1. Lecture Notes in Computer Science;J. Wäyrynen,2004
2. Beznosov, K., Kruchten, P.: Towards Agile Security Assurance. In: The New Security Paradigms Workshop (2004)
3. Endiktsson, O., Dalcher, D., Thorbergsson, H.: Choosing a Development Life Cycle: Comparing Project and Product Measures. In: Génie Logiciel & Ingénierie de Systèmes et leurs Applications, ICSSEA 2004 (2004)
4. Beznosov, K.: Extreme Security Engineering: On Employing XP Practices to Achieve.Good Enough Security. without Defining It. In: The first ACM Workshop on business Driven Security Engineering (BizSec), ACM Press, New York (2003)
5. Risk Management Guide for Information Technology Systems. National Institute of Standards and Technology (NIST)SP 800-30 (2002),
http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf