Trustworthy Software Foundation

The Trustworthy Software Foundation
Founded	2016
Type	Not For Profit Foundation
Focus	Software Development
Location	London, United Kingdom;
Origins	Trustworthy Software Initiative (TSI)
Area served	UK
Method	Standards and their Verification
Key people	Alastair Revell (Chairman)
Website	www.tsfdn.org

The Trustworthy Software Foundation (TSFdn)^[1] is a UK not-for-profit organisation, with stated aim of improving software.

Trustworthiness

The work is based around there being five facets of trustworthiness:

Safety - The ability of the system to operate without harmful states
Reliability - The ability of the system to deliver services as specified
Availability - The ability of the system to deliver services when requested
Resilience - The ability of the system to transform, renew, and recover in timely response to events
Security - The ability of the system to remain protected against accidental or deliberate attacks

This definition of trustworthiness is an extension of a widely used definition of dependability,^[2] adding as a 5th Facet of Resilience based on the UK Government approach.^[3]

Objectives

TSFdn primarily aims to provide a living backbone for signposting to diverse but often obscure sources of Good Practice, with a secondary objective to address other aspects of the 2009 Trustworthy Software Roadmap.^[4]

This focuses on engaging with partners for promulgation of Software Trustworthiness across Education, in particular through the IAP, BCS, and the IET

Governance and Operation

TSFdn operates as a not-for-profit Company Limited by Guarantee, jointly owned by the subscriber organisations – UK professional bodies.^[5]

It formal interface to a cross section of stakeholders is carried out through the independent Advisory Committee on Trustworthy Systems (ACTS).

History

TSFdn, alongside the Advisory Committee on Trustworthy Systems, evolved from a number of previous activities:

A study by the Cabinet Office, Central Sponsor for Information Assurance (CSIA) in 2004-5 which identified a pervasive lack of secure software development practices as a matter for concern
A Department of Trade and Industry (DTI – predecessor of BIS) Global Watch Report in 2006 which noted a relative lack of secure software development practices in the UK
The Technology Strategy Board (TSB) Cyber Security Knowledge Transfer Network (CSKTN) Special Interest Group (SIG) on Secure Software Development (SSD, 2007–8)
The TSB / Foreign and Commonwealth Office (FCO) Science and Innovation Network (SIN) Multinational Workshop “Challenges to building in … information security, privacy and assurance”, held in Paris in March 2009
The Secure Software Development Partnership (SSDP) Study Period, funded jointly by the UK government' TSB and the Centre for the Protection of National Infrastructure (CPNI) organisations, which ran in 2009–2010
The Trustworthy Software Initiative (TSI—originally Software Security, Dependability and Resilience Initiative—SSDRI), a UK public good activity sponsored^[6] by CPNI between 2011 and 2016

References

^ Trustworthy Software Foundation, retrieved 2017-04-20
^ "Software Engineering", I Sommerville, (9th Edition Feb 2010), ISBN 978-0137053469
^ CPNI: Security Minded Approach, retrieved 2017-04-20
^ About TSFdn, retrieved 2017-04-20
^ About TSFdn, retrieved 2017-04-20
^ Protecting and promoting the UK in a digital world: 2 years on – Government Press Release, retrieved 12 December 2013

[1] Trustworthy Software Foundation, retrieved 2017-04-20

[2] "Software Engineering", I Sommerville, (9th Edition Feb 2010), ISBN 978-0137053469

[3] CPNI: Security Minded Approach, retrieved 2017-04-20

[4] About TSFdn, retrieved 2017-04-20

[5] About TSFdn, retrieved 2017-04-20

[6] Protecting and promoting the UK in a digital world: 2 years on – Government Press Release, retrieved 12 December 2013

[1]

[2]

[3]

[4]

[5]

[6]