|
|
  
|
| | | Name : | Matt Bishop | | Organization : | University of California Davis | | Post Date : | 9/30/2005 |
| | Section : | 20.1.5 | | Page no. : | | | Line no.: | | | Comment : | We recommend that the standards
• require the vendor provide models for the system proposed;
• articulate threats by beginning the task of formalizing them using attack trees;
• provide minimal formal requirements related to threats | | |
|
|
