[1]Computing Research Association (CRA). Four grand challenges in trustworthy computing [EB/OL]. [2012-04-16]. http://archive.cra.org/reports/trustworthy.computing.pdf.[2]BEN SWARUP M, SEETHA RAMAIAH P. An approach to modeling software safety in safety-critical systems [J]. Journal of Computer Science, 2009, 5(4): 311-322.[3]樊晓光,褚文奎,张凤鸣.软件安全性研究综述[J].计算机科学,2011,38(5):8-13.[4]CLIFTON A, ERICSON I I. Hazard analysis techniques for system safety [M]. New York: John Wiley & Sons, 2005.[5]FENTON N, NEIL M. Measuring your risks: numbers that would make sense to Bruce Willis and his crew [EB/OL]. [2010-04-07]. http://www.agenarisk.com/resources/white_papers/Measuring_Risks.pdf.[6]郦萌.安全性苛求系统中关于软件安全性评价的研究[J].计算机工程与科学,2002,24(2):59-61.[7]陈鑫,王晓晗,黄河.基于威胁分析的多属性信息安全风险评估方法研究[J].计算机工程与设计,2009,30(1):38-40.[8]刘勇,林奇,孟坤.一种基于信息熵的企业信息系统的安全风险定量评估方法[J].计算机科学,2010,37(5):45-48.[9]ALBERTS C, ALLEN J, STODDARD R. Security measurement and analysis [EB/OL]. [2012-03-20]. http://www.cert.org/archive/pdf/SecurityMeasurementandAnalysis.pdf.[10]MANADHATA P K, TAN K M C, MAXION R A, et al. An approach to measuring a system's attack surface, CMU-CS-07-146 [R]. Pittsburgh: Carnegie Mellon University, 2007.[11]MANADHATA P K, WING J M. An attack surface metric [J]. IEEE Transactions on Software Engineering, 2011, 37(3): 371-386.[12]HOWARD M, LeBLANC D. Writing secure code [M]. Washington, DC: Microsoft Press, 2002.[13]HOWARD M, LIPNER S. The secure development life-cycle [M]. Washington, DC: Microsoft Press, 2006.[14]张鑫,顾庆,陈道蓄.面向对比评估的软件系统安全度量研究[J].计算机科学,2009,36(9):122-126.[15]ROBERT M G. Entropy and information theory [M]. Berlin: Springer-Verlag, 1990.[16]孙东川,林福永.系统工程引论[M].北京:清华大学出版社,2004.[17]HOWARD M. Security Development Lifecycle (SDL) banned function calls [EB/OL]. [2012-03-16]. http://msdn.micro soft.com/en-us/library/bb288454.aspx.[18]SCHNEIER B. Attack trees: modeling security threats [EB/OL]. [2012-03-12]. http://www.schneier.com/paper-atta cktrees-ddj-ft.html.[19]LITTLEWOOD B, BROCKLEHURST S, FENTON N, et al. Towards operational measures of computer security [J]. Journal of Computer Security, 1993, 2(2/3): 211-230.[20]ORTALO R, DESWARTE Y, KANICHE M. Experimenting with quantitative evaluation tools for monitoring operational security [J]. IEEE Transactions on Software Engineering, 1999, 25(5): 633-650. |