Open Source Dependability and Trustworthiness

Open Source discussions concerning trustworthiness, and dependability have been raised by the articles, presentations, at the “Open Source Development Workshop” held in Newcastle upon Tyne, UK, on the 25th & 26th of February 2002[1]. Among other contributions, they underline some key concepts about OSS and trustworthiness. They also note that the terms Trustworthiness and Dependability are equivalent.

Trustworthiness is a U.S. term and Dependability is a European term. Some other hints are noticeable. They report some given definitions of trust and trustworthiness, and summarize as follows. Trust and trustworthiness can be different: trust may exist where there is no evidence to justify the reliance placed in a certain system, whereas trustworthiness suggests that there are assurance criteria to justify our confidence in a system. Finally, Lawrie and and Gacek conclude that, to be a dependable and trustworthy system, a computer system needs to include certain attributes such as security, reliability, availability. One interesting point that becomes clear is that the stereotypical view of the FLOSS "Bazaar" model is not as chaotic and ad-hoc as it first appears.

At last, Bernstein in [2] analyzes how rarely trustworthiness is considered by software designers. They more often consider schedules, costs, performances, requirements. He does not distinguish FLOSS from closed source. Simply, his attention is focused on the trustworthiness issue. He complains with the lack of interest around trustworthiness and he would be pleased if there were laws that require every product to have a named Software Architect and a Software Project Manager, which control the trustworthiness of the product and of the development process. Trustworthiness is a holistic property, encompassing security, safety and reliability. It is not sufficient to address only one or two of these diverse dimensions, nor is it sufficient to simply assemble components that are themselves trustworthy. Integrating the components and understanding how the trustworthiness dimensions interact is a challenge. Because of the increasing complexity and scope of software, its trustworthiness will become a dominant issue.

Software fault tolerance is at the heart of the building trustworthy software. Trustworthy software is stable software. It is sufficiently fault-tolerant that it does not crash at minor flaws and will shut down in an orderly way in the face of major trauma. Trustworthy software does what it is supposed to do and can repeat that action time after time, always producing the same kind of output from the same kind of input.

Finally, the National Institute of Standards and Technology (NIST) defines trustworthiness as "software that can and must be trusted to work dependably in some critical function, and failure to do so may have catastrophic results, such as serious injury, lost of life or property, business failure or breach of security."

References

1. Lawrieand T., Gacek C., "Issues of Dependability in Open Source Software Development", ACM SIGSOFT, Software Engineering Notes, vol. 27, n. 3, pp 34, May 2002.
2. Bernstein, L., "Trustworthy software systems", ACM SIGSOFT Software Engineering Notes, vol. 30, no. 1, pp. 4-5, 2005.

From this serie

This article comes from the FLOSS Trustworthiness Series:

• What does Trust Mean in Open Source Software
• Trust In Open Source Communities
• Open Source Dependability and Trustworthiness
• Trustworthiness, security, and privacy