The Trustworthy Software Framework (TSFr) is a collation of good practice, existing guidance and relevant standards across the five main facets of trustworthiness: Safety; Reliability; Availability; Resilience; and Security.

The purpose of the TSFr is to provide a minimum set of controls such that, when applied, all software (irrespective of implementation constraints) can be specified, realised and used in a trustworthy manner.

The TSF has been established, and will continue to evolve, as a means for anyone to quickly find the information and advice they need to build, procure or work with Trustworthy Software.”

Facets of Trustworthiness

The TSF considers trustworthiness as comprising of 5 facets:

Safety: The ability of the software to operate without causing harm to anything or anyone.

Reliability: The ability of the software to operate correctly.

Availability: The ability of the software to operate when required.

Resilience: The ability of the software to recover from errors quickly and completely.

Security: The ability of the software to remain protected against the hazards posed by malware, hackers or accidental misuse.

All software requires these facets to some degree according to the purpose of the software. In order to make sure that software is appropriately trustworthy, each item of software should be reviewed for both explicit and implicit requirements for delivery of these 5 abilities.

Trustworthiness Level (TL)

The TSF recognises that software only requires a level of trustworthiness commensurate to the purpose for which it is used and therefore advocates a risk-based approach to determine the Trustworthiness Level (TL) of the software (based upon the role of the software in the system/ service and the maximum impact that a defect/deviation would have on the system/service).

There are 4 assignable levels of trustworthiness:

TL1 Essential Practices: Software trustworthiness delivered in a due diligence manner

TL2 Assessed Practices: Software trustworthiness delivered by managed processes

TL3 Enhanced Practices: Software trustworthiness delivered by established processes

TL4 Specialist Practices: Software trustworthiness delivered by predictable or optimising processes

It is intended that the TL be used to determine the appropriate set of controls to be applied to the software asset (Comprehensive Set or Baseline Set), thereby ensuring that the controls used to ensure trustworthiness are sufficient without being excessive.

Comprehensive Control Set

The TSFr was formalised through the British Standards Institution as PAS754:2014 as a specification for software trustworthiness with the intention that it be used either as a stand-alone document or as a companion/complement to other relevant standards.

PAS754:2014 defines the comprehensive set of controls organised under the 4 concepts of Governance; Risk; Controls (Personnel, Physical, Procedural, Technical); and Compliance, further expanding to cover 30 principles which are then sub-divided into 150 techniques. The Comprehensive set of controls is appropriate for software assets with a Trustworthiness Level (TL) of 3 and above.

Baseline Control Set (TS Essentials)

Trustworthy Software Essentials (TSE) was established as a subset of the comprehensive set of controls listed in the TSFr, providing a baseline set of controls organised under the mnemonic SCUDA (Scope for Use, Coding Practices, Use Tools Effectively, Defect Management and Artefact Management).

The Baseline set of controls is appropriate for software assets with a Trustworthiness Level (TL) of 1 or 2.

Further information on Trustworthy Software Essentials can be found in the below video