REFERENCES
- Alberts , C. and Dorofee , A. 2009 . A framework for categorizing key drivers of risk. Rep. no. CMU/SEI-2009-TR-007 , Pittsburgh : Software Engineering Institute, Carnegie Mellon University .
- Ellison , R.J. , Alberts , C.J. , Creel , R.C. , Dorfee , A. and Woody , C. 2010 . Software supply chain risk management: From products to systems of systems. Technical Note CMU/SEI-2010-TN-026, Software Engineering Institute
- GAO Report to Congressional Requesters . 2012 . IT supply chain: National security-related agencies need to better address risks , Washington , DC : United States Government Accountability Office . March 23)
- Giles, L. (trans. 1910). Sun Tzu on the art of war. http://classics.mit.edu/Tzu/artwar.html (http://classics.mit.edu/Tzu/artwar.html)
- International Standards Organization . 2008 . Systems and software lifecycle process—ISO/IEC 12207–2008. ,
- International Standards Organization . 2008 . The secure software engineering—Capability maturity model (SSE-CMM)—ISO/IEC 21827. ,
- Newman , M. 2002 . Software errors cost U.S. economy $59.5 billion annually , Gaithersburg , MD : National Institute of Standards and Technology (NIST) .
- Stevens , J. 2006 . Adopting an enterprise software security framework . IEEE Security & Privacy , March/April