Issue No.05 - September/October (2005 vol.3)
Peter Torr , Microsoft
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2005.119
If done early in the development life cycle, threat modeling can reveal architectural weaknesses that could require significant changes to your product. Making design changes early in the product life cycle is much cheaper than trying to make them at the end.
threat modeling, software development, product development, threat environment, security
Peter Torr, "Demystifying the Threat-Modeling Process", IEEE Security & Privacy, vol.3, no. 5, pp. 66-70, September/October 2005, doi:10.1109/MSP.2005.119