|

 
|
| | Name : | Matt Bishop | Organization : | University of California Davis | Post Date : | 9/30/2005 |
| Section : | 20.1.5 | Page no. : | | Line no.: | | Comment : | We recommend that the standards
• require the vendor provide models for the system proposed;
• articulate threats by beginning the task of formalizing them using attack trees;
• provide minimal formal requirements related to threats | |
|
|