Trustworthy Software Foundation: Difference between revisions

The Trustworthy Software Foundation
Founded	2016
Type	Not For Profit Foundation
Focus	Software Development
Location	London, United Kingdom;
Origins	Trustworthy Software Initiative (TSI)
Area served	Worldwide
Method	Standards and their Verification
Key people	Alastair Revell (Chairman)
Website	www.tsfdn.org

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Inline

Latest revision as of 12:57, 13 April 2024

The Trustworthy Software Foundation (TSFdn)^[1] is a UK not-for-profit organisation, with stated aim of improving software.^{[citation needed]}

History

TSFdn evolved from a number of previous activities:

A study by the Cabinet Office, Central Sponsor for Information Assurance (CSIA) in 2004-5 which identified a pervasive lack of secure software development practices as a matter for concern
A Department of Trade and Industry (DTI – predecessor of BIS) Global Watch Report in 2006 which noted a relative lack of secure software development practices in the UK
The Technology Strategy Board (TSB) Cyber Security Knowledge Transfer Network (CSKTN) Special Interest Group (SIG) on Secure Software Development (SSD, 2007–8)
The TSB / Foreign and Commonwealth Office (FCO) Science and Innovation Network (SIN) Multinational Workshop “Challenges to building in … information security, privacy and assurance”, held in Paris in March 2009
The Secure Software Development Partnership (SSDP) Study Period, funded jointly by the UK government' TSB and the Centre for the Protection of National Infrastructure (CPNI) organisations, which ran in 2009-2010
The Trustworthy Software Initiative (TSI—originally Software Security, Dependability and Resilience Initiative—SSDRI), a UK public good activity sponsored^[2] by CPNI between 2011 and 2016

Objectives

TSFdn primarily aims to provide a living backbone for signposting to diverse but often obscure sources of Good Practice, with a secondary objective to address other aspects of the 2009 Trustworthy Software Roadmap.^[3]

Trustworthiness

TSI considers that there are five facets of trustworthiness:

Safety - The ability of the system to operate without harmful states
Reliability - The ability of the system to deliver services as specified
Availability - The ability of the system to deliver services when requested
Resilience - The ability of the system to transform, renew, and recover in timely response to events
Security - The ability of the system to remain protected against accidental or deliberate attacks

This definition of trustworthiness is an extension of a widely used definition of dependability,^[4] adding as a 5th Facet of Resilience based on the UK Government approach.^[5]

Governance and Operation

TSFdn operates as a not-for-profit Company Limited by Guarantee, jointly owned by the subscriber organisations – UK professional bodies.^[6]

It is based at the Cyber Security Centre of the University of Warwick, and is formally linked to a cross section of stakeholders through the Advisory Committee on Trustworthy Software (ACTS).

The Technical Lead remains Ian Bryant, the Technical Director of the predecessor TSI, and the Chair of the ACTS is Sir Edmund Burton KBE,^[7] who was the President of the predecessor TSI.

Activities

Updating its Trustworthy Software Framework (TSFr), originally published as British Standards (BS) Publicly Available Specification (PAS) 754, into a British Standard (through BSI Project Committee ICT/00-/09, Chaired by Ian Bryant)
Continuing to engage with partners for promulgation of Software Trustworthiness across Education, in particular through the IAP, BCS and the IET

References

^ Trustworthy Software Foundation, retrieved 2017-04-20
^ Protecting and promoting the UK in a digital world: 2 years on – Government Press Release, retrieved 12 December 2013
^ About TSFdn, retrieved 2017-04-20
^ "Software Engineering", I Sommerville, (9th Edition Feb 2010), ISBN 978-0137053469
^ CPNI: Security Minded Approach, retrieved 2017-04-20
^ About TSFdn, retrieved 2017-04-20
^ About TSFdn, retrieved 2017-04-20

[1] Trustworthy Software Foundation, retrieved 2017-04-20

[2] Protecting and promoting the UK in a digital world: 2 years on – Government Press Release, retrieved 12 December 2013

[3] About TSFdn, retrieved 2017-04-20

[4] "Software Engineering", I Sommerville, (9th Edition Feb 2010), ISBN 978-0137053469

[5] CPNI: Security Minded Approach, retrieved 2017-04-20

[6] About TSFdn, retrieved 2017-04-20

[7] About TSFdn, retrieved 2017-04-20

[1]

[2]

[3]

[4]

[5]

[6]

[7]

@@ Line 1: / Line 1: @@
+{{Use British English|date=August 2013}}
-The ''''Trustworthy Software Initiative'''' (TSI)<ref>[http://www.uk-tsi.org UK Trustworthy Software Initiative], retrieved 4 January 2014</ref> is a UK Public Good activity, sponsored<ref>[https://www.gov.uk/government/news/protecting-and-promoting-the-uk-in-a-digital-world-2-years-on Protecting and promoting the UK in a digital world: 2 years on] – Government Press Release, retrieved 12 December 2013</ref> by the UK governnment's [[Centre for the Protection of National Infrastructure]], aimed at Making Software Better.
+{{Use dmy dates|date=December 2019}}
+{{Infobox organization
+| caption             =
+| type                = Not For Profit Foundation
+| key_people          = [[Alastair Revell]] (Chairman)
+| footnotes           =
+| name                = The Trustworthy Software Foundation
+| founded_date        = 2016
+| location            = London, United Kingdom
+| origins             = Trustworthy Software Initiative (TSI)
+| area_served         = Worldwide
+| focus               = Software Development
+| method              = Standards and their Verification
+| revenue             =
+| endowment           =
+| num_volunteers      =
+| num_members         =
+| owner               =
+| homepage            = {{URL|http://www.tsfdn.org}}
+| tax_exempt          =
+| dissolved           =
+}}
+The '''Trustworthy Software Foundation''' (TSFdn)<ref>[http://www.tsfdn.org Trustworthy Software Foundation], retrieved 2017-04-20</ref> is a UK not-for-profit organisation, with stated aim of improving software.{{Citation needed|date=January 2020}}
 ==History==
-TSI evolved from a number of previous activities:
+TSFdn evolved from a number of previous activities:
 *A study by the Cabinet Office, Central Sponsor for Information Assurance (CSIA) in 2004-5 which identified a pervasive lack of secure software development practices as a matter for concern
 *A Department of Trade and Industry (DTI – predecessor of BIS) Global Watch Report in 2006 which noted a relative lack of secure software development practices in the UK
-*The Technology Strategy Board (TSB) Cyber Security Knowledge Transfer Network (CSKTN) Special Interest Group (SIG) on Secure Software Development (SSD, 2007-8)
+*The Technology Strategy Board (TSB) Cyber Security Knowledge Transfer Network (CSKTN) Special Interest Group (SIG) on Secure Software Development (SSD, 2007–8)
-*The TSB / Foreign and Commonwealth Office (FCO) Science and Innovation Network (SIN) Multinational Workshop “Challenges to building in … information security, privacy and assurance”, held in Paris in March 2009
+*The TSB / Foreign and Commonwealth Office (FCO) Science and Innovation Network (SIN) Multinational Workshop “Challenges to building in … [[information security]], privacy and assurance”, held in Paris in March 2009
-*The Secure Software Development Partnership (SSDP) Study Period, funded jointly by TSB and the Centre for Protection of National Infrastructure, which ran in 2009-2010
+*The Secure Software Development Partnership (SSDP) Study Period, funded jointly by the UK government' TSB and the [[Centre for the Protection of National Infrastructure]] (CPNI) organisations, which ran in 2009-2010
+*The Trustworthy Software Initiative (TSI—originally Software Security, Dependability and Resilience Initiative—SSDRI), a UK public good activity sponsored<ref>[https://www.gov.uk/government/news/protecting-and-promoting-the-uk-in-a-digital-world-2-years-on Protecting and promoting the UK in a digital world: 2 years on] – Government Press Release, retrieved 12 December 2013</ref> by CPNI between 2011 and 2016
+==Objectives==
+TSFdn primarily aims to provide a living backbone for signposting to diverse but often obscure sources of Good Practice, with a secondary objective to address other aspects of the 2009 Trustworthy Software Roadmap.<ref>[http://tsfdn.org/about-tsfdn/ About TSFdn], retrieved 2017-04-20</ref>
+==Trustworthiness==
+TSI considers that there are five facets of trustworthiness:
+* Safety - The ability of the system to operate without harmful states
+* Reliability - The ability of the system to deliver services as specified
+* Availability - The ability of the system to deliver services when requested
+* Resilience - The ability of the system to transform, renew, and recover in timely response to events
+* Security - The ability of the system to remain protected against accidental or deliberate attacks
+This definition of trustworthiness is an extension of a widely used definition of dependability,<ref>"Software Engineering", I Sommerville, (9th Edition Feb 2010), {{ISBN|978-0137053469}}</ref> adding as a 5th Facet of Resilience based on the [[Government of the United Kingdom|UK Government]] approach.<ref>[https://www.cpni.gov.uk/system/files/documents/38/10/Open%20Data%20The%20Need%20for%20a%20Security%20Minded%20Approach%20-%20Summary.pdf CPNI: Security Minded Approach], retrieved 2017-04-20</ref>
+==Governance and Operation==
-The Trustworthy Software Initiative (TSI) was established in 2011 to draw together the activity and provide a one-stop shop for guidance and information about trustworthy software development.
+TSFdn operates as a not-for-profit Company Limited by Guarantee, jointly owned by the subscriber organisations – UK professional bodies.<ref>[http://tsfdn.org/about-tsfdn/ About TSFdn], retrieved 2017-04-20</ref>
+It is based at the Cyber Security Centre of the [[University of Warwick]], and is formally linked to a cross section of stakeholders through the Advisory Committee on Trustworthy Software (ACTS).
-==Operation==
-TSI is operated on behalf of UK government by the Cyber Security Centre<ref>[http://www.dmu.ac.uk/csc DMU - FOT - Cyber Security Centre], retrieved 4 January 2014</ref>, [[De Montfort University]].
+The Technical Lead remains [[Ian Bryant (Academic)|Ian Bryant]], the Technical Director of the predecessor TSI, and the Chair of the ACTS is [[Edmund Burton|Sir Edmund Burton KBE]],<ref>[http://tsfdn.org/about-tsfdn/ About TSFdn], retrieved 2017-04-20</ref> who was the President of the predecessor TSI.
-It is managed by a Technical Director, Ian Bryant<ref>[http://www.dmu.ac.uk/about-dmu/academic-staff/technology/ian-bryant/ian-bryant.aspx DMU - Academic Staff - Ian Bryant]]</ref>, with Stakeholder interests being represented by a President, [[Edmund Burton|Sir Edmund Burton]], and a team of Vice Presidents responsible for particular communities of interest.
+==Activities==
-==Current Activity==
-* Enshrining its Trustworthy Software Framework (TSF) as [[PAS754|British Standards (BS) Publicly Available Specification (PAS) 754]]
+* Updating its Trustworthy Software Framework (TSFr), originally published as [[PAS754|British Standards (BS) Publicly Available Specification (PAS) 754]], into a British Standard (through BSI Project Committee ICT/00-/09, Chaired by Ian Bryant)
-*Starting   promulgation of  Software   Trustworthiness across    Education,    initially    targeting    the“technical” undergraduate community, with the assistance of Professions ([[BCS]] / [[IET]])
+* Continuing to engage with partners for promulgation of Software Trustworthiness across Education, in particular through the [[The Institution of Analysts and Programmers|IAP]], [[British Computer Society|BCS]] and the [[Institution of Engineering and Technology|IET]]
-*Working with Partners on means of Verification of   Organisational   Competence   in   Software Trustworthiness ([[TickIT|TickITPlus]])
 == References ==
 {{reflist}}
+[[Category:Computer security in the United Kingdom]]
 [[Category:Information technology management]]
+[[Category:Information technology organisations based in the United Kingdom]]
+[[Category:Organisations based in the London Borough of Ealing]]
 [[Category:Software engineering organizations]]
-[[Category:Science and technology in the United Kingdom]]