10. No formal system extending basic arithmetic can be used to prove its own consistency.
11. Risk exposure (RE) = probability(loss) * magnitude(loss) http://books.google.com/books?id=0RfANAwOUdIC&pg=PA800&lpg=PA800&dq=risk+exposure+re+formula&source=web&ots=pENn1no-zn&sig=Xe72BRymob2ftXlp4CciUr-ly-Y&hl=en&ei=QquNSfLdMob00AXB4OGcCw&sa=X&oi=book_result&resnum=5&ct=result (The Handbook Of Information Security)
21. The U.S. DOE published an excellent report in December: “A Scientific Research & Development Approach to Cyber Security”. http://chas.typepad.com/dli/2009/01/cyber-security-rd-needs-for-doe.html
22. The Jericho Forum, part of The Open Group, is doing important work in defining models of security and risk that don’t ignore Gödel’s LOL. https://www.opengroup.org/jericho/about.htm