Building Bridges of Security, Sovereignty and Trust in Business and Industry 27th Edition | Page 17

Building Trust in the Security of Software
[ 2 ] Boehm, B., et al.( 2001). Software Cost Estimation with COCOMO II. Upper Saddle River, NJ: Prentice-Hall.
[ 3 ] Chrissis, M. B., Konrad, M., & Shrum, S.( 2011). CMMI for Development: Guidelines for Process Integration and Product Development( 3 rd. Ed.). Reading, MA: Addison Wesley.
[ 4 ] Curtis, B., Douziech, P-E., & Curtis, C.( 2020). CRASH Report: 2020 Global Sample. New York: CAST Software, https:// www. researchgate. net / publication / 390732980 _ 2020- CRASH-Report.
[ 5 ] Curtis, B.( 1981). Substantiating programmer variability. Proceedings of the IEEE, 69( 7), 846. DOI: 10.1109 / PROC. 1981.12088
[ 6 ] Department of Defense( 2024). Cybersecurity Maturity Model Certifiction, Version 2.13. ModelOverview. pdf.
[ 7 ] Dion, R.( 1993). Process improvement and the corporate balance sheet. IEEE Software, 10( 4), 28-35.
[ 8 ] Herbsleb, J. D., Zubrow, D., Goldenson, D., Hayes, W., & Paulk, M.( 1997). Software Quality and the Capability Maturity Model. Communications of the ACM, 40, 30-40.
[ 9 ] International Organization for Standardization( 2015). ISO / IEC 33001:2015 Information technology— Process assessment— Concepts and terminology. Geneva: ISO.
[ 10 ] International Organization for Standardization( 2021). ISO / IEC 5055:2021 Information technology— Software measurement— Software quality measurement— Automated source code quality measures. Geneva: ISO.
[ 11 ] National Insitute of Standards and Technology( 2022). Secure Software Development Framework. Secure Software Development Framework | CSRC
[ 12 ] National Insitute of Standards and Technology( 2024). The NIST Cybersecurity Framework( CSF) 2.0. https:// doi. org / 10.6028 / NIST. CSWP. 29.
[ 13 ] OWASP. Software Assurance Maturity Model. The Model.
[ 14 ] Paulk, M. C., Weber, C. V., Curtis, B., & Chrissis, M. B.( 1995). The Capaility Maturity Model: Guidelines for Improving the Software Process. Reading, MA: Addison Wesley.
[ 15 ]
Pitterman, W.( 2000).
Telcordia Technologies: The Journey to High Maturity.
IEEE
Software, 17( 4), 89-96.
[ 16 ] Spinellis, D.( 2006). Code Quaity: The Open Source Perspective. Boston: Addison-Wesley.
[ 17 ] US Department of Commerce( 2019). Equifax Data Breach Settlement: What You Should Know | Consumer Advice.
12 May 2025