BS 10754-1:2018
Information technology. Systems trustworthiness Governance and management specification
Standard number: | BS 10754-1:2018 |
Pages: | 44 |
Released: | 2018-02-28 |
ISBN: | 978 0 580 96464 0 |
Status: | Standard |
BS 10754-1:2018
This standard BS 10754-1:2018 Information technology. Systems trustworthiness is classified in these ICS categories:
- 35.030 IT Security
- 03.100.70 Management systems
This British Standard provides a specification for systems, software and services trustworthiness, that is intended to be a widely applicable approach that can be customized for any organization and software.
The requirements of this British Standard define the overall principles for effective trustworthiness, and include technical, physical, cultural and behavioural measures alongside effective leadership and governance. It identifies the necessary tools, techniques and processes and addresses safety, reliability, availability, resilience and security issues.
This British Standard does not specify the detailed processes or actions that an organization follows in order to achieve these outcomes.
NOTE 1 These processes are defined in other standards, or can be defined by the organization.
This British Standard includes a comprehensive Trustworthiness System Framework (TSFr), which provides a domain- and implementation-agnostic way to reference the large existing body of knowledge, including functional safety, information security, and systems and software engineering and acts as a collation of good practice for software trustworthiness.
When used as a standalone document for organizations with no current approach to software trustworthiness, this specification facilitates the deployment of the TSFr for software in its many guises from embedded equipment through consumer devices to industrial control systems.
Where organizations already address system trustworthiness through one or more of the five facets of trustworthiness in isolation (safety, reliability, availability, resilience and security), this specification provides a companion and complement to other relevant standards. This British Standard provides a benchmark of concepts, principles, expected techniques and management practices to achieve individual facets. This can be used to identify any gaps and enhancements for local implementation.
This British Standard does not specify how any technique should be applied to a specific application.
NOTE 2 This information is available in other standards, such as BS ISO/IEC 15408‑1 and BS EN ISO/IEC 27001 for information security, and BS EN 61508 (all parts) for functional safety.
This British Standard is applicable to any organization aiming to adopt system trustworthiness practices.