[trustable-software] Trustable Software Engineering

Paul Sherwood paul.sherwood at codethink.co.uk
Thu Jul 21 07:11:03 UTC 2016


On 2016-07-20 12:49, Colin Robbins wrote:
> Hi Paul,
>
>> it seems to be UK-centric.
>
> It is currently - but note the use of the word currently, I'll share 
> news as
> soon as I can.
>
>> I'd be very concerned if TSI (or any other organisation) manage to 
>> brand
>> 'Trustable' to cover something which should not >actually be 
>> considered
>> 'trustable' in the normal english sense. Do you think that's a 
>> possibility?
>
> I don't think the TSI is trying to brand Trustable.   The focus on
> Trustworthy.

I think that's just as bad, really. Any person, or group, or their 
outputs may be compromised. While TSI's five facets [1] are interesting, 
I don't think they're even remotely sufficient for 'trustworthy' in the 
normal english sense. Malware downloaded from the dark net could meet 
those facets... but presumably folks at TSI would accept that it's NOT 
TO BE TRUSTED, so should not be describable as trustworthy.

In the normal sense of the word, trustworthiness in decided by 
*others*. Just because TSI claims official backing, can demonstrate some 
provenance, and is thinking/working around security etc, doesn't mean 
that anything they come up with is actually trustworthy. "Trust me, I'm 
a doctor/priest/politician" doesn't really wash these days, does it?

To be far, many (most?) people are very careless and assume that they 
can trust things/people that maybe they shouldn't. But I would hope that 
folks who are concentrating and expert on the topic would do everything 
they can to ensure that a) their claims stand up and b) their choices, 
conduct and byproducts support the claims.

>> I'm only aiming at (my non-technical interpretation of) trustable, 
>> for
>> now... and I believe even that requires context (provenance) and 
>> deployment,
>> so I think we agree.
>
> Absolutely, I believe any software can only be considered trustable 
> in the
> context of a specific deployment.

Agreed :)

>> Is the GCHQ scheme public, by any chance? It would be fantastic to 
>> consider
>> their work here.
>
> Yes - it can be found here:
> 
> https://www.cesg.gov.uk/scheme/commercial-product-assurance-products-foundation-grade

Sadly, I can't find anything there that anyone could actually use...

- no software to try
- no rules to follow
- no research or papers

Did I miss something?

> The model has been used for the UK Smart Metering Programme, to
> ensure the V2
> Meters are "Trustable".

So, if/when the V2 meters are hacked, who do we shame in public for 
claiming they were 'trustable' in the first place?

br
Paul

[1] http://www.uk-tsi.org/trustworthiness




More information about the trustable-software mailing list