relatório sobre software security assurance
no site do IATAC - Information Assurance Technology Analysis Center. Não li mas fiquei impressionado com as suas trezentas e tal páginas: Software Security Assurance .
Overview: The objective of software assurance is to establish a basis for gaining justifiable confidence that software will consistently demonstrate one or more desirable properties. These include such properties as quality, reliability, correctness, dependability, usability, interoperability, safety, fault tolerance, and-of most interest for purposes of this document-security.