Software Assurance Curriculum Master Bibliography and Course References

[1]  Mark Merkow,et al.  Secure and Resilient Software Development , 2010 .

[2]  Rance Cleaveland,et al.  A Software Architectural Approach to Security by Design , 2006, 30th Annual International Computer Software and Applications Conference (COMPSAC'06).

[3]  Software Assurance: An Overview of Current Industry Best Practices , 2008 .

[4]  Marie A. Wright,et al.  Information security - contemporary cases , 2006 .

[5]  John B. Goodenough,et al.  Evaluating and Mitigating Software Supply Chain Security Risks , 2010 .

[6]  Jeannette M. Wing,et al.  A Formal Model for a System's Attack Surface , 2011, Moving Target Defense.

[7]  Nancy R. Mead,et al.  Software Security Engineering: A Guide for Project Managers , 2004 .

[8]  Larissa Larsen,et al.  Secondary Sources , 2017, Alone Before God.

[9]  Suzanne Garcia,et al.  CMMI Survival Guide: Just Enough Process Improvement , 2006 .

[10]  Robert C. Seacord,et al.  Secure coding in C and C , 2005 .

[11]  Peter Sommerlad,et al.  Security Patterns: Integrating Security and Systems Engineering , 2006 .

[12]  Approved December IEEE Recommended Practice for Software Acquisition , 1994 .

[13]  David J. Teumim,et al.  Industrial Network Security , 2004 .

[14]  Shirley M. Radack,et al.  Guide to Information Security Testing and Assessment | NIST , 2008 .

[15]  Nancy R. Mead,et al.  Software Assurance Curriculum Project Volume II: Undergraduate Course Outlines , 2010 .

[16]  Alan D. Ross,et al.  Network Security Essentials , 2003 .

[17]  S. Rehman,et al.  Research on software design level security vulnerabilities , 2009, SOEN.

[18]  Matt Bishop,et al.  Computer Security: Art and Science , 2002 .

[19]  Eldad Eilam,et al.  Reversing: Secrets of Reverse Engineering , 2005 .

[20]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[21]  Elfriede Dustin,et al.  The Art of Software Security Testing: Identifying Software Security Flaws , 2006 .

[22]  Barton P. Miller,et al.  An empirical study of the robustness of MacOS applications using random testing , 2006, RT '06.

[23]  Gary McGraw,et al.  Software Security and SOA : Danger , Will Robinson ! , 2022 .

[24]  Gary Stoneburner,et al.  SP 800-27 Rev. A. Engineering Principles for Information Technology Security (A Baseline for Achieving Security), Revision A , 2004 .

[25]  David LeBlanc,et al.  Writing Secure Code , 2001 .

[26]  Stephen H. Kan,et al.  Metrics and Models in Software Quality Engineering , 1994, SOEN.

[27]  Jeannette M. Wing,et al.  An Attack Surface Metric , 2011, IEEE Transactions on Software Engineering.

[28]  Peter Mell,et al.  Guide to Malware Incident Prevention and Handling , 2005 .

[29]  Nikolai Mansourov,et al.  System Assurance: Beyond Detecting Vulnerabilities , 2010 .

[30]  Gary McGraw,et al.  The Building Security in Maturity Model ({BSIMM}) , 2009 .

[31]  Gary McGraw,et al.  Software Security: Building Security In , 2006, 2006 17th International Symposium on Software Reliability Engineering.

[32]  尚弘 島影 National Institute of Standards and Technologyにおける超伝導研究及び生活 , 2001 .

[33]  Bashar Nuseibeh,et al.  Requirements Engineering Annotated Bibliography , 2000 .

[34]  Gary Stoneburner,et al.  Engineering principles for information technology security (a baseline for achieving security) :: recommendations of the National Institute of Standards and Technology , 2001 .

[35]  Dannelle D. Stevens,et al.  Introduction to Rubrics: An Assessment Tool to Save Grading Time, Convey Effective Feedback, and Promote Student Learning , 2004 .

[36]  Ian F. Alexander,et al.  Misuse Cases: Use Cases with Hostile Intent , 2003, IEEE Softw..

[37]  Nancy R. Mead,et al.  Software Assurance Curriculum Project Volume I: Master of Software Assurance Reference Curriculum , 2010 .

[38]  Roger S. Pressman,et al.  Software Engineering: A Practitioner's Approach , 1982 .

[39]  Emmanuel Aroms NIST Special Publication 800-34 Contingency Planning Guide for Federal Information Systems Revision 1 , 2012 .

[40]  T. Grance,et al.  Computer Security Incident Handling Guide | NIST , 2004 .

[41]  Bashar Nuseibeh,et al.  Arguing Satisfaction of Security Requirements , 2008 .

[42]  Nicola Zannone The Si* Modeling Framework: Metamodel and Applications , 2009, Int. J. Softw. Eng. Knowl. Eng..

[43]  Christopher J. Alberts,et al.  Integrated Measurement and Analysis Framework for Software Security , 2010 .

[44]  Heidi Ellis Software engineering: effective teaching and learning approaches and practices , 2007, SOEN.

[45]  P. Robert Quality requirements for software acquisition , 1997, Proceedings of IEEE International Symposium on Software Engineering Standards.

[46]  Harlan D. Mills,et al.  Structured programming - theory and practice , 1979, The systems programming series.

[47]  Jeffrey A. Ingalsbe,et al.  Threat Modeling: Diving into the Deep End , 2008, IEEE Software.

[48]  Computational Evaluation of Software Security Attributes , 2009, 2009 42nd Hawaii International Conference on System Sciences.

[49]  Andreas Golze,et al.  Optimize Quality for Business Outcomes: A Practical Approach to Software Testing, 3rd Edition , 2008 .

[50]  Jörgen Hansson,et al.  Architectural Modeling to Verify Security and Nonfunctional Behavior , 2010, IEEE Security & Privacy.

[51]  Gary McGraw,et al.  Building Secure Software : ソフトウェアセキュリティについて開発者が知っているべきこと , 2006 .

[52]  A.-U.-H. Yasar,et al.  Best practices for software security: An overview , 2008, 2008 IEEE International Multitopic Conference.

[53]  Jason Grembi Secure Software Development: A Security Programmer's Guide , 2008 .

[54]  Shrikant Mulik,et al.  An Approach for Selecting Software-as-a-Service (SaaS) Product , 2009, 2009 IEEE International Conference on Cloud Computing.

[55]  Jan Jürjens,et al.  From goal‐driven security requirements engineering to secure design , 2010, Int. J. Intell. Syst..

[56]  Robert C. Seacord The CERT C Secure Coding Standard , 2008 .

[57]  Haralambos Mouratidis,et al.  Integrating Security and Software Engineering: Advances and Future Visions , 2006 .

[58]  John W. Quinley,et al.  Four-Year Graduates Attending Community Colleges: A New Meaning for the Term "Second Chance.". , 1998 .

[59]  Melissa Dark,et al.  An information security ethics education model , 2008 .

[60]  Xavier Leroy,et al.  Computer Security from a Programming Language and Static Analysis Perspective , 2003, ESOP.

[61]  Michael Howard,et al.  The security development lifecycle : SDL, a process for developing demonstrably more secure software , 2006 .

[62]  Silvan S. Tomkins,et al.  Exploring affect: The cognitive system , 1995 .

[63]  Chris Eagle,et al.  The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler , 2008 .