Trust in Motion: Capturing Trust Ascendancy in Open-Source Projects using Hybrid AI

Open-source is frequently described as a driver for unprecedented communication and collaboration, and the process works best when projects support teamwork. Yet, their cooperation processes in no way protect project contributors from considerations of trust, power, and influence. Indeed, achieving the level of trust necessary to contribute to a project and thus influence its direction is a constant process of change, and developers take many different routes over many communication channels to achieve it. We refer to this process of influence-seeking and trust-building, trust ascendancy. This paper describes a methodology for understanding the notion of trust ascendancy, and introduces the capabilities that are needed to localizing trust ascendancy operations happening over open-source projects. Much of the prior work in understanding trust in open-source software development has focused on a static view of the problem, and study it using different forms of quantity measures. However, trust ascendancy is not static but rather adapt to changes in the open-source ecosystem in response to developer role changes, new functionality, new technologies, and so on. This paper is the first attempt to articulate and study these signals, from a dynamic view of the problem. In that respect, we identify related work that may help illuminate research challenges, implementation tradeoffs, and complementary solutions. Our preliminary results show the effectiveness of our method at capturing the trust ascendancy developed by individuals involved in a well-documented 2020 social engineering attack. Our future plans highlight research challenges, and encourage cross-disciplinary collaboration to create more automated, accurate, and efficient ways to modeling and then tracking trust ascendancy in open-source projects.