MOSST: model of Open Source Software trustworthiness
MOSST (Model of Open Source Software Trustworthiness) is a customizable model for estimating the trust that FLOSS stakeholders (developers, end-users, integrators, customizers, managers, …) can have in the qualities of FLOSS products. MOSST provides an estimation of the percentage of FLOSS stakeholders that would favorably rate a number of important qualities of a FLOSS product as well as an estimation of the percentage of FLOSS stakeholders that will overall rate the product as trustworthy.
MOSST has been built by applying solid statistical techniques to data coming from the field. We surveyed hundreds of FLOSS stakeholders on how they would evaluate the trustworthiness of several Java- and C/C++-based FLOSS projects.
One of the final goals of MOSST is to automate, to the extent possible, the building of a FLOSS quality and trustworthiness model. The MOSST toolset automatically collects data from FLOSS repositories, with minimal user intervention. Several tools support the implementation of the model proposed by MOSST. The model and the related tools represent an integrated and complete solution for verifying the quality of your FLOSS products.
Pre-conditions and requirements
There are no special requirements for using MOSST. A basic understanding of FLOSS and software quality is a definite advantage.
- How the trustworthiness of OSS products and artifacts can be assessed and predicted (A5.D1.5.6)
For experimentation results:
- Trustworthiness Models for Open Source Software (wd5.6.2)
For the MOSST toolset:
- Specification of the tools to support CMM-like model for OSS
- Tools to support CMM-like model for OSS (Function testing and benchmarking test, Identification and construction of measurement tools, Tools Supporting Analysis, model building and assessment)
For details on the method followed see documents:
- How European software industry perceives OSS trustworthiness and what are the specific criteria used to establish trust in OSS?
- The observed characteristics and relevant factors used for assessing the trustworthiness of OSS products and artifacts
The following list of tools implement the methodology proposed by MOSST in order to get the assessment of the quality in your open source products:
The lessons learned show that it is possible to accurately estimate the trust in the qualities of FLOSS products. Please refer to the available documentation for the specific results. These estimates can be used by FLOSS developers to assess the level of trust in the FLOSS products they are developing and by the other FLOSS stakeholders to assess how trustworthy some specific FLOSS product is.
Maturity Level (1-5)
About the model: 4
Adjustments in the maturity rating of MOSST may be necessary as MOSST may evolve over time, due to the ever-changing set of FLOSS products: new FLOSS products may appear in the FLOSS arena, or updated versions of existing FLOSS products may become available. In a way, MOSST will constantly be “in progress” to keep up with technology advances.
About the tool set: 3
Up to know, MOSST has been tuned based on FLOSS products written in Java and C/C++. FLOSS products written in other languages may be taken into account in the future. So, the current toolset will need to be expanded. Also, additional measures will be investigated even for Java and C/C++ FLOSS products.
- Competence Centres
- Project Identity