Reading List

The following lists include content which we hope is of interest to readers working to improve the quality of trustable software. We're happy to consider recommendations for additional reading.

Note: Even the smartest authors are sometimes wrong, so buyer/reader beware.

Trustable White Papers

The following white papers have been produced by the Trustable Software community:

Towards Trustable Software

Software Concepts, Processes and Methods

Making Software: What Really Works, and Why We Believe It is a compilation of articles about various software practices, mostly supported by actual evidence.

The Leprechauns of Software Engineering debunks some widely held beliefs including 'the claimed 10x variation in productivity between developers; the "software crisis"; the cost-of-change curve; the "cone of uncertainty"'.

SDL 3.0 attempts to map a landscape for Agile in context with more formal methods.

Facts and Fallacies of Software Engineering (and pretty much anything by Robert L. Glass).

Although Fred Brooks' The Mythical Man-Month: Essays on Software Engineering was originally published in 1975, it's still required reading. The key ideas are summarised on its wiki page.

Philosophical and Psychological factors

Nicholas Taleb's Antifragile: Things that Gain from Disorder and The Black Swan are not about software, but both highlight the dangers in complexity and how easy it is for people to believe the wrong things.

Thinking, Fast and Slow describes in detail a wide range of ways in which our brains draw the wrong conclusions.

Papers, Articles and Lectures

Ken Thompson's Reflections on Trusting Trust highlights just how easy it is to backdoor software.

BCS report on Safety-Critical vs Security-Critical Software

David Parnas' A Rational Design Process: How and Why to Fake it

Salzer and Schroeder's The Protection of Information in Computer Systems or Mathew Squair's summarised principles

Stan Kaplan's The words of risk analysis

Rachel Botsman's talk on The Currency of Trust

Safety and Risk

Two pieces on the Toyota Unintended Acceleration case

Matthew Squairon Identifying hazards and TRIZ

Richard I. Cook's How Complex Systems Fail

John Knight and Nancy Leveson experiment on Multi Version Programming and the resulting criticisms

The STPA Handbook