John Ellis and Luc Poulin (both of the TSF) are attending the ISO/IEC JTC 1/WG 13 in Stockholm, Sweden.
Part of this meeting is to agree the progression of PWI 9814 to become a full project for ISO.
Luc is the Author and Jinghua Min Co-Author along with the rest of the group have worked on this for about 4 years to help make software more trustworthy and ensure people who develop or use software understand why it is important to have standards.
Trustworthy software is central to the modern digital infrastructure that powers a significant part of our daily lives and economic activities. Below, we explain why trustworthy software is essential and how standards support this importance:
Importance of Trustworthy Software
- Security: Trustworthy software protects users from malicious activities such as hacking, data theft, and other cybercrimes. It safeguards personal, financial, and other sensitive information from unauthorized access and exploitation.
- Reliability: Reliable software performs consistently and as expected, minimizing the risks of crashes, errors, and downtime that can disrupt business operations and affect user experience.
- Safety: In numerous systems like healthcare, transportation, and industrial control systems, the safety of individuals is intrinsically linked to the trustworthy operation of software. Faulty or compromised software can potentially lead to accidents and harm.
- Compliance: Adhering to legal and regulatory requirements is easier with trustworthy software. Non-compliance can result in legal actions, fines, and damage to an organization’s reputation.
- Economic Aspects: Trustworthy software reduces the costs associated with repairs, maintenance, and security breaches. It also fosters customer trust, which can translate to better business performance and economic stability.
- Innovation: Trustworthy software can facilitate innovation by providing a stable and secure platform for the development and deployment of new technologies and services.
Role of Standards in Supporting Trustworthy Software
- Uniformity and Consistency: Standards provide a common framework that developers can follow, ensuring a baseline level of quality and security in software products. This uniformity fosters trust among users and stakeholders.
- Best Practices: Standards encapsulate best practices in the industry, guiding developers in designing and implementing software that meets high levels of reliability, security, and performance.
- Interoperability: Standards facilitate interoperability between different software systems, allowing them to work together seamlessly, which is essential in today’s interconnected world.
- Quality Assurance: Adhering to standards can help in quality assurance by providing benchmarks against which software products can be evaluated and verified for reliability, security, and other attributes.
- Continuous Improvement: Standards are often updated to incorporate the latest research and developments. Following these standards ensures that software is developed using state-of-the-art knowledge and techniques, promoting continuous improvement.
- Facilitating Regulation and Compliance: Standards can serve as a basis for regulations, helping governments and other bodies to set rules that promote the development of trustworthy software and protect users and society at large.
- Education and Training: Standards can also play an educational role, helping to train developers and other stakeholders in the principles and techniques for developing trustworthy software.
Trustworthy software is vital for the security, safety, and well-being of individuals and society. Standards support the development of trustworthy software by providing guidelines and benchmarks for quality, security, and other critical attributes, fostering trust, innovation, and economic growth
As ISO and the BSI progress standards in the industry we will keep you informed.
For more info about the ISO project see https://jtc1info.org/sd-2-history/jtc1-working-groups/wg-13/