The Trustworthy Software Foundation (TSFdn) aims to collect, organise and share the wealth of knowledge, experience and capabilities that already exist in the UK public and private sectors and in academia about trustworthy software to give people a joined-up, curated view of the information that is available.

Mission Statement

The Trustworthy Software Foundation’s mission is to :

leftQuote

enhance the overall software and systems culture, with the objective that software should be designed, implemented and maintained in a trustworthy manner

rightQuote

The evolution of the TSFdn from the previous Trustworthy Software Initiative (TSI) reflects a continued commitment to promote the importance of Trustworthy Software in the United Kingdom.

History and Plans

In 2004 a study by the Cabinet Office identified a pervasive lack of secure software development practices as a matter for concern, subsequently supported by a Department of Trade and Industry Global Watch Report in 2006 which noted a lack of secure software development practices in the UK.

In 2007, the Technology Strategy Board’s Cyber Security Knowledge Transfer Network (CSKTN) formed a Special Interest Group on Secure Software Development which examined some of the potential causes.

In 2009, a joint conference was held in Paris by the Technology Strategy Board and the Foreign and Commonwealth Office. A roadmap for action was delivered. The Secure Software Development Partnership (SSDP) was formed, jointly funded by the Technology Strategy Board (TSB) anthe Centre for Protection of National Infrastructure (CPNI), to carry out the roadmap. This roadmap, updated annually, continues to provide direction for Trustworthy Software activities today.

The SSDP became the Trustworthy Software Initiative (TSI), funded from the National Cyber Security Plan to provide a one-stop shop for guidance and information about trustworthy software development.

In 2016, the TSI became the Trustworthy Software Foundation (TSFdn) under the stewardship of the current professional institutions.  It is a Company Limited By Guarantee.

In 2020, the TSFdn became a subsiduary of the Institution of Analysts and Programmers. It is a Company Limited By Guarantee.

In 2020, the TSFdn began working with the BSI to take forward the ideals of the TSFdn.

In 2021, Nexor became the first organisation to obtain Level 1 accreditation of the Trustworthy Systems Mark (TSM) Scheme.

Governance and Operation

The Trustworthy Software Foundation (TSFdn) operates as a not-for-profit Company Limited by Guarantee, with primary objective being to curate a Trustworthy Software Body of Knowledge (TS-BOK), to serve as a living backbone for signposting to diverse but often obscure sources of Good Practice, and a secondary objective to address other aspects of the 2009 Trustworthy Software Roadmap.

TSFdn is based at The Institution of Analysts and Programmers offices in London.the Cyber Security Centre of the University of Warwick.

The current Chief Executive of the TSFdn is Alastair Revell of the IAP.
The primary contact for the Foundation is the Operations Director, John Ellis.
Technical coherence is led by the Standards Development Advisor (SDA), Ian Bryant.

Partners & Stakeholders

The Trustworthy Software Initiative (TSI), which was Trustworthy Software Foundation’s (TSFdn) predecessor, was funded out of the HM Government 1st National Cyber Security Programme (2011-2016), but always actively engaged with a cross section of stakeholders across various sectors encompassing the public and private sectors, and academia.

The TSFdn will continue to ensure that such a cross section of stakeholders is engaged with input to help define strategic direction again being provided by the Advisory Committee on Trustworthy Software (ACTS), Chaired by Prof Tim Watson, he took over the role in 2020 from his predecessor  Sir Edmund Burton KBE.

In addition, two standing Working Groups are maintained to ensure that relevant stakeholder views are captured and collated, being: