First SwForum workshop on trustworthy software and open source
Nowadays, the increasing importance of software for businesses, industry and the life of common citizens makes the notion of trustworthiness a crucial one. A trustworthy software is one for which some important properties such as correctness, compliance, reliability, availability, performance, safety, security, maintainability, privacy of data, energy efficiency, sustainability, and certified interaction with humans are ensured.
In this context, several problems require attention from the research and the practitioner’s community. Among the others, this workshop is focusing on the following ones:
Characteristics of trustworthy software. Examples of attributes that make software trustworthy are security, compatibility, quality, correctness, dependability. Is there any other? What are the minimal characteristics of a trustworthy piece of software? The acceptable level of trustworthiness for a piece of software depends on the specific application domain the software is developed for. Is it possible to define a taxonomy?
Developing trustworthy software. Which methodologies, methods and tools are currently available to develop trustworthy software? Which are the most critical trustworthiness characteristics to be considered during development? How a developer or a final user can verify if and to which extent it is possible to trust on the used software? Which are the steps to be accomplished in this case? Could these tasks be automated?
The role of open source in the development of trustworthy software. At a first glance, open source may be seen as a development practice that is against the idea of trustworthiness: the first question we may ask, in fact, is: how could I trust that an obscure developer is developing software I can trust? The situation is not as simple as it can appear. Open-source development today is not conducted by obscure individuals, but, often, it is supported by multiple enterprises sharing the same interest and/or by well-known and highly rewarded groups of independent developers. In many cases, open-source software could be even seen as more trustworthy than closed source one as only the first one can be inspected and analysed by third parties in a completely open and transparent manner. So, the questions we would like to discuss concern: 1) what are the criteria to consider an open-source software trustworthy? 2) What drives the industry to use and rely (or not) on open-source software? 3) How can an H2020 project develop an effective and impactful open-source software, considering its typical timeframe and scope?