[trustable-software] What is Trustable About ?

Fri Mar 22 16:09:51 GMT 2019

 Hi,

I've read with interest the recent posts from Edmund, Martin and 
Rupert, and wanted to share my own thoughts about the scope and focus 
of Trustable.

As ever, I'm very grateful for any feedback on this, particularly 
regarding existing work you're aware of that might inform what we're 
trying to do.

On Wed, 20 Mar, 2019 at 9:31 AM, Martijn Boekhorst 
<martijn at firecrest.com> wrote:
> trustworthiness: Worthy of being trusted to fulfill whatever critical 
> requirements
> may be needed for a particular component, subsystem, system, network, 
> application,
> mission, enterprise, or other entity.
> Note: From a security perspective, a trustworthy system is a system 
> that meets
> specific security requirements in addition to meeting other critical 
> requirements.

As Martin's note above indicates, different sets of criteria are used 
to define "trustworthiness" different contexts, and there are also many 
competing (and complementary) approaches to evaluating this and 
demonstrating that software satisfies a particular set of criteria.

I hope that one of the things we can do through the Trustable Software 
project is add to the body of knowledge describing these 
"trustworthiness" criteria for software in specific domains, and to 
provide an open and public forum for sharing this.

However, establishing such criteria only addresses part of the wider 
"Trustable" challenge. As Rupert notes in his post, the full context of 
trust has to take in a wider set of elements, which includes how (and 
whether) the established criteria have been taken into account during 
the creation and refinement of software.

As Edmund's post articulates, we have been focussing on a specific 
dimension of this: given a set of established criteria (and/or a set of 
"well-defined" processes) that an organisation claims to have employed 
when creating and refining software, how can we provide credible 
evidence to support that claim? And how can we ensure that this applies 
for a specific version of that software, and not just for a particular 
version in the past that was e.g. subject to an audit?

This is the focus of the work that I've been doing with Edmund and 
other colleagues in the trustable/documents project on Gitlab [1], 
which aims to develop a model and methodology that can be used to 
analyse any set of practices. The goal here is *not* to specify the 
criteria that the software must meet in order to be considered 
trustworthy, but to consider:

 * How those criteria are represented and tracked alongside the software
 * How the criteria inform or regulate software engineering practice
 * The availability and integrity of evidence about that practice

Taken together, we believe that this information can be used to 
investigate claims made about the software based on the identified 
criteria.

Or to put it another way, we're hoping to define a way to assess the 
*basis* for trustworthiness, which can be consistently applied in any 
domain, and take into account the criteria for whatever definition(s) 
of trustworthiness might apply for that domain.

Regards,

Paul

[1] https://gitlab.com/trustable/documents

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.trustable.io/pipermail/trustable-software/attachments/20190322/202c58d6/attachment.html>