References

Gilliam, D.P., 2004. Security risks: Management and mitigation in the software life cycle. Proceedings of the 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, June 14-16, 2004, IEEE, USA., ISBN: 0-7695-2183-5, pp: 211-216.

HajSaid, F., Y. Hassouneh and H. Ammar, 2011. Security risk assessment of software architecture. Proceedings of the 21st International Conference on Computer Theory and Applications (ICCTA 2011), ICCTA, Alexandria, Egypt, October 15-17, 2011, pp: 15-17.

Hamdaqa, M. and A.L. Hamou, 2011. An approach based on citation analysis to support effective handling of regulatory compliance. Future Gener. Comput. Syst., 27: 395-410.
CrossRef  |  Direct Link  |  

Jensen, R. and Q. Shen, 2004. Semantics-preserving dimensionality reduction: Rough and fuzzy-rough-based approaches. IEEE Trans. Knowledge Data Eng., 16: 1457-1471.
CrossRef  |  

Jensen, R. and Q. Shen, 2007. Fuzzy-rough sets assisted attribute selection. Fuzzy Syst. IEEE. Trans., 15: 73-89.
CrossRef  |  Direct Link  |  

Lee, S.W., 2011. Probabilistic risk assessment for security requirements: A preliminary study. Proceedings of the 5th International IEEE. Conference on Secure Software Integration and Reliability Improvement, June 27-29, 2011, IEEE, Jeju Island, ISBN: 978-1-4577-0780-3, pp: 11-20.

McManus, J., 2004. Risk Management in Software Development Projects. ELSEVIER, Amsterdam, Netherlands, ISBN: 0-7506-5867-3, Pages: 169.

Mkpong, I.R., D. Umphress, J. Hamilton and J. Gilbert, 2007. Quantitative software security risk assessment model. Proceedings of the 2007 ACM Workshop on Quality of Protection, October 29-November 2, 2007, ACM, New York, USA., ISBN: 978-1-59593-885-5, pp: 31-33.

Ni, M., J.D. McCalley, V. Vittal, S. Greene, C.W.T. Ganugula and T. Tayyib, 2003. Software implementation of online risk-based security assessment. IEEE Trans. Power Syst., 18: 1164-1172.
CrossRef  |  

Ni, M., J.D. McCalley, V. Vittal, S. Greene, C.W.T. Ganugula and T. Tayyib, 2003. Software implementation of online risk-based security assessment. IEEE Trans. Power Syst., 18: 1164-1172.
CrossRef  |  

Pattanaik, B. and C. Subramaniam, 2011. Fault detection in embedded system using rough and fuzzy rough sets. Proceedings of the 15th WSEAS International Conference on Computers, July 14-16, 2011, WSEAS, Wisconsin, USA., ISBN: 978-1-61804-019-0, pp: 405-411.

Pearl, J., 2009. Causality Models, Reasoning and Inference. 2nd Edn., Cambridge University Press, Cambridge, UK., ISBN: 9780521749190, .

Pistoia, M., N. Nagaratnam, L. Koved and A. Nadalin, 2004. Enterprise Java Security: Building secure J2EE Applications. Addison-Wesley Professional, Boston, USA., ISBN: 0-321-11889-8, Pages: 565.

Rehman, S. and K. Mustafa, 2009. Research on software design level security vulnerabilities. ACM. SIGSOFT. Software Eng. Notes, 34: 1-5.
CrossRef  |  Direct Link  |  

Russell, R., 2000. Hack Proofing Your Network. 2nd Edn., Syngress, Maryland, USA., ISBN: 1-928994-15-6, Pages: 427.

Sharif, A.M. and S. Basri, 2011. A study on risk assessment for small and medium software development projects. Intl. J. New Comput. Archit. Appl., 1: 325-335.
Direct Link  |  

Tevis, J.E.J. and J.A. Hamilton, 2004. Methods for the prevention, detection and removal of software security vulnerabilities. Proceedings of the 42nd Annual Southeast Regional Conference, April 2-3, 2004, Huntsville, AL., USA., pp: 197-202.

Yeung, D.S., D. Chen, E.C. Tsang, J.W. Lee and W. Xizhao, 2005. On the generalization of fuzzy rough sets. Fuzzy Syst. IEEE. Trans., 13: 343-361.
CrossRef  |  Direct Link  |  

Zhang, Y.K., S.Y. Jiang, Y.A. Cui, B.W. Zhang and H. Xia, 2010. A qualitative and quantitative risk assessment method in software security. Proceedings of the 3rd Internationa IEEE. Conference on Advanced Computer Theory and Engineering, August 20-22, 2010, IEEE, Chengdu, China, ISBN: 978-1-4244-6539-2, pp: 534-539.