- 可信软件若干关键技术的研究
- 袁玉宇 Witold Suryn Jorgen Boegh著
- 367字
- 2020-08-27 03:11:01
1 Introduction
What trustworthiness means in IT domain is the result of many decades of evolution of different, not always closely related sciences like psychology, sociology, engineering and even history. The largely known definition of trustworthiness applied in software engineering domain has been proposed and published by M.Bishop in [1] and is related to conformance to requirements:
An entity is trustworthy if there is sufficient credible evidence leading one to believe that the system will meet a set of given requirements. Trust is a measure of trustworthiness, relying on the evidence provided.
The notion of trustworthiness applied in human relationships is being continuously discussed on different open fora with one of the most interesting perspective published on Wikipedia[2]:
Trustworthiness is a moral value considered to be a virtue. A trustworthy person is someone in whom we can place our trust and rest assured that the trust will not be betrayed.
The records of the Minnesota State Archives[3] give a very succinct yet precise illustration of what trustworthiness may mean for the history:
Trustworthiness refers to the reliability and authenticity of records.
Finally, the linguistic definition related to engineering that can be found in most of on-line and printed dictionaries is:
Trustworthiness is an attribute of an entity deserving of trust or confidence, being dependable and reliable.
The key notions that can be withdrawn as a common denominator from all the above definitions are: reliability, credibility and dependability. And, in the essence, they represent the lion part of what a contemporary IT user (consumer) would expect from software or system that processes his sensitive information. However, to be true to the reality, to present a 21st century user's perception of trustworthiness a larger list of attributes must be drawn:
· Quality.
· Reliability.
· Credibility.
· Dependability.
· Completeness of required functions.
· Proper quality-cost ratio (so the software was nor overpaid).
· Post-sale maintenance and service.
· Pre-sale and post-sale training.
· Documentation.
· Responsibility for the product.
Some of the above elements may seem secondary in comparison with, for example, quality or dependability, but the real market knows cases, when the supplier lost the trust of his customer after offering a“lousy” post-sale support.