square Garden
  • Scott Wilson, Rust WG
  • Nick Porcino, Pixar Animation Studios
  • Erik Straus, Review & Approval WG
  • Lee Kerley, Sony Imageworks
  • Alok Hota, Intel
  • JT Nelson, Pasadena Open Source consortium / SoCal Blender group
  • Mallory King, Spire Animation
  • Sergio Rojas, Different Dimensions

Apologies

  • Sean Looper, Amazon Web Services
  • Carol Payne, OpenColorIO Representative
  • Joshua Minor, OpenTimelineIO TSC Chair

Agenda

  • Review and Approval WG Proposal
    • Kimball: The review and approval group has added a bunch of additional information to their proposal, and I think it is in great shape, outlining this new and exciting path. Please see the updates if you haven’t:

      ASWF: Review Platform initative proposal

    • Kimball: We had hoped to have a vote via email, but the team took additional time to try to predict the future a bit, as well as tried to outline how they see all three projects working together with an umbrella TSC, and confirm their various commitments. They’ve also provided some answers to some of the questions raised previously. My belief is that this will help create a better whole than the sum of the parts but make up your own minds - we owe a vote tomorrow, so please come prepared for that, as in a sense we are approving three projects in one.
    • Any additional comments on the proposal from Review and Approval?
    • David: really like the addition of the timeline and the spreadsheet / list of members and potential members and roles. Great to see names that aren’t part of the usual group of engineers, addressing some of the concerns. List is not complete, no one from “X” studio? Have those been identified?
    • Roy: having a hard time to open the reference document. Primarily myself and Ted (?) and another person from DNeg.
    • David: will there be additional resources from DNEG? Roy: yes, will still have a team working on it, until we bring in a project manager to manage this project. Dedicated team for internal builds.
    • Michael: need to clarify the sponsor from the TAC to answer for the WG, who is the sponsor? Roy: can be that person from DNEG, since on the TAC and peripherally engaged with the project.
    • Gordon: happy to be that person for Autodesk. Erik: have representation from studios, want to condense to one individual to speak for the project. John: the fact you have 3 is a good sign, hard enough to get one.
    • John: the code bases coming in will initially be independent, while there are some differences from a functionality standpoint, there’s a fair amount of overlap between the code bases. Is the intention to help bring these code bases together, or keep them as separate code bases?
    • Gordon: had that question last time, predominantly it’s the role of umbrella TSC to figure out how to do this. Want to refactor common implementations, but figuring out how to do this long term is why we want to have an umbrella TSC. Roy: 3 solutions being put forward are delivering something slightly different, for instance X-Studio is focussed on user experience, RV has deep legacy functionality, there are components that can enrich each other. Allow organic growth. JF: projects could be used as a source of reusable UI components.
    • Erik: each project has different requirements, they each have valuable components to a complete system, but none of them stand as a complete solution that the industry needs. We haven’t figured out how to get there, while there is overlap, there are also lots of gaps that need to be filled.
    • John: that makes sense, sandbox stage is designed to get that consensus in place, will be a perfect example of a project going through a sandbox and coming out with an architecture and a roadmap, a good test of how this process works.
    • Kimball: WETA may also have components to offer.
    • David: are you going to aim for a specific plan of what the project would be? Erik: part of the exercise is to figure out what we need to do, each one of the sub projects needs to determine what its next steps are in alignment with overall umbrella strategy. Initial goal is to sort out what the direction of the projects needs to be, but also a bunch of short term goals. Already people are talking to Roy about additional resources around X-Studio. Strategy window is a bit vague, but conversation of how we come together as a group, eventually turns into a schedule / roadmap.
    • Gordon: 2 big things are:
      • Discussion around requirement and feature set in common framework, taking a second pass over that, get it to a point where we can publish it and use it as guiding criteria
      • Starting to put concrete plans around what this common framework will looking like. What kind of steps to build this out. For instance step 1 might be that the playback core out of X-Studio is the one we want to use… Starting to put together concrete picture of what the common framework will look like.
    • Gordon: how the pieces of the common framework fit together, or maybe identify gaps in all the products.
    • Larry: all 3 projects are assuming they will put in significant engineering effort, not just remolding existing code. We know it’s going to be ongoing, real engineering work.
    • David: was worried about having 3 architects on the list, but everyone seems to be in sync, so that’s a great sign.
    • Gordon: there’s an org chart in the proposed document, one TSC with sub working groups, not 3 independent TSCs with separate TAC reps. There’s a place holder in the org chart for an overall architect, but haven’t worked out the set of skills needed for that role. Going to need technical leadership, but felt that without having had those discussions, aren’t quite ready to name who that would be.
    • Eric: when I see “Review & Approval” on an agenda, that doesn’t mean much, so maybe consider bringing up a different name for the group?
    • Gordon: put forward motion to approval, Larry seconds.
    • Many ayes (including Joshua Minor via Slack), no opposes, no abstains, it passes. Congratulations!
    • Kimball: congratulations, our first big tool, different from libraries projects so far.
    • Erik: thank you, we have a lot of work left to do, appreciate all the comments on the document and the discussions in TAC.
    • Kimball: will bring this to ASWF board so that appropriate announcements can be made at SIGGRAPH
    • John: sandbox stage projects don’t require Board approval, so don’t need to wait. Erik: already connected with Emily on SIGGRAPH events. Kimball: will inform the Board.
  • Discussion around the CII badge system (Jonathan)
    • Jonathan: a topic that’s been on our mind. John Mertic and I have been looking at what are the next steps for MaterialX to get to the adopted level, the main remaining requirement is the CII badge, now a Gold level badge. This is a requirement worth discussing, so far no ASWF projects has met it, and only 12 open source projects have met it so far, none in graphics. Want to discuss what it takes to get to this level, and come up with a strategy, there are no role models. Closest project is currently MaterialX, followed by OpenEXR, and we’re only halfway there. Wanted to see if other teams have thoughts on this. MaterialX Self Evaluation Worksheet for CII Gold Level.
    • Larry: this past week, was looking at the list, OSL hasn’t graduated yet and wanted to take care of it, thought there were only a few things to do. Looked at the difference between silver and gold: were at 93% for silver, but at much lower level for gold. Some of the requirements, don’t even know where to start. Is it an unreasonable bar?
    • Jonathan: can send a link to where MaterialX currently is. We’ve knocked out all the ones we can meaningfully accomplish with the project as it standards, but there are some security features that we don’t know what they mean. But wanted to bring it to this group.
    • Nick: OTIO stuck on the same security requirements, requirement for someone to take a course and become the security person.
    • Eric: does this effort bring value to the projects?
    • Kimball: we felt the early level brought value, we may have thought that raising the bar to gold wasn’t so difficult, and maybe it’s worth resetting to where we had started originally. CII Evaluation Criteria.
    • Cary: we had looked at this a long time ago, the first level we achieved, and thought that was a decent level of “busy work”, basic level of security issues. But it’s been so long… Remember looking at the Gold level and thinking it would be a lot of work. But is it really worth our time and energy, or better spent elsewhere?
    • Jonathan: MaterialX current at passing level, haven’t gotten to silver. Agree that getting to Passing level makes sense, when you get to Silver and Gold, it’s a more formal set of requirements. The ways you have to harden your project… we just don’t have the experience to know how challenging this would be.
    • Nick: OTIO is stuck, link to project board
    • Jonathan: passing badge had lots of good role models in ASWF such as OCIO or OpenEXR so we could integrate processes in GitHub Actions. But no one has achieved Gold, even rare in the open source community.
    • John: fair points shared here. Some background: these were things that started to come out when the Heartbleed OpenSSL bug came out. In post mortem, it was found that the relative amount of developer support and process / infrastructure was not equivalent to how much the library was used. How can we give guidance to open source projects so they have the right pieces in place so they can respond to security issues proactively / in a timely manner. When the badge was first rolled out, it was mainly pushing the Passing level, not so much emphasis on higher levels. Over the last year, more projects are starting to move to the higher levels, recognizing the value of these higher value requirements. Organizations are putting a scrutinizing eye to the projects they are using, what’s the diligence of the community around them (and that was one of the reasons for the creation of the ASWF itself). It is recognized that projects don’t necessarily have all the expertise and resources. Exploring the way for ASWF to offer security audits, for training, there are great free courses out there. Walking the MaterialX requirements with Jonathan, some require a fair amount of work to do, some less so. From a foundation point of view, we want to demonstrate commitment. Is this too much or not too much? Maybe in the context of the TAC, or a side group? Get a requirement of what the requirements are, what’s the achevability. What are the areas where the foundation could help with resources? Three years ago when we went through the same discussions, projects were able to work their way through it. We should have exemplar projects, how can we enable project communities to do this effectively. Going through requirements, understanding which are sticking points and identifying what resources would be needed. If there are points that we just can’t / won’t do, we need to identify that.
    • Larry: in favor of having a separate meeting where project representatives can sit in front of the list, didn’t do enough homework for this meeting. On all the levels, a bit of a ‘bimodal distribution’, a collection of requirements we already do or agree with, and another group we don’t know how to do, or know that the effort to do it wouldn’t be worth it to us, only so many resources available.
    • Gordon: would it be interesting to capture the ASWF view of what these items mean? List is not ASWF specific. Cary: a lot of effort is figuring out what the requirements mean. Kimball: some requirements are not relevant to us, we don’t store credit card info for instance. But a digital production library might store PII? Larry: other security related issues could happen when a library is used by a user facing system we never envisioned. We can’t really articulate the thread model we face.
    • Nick: may not be viable to populate each project with expertise. 10 years ago OpenEXR was contributed a fuzzing package, which made it easier to incorporate OSSFuzz. Cary: we also got a “kick in the pants” with CVEs being posted. We figured out a process and it was pretty straightforward. Dan Hutchinson at Foundry helped, came away from this discussion with feeling that OpenEXR was reasonably OK.
    • Nick: someone specifically on TSC should be the expert might be modified to move the expertise to the ASWF level?
    • Eric: could we identify such an expert?
    • John: can bring in Erik Wheeler to present, helped work on the requirements. Should this be a post SIGGRAPH meeting?
    • Larry: can we lower the graduation requirement until we work this out? We have multiple projects overdue for graduation, and are held back by this paralysis. Cary: makes no sense for new projects to be held to higher standards. John: TAC can wave specific requirements. Kimball: is this to get to Passing, or Silver? At the time we thought Gold wasn’t much higher than Silver. John: security requirements and test coverage requirements tend to be the worst hurdles.
    • Kimball: it would be good that if you have a file format that you read, that component of the library must be under OSS Fuzz could be a requirement. We could clarify as a group how to get to those levels. Cary: our experience has been positive. Kimball: helps the library get better.
  • Reminder to schedule your project updates if you haven’t already
  • SIGGRAPH related announcements
    • Emily is on vacation this week
    • David: everything falling into place, back within SIGGRAPH, room has been confirmed at the Fairmont Waterfront near convention center. Have room for 2 days, with the option to extend on Wednesday morning.
    • Demand for additional presentations. Draft schedule from the last meeting is still the one being worked on. Hopefully everyone is thinking about their presentation!
    • There will be a slides template soon, with a main slide deck incorporating all slides. Mix of presenters in person and remote. Every project should have someone in person to moderate discussion live.
  • TAC sponsor for OpenAssetIO (John)
    • Anyone want to be a TAC sponsor? Please let me know.
  • Interest in LFX Insights and LFX Security presentation to the TAC (John)
    • Conversation on #wg-ci around some of the LFX Insight statistics are gathered, could bring someone from that team to present. Could be more interesting for the TAC as a whole than just wg-ci. Kimball: may also get to some of the CII badge requirements. Just received license audit for OpenEXR repository.
    • John: will work on that as a post SIGGRAPH activity
  • Update on Metaverse Standards Forum that met for the first time last week (David)
    • First meeting last week
    • Led by Khronos group
    • Metaverse Standards Group Forum Plenary #1 6Jul22 Slide Deck
    • Metaverse Standards Group Forum Plenary #1 6Jul22 Recording 1of2
    • Metaverse Standards Group Forum Plenary #1 6Jul22 Recording 2of2
    • Agenda
      • Over 650 members and counting, including ASWF
      • ASWF is thanked as part of “standards developing organizations” (we produce de facto standards)
    • Organizing for Effective Forum Action: created a Google sheet where each company can enter wish list of what the standard forum should work on
    • They want to work on practical projects from the start
    • Presentation multiple times on different timezones
    • Next meeting in 2 weeks, recording is also available
    • David OK with representing / listening in, when it gets to real work, will want someone from the TAC to follow this organization’s progress, to be prepared when some of our projects are asked to contribute / participate more actively.
    • 2 big chunks of technology being discussed:
      • glTF
      • USD (and then MaterialX)
    • Roy: volunteers to follow work of Metaverse Group
    • Jonathan: very interested in MaterialX work, in close contact with Khronos, they will be speaking about glTF / MaterialX work at Open Source Days