Evolving nature of software technologies prompts us to think beyond secure software engineering. Security assurance alone may not always convince us to use a software, we need to trust the software too. A secure software may not necessarily be trustworthy to all of us because trust depends on many other attributes - security is one of them. Some of the attributes have nothing to do with security such as correctness of output, reliability of the computation, amount of control the user holds on the software, use context, etc. Perhaps it is time to think about trustworthy software engineering. I look forward to hearing your thoughts on this topic.
展开▼