Issue No. 05 - September/October (2005 vol. 3)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2005.119
Peter Torr , Microsoft
If done early in the development life cycle, threat modeling can reveal architectural weaknesses that could require significant changes to your product. Making design changes early in the product life cycle is much cheaper than trying to make them at the end.
threat modeling, software development, product development, threat environment, security
P. Torr, "Demystifying the Threat-Modeling Process," in IEEE Security & Privacy, vol. 3, no. , pp. 66-70, 2005.