Trustable Software Engineering

We work on critical software projects where Codethink, our customers and users demand evidence to answer fundamental questions:

provenance where does it come from? who made it?

reliability does it work? how often does it break?

resilience how does it handle and recover from disruption?

safety how does it avoid or prevent harm to users and in general?

security how are its functions and data protected from attack?

Evidence and accountability

We support, recommend and make active use of concepts, tools and outputs from initiatives that help to deliver evidence and accountability throughout the software lifecycle:

• requirements capture

• architecture and design

• development and maintenance

• build and integration

• test, verification and validation

• operating system stack and toolchain

• project infrastructure and version control

• governance and compliance

Examples include: Baserock, BuildStream, Civil Infrastructure Platform, Core Infrastructure Initiative, Debian, Doorstop, Git, GitLab, GNOME, The Linux Kernel, Mustard, OpenChain, OpenControl, Reproducible Builds, SPDX, Trustable.