Trustworthy Software Foundation Launched
On the 6th April 2016, the Trustworthy Software Initiative (TSI) formally transitioned to the Trustworthy Software Foundation (TSF). This was to allow continued support and evolution of its outputs.
The Trustworthy Software Foundation is an independent, not-for-profit organisation, with the support of relevant Professional Bodies. To mark the occasion, a launch event was held in London, which was attended by our Head of Business Improvement, Irene Dovey, and our Head of Operations, Neville Smikle.
“Trustworthiness needs to come in at the start of the software development life cycle – not as a bolt on later! The work of the Trustworthy Software Foundation will help get buy-in from across the sector of doing things properly.”
The history of the Trustworthy Software Initiative (TSI)
Although the core ideas underpinning Good Practice in Trustworthy Software have been established for many years, such knowledge was, and remains, instantiated in a fragmented way.
With the founding of the UK National Cyber Security Programme (NCSP) in 2011, it was decided that the opportunity should be taken to coalesce ad-hoc activity across a number of aspects of Trustworthy Software (including Safety and Security) into a single management focus, with the primary raison d’être being to curate a Trustworthy Software Body of Knowledge to serve as a living backbone for signposting sources of such Good Practice.
During the period of the 5-year NCSP period, the Trustworthy Software Initiative was established and funded to address those aspects of the 2009 Multinational Trustworthy Software Roadmap of highest priority to the UK.
Major milestones have included:
- the publication of BS PAS754:2014 “Software Trustworthiness. Governance and management. Specification”;
- the associated TS502 “Trustworthy Software Essentials”; and
- development of Reference Curricula and supporting materials for Education and Training.
A new chapter in trustworthy software
At the end of the NCSP period, an ongoing need was identified to maintain and update the Body of Knowledge, including Instruction and Verification practices, and to ensure ongoing Coherence with international and standardisation activities. Hence the creation of the Trustworthy Software Foundation.
Nexor has been heavily involved in the work of the TSI/TSF and was its industry launch partner for the PAS754 framework. We will continue to help its work in supporting good working practices for software development.
RECENT BLOG POSTS
Traditionally, our approach to managing cyber security risks has been ‘static’ – in the sense that the threat analysis, risk assessment and treatment plan are performed as manual operations ‘up front’ of solution deployment – usually as part of a Secure Development Lifecycle (SDL) – such as Nexor’s CyberShield Secure Development methodology.
For our 2017 Christmas greetings we ran a Nexor Treasure Hunt asking our customers to find the link between Nexor and the buildings in the images below.
Whilst the global online environment is seeing an increase in cyber threats, companies and government bodies still need to share information, including sensitive intelligence documents, in a secure way within their organisation.
Be the first to know about developments in secure information exchange