Towards a trustworthiness model for Open Source Software