Jump to content

Trustworthy Software Foundation

Add links
From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Ayeupmeduck (talk | contribs) at 11:02, 5 June 2014 (Current Activity: Disambiguated BCS). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

The 'Trustworthy Software Initiative' (TSI)[1] is a UK Public Good activity, sponsored[2] by the UK governnment's Centre for the Protection of National Infrastructure, aimed at Making Software Better.

History

TSI evolved from a number of previous activities:

  • A study by the Cabinet Office, Central Sponsor for Information Assurance (CSIA) in 2004-5 which identified a pervasive lack of secure software development practices as a matter for concern
  • A Department of Trade and Industry (DTI – predecessor of BIS) Global Watch Report in 2006 which noted a relative lack of secure software development practices in the UK
  • The Technology Strategy Board (TSB) Cyber Security Knowledge Transfer Network (CSKTN) Special Interest Group (SIG) on Secure Software Development (SSD, 2007-8)
  • The TSB / Foreign and Commonwealth Office (FCO) Science and Innovation Network (SIN) Multinational Workshop “Challenges to building in … information security, privacy and assurance”, held in Paris in March 2009
  • The Secure Software Development Partnership (SSDP) Study Period, funded jointly by TSB and the Centre for Protection of National Infrastructure, which ran in 2009-2010

The Trustworthy Software Initiative (TSI) was established - originally as the Software Security, Dependability and Resilience Initiative (SSDRI) - in July 2011 to draw together the activity and provide a one-stop shop for guidance and information about trustworthy software development. It was renamed from SSDRI to TSI in September 2012.

Trustworthiness

TSI considers Trustworthiness to consist of 5 Facets, which are often deleteriously handled as stovepipes:

  • Safety - The ability of the system to operate without harmful states
  • Reliability - The ability of the system to deliver services as specified
  • Availability - The ability of the system to deliver services when requested
  • Resilience - The ability of the system to transform, renew, and recover in timely response to events
  • Security - The ability of the system to remain protected against accidental or deliberate attacks

This definition of Trustworthiness is an extension of a widely used definition of Dependability,[3] adding a 5th Facet of Resilience.

Operation

TSI is operated on behalf of UK government by the Cyber Security Centre,[4] De Montfort University.

It is managed by a Technical Director, Ian Bryant, with Stakeholder interests being represented by a President, Sir Edmund Burton, and a team of Vice Presidents responsible for particular communities of interest.

Current Activity

  • Enshrining its Trustworthy Software Framework (TSF) as British Standards (BS) Publicly Available Specification (PAS) 754
  • Starting promulgation of Software Trustworthiness across Education, initially targeting the“technical” undergraduate community, with the assistance of the main Professional bodies (BCS / IET)
  • Working with Partners on means of Verification of Organisational Competence in Software Trustworthiness (TickITPlus)

References

  1. ^ UK Trustworthy Software Initiative, retrieved 4 January 2014
  2. ^ Protecting and promoting the UK in a digital world: 2 years on – Government Press Release, retrieved 12 December 2013
  3. ^ "Software Engineering", I Sommerville, (9th Edition Feb 2010), ISBN 978-0137053469
  4. ^ DMU - FOT - Cyber Security Centre, retrieved 4 January 2014
Retrieved from "https://en.wikipedia.org/enwiki/w/index.php?title=Trustworthy_Software_Foundation&oldid=611663004"