[trustable-software] Fwd: Is 'safe + secure' equivalent to 'trustable', or a subset?

trustable at panic.fluff.org trustable at panic.fluff.org
Wed Nov 30 11:56:03 UTC 2016 

On Wed, 30 Nov 2016, Paul Sherwood wrote:

> So I'm going to fall back to some (draft) logic versus our potential term, 
> which I'll call zzz for now. Additions/improvements/criticisms welcome:
>
> - For software to be zzz we need to know its provenance

     [I don't know anything which is good at this, though Git signing and 
SSO help on this]

> - For software to be zzz we need to be clear about what it is supposed to do, 
> and be able to confirm that it does that and only that
     So isn't this what the
     https://en.wikipedia.org/wiki/Behavior-driven_development

> - For software to be zzz we need to be able to re-build it from source and 
> expect that it still does what it did before
     So I believe this is very important and efforts both from Baserock.org
     and also the Reproducible build developments
      https://reproducible-builds.org/
     is trying to address at both a System and a Software layer.

> - Connected zzz software needs to be secure
     So..isn't this met and delivered by
https://en.wikipedia.org/wiki/Trusted_Computer_System_Evaluation_Criteria

> - Some zzz software needs to be safe

     I'm not aware of a good answer to this question.

> - Mission critical software is normally zzz, but some zzz software is not 
> mission critical (because it may not conform to the norms of, or be relevant 
> to, users of that term)

> - High integrity systems normally contain software which is zzz, but zzz is 
> required more generally than the common interpretation of the term 'high 
> integrity' (maybe?)

    I'm absolutely sure there is work to be done in delivering systems 
which meet these critera.. But can this be branded together as "trustable" 
it is my view that the answer to this is "No" I don't believe those 
creating systems have a drive to think of this as one process.

It is my view that they will be pick and mixxing the solution and using a 
series of words to deliver what they want to market as having value.. And 
regulators are general are 'jonny come lately' to the delivery of value.

Edmund

-- 
========================================================================
Edmund J. Sutcliffe                     Thoughtful Solutions; Creatively
<edmunds at panic.fluff.org>               Implemented and Communicated
<http://panic.fluff.org>                +44 (0) 7976 938841

More information about the trustable-software mailing list