Visible to the public Framework for Trustworthy Software Development

TitleFramework for Trustworthy Software Development
Publication TypeConference Paper
Year of Publication2019
AuthorsR P, Jagadeesh Chandra Bose, Singi, Kapil, Kaulgud, Vikrant, Phokela, Kanchanjot Kaur, Podder, Sanjay
Conference Name2019 34th IEEE/ACM International Conference on Automated Software Engineering Workshop (ASEW)
Keywordsalgorithmic level, application development life cycle, auditability, bias-free, compliance, composability, cyber physical systems, governance, governance framework, intelligent software applications, process level, Provenance, pubcrawl, Resiliency, security of data, smart advisors, software engineering, total product life cycle, transparency, trustworthiness, trustworthy software, trustworthy software development, Trustworthy Systems, ubiquitous computing
AbstractIntelligent software applications are becoming ubiquitous and pervasive affecting various aspects of our lives and livelihoods. At the same time, the risks to which these systems expose the organizations and end users are growing dramatically. Trustworthiness of software applications is becoming a paramount necessity. Trust is to be regarded as a first-class citizen in the total product life cycle and should be addressed across all stages of software development. Trust can be looked at from two facets: one at an algorithmic level (e.g., bias-free, discrimination-aware, explainable and interpretable techniques) and the other at a process level by making development processes more transparent, auditable, and adhering to regulations and best practices. In this paper, we address the latter and propose a blockchain enabled governance framework for building trustworthy software. Our framework supports the recording, monitoring, and analysis of various activities throughout the application development life cycle thereby bringing in transparency and auditability. It facilitates the specification of regulations and best practices and verifies for its adherence raising alerts of non-compliance and prescribes remedial measures.
Citation Keyr_p_framework_2019