Information technology -security techniquessystems security engineering -capability maturity model, 2008. ,
Introduction to the octave approach, 2003. ,
Organization and maintenance of large ordered indices, 1970. ,
A problem-based threat analysis in compliance with common criteria, vol.09, p.2013 ,
, Sdl threat modeling tool. security development lifecycle, 2018.
Developer-driven threat modeling: Lessons learned in the trenches, IEEE Security Privacy, vol.9, issue.4, pp.41-47, 2011. ,
Toward a security ontology, IEEE Security and Privacy, vol.1, issue.3, pp.6-7, 2003. ,
Security ontology: Simulating threats to corporate assets, vol.12, pp.249-259, 2006. ,
Stakeholder involvement, motivation, responsibility, communication: How to design usable security in e-science, Int. Journal of Human-Computer Studies, vol.67, pp.281-296, 2009. ,
, The OWASP Foundation. Owasp attack list, 2017.
UML Distilled: A Brief Guide to the Standard Object Modeling Language, Object Technology Series, 2003. ,
The role of intangible assets in the modern cyber threat landscape: the hermeneut project, vol.5, 2019. ,
Exiting the risk assessment maze: A meta-survey, ACM Comput. Surv, vol.51, issue.1, 2018. ,
The Security Development Lifecycle, vol.34, 2006. ,
Analyzing impacts of cloud computing threats in attack based classification models, 2016. ,
Threat modeling: from infancy to maturity, New Ideas and Emerging Results, ICSE, 2020. ,
The threats to our products. Microsoft Interface, Microsoft Corporation, vol.33, 1999. ,
Software Security: Building Security In, 2006. ,
A common criteria based security requirements engineering process for the development of secure information systems, vol.29, 2007. ,
, Common attack pattern enumeration and classification, 2007.
, Attck matrix for enterprise, 2015.
Exploring software security approaches in software development lifecycle: A systematic mapping study, Comp. Stand. & Int, vol.50, pp.107-115, 2017. ,
Asset-centric security risk assessment of software components, Workshop on MILS: Architecture and Assurance for Secure Systems, vol.01, p.2016 ,
Threat modeling of a mobile device management system for secure smart work, Electronic Commerce Research, vol.13, 2013. ,
A descriptive study of microsoft's threat modeling technique, Requirements Engineering, p.20, 2013. ,
Threat modeling: a summary of available methods, 2018. ,
Experiences threat modeling at microsoft, vol.01, 2008. ,
Threat Modeling: Designing for Security, 2014. ,
A reuse-based approach to determining security requirements, 2003. ,
Computer Security: Principles and Practice, 2014. ,
Threat modeling -perhaps it's time, IEEE Security Privacy, vol.8, issue.3, pp.83-86, 2010. ,
Comparison of risk analysis methods: Mehari, magerit, nist800-30 and microsoft's security management guide, Int. Conf. on Availability, Reliability and Security, 2009. ,
Demystifying the threat modeling process, IEEE Security Privacy, vol.3, issue.5, pp.66-70, 2005. ,
Threat analysis of software systems: A systematic literature review, Journal of Systems and Software, vol.144, pp.275-294, 2018. ,
Real world threat modeling using the pasta methodology, 2012. ,
An extensible patternbased library and taxonomy of security threats for distributed systems, Computer Standards Interfaces, vol.36, issue.4, pp.734-747, 2014. ,
Threat modeling -a systematic literature review, Computers Security, vol.84, pp.53-69, 2019. ,