7. Application Threat Modeling In the SDLC From Insecure Magazine, http://www.net-security.org/dl/insecure/INSECURE-Mag-17.pdf
8. ATM During Requirement Phase: Use and Abuse Cases https://www.owasp.org/index.php/Testing_Guide_Introduction#Security_Requirements_Test_Derivation
9. ATM During The Design Phase: Architecture Analysis From Insecure Magazine http://www.net-security.org/dl/insecure/INSECURE-Mag-17.pdf
10.
11.
12. Attach Tree Theory Bruce Schneider, Attack Trees: http://www.schneier.com/paper-attacktrees-ddj-ft.html
13. Attack Tree Bank Account Attack Example Analyzing the Security of Internet Banking Authentication Mechanisms : http://www.itgi.org/Template.cfm?Section=Home&CONTENTID=35743&TEMPLATE=/ContentManagement/ContentDisplay.cfm
14. Attack Trees And Attack Analysis: Passwords Password Management Concerns with IE and Firefox, part one http://www.securityfocus.com/infocus/1882/2
15. Microsoft Application Threat Modeling MS TM Blog: http://blogs.msdn.com/threatmodeling/archive/2006/03/16/553232.aspx