BS PAS 754:2014 is a British Standards Institution (BSI) software Publicly Available Specification, published in May 2014. [1] BS PAS 754:2014 was withdrawn following the publication of BS 10754-1:2018 in February 2018.
The PAS defines the overall principles for effective software trustworthiness, and includes technical, physical, cultural and behavioral measures alongside effective leadership and governance. It also identifies the necessary tools, techniques and processes and addresses safety, reliability, availability, security and resilience issues. [2]
The official title of the standard is "Software Trustworthiness – Governance and management – Specification".
PAS 754:2014 has seven main clauses, plus three annexes, which cover:
The development of PAS754 has been led by the Trustworthy Software Initiative, a UK government sponsored Public Good activity aimed at Making Software Better. [1]
The following organizations were involved in the development of this specification: Atkins Group; BIS; CPNI; Certification Europe; De Montfort University; Group 5 Training; IET; Microsoft (UK); MISRA; Nexor; Oxford Brookes University; QinetiQ; TechUK and University of Warwick. [1]
British Standards (BS) are the standards produced by the BSI Group which is incorporated under a royal charter and which is formally designated as the national standards body (NSB) for the UK. The BSI Group produces British Standards under the authority of the charter, which lays down as one of the BSI's objectives to:
Set up standards of quality for goods and services, and prepare and promote the general adoption of British Standards and schedules in connection therewith and from time to time to revise, alter and amend such standards and schedules as experience and circumstances require.
An open standard is a standard that is openly accessible and usable by anyone. It is also a common prerequisite that open standards use an open license that provides for extensibility. Typically, anybody can participate in their development due to their inherently open nature. There is no single definition, and interpretations vary with usage. Examples of open standards include the GSM, 4G, and 5G standards that allow most modern mobile phones to work world-wide.
ISO/IEC 20000 is the international standard for IT service management. It was developed in 2005 by ISO/IEC JTC1/SC7 and revised in 2011 and 2018. It was originally based on the earlier BS 15000 that was developed by BSI Group.
Information security standards or cyber security standards are techniques generally outlined in published materials that attempt to protect the cyber environment of a user or organization. This environment includes users themselves, networks, devices, all software, processes, information in storage or transit, applications, services, and systems that can be connected directly or indirectly to networks.
PAS 78: Guide to good practice in commissioning accessible websites is a Publicly Available Specification published on March 8, 2006 by the British Standards Institution in collaboration with the Disability Rights Commission. It provides guidance to organisations in how to go about commissioning an accessible website from a design agency. It describes what is expected from websites to comply with the UK Disability Discrimination Act 1995, making websites accessible to disabled people.
BS was BSI's standard in the field of Business Continuity Management (BCM). It was withdrawn in 2012 and 2013 following the publication of the international standards ISO 22301 - ″Societal Security — Business continuity management systems — Requirements″ and ISO 22313 - ″Societal Security — Business continuity management systems — Guidance″
The British Standards Institution (BSI) is the national standards body of the United Kingdom. BSI produces technical standards on a wide range of products and services and also supplies certification and standards-related services to businesses.
A Publicly Available Specification or PAS is a standardization document that closely resembles a formal standard in structure and format but which has a different development model. The objective of a Publicly Available Specification is to speed up standardization. PASs are often produced in response to an urgent market need.
ISO 55000 is an international standard covering management of assets of any kind. Before it, a Publicly Available Specification was published by the British Standards Institution in 2004 for physical assets. The ISO 55000 series of Asset Management standards was launched in January 2014.
A technical standard is an established norm or requirement for a repeatable technical task which is applied to a common and repeated use of rules, conditions, guidelines or characteristics for products or related processes and production methods, and related management systems practices. A technical standard includes definition of terms; classification of components; delineation of procedures; specification of dimensions, materials, performance, designs, or operations; measurement of quality and quantity in describing materials, processes, products, systems, services, or practices; test methods and sampling procedures; or descriptions of fit and measurements of size or strength.
The ISO 14064 standard is the core part of the ISO 14060 family of standards that are part of the ISO 14000 series of international standards by the International Organization for Standardization (ISO) for environmental management. The ISO 14064 standards provides governments, businesses, regions and other organisations with a complementary set of tools for programs to quantify, monitor, report and verify greenhouse gas emissions. The ISO 14064 standards supports organisations to participate in both regulated and voluntary programs such as emissions trading schemes and public reporting using a globally recognised standard.
PAS 2060 is a specification detailing how to demonstrate carbon neutrality produced and published by the British Standards Institution.
BS 8888 is the British standard developed by the BSI Group for technical product documentation, geometric product specification, geometric tolerance specification and engineering drawings.
ISO 20121 is a voluntary international standard for sustainable event management, created by the International Organization for Standardization. The standard aims to help organizations improve sustainability throughout the entire event management cycle.
The United Kingdom has a diverse cyber security community, interconnected in a complex network.
The Trustworthy Software Foundation (TSFdn) is a UK not-for-profit organisation, with stated aim of improving software.
Ian Bryant is a British academic, engaged in promoting Trustworthy Software and Systems, and in Standardisation.
ISO/IEC/IEEE 29119Software and systems engineering -- Software testing is a series of five international standards for software testing. First developed in 2007 and released in 2013, the standard "defines vocabulary, processes, documentation, techniques, and a process assessment model for testing that can be used within any software development lifecycle."
ISO/IEC 27701:2019 is a privacy extension to ISO/IEC 27001. The design goal is to enhance the existing Information Security Management System (ISMS) with additional requirements in order to establish, implement, maintain, and continually improve a Privacy Information Management System (PIMS). The standard outlines a framework for Personally Identifiable Information (PII) Controllers and PII Processors to manage privacy controls to reduce the risk to the privacy rights of individuals.