LONDON--(BUSINESS WIRE)-- The Institute for Strategy, Resilience & Security (ISRS) at University College London (UCL) in association with software developer Codethink Ltd, today announced the release of a new white paper entitled Towards Trustable Software – A Systematic Approach To Establishing Trust In Software. Paul Sherwood, CEO of Codethink will introduce this concept at the High Integrity Software Conference in Bristol, United Kingdom on October 17, 2017 at 09:50.
While software has become critical to virtually all aspects of modern life, processes for determining whether we can trust it are conspicuously absent. Towards Trustable Software explores the potential for a more secure foundation for societal resilience, analogous to existing trust mechanisms in key industries such as finance, healthcare and construction.
Paul Sherwood, CEO of Codethink commented: “There are no consistent or reliable measures for software risks, quality, productivity, or costs, and most software users do not understand the risks. We need to stimulate improvement in a way that raises the bar across the entire industry for service providers, software vendors, operators and users.”
The Rt Hon. Lord Reid of Cardowan, Executive Chairman of ISRS commented: “This blind spot has crept up upon us and it should be of major concern to governments, regulators and the software industry, as well as the general public, because it risks future crises of confidence, when these systems inevitably fail in unexpected ways, with far reaching and possibly systemic consequences. We very much hope that this paper will serve to initiate discussion of the first principles and steps towards consensus as to how software should be designed, constructed and operated, so as to be trustable.”
The paper proposes the concept of a trustable software engineering process as a necessary and appropriate underpinning platform to ensure solid foundations for the trust of software going forward.
The principles of how that process might work are outlined, by establishing software engineering practices that generate audit information at all stages of creation, deployment, change and use, to enable the continual assessment of trust, analogous to existing mechanisms in key industries such as finance, healthcare and construction.
The full report can be downloaded at Trustable Software
ABOUT THE INSTITUTE FOR STRATEGY, RESILIENCE & SECURITY (ISRS) AT UCL
The Institute for Strategy Resilience & Security (ISRS) (www.isrs.org.uk) at UCL serves as a pioneer and forum for next generation thinking. Founded by the Rt Hon. Lord Reid of Cardowan, ISRS provides analysis and assessment of the major issues of resilience with respect to national and global infrastructure and the ability of governments, regulators and businesses to respond to them. The Institute advises industry and the public sector on the persistent challenges to their agility, stamina and capacity for strategic decision making, so as to better face existential threats, risks, and disruptive innovation that are not addressed by conventional strategy and forecasting.
Contacts Institute for Strategy, Resilience & Security (ISRS) University College London Gower Street London WC1E 6BT info@isrs.org.uk
Other Content
- Speed Up Embedded Software Testing with QEMU
- Open Source Summit Europe (OSSEU) 2024
- Watch: Real-time Scheduling Fault Simulation
- Improving systemd’s integration testing infrastructure (part 2)
- Meet the Team: Laurence Urhegyi
- A new way to develop on Linux - Part II
- Shaping the future of GNOME: GUADEC 2024
- Developing a cryptographically secure bootloader for RISC-V in Rust
- Meet the Team: Philip Martin
- Improving systemd’s integration testing infrastructure (part 1)
- A new way to develop on Linux
- RISC-V Summit Europe 2024
- Safety Frontier: A Retrospective on ELISA
- Codethink sponsors Outreachy
- The Linux kernel is a CNA - so what?
- GNOME OS + systemd-sysupdate
- Codethink has achieved ISO 9001:2015 accreditation
- Outreachy internship: Improving end-to-end testing for GNOME
- Lessons learnt from building a distributed system in Rust
- FOSDEM 2024
- QAnvas and QAD: Streamlining UI Testing for Embedded Systems
- Outreachy: Supporting the open source community through mentorship programmes
- Using Git LFS and fast-import together
- Testing in a Box: Streamlining Embedded Systems Testing
- SDV Europe: What Codethink has planned
- How do Hardware Security Modules impact the automotive sector? The final blog in a three part discussion
- How do Hardware Security Modules impact the automotive sector? Part two of a three part discussion
- How do Hardware Security Modules impact the automotive sector? Part one of a three part discussion
- Automated Kernel Testing on RISC-V Hardware
- Automated end-to-end testing for Android Automotive on Hardware
- GUADEC 2023
- Embedded Open Source Summit 2023
- RISC-V: Exploring a Bug in Stack Unwinding
- Adding RISC-V Vector Cryptography Extension support to QEMU
- Introducing Our New Open-Source Tool: Quality Assurance Daemon
- Achieving Long-Term Maintainability with Open Source
- FOSDEM 2023
- Think before you Pip
- BuildStream 2.0 is here, just in time for the holidays!
- A Valuable & Comprehensive Firmware Code Review by Codethink
- GNOME OS & Atomic Upgrades on the PinePhone
- Flathub-Codethink Collaboration
- Codethink proudly sponsors GUADEC 2022
- Tracking Down an Obscure Reproducibility Bug in glibc
- Web app test automation with `cdt`
- FOSDEM Testing and Automation talk
- Protecting your project from dependency access problems
- Porting GNOME OS to Microchip's PolarFire Icicle Kit
- YAML Schemas: Validating Data without Writing Code
- Full archive