Note: This page is part of the us-cert.gov archive.

This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact info@us-cert.gov if you have any questions about the US-CERT website archive.

Architectural Risk Analysis

Presents best practices for reviewing, assessing, and validating the specification, architecture, and design of a software system with respect to software security, reliability, and performance goals. It includes a discussion of the identification, assessment, prioritization, mitigation, and validation of the risks associated with architectural flaws.