[trustable-software] Is 'safe + secure' equivalent to 'trustable', or a subset?
trustable at panic.fluff.org
trustable at panic.fluff.org
Thu Nov 24 10:53:39 UTC 2016
Colin,
Using the analogy you have provided.. a trustworthy company has to
provide trustable artefacts. A trustable artefact is something which can
be attributed to an intent and an actor with reprodudible behaviour.
The current issue for software is that we have no standard rules
of evidence for the production of a "Chain of Custody" for the production
of these artefacts.
What is perhaps even more concerning we cannot compare the
delivery of these trustable artefacts from one vendor to another. This is
what XBRL has given, we have a way of comparing economic behavior of two
companies as reported against stardard rules of artefact deliver be that
GIAT or other national rules.
How do we delivery trustable artefacts? The collection of the
meta data of the intent, actors and behaviour. for all of these that meta
data MUST be cable of being tracked back to the human decision involved
involved in its construction.
Edmund
--
========================================================================
Edmund J. Sutcliffe Thoughtful Solutions; Creatively
<edmunds at panic.fluff.org> Implemented and Communicated
<http://panic.fluff.org> +44 (0) 7976 938841
More information about the trustable-software
mailing list