How can secure software be trusted?

The security of software applications is a major concern, especially for information owners, software developers and users. Increasingly, these stakeholders need to be confident that the software applications being developed are secure and can be trusted when used in the intended environment. However, a problem exists in terms of how to confidently address the security of software applications in order to protect the information to be stored, processed and transmitted by them, thereby increasing their associated levels of trust. The purpose of this paper is therefore to address some key aspects relating to the security and trustworthiness of a software application functioning within the intended environment. These key aspects include those relating to the security controls implemented and installed by the software developers and those involving the actual usage of the security controls implemented. CATEGORIES AND SUBJECT DESCRIPTORS