Core + Interfaces effect on certification
In a previous post I was musing about the layered approach of the TrustTheVote technology suite. The idea of having a core with a set of interfaces allowing jurisdictions and other stakeholders to add their extensions and customizations on top of the core they license from OSDV.
By the way, I chose the term 'interfaces' to be purposely vague. There are numerous technical techniques for creating interfaces to achieve what we need to. There are straight APIs on code libraries, REST APIs, Plug-in extension mechanisms, and others. Depending on the aspect of the software that needs to be customizable, we will try to select the right technique.
That leads to the question of certification. I admit right off the bat that I am not yet super deep on the certification process. But it seems to me that it could be quite interesting if we could innovate a kind of 'pre-certification.'
In other words, I would make the case that the if the core, and it's interfaces were thoroughly examined, analyzed and tested, that the subsequent complete system assembled by our partners by combining our pre-certified core, the resultant completed system could be certified much more quickly and actually resulting in a stronger degree of assurance. What I see is that one could expect to get some 'credit' for the pre-certified core when certifying the complete system. What do you think?