PAS 754:2014 Software Trustworthiness. Governance and management. Specification

Find Similar Items

This product falls into the following categories.

You may find similar items within these categories by selecting from the choices below:

PAS 754:2014

Software Trustworthiness. Governance and management. Specification

Status : Current   Published : May 2014



With the increasing demand of software capabilities in both business and government operations, building trustworthy software is critical for the success of all organizations. However, the growth of the internet has highlighted both malicious and unintentional threats by providing endless points of attacks that threaten the dependency of software running on the network for distributed applications.

Sponsored by the UK Trustworthy Software Initiative, this document provides consensus for software trustworthiness, either as a stand-alone document or as a companion to other relevant standards.

The specification identifies five aspects of software trustworthiness: Safety, reliability, availability, resilience and security. This set of principles and techniques for any software implementation needs to be suited to the context and intended use.

It describes a widely applicable approach to achieving software trustworthiness, which is based on the following concepts:

  • Governance. Before producing or using any software which has a trustworthiness requirement, an appropriate set of governance and management measures shall be set up
  • Risk assessment. The risk assessment process involves considering the set of assets to be protected, the nature of the adversities that may be faced, and the way in which the software may be susceptible to such adversities
  • Control application. Risk shall be managed through the treatment of risk by the application of appropriate personnel, physical, procedural and technical controls
  • Compliance. A compliance regime shall be set up to ensure that creators and users of software ensure that governance, risk and control decisions have been implemented.

In conjunction with methodologies such as TicklTplus, a UK scheme that embraces quality management across IT in the form of a capability maturity method and other similar frameworks, PAS 754 provides a foundation for software trustworthiness within organizations.

1 Scope
2 Normative references
3 Terms, definitions and acronyms
4 Approach
5 Concepts
6 Principles
Annex A (informative) PAS 754 in the system life cycle
Annex B (informative) Techniques for delivery of PAS 754 requirements
List of figures
Figure 1 – Facets of trustworthiness
Figure 2 – Aspects of trustworthiness
Figure 3 – Trustworthy software framework
Figure 4 – PDCA cycle
Figure 5 – Use during life cycle
Figure 6 – Trustworthiness level matrix
Figure 7 – Deployment model
Figure A.1 – PAS 754 in the system life cycle
List of tables
Table B.1 – Techniques for delivery of PAS 754 requirements

You might also be interested in: 

Standard NumberPAS 754:2014
TitleSoftware Trustworthiness. Governance and management. Specification
Publication Date30 May 2014
DescriptorsComputers, Computer networks, Computer software, Management, Management techniques, Communication technology
ISBN978 0 580 83242 0
File Size704 KB

 Your basket
Your basket is empty

Take the smart route to manage medical device compliance


The faster, easier way to work with standards

Worldwide Standards
We can source any standard from anywhere in the world

Get ISO 45001

BSI Essentials: All-in-one BSI online toolkit for BS ISO 45001