Many of the international standards for software in critical systems (e.g. IEC 61508, ISO 26262) are published under restrictive licences, at high prices. They broadly discourage the use of FOSS, by imposition of processes that do not align with modern open source best practices such as continuous delivery and automated testing. As a result some industries such as automotive, medical and aerospace, are locked in to proprietary software.

This talk will introduce the Trustable Software Framework (TSF), a new free and open source project which establishes an evidence-based method for measuring the actual risks involved in continuous delivery of software in critical systems.

TSF is applicable over the entire software supply chain, including CICD tools and infrastructure, build dependencies, operating systems, target applications and test environments, and is intended to measure risk on projects delivering critical systems which demand reliability, availability, security and safety.