Trustworthy software for a resilient society
Project
Secure software is a necessary precondition for a working society. The software ecosystem (SECO), i.e., the complex network of software providers that collaboratively provide software for every computer on earth, is a trust-rich part of the world. Software engineers trust major hubs in the ecosystem, such as package managers, repository services, and programming language ecosystems. This trust, however, is typically unfounded, and this has led to many software supply chain attacks in the past [1].
We introduce a trust layer in the worldwide SECO, intending to make trust data available to all actors in the SECO as a commons, like water or air. With our trust layer, organizations can rapidly assess whether the software that they depend on is worthy of their trust. The ambitious goal that we have set is to raise the accessibility, reliability, and use of trust data in the worldwide SECO [3]. We envision a future where software can be rapidly and even automatically assessed fairly and equally, using a shared understanding of trust that is collaboratively created and maintained.
Goals
- Define trust in software ecosystems
- Provide a decentralized autonomous organization that shares software trust data
- Implement a blockchain solution that enables fair data sharing between software ecosystem actors
- Create a community of actors around trust data
Team
Dr. Slinger Jansen is an associate professor at the Department of Information and Computer Science at Utrecht University. He is one of the leading researchers in the domain of software ecosystems and a co-founder of the International Conference on Software Business and the International Workshop on Software Ecosystems. He is the lead editor of the book “Software Ecosystems: Analyzing and Managing Business Networks in the Software Industry” and several others.
Dr. Siamak Farshidi is a senior researcher at the Department of Information and Computer Science at Utrecht University. During his PhD, Siamak worked on multi-criteria decision-making problems in software production, such as blockchain platform selection. Currently, his research focuses on Knowledge Engineering, Conceptual Modeling, Decision Support Systems, and Software Architecture.
Fang Hou graduated with a bachelor’s in computer science and technology and a master’s in business information systems. She has experience in system testing and business integration at Citibank and UBS. Now she is working on the trust data analysis on the TruSoft project.
Paul van Vulpen is a researcher on the TruSoft project. He received a BSc in Innovation Management and an MSc in Business Informatics. His research interests include software collaboration, software ecosystems and decentralized collaboration. He is currently engaged in understanding the governance mechanisms of DAOs. In addition to being a researcher, Paul is a product manager of blockchain governance at Centric.
Blockchain experience
We have experience developing applications on top of existing blockchains. We have developed a data store on top of the Ethereum blockchain. Furthermore, we have developed a database infrastructure on our own private instance of the Lisk blockchain. Finally, we have conducted many experiments with decentralized autonomous organization platforms and are currently publishing on the topic. We have also written several authoritative works on the selection of blockchain technologies and their governance [4-6].
References
[1] Fang Hou, Siamak Farshidi, Slinger Jansen (2021) A Distributed Infrastructure for Providing Trust in the Software Ecosystem. Proceedings of the Workshop on Blockchain for Information Systems Workshop.
[2] Fang Hou and Slinger Jansen (2022). A Systematic Literature Review on Trust in the Software Ecosystem. https://arxiv.org/abs/2203.05678
[3] Jansen, S., Cusumano, M., Brinkkemper, S. Software Ecosystems: Analyzing and Managing Business Networks in the Software Industry (2013). Edward Elgar Publishers, 350 pages.
[4] Elena Baninemeh, Siamak Farshidi, and Slinger Jansen (2022) A Decision Model for Decentralized Autonomous Organization Platform Selection: Three Industry Case Studies. https://arxiv.org/abs/2107.14093
[5] van Pelt, Rowan; Jansen, Slinger; Baars, Djuri; Overbeek, Sietse (2020) Defining Blockchain Governance: A Framework for Analysis and Comparison. Information Systems Management, pp. 1–21, 2020.
[6] Farshidi, Siamak; Jansen, Slinger; na, Sergio Espa; Verkleij, Jacco (2020) Decision support for blockchain platform selection: Three industry case studies. In: IEEE Transactions on Engineering Management, 2020.