The Eclipse Trustable Software Framework project's focus is practical approaches to understanding risks in software engineering.
Describing and quantifying these risks requires a scalable framework that can be applicable for systems of varying degrees of complexity. Complex systems involving software, hardware, safety, and security properties can greatly benefit from continuous quantitative analysis to inform decision-making.
A single generalised system cannot address all domains effectively, so Eclipse Trustable Software Framework aims to evolve into an ecosystem built around a unified methodology in the longer term. The first step in this journey is the Trustable Software Framework (TSF) and its set of Tenets and Assertions: short statements (propositions that could be either true or false) identifying what objectives software projects must consider in order to be considered Trustable.
TSF specifies how metadata about a software project is stored and managed in a git repository, alongside the software's source code and documentation. This involves systematically tracking a set of statements that specify the software project, which form a directed acyclic graph (DAG) and provide metrics for continuous analysis and iteration.
These statements document claims about the software or the project, identify evidence that supports these, or specify requests that must be satisfied by another claim - or by something or someone external to the project. The graph describes how high-level or external goals for the software project (Expectations) are supported by more specific objectives (Assertions) and ultimately Evidence. The latter must necessarily reference artifacts: files in a git repository, or the result of automated processes operating on such files.
This approach is intended to replace traditional techniques that rely on office tools like MS Word or Excel to author documentation, and specialised commercial tooling to manage system specifications and requirements, and trace these to implemented software and tests. Such approaches frequently fail to maintain integrity in complex, continuously evolving systems, because they are not closely integrated with the software that they describe.