Issue No.01 - January/February (2007 vol.5)
Carol Woody , SEI
Christopher Alberts , SEI
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2007.3
The operational security of software-intensive systems is closely linked to the practices and techniques used during system design and development. The authors examine OCTAVE, an operational security-risk methodology, and apply it to the security-related risks identifiable while developing software-intensive systems.
OCTAVE, operational security, system development
Carol Woody, Christopher Alberts, "Considering Operational Security Risk during System Development", IEEE Security & Privacy, vol.5, no. 1, pp. 30-35, January/February 2007, doi:10.1109/MSP.2007.3