This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact firstname.lastname@example.org if you have any questions about the US-CERT website archive.
Architectural Risk Analysis
Presents best practices for reviewing, assessing, and validating the specification, architecture, and design of a software system with respect to software security, reliability, and performance goals. It includes a discussion of the identification, assessment, prioritization, mitigation, and validation of the risks associated with architectural flaws.