Toward an approach to measuring software trust

Abstract

The authors have been involved in the development of an approach to measuring the trust of software, at some state in the software development life cycle. The primary emphasis has been on the use of well-known and generally accepted security and software engineering principles as a means for establishing software trust. A description of the critical issues related to software trust is provided here. A set of criteria classes consisting of various trust principle combinations is shown to provide a scale for measuring and comparing trust. The System V/MLS secure operating system development approach is used to demonstrate the effect of trust principles in a practical setting.<>