SMI-S Conformance Testing Program (SMI-S CTP)
SNIA’s Storage Management Initiative Specification (SMI-S) Conformance Testing Program (CTP) allows manufacturers to test their products with a vendor-neutral test suite to validate conformance to the SMI-S specification.
SNIA validates that a company's products conform to a particular version of the SMI-S specification for storage management using the SMI-Provider Test. The SMI-Provider Test is a collection of file driven test scripts written by SNIA. The scripts validate conformance to SMI-S profile rules, use of combinations of profiles and use of the profile rules to complete simple data storage tasks such as allocating a LUN to a server or setting and verifying the configuration of a SAN switch.
You should be asking your vendor for products conforming to the latest version of the SMI-Provider Test. Look for versions of 1.5.0.1123 or higher, 1.6.1.1123 or higher and 1.8.0.1183 or higher.
Beginning June 01, 2020, the HTTP Security tests in CTP have been deprecated. The results of passing or failing these tests will no longer be reported for test results submitted on or after this date on the CTP web page.
Background:
These tests were originally developed in 2016, and used to foster adoption of a minimum security posture in the SMI-S standard. The tests succeeded at raising awareness of the need of supporting up-to-date encryption protocol implementation in storage management providers, as well as specifically disallowing support for older, insecure protocols. In the intervening timeframe, the security industry has evolve to include extensive TLS testing as part of most security vulnerability scanning tools (e.g., Nessus, QualysGuard, etc.) and the output of the tools typically independently drive changes in customer infrastructure and vendor products when something like older versions of SSL or TLS are detected. Because of the security industry’s activities and the unique TLS requirements for some environments (e.g., the U.S. Government) there is no longer a need to include TLS-specific tests as part of the SMI CTP.
Watch this short video for an introduction to SMI-S CTP.
SMI-S CTP Test Results
View the list of the companies which have taken the SMI-Provider Test. The information given on the page includes:
- Version of test taken
- Software product tested
- Hardware manageable by tested the software product
SMI-S CTP Participation and How to Get The Test
Is your company interested in having SMI-S enabled products tested? Follow these guidelines to enable your developers to successfully certify your SMI-S implementations.
- Understand the process of Product Testing for the SMI Specification.
- Download or view the Hardware Product Details list used in conjunction with test results submission.
- View the annual fees for testing.
- View the definitions and terms used for the SMI-Provider Tests.
- View the list of official SMI-Provider Test releases and their content. The information given on the page includes:
- Date of release
- Profiles available for testing
- Functions available for testing
- CTP participants can obtain the latest test suite by e-mailing snia-ctp-admin@snia.org. SM Lab members should visit the SM Lab Group's Documents folder in the Members area of the website.