The Trustworthy Software Foundation (TSFdn) aims to collect, organise and share the wealth of knowledge, experience and capabilities that already exist in the UK public and private sectors and in academia about trustworthy software to give people a joined-up, curated view of the information that is available.
The Trustworthy Software Foundation’s mission is to :
The evolution of the TSFdn from the previous Trustworthy Software Initiative (TSI) reflects a continued commitment to promote the importance of Trustworthy Software in the United Kingdom.
In 2004 a study by the Cabinet Office identified a pervasive lack of secure software development practices as a matter for concern, subsequently supported by a Department of Trade and Industry Global Watch Report in 2006 which noted a lack of secure software development practices in the UK.
In 2007, the Technology Strategy Board’s Cyber Security Knowledge Transfer Network (CSKTN) formed a Special Interest Group on Secure Software Development which examined some of the potential causes.
In 2009, a joint conference was held in Paris by the Technology Strategy Board and the Foreign and Commonwealth Office. A roadmap for action was delivered. The Secure Software Development Partnership (SSDP) was formed, jointly funded by the Technology Strategy Board (TSB) anthe Centre for Protection of National Infrastructure (CPNI), to carry out the roadmap. This roadmap, updated annually, continues to provide direction for Trustworthy Software activities today.
The SSDP became the Trustworthy Software Initiative (TSI), funded from the National Cyber Security Plan to provide a one-stop shop for guidance and information about trustworthy software development.
In 2016, the TSI became the Trustworthy Software Foundation (TSFdn) under the stewardship of the current professional institutions. It is a Company Limited By Guarantee.
The Trustworthy Software Foundation (TSFdn) operates as a not-for-profit Company Limited by Guarantee, with primary objective being to curate a Trustworthy Software Body of Knowledge (TS-BOK), to serve as a living backbone for signposting to diverse but often obscure sources of Good Practice, and a secondary objective to address other aspects of the 2009 Trustworthy Software Roadmap.
TSFdn is based at the Cyber Security Centre of the University of Warwick.
It is owned by subscriber organisations – UK professional bodies, which are currently:
The current chair of the Management Board of subscriber organisations is Alastair Revell of the IAP.
It is expected that additional professional bodies will become subscriber organisations in due course.
The primary contact for the Foundation is the Chief Operating Officer (COO), Francoise Hackney.
Technical coherence is led by the Standards Development Advisor (SDA), Ian Bryant.
The Trustworthy Software Initiative (TSI), which was Trustworthy Software Foundation’s (TSFdn) predecessor, was funded out of the HM Government 1st National Cyber Security Programme (2011-2016), but always actively engaged with a cross section of stakeholders across various sectors encompassing the public and private sectors, and academia.
The TSFdn will continue to ensure that such a cross section of stakeholders is engaged with input to help define strategic direction again being provided by the Advisory Committee on Trustworthy Software (ACTS), Chaired by Sir Edmund Burton KBE.
In addition, two standing Working Groups are maintained to ensure that relevant stakeholder views are captured and collated, being: