ISO IEC IEEE 15026-1 Bibliografi

ISO IEC IEEE 15026-1 Bibliografi adalah Daftar Pustaka Standar Internasional mengenai systems and software engineering atau sistem dan rekayasa perangkat lunak, khususnya tentang systems and software assurance part 1: concepts and vocabulary atau konsep dan kosakata.

Artikel ini merupakan lanjutan dari artikel sebelumnya berikut :

• ISO IEC IEEE 15026-1 software assurance concepts
• ISO IEC IEEE 15026-1 Klausa 3.1 – 3.5

Standar ISO IEC IEEE 15026-1 Bibliografi

Daftar Pustaka atau Bibliography :

ISO IEC IEEE 15026-1 Bibliografi 1-25

• [1] ISO Guide 51:2014, Safety aspects — Guidelines for their inclusion in standards
• [2] ISO Guide 73:2009, Risk management — Vocabulary — Guidelines for use in standards
• [3] ISO/IEC 2382, Information technology — Vocabulary
• [4] ISO 2394, General principles on reliability for structures
• [5] ISO 9000, Quality management systems — Fundamentals and vocabulary
• [6] ISO 9241-400, Ergonomics of human — system interaction — Part 400: Principles and requirements for physical input devices
• [7] ISO 12100, Safety of machinery — General principles for design — Risk assessment and risk reduction
• [8] ISO/IEC/IEEE 12207:2017, Systems and software engineering — Software life cycle processes
• [9] ISO 13849 (all parts), Safety of machinery — Safety-related parts of control systems
• [10] ISO 14620 (all parts), Space systems — Safety requirements
• [11] ISO 14625, Space systems — Ground support equipment for use at launch, landing or retrieval sites — General requirements
• [12] ISO/IEC/IEEE 15288:2015, Systems and software engineering — System life cycle processes
• [13] ISO/IEC/IEEE 15289, Systems and software engineering — Content of life-cycle information items (documentation)
• [14] ISO/IEC 15408 (all parts), Information technology — Security techniques — Evaluation criteria for IT security
• [15] ISO/IEC/TR 15443 (all parts), Information technology — Security techniques — Security assurance framework
• [16] ISO/IEC/TR 15446, Information technology — Security techniques — Guidance for the production of protection profiles and security targets
• [17] ISO/IEC/IEEE 15939, Systems and software engineering — Measurement process
• [18] ISO/IEC/IEEE 160853, Systems and software engineering — Life cycle processes — Risk management
• [19] ISO/IEC/IEEE 16326, Systems and software engineering — Life cycle processes — Project management
• [20] ISO/TR 16982, Ergonomics of human-system interaction — Usability methods supporting human-centred design
• [21] ISO/IEC 18014 (all parts), Information technology — Security techniques — Time-stamping services
• [22] ISO/TR 18529, Ergonomics — Ergonomics of human-system interaction — Human-centred lifecycle process descriptions
• [23] ISO 19706, Guidelines for assessing the fire threat to people
• [24] ISO/IEC 19770 (all parts), Information technology — IT asset management
• [25] ISO/IEC/TR 19791, Information technology — Security techniques — Security assessment of operational systems

Bibliografi 26-44

• [26] ISO 20282 (all parts), Ease of operation of everyday products
• [27] ISO/IEC 21827, Information technology — Security techniques — Systems Security Engineering — Capability Maturity Model® (SSE-CMM®)
• [28] ISO/IEC/IEEE 24748 (all parts), Systems and software engineering — Life cycle management
• [29] ISO/IEC 25000, Systems and software engineering — Systems and software Quality Requirements and Evaluation (SQuaRE) — Guide to SQuaRE
• [30] ISO/IEC 25010, Systems and software engineering — Systems and software Quality Requirements and Evaluation (SQuaRE) — System and software quality models
• [31] ISO/IEC 25012, Software engineering — Software product Quality Requirements and Evaluation (SQuaRE) — Data quality model
• [32] ISO/IEC 25020, Software engineering — Software product Quality Requirements and Evaluation (SQuaRE) — Measurement reference model and guide
• [33] ISO/IEC 25030, Software engineering — Software product Quality Requirements and Evaluation (SQuaRE) — Quality requirements
• [34] ISO/IEC 25040, Systems and software engineering — Systems and software Quality Requirements and Evaluation (SQuaRE) — Evaluation process
• [35] ISO/IEC 25051, Software engineering — Systems and software Quality Requirements and Evaluation (SQuaRE) — Requirements for quality of Ready to Use Software Product (RUSP) and instructions for testing
• [36] ISO/TS 25238, Health informatics — Classification of safety risks from health software
• [37] ISO/IEC 27000, Information technology — Security techniques — Information security management systems — Overview and vocabulary
• [38] ISO/IEC 27001, Information technology — Security techniques — Information security management systems — Requirements
• [39] ISO/IEC 27002, Information technology — Security techniques — Code of practice for information security controls
• [40] ISO/IEC 27004, Information technology — Security techniques — Information security management — Monitoring, measurement, analysis and evaluation
• [41] ISO/IEC 27005, Information technology — Security techniques — Information security risk management
• [42] ISO/IEC 27006, Information technology — Security techniques — Requirements for bodies providing audit and certification of information security management systems
• [43] ISO/IEC 27011, Information technology — Security techniques — Code of practice for Information security controls based on ISO/IEC 27002 for telecommunications organizations
• [44] ISO/IEC 27033 (all parts), Information technology — Security techniques — Network security

ISO IEC IEEE 15026-1 Bibliografi 45-66

• [45] ISO/TR 27809, Health informatics — Measures for ensuring patient safety of health software
• [46] ISO 28003, Security management systems for the supply chain — Requirements for bodies providing audit and certification of supply chain security management systems
• [47] ISO/IEC/IEEE 29148:2018, Systems and software engineering — Life cycle processes — Requirements engineering
• [48] ISO 31000, Risk management — Guidelines
• [49] ISO/IEC/IEEE 42010, Systems and software engineering — Architecture description
• [50] ISO/IEC 90003, Software engineering — Guidelines for the application of ISO 9001:2008 to computer software
• [51] IEC 31010, Risk management — Risk assessment techniques
• [52] IEC 60050-192, International electrotechnical vocabulary — Part 192: Dependability
• [53] IEC 60300 (all parts), Dependability management
• [54] IEC 60812, Analysis techniques for system reliability — Procedure for failure mode and effects analysis (FMEA)
• [55] IEC 61025, Fault tree analysis (FTA)
• [56] IEC 61078, Reliability block diagrams
• [57] IEC 61508 (all parts), Functional safety of electrical/electronic/programmable electronic safety-related systems
• [58] IEC 61511, Functional safety — Safety instrumented systems for the process industry sector[several parts]
• [59] IEC 61882, Hazard and operability studies (HAZOP studies) — Application guide
• [60] IEC 62741, Reliability of systems, equipment, and components. Guide to the demonstration of dependability requirements. The dependability case
• [61] IEEE Std 1228-1994 (Reaff 2010), IEEE Standard for Software Safety Plans
• [62] IEEE Std 1633-2016 (Revision of IEEE Std 1633-2008), IEEE Recommended Practice on Software Reliability
• [63] Abran A., Moore J.W., (Executive editors); Pierre Bourque, Robert Dupuis, Leonard Tripp (Editors). Guide to the Software Engineering Body of Knowledge. 2004 Edition. Los Alamitos, California: IEEE Computer Society, Feb. 16, 2004. Available at http://www.swebok.org
• [64] Adamski A., Westrum R., “Requisite imagination: The fine art of anticipating what might go wrong.” In: [55], p. 193-220, 2003
• [65] Adelard. The Adelard Safety Case Development Manual. Available at http://www.adelard.com/web/hnav/resources/ascad
• [66] Alexander I., Systems Engineering Isn’t Just Software. 2001. Available at

Bibliografi 67-79

• [67] Allen J.H., Barum S., Ellison R.J., McGraw G., Mead N.R., Software Security Engineering: A Guide for Project Managers. Addison-Wesley, 2008
• [68] Altman W., Ankrum T., Brach W., Improving Quality and the Assurance of Quality in the Design and Construction of Nuclear Power Plants: A Report to Congress. U.S. Nuclear Regulatory Commission: Office of Inspection and Enforcement, 1987
• [69] Anderson J.P., Computer Security Technology Planning Study Volume I, ESDTR-73-51, Vol. I, Electronic Systems Division, Air Force Systems Command, Hanscom Field, Bedford, MA 01730, Oct. 1972.
• [70] Anderson R.J., Security Engineering: A Guide to Building Dependable Distributed Systems. John Wiley and Sons, Second Edition, 2008
• [71] Ankrum T.S., Kromholz A.H., “Structured Assurance Cases: Three Common Standards,” Ninth IEEE International Symposium on High-Assurance Systems Engineering (HASE’05), pp. 99-108, 2005
• [72] Armstrong J.M., Paynter S.P., The Deconstruction of Safety Arguments through Adversarial Counter-argument. School of Computing Science, Newcastle University CS-TR-832, 2004
• [73] Atchison B., Lindsay P., Tombs D., A Case Study in Software Safety Assurance Using Formal Methods. Technical Report No. 99-31. Sept. 1999
• [74] Number ATSIN, 17 Issued 9. Lapses and Mistakes. Air Traffic Services Information Notice, Safety Regulation Group, ATS Standards Department. UK Civil Aviation Authority, August 2002
• [75] Bahill A.T., Gissing B., Re-evaluating Systems Engineering Concepts Using Systems Thinking. IEEE Trans. Syst. Man Cybern. C. 1998 November, 28 (4) pp. 516–527
• [76] Berg C.J., High-Assurance Design: Architecting Secure and Reliable Enterprise Applications. Addison Wesley, 2006
• [77] Bernstein Lawrence, Yuhas C. M., Trustworthy Systems through Quantitative Software Engineering. Wiley-IEEE Computer Society Press, 2005. About reliability not security
• [78] Bishop M., Engle S., The Software Assurance CBK and University Curricula. Proceedings of the 10th Colloquium for Information Systems Security Education, 2006
• [79] Bishop M., Computer Security: Art and Practice. Addison-Wesley, 2003

ISO IEC IEEE 15026-1 Bibliografi 80-95

• [80] Bishop P., Bloomfield R., A Methodology for Safety Case Development. Industrial Perspectives of Safety-critical Systems: Proceedings of the Sixth Safety-critical Systems Symposium, Birmingham. 1998
• [81] Bishop P., Bloomfield R., The SHIP Safety Case Approach. SafeComp95, Belgirate, Italy. Oct 1995
• [82] Buehner M.J., Cheng P.W., Causal Learning. In: The Cambridge Handbook of Thinking and Reasoning, (Morrison R., Holyoak K.J., eds.). Cambridge University Press, 2005, pp. 143–68.
• [83] Cannon J.C., Privacy. Addison Wesley, 2005
• [84] CAP 670 Air Traffic Services Safety Requirements. UK Civil Aviation Authority Safety Regulation Group, 2012
• [85] CAP 730 Safety Management Systems for Air Traffic Management A Guide to Implementation. UK Civil Aviation Authority Safety Regulation Group, 12 September 2002
• [86] CAP 760 Guidance on the Conduct of Hazard Identification, Risk Assessment and the Production of Safety Cases For Aerodrome Operators and Air Traffic Service Providers, 10 December 2010
• [87] Chung L. et al., Non-Functional Requirements in Software Engineering. Kluwer, 1999
• [88] Clark D.D., Wilson D.R., A Comparison of Commercial and Military Computer Security Policies, Proc. of the 1987 IEEE Symposium on Security and Privacy, IEEE, pp. 184-196, 1987
• [89] CNSS, National Information Assurance Glossary, CNSS Instruction No. 4009, 26 April 2010. Available at http://www.cnss.gov/full-index.html
• [90] Committee on Information Systems Trustworthiness, Trust in Cyberspace, Computer Science and Telecommunications Board. National Research Council, 1999
• [91] Committee on National Security Systems (CNSS) Instruction 4009: National Information Assurance (IA) Glossary. Revised May 2003. Available at http://www.cnss.gov/Assets/pdf/cnssi_4009.pdf
• [92] COMMON CRITERIA RECOGNITION ARRANGEMENT (CCRA), Common Criteria v3.1 Revision 2. NIAP September 2007. Available at https://www.commoncriteriaportal.org/.
• [93] COMMON WEAKNESSES ENUMERATION, MITRE, 2012. Available at http://cwe.mitre.org
• [94] Cooke N.J., Gorman J.C., Winner J.L., Team Cogitation. p. 239-268 In: [43]
• [95] Courtois P.-J., Justifying the Dependability of Computer-based Systems: With Applications in Nuclear Engineering. Springer, 2008

96-110

• [96] Cranor L., Garfinkel S., Security and Usability: Designing Secure Systems that People Can Use. O’Reilly, 2005
• [97] Dayton-Johnson J., Natural disasters and adaptive capacity. OECD Development Centre Research programme on: Market Access, Capacity Building and Competitiveness. Working Paper No. 237 DEV/DOC(2004)06, August 2004
• [98] Department of Defense Directive 8500.1 (6 February 2003). Information Assurance (IA), Washington, DC: US Department of Defense, ASD(NII)/DoD CIO, April 23, 2007. Available at http://www.dtic.mil/whs/directives/corres/pdf/850001p.pdf
• [99] Department of Defense Strategic Defense Initiative Organization, Trusted Software Development Methodology, SDI-S-SD-91-000007, vol. 1, 17 June 1992
• [100]      DEPARTMENT OF HOMELAND SECURITY NATIONAL CYBER SECURITY DIVISION’S, “Build Security In” (BSI) web site, 2012, http://buildsecurityin.us-cert.gov
• [101] DEPENDABILITY RESEARCH GROUP, Safety Cases. University of Virginia, Available at: https://web.archive.org/web/20131229153301/http://dependability.cs.virginia.edu/info/Safety_Cases
• [102] Despotou G., Kelly T., Extending the Safety Case Concept to Address Dependability, Proceedings of the 22nd International System Safety Conference, 2004
• [103] Dowd M., McDonald J., Schuh J., The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities. Addison-Wesley, 2006
• [104] Dunbar K., Fugelsang J., Scientific Thinking and Reasoning. In: [59], p. 705–727
• [105] Durso F.T., Nickerson R.S., Dumais S.T., Lewandowsky S., Perfect T.J., eds. Handbook of Applied Cognition 2nd edition. Wiley, 2007
• [106] Ellsworth P.C., Legal Reasoning. In: [59], p. 685–704
• [107] Ericsson K.A., Charness N., Feltovich P.J., Hoffman R.R., eds. The Cambridge Handbook of Expertise and Expert Performance. Cambridge University Press, 2006
• [108] Fenton N., Littlewood B., Neil M., Strigini L., Sutcliffe A., Wright D., Assessing dependability of safety critical systems using diverse evidence. IEE Proc. Softw. 1998 145 (1) pp. 35–39
• [109] Gasser M., Building a Secure Computer System. Van Nostrand Reinhold, 1988. Available at: https://web.archive.org/web/20120526151008/http://deke.ruc.edu.cn/wshi/readings/cs02.pdf
• [110] Gray J.W., Probabilistic Interference. Proceedings of the IEEE Symposium on Research in Security and Privacy. IEEE, p. 170-179, 1990

ISO IEEE 15026-1 Bibliografi 111-126

• [111] Greenwell W., Strunk E., Knight J., Failure Analysis and the Safety-Case Lifecycle. IFIP Working Conference on Human Error, Safety and System Development (HESSD) Toulouse, France. Aug 2004
• [112] Greenwell W.S., Knight J.C., Pease J.J., A Taxonomy of Fallacies in System Safety Arguments. 24th International System Safety Conference, Albuquerque, NM, August 2006
• [113] Hall A., Chapman R., Correctness by Construction: Developing a Commercial Secure System. IEEE Softw. 2002 Jan/Feb, 19 (1) pp. 18–25
• [114] Herrmann D.S., Software Safety and Reliability. IEEE Computer Society Press, 1999
• [115] Hoglund G., McGraw G., Exploiting Software: How to break code. Addison-Wesley, 2004
• [116] Hollnagel E., Woods D.D., Leveson N., eds. Resilience Engineering: Concepts and Precepts. Ashgate Pub Co, 2006
• [117] Hollnagel E., ed. Handbook of cognitive task design. Lawrence Erlbaum Associates, 2003
• [118] Hollnagel E., Human Error: Trick or Treat? In: [43], p. 219–238
• [119] Hollnagel E., Barriers and Accident Prevention. Ashgate, 2004
• [120]      Holyoak K.J., Morrison R.G., eds. The Cambridge Handbook of Thinking and Reasoning. Cambridge University Press, 2005
• [121] Howard M., LeBlanc D.C., Writing Secure Code. Microsoft Press, Second Edition, 2002
• [122] Howard M., Lipner S., The Security Development Lifecycle. Microsoft Press, 2006
• [123] Howell C., Assurance Cases for Security Workshop (follow-on workshop of the 2004 Symposium on Dependable Systems and Networks), June, 2005
• [124] Kazman R., Asundi J., Klein M., Making Architecture Design Decisions: An Economic Approach, SEI-2002-TR-035. Software Engineering Institute, Carnegie Mellon University, 2002
• [125] Kazman R., Klein M., Clements P., ATAM: Method for Architecture Evaluating the Quality Attributes of a Software Architecture. Technical Report CMU/SEI-200-TR004. Software Engineering Institute, Carnegie Mellon University, 2000
• [126] Kelly T., Arguing Safety — A Systematic Approach to Managing Safety Cases. Doctorial Thesis — University of York: Department of Computer Science. Sept 1998

127-141

• [127] Kelly T., Reviewing Assurance Arguments — A Step-by-Step Approach. Workshop on Assurance Cases for Security: The Metrics Challenge, International Conference on Dependable Systems and Networks, 2007
• [128] Kelly T., Weaver R., The Goal Structuring Notation — A Safety Argument Notation. Workshop on Assurance Cases: Best Practices, Possible Obstacles, and Future Opportunities, Florence, Italy. July 2004
• [129] Ladkin P., The Pre-Implementation Safety Case for RVSM in European Airspace is Flawed. 29 Aug 2002. Available at http://www.rvs.uni-bielefeld.de/publications/Reports/SCflawed-paper.html
• [130] Landwehr C., Computer Security. IJIS. 2001, 1 pp. 3–13
• [131] Lautieri S., Cooper D., Jackson D., SafSec: Commonalities Between Safety and Security Assurance. Proceedings of the Thirteenth Safety Critical Systems Symposium — Southampton, 2005
• [132] LeBoeuf R.A., Shafir E.B., Decision Making. In: [59], p. 243–266
• [133] Leveson N., A Systems-Theoretic Approach to Safety in Software-Intensive Systems, IEEE Trans. Dependable Sec. Comput. 2004, 1 (1) pp. 66-86
• [134] Lipner S., Howard M., The Trustworthy Computing Security Development Lifecycle, Microsoft, 2005. Available at http://msdn.microsoft.com/en-us/library/ms995349.aspx
• [135] Maguire R., Safety Cases abd Safety Reports: Meaning, Motivation and Management. Ashgate, 2006
• [136] McDermid J., Software Safety: Where’s the Evidence? 6th Australian Workshop on Industrial Experience with Safety Critical Systems and Software (SCS ’01), Brisbane. 2001
• [137] McGraw G., Software Security: Building Security In. Addison Wesley, 2006
• [138] McLean J., Security Models. In: Encyclopedia of Software Engineering, (Marciniak J., ed.). Wiley, 1994
• [139] Meier J.D., Mackman A., Vasireddy S., Dunner M., Escamilla R., Murukan A., Improving Web Application Security: Threats and Countermeasures, Microsoft, 2004. Available at: http://download.microsoft.com/download/d/8/c/d8c02f31-64af-438c-a9f4-e31acb8e3333/Threats_Countermeasures.pdf
• [140] Merkow M.S., Breithaupt J., Computer Security Assurance Using the Common Criteria. Thompson Delamr Learning, 2005
• [141] Ministry of Defence, Defence Standard 00-42 Issue 2, Reliability and Maintainability (R&M) Assurance Guidance. Part 3, R&M Case, 6 June 2003

ISO IEEE 15026-1 Bibliografi 142-155

• [142] Ministry Of Defence, Defence Standard 00-55 (PART 1)/Issue 2, Requirements for Safety Related Software in Defence Equipment Part 1: Requirements, 21 August 1997
• [143] Ministry of Defence, Defence Standard 00-55 (PART 2)/Issue 2, Requirements for Safety Related Software in Defence Equipment Part 2: Guidance, 21 August 1997
• [144] Ministry of Defence, Interim Defence Standard 00-56, Safety Management Requirements for Defence Systems Part 1: Requirements, 17 December 2004
• [145] Ministry of Defence, Interim Defence Standard 00-56, Safety Management Requirements for Defence Systems Part 2: Guidance on Establishing a Means of Complying with Part 1, 17 December 2004
• [146] Moore A., Klinker E., Mihelcic D., How to Construct Formal Arguments that Persuade Certifiers. In: Industrial Strength Formal Methods in Practice. Academic Press. 1999
• [147] NATIONAL AERONAUTICS AND SPACE ADMINISTRATION (NASA) SOFTWARE ASSURANCE GUIDEBOOK, September 1989 (NASA-GB-A201). Available at http://www.hq.nasa.gov/office/codeq/doctree/nasa_gb_a201.pdf
• [148] NATIONAL OFFSHORE PETROLEUM SAFETY AUTHORITY, Safety case. [Online Documents [cited on: 20 Jun 2012] Available at http://www.nopsema.gov.au/safety/safety-case/
• [149] NATIONAL RESEARCH COUNCIL (NRC) COMPUTER SCIENCE AND TELECOMMUNICATIONS BOARD, (CSTB). Cybersecurity Today and Tomorrow: Pay Now or Pay Later. National Academies Press, 2002. Available at http://www.nap.edu/topics.php?topic=320&start=10
• [150] National Security Agency, The Information Systems Security Engineering Process (IATF) v3.1. 2002
• [151] Naval Research Laboratory, Handbook for the Computer Security Certification of Trusted Systems. US Naval Research Laboratory, 1995
• [152] NDIA System Assurance Committee, Engineering for System Assurance. National Defense Industrial Association, USA, 2008
• [153] NIST, Federal Information Processing Standards Publication (FIPS PUB) 200: Minimum Security Requirements for Federal Information and Information Systems. March 2006. Available at http://csrc.nist.gov/publications/fips/fips200/FIPS-200-final-march.pdf
• [154] NIST, NIST Special Publication 800-27, Rev A: Engineering Principles for Information Technology Security (A Baseline for Achieving Security). Revision A, June 2004. Available at http://csrc.nist.gov/publications/nistpubs/800-27A/SP800-27-RevA.pdf
• [155]      NIST, NIST Special Publication 800-33, Underlying Technical Models for Information Technology Security, December 2001. Available at http://csrc.nist.gov/publications/nistpubs/800-33/sp800-33.pdf

156-169

• [156] NIST, NIST Special Publication 800-53, Security and Privacy Controls for Federal Information Systems and Organizations, April 2013. Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4
• [157] OPSI, The Offshore Installations (Safety Case) Regulations 2005. [Online Document cited on: 20 June 2012.] Available at http://www.opsi.gov.uk/si/si2005/20053117.htm
• [158] Park J., Montrose B., Froscher J., Tools for Information Security Assurance Arguments. DARPA Information Survivability Conference & Exposition II, 2001. DISCEX ’01. Proceedings, 2001
• [159] Petroski H., Design Paradigms. Cambridge University Press, 1994
• [160] Prasad D., Dependable Systems Integration using Measurement Theory and Decision Analysis, PhD Thesis, Department of Computer Science, University of York, UK, 1998
• [161] Safety PSM, Security TWG, Security Measurement. Nov 2004
• [162] Pullum L.L., Software Fault Tolerance. Artech House, 2001
• [163] Randell B., Koutny M., Failures: Their Definition, Modelling and Analysis. School of Computing Science, Newcastle University CS-TR NO 994, Dec 2006; Randell, B., and Rushby, J.M. Distributed Secure Systems: Then and Now. CS-TR No 1052 School of Computing Science, Newcastle University, Oct 2007
• [164] Rechtin E., Systems Architecting of Organizations: Why Eagles Can’t Swim. CRC Press, Boca Raton, FL, 2000
• [165] Redwine S.T.,Jr ed. Software Assurance: A Guide to the Common Body of Knowledge to Produce, Acquire, and Sustain Secure Software Version 1.1. US Department of Homeland Security, September 2006
• [166] Redwine S.T.,Jr. The Quality of Assurance Cases. Workshop on Assurance Cases for Security: The Metrics Challenge, International Conference on Dependable Systems and Networks, 2007
• [167] Redwine S.T.Jr, Davis N., eds. Processes for Producing Secure Software: Towards Secure Software. Vols. I and II. Washington, D.C.: National Cyber Security Partnership, 2004. Available at http://www.cigital.com/papers/download/secure_software_process.pdf
• [168] Ross K.G., Shafer J.L., Klein G., Professional Judgements and ‘Naturalistic Decision Making’. In: [45], p. 403-420
• [169] SAE JA1000, Reliability Program Standard, SAE International, June 1998

ISO IEEE 15026-1 Bibliografi 170-186

• [170] Saltzer J.H., Schroeder M.D., The protection of information in computer systems. Proc. IEEE. 1975, 63 (9) pp. 1278–1308. Available at: http://cap-lore.com/CapTheory/ProtInf/
• [171] SEMINAL PAPERS — HISTORY OF COMPUTER SECURITY PROJECT, UNIVERSITY OF CALIFORNIA DAVIS COMPUTER SECURITY LABORATORY, Available at: http://seclab.cs.ucdavis.edu/projects/history/seminal.html
• [172] Severson K., Yucca Mountain Safety Case Focus of NWTRB September Meeting. United States Nuclear Waste Technical Review Board. Aug 2006
• [173] Sieck W.R., Klein G., Decision making. In: [43], p. 195-218
• [174] Software and Systems Engineering Vocabulary (sevocab). Available at www.computer.org/sevocab
• [175] Sommerville I., Software Engineering. Pearson Education, Eighth Edition, 2006
• [176] STANFORD ENCYCLOPEDIA OF PHILOSOPHY, Properties”, Available at: https://plato.stanford.edu/entries/properties/, substantive revision 2016-02-17.
• [177] Stoneburner G., Hayden C., Feringa A., Engineering Principles for Information Technology Security (A Baseline for Achieving Security), Revision A, NIST Special Publication 800-27 Rev A, June 2004
• [178] Storey N., Safety-Critical Computer Systems. Addison Wesley, 1996
• [179] Strunk E., Knight J., The Essential Synthesis of Problem Frames and Assurance Cases. IWAAPF’06, Shanghai, China. May 2006
• [180] Swiderski F., Snyder W., Threat Modeling. Microsoft Press, 2004
• [181] U.S. NRC, “Quality Assurance Case Studies at Construction Projects.”
• [182] Vanfleet W.M. et al., “MILS: Architecture for High Assurance Embedded Computing,” Crosstalk, August, 2005
• [183] Viega J., McGraw G., Building Secure Software: How to Avoid Security Problems the Right Way. Addison Wesley, Reading, MA, 2001
• [184] Walker V.R., Risk Regulation and the ‘Faces’ of Uncertainty, Risk: Health, Safety and Environment. p. 27-38, Winter 1998
• [185] Ware W.H., Security Controls for Computer Systems (U): Report of Defense Science Board Task Force on Computer Security, The RAND Corporation, Santa Monica, CA (Feb. 1970)
• [186] Weaver R., The Safety of Software — Constructing and Assuring Arguments. Doctorial Thesis — University of York: Department of Computer Science. 2003

187-192

• [187] Weaver R., Fenn J., Kelly T., A Pragmatic Approach to Reasoning about the Assurance of Safety Arguments. 8th Australian Workshop on Safety Critical Systems and Software (SCS’03), Canberra. 2003
• [188] Whittaker J.A., Thompson H.H., How to Break Software Security: Effective Techniques for Security Testing. Pearson Education, 2004
• [189] Williams J., Schaefer M., Pretty Good Assurance. Proceedings of the New Security Paradigms Workshop. IEEE Computer Society Press. 1995
• [190] Williams J.R., Jelen G.F., A Framework for Reasoning about Assurance, Document Number ATR 97043, Arca Systems, Inc., 23 April 1998
• [191] Yates J.F., Tschirhart M.D., Decision-Making Expertise. In: [45], p. 421–438
• [192] Yee K.-P., User interaction design for secure systems. Proceedings of the 4th International Conference on Information and Communications Security, Springer-Verlag, LNCS 2513, 2002

IEEE notices and abstract

Dikarenakan isi Klausa IEEE notices and abstract terlalu panjang, maka pembaca bisa melanjutkan ke artikel lanjutan dari standarku.com berikut :

• ISO IEC IEEE 15026-1 IEEE notices and abstract

Penutup

Demikian artikel dari standarku.com mengenai ISO IEC IEEE 15026-1 Bibliografi.

Mohon saran dari pembaca untuk kelengkapan isi artikel ini, silahkan saran tersebut dapat disampaikan melalui kolom komentar.

Baca artikel lain :

• International Organization for Standardization
• Memahami apa itu Standar ISO
• Memahami Standard atau Standar

Sumber referensi :

• https://www.iso.org/obp/ui/#iso:std:iso-iec-ieee:15026:-1:ed-1:v1:en
• https://www.iso.org/standard/73567.html