Bibliography

Alberts, Christopher J., Dorofee, Audrey J., Higuera, Ron, Murphy, Richard L., Walker, Julie A., & Williams, Ray C. Continuous Risk Management Guidebook. Software Engineering Institute, Carnegie Mellon University. 1996. Pages 7–9. http://resources.sei.cmu.edu/library/asset-view.cfm?assetid=30856.

Body of Knowledge and Curriculum to Advance Systems Engineering (BKCASE). BKCASE. June 29, 2016 [accessed]. www.bkcase.org.

Chrissis, Mary Beth, Konrad, Mike, & Moss, Michele. Ensuring Your Development Processes Meet Today’s Cyber Challenges. CrossTalk. Volume 26. Number 2. March/April 2013. Pages 29–33. www.crosstalkonline.org/issues/marchapril-2013.html.

Committee on National Security Systems (CNSS). National Information Assurance (IA) Glossary. CNSSI Number 4009. 2009. www.ncsc.gov/nittf/docs/CNSSI-4009_National_Information_Assurance.pdf.

Elahi, Golnaz, Yu, Eric, & Zannone, Nicola. A Vulnerability-Centric Requirements Engineering Framework: Analyzing Security Attacks, Countermeasures, and Requirements Based on Vulnerabilities. Requirements Engineering Journal. Volume 15. Number 1. March 2010. Pages 41–62. http://dl.acm.org/citation.cfm?id=1731695.

Ellison, Robert J., Goodenough, John B., Weinstock, Charles B., & Woody, Carol. Evaluating and Mitigating Software Supply Chain Security Risks. CMU/SEI-2010-TN-016. Software Engineering Institute, Carnegie Mellon University. 2010. http://resources.sei.cmu.edu/library/asset-view.cfm?assetid=9337.

Haley, Charles, Laney, Robin, Moffett, Jonathan, & Nuseibeh, Bashar. Security Requirements Engineering: A Framework for Representation and Analysis. IEEE Transactions on Software Engineering. Volume 34. Number 1. January–February 2008. Pages 133–153. http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=4359475.

Humphrey, Watts S. A Discipline for Software Engineering. Addison-Wesley Professional, 1995.

Jacobson, Ivar, & Lawson, Harold Bud, eds. Software Engineering in the Systems Context—Addressing Frontiers, Practice and Education. College Publications, Kings College, London. 2016. www.collegepublications.co.uk/systems/?00007.

Krigsman, Michael. Six Types of IT Project Failure. TechRepublic. September 29, 2009. www.techrepublic.com/blog/tech-decision-maker/six-types-of-it-project-failure/.

Levinson, Meredith. Project Management: The 14 Most Common Mistakes IT Departments Make. CIO. July 23, 2008. www.cio.com/article/2434788/project-management/project-management-the-14-most-common-mistakes-it-departments-make.html.

Mead, Nancy R., & Hilburn, Thomas B. Building Security In: Preparing for a Software Security Career. IEEE Security & Privacy. Volume 11. Number 6. November–December 2013. Pages 80–83. http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=6682937.

Merrell, Samuel A., Moore, Andrew P., & Stevens, James F. Goal-Based Assessment for the Cybersecurity of Critical Infrastructure. 2010 IEEE International Conference on Technologies for Homeland Security (HST). 2010. Pages 84–88. http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5655090.

MITRE. Common Attack Pattern Enumeration and Classification. June 29, 2016 [accessed]. http://capec.mitre.org.

Open Web Application Security Project (OWASP). Software Assurance Maturity Model: A Guide to Building Security into Software Development. June 29, 2016 [accessed]. www.opensamm.org.

Romero-Mariona, Jose. Secure and Usable Requirements Engineering. 24th IEEE/ACM International Conference on Automated Software Engineering, 2009. Pages 703–706. http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=5431703.

Sharp, Alec, & McDermott, Patrick. Workflow Modeling: Tools for Process Improvement and Application Development, 2nd ed. Artech House. 2008.

U.S. Department of Defense. Information Assurance Workforce Improvement Program. DoD 8570.01-M. 2005. http://dtic.mil/whs/directives/corres/pdf/857001m.pdf.