Here are a set of software references:
Gary Gack: Managing the Black Hole. Requirements Engineering – Risk Management – Software Metrics – Project Management – Software Quality – Six Sigma – Process Improvement. Good process improvement ideas come from many sources. There is no “one best way”, no “universal solvent”.
Managing the Black Hole: The Executive’s Guide to Software Project Risk
Click here for more information
–SP 800-39 Mar. 2011 Managing Information Security Risk: Organization, Mission, and Information System View
SP800-39-final.pdf
SP800-39-final.pdf
–SP 800-27 Rev. A Jun 2004 Engineering Principles for Information Technology Security (A Baseline for Achieving Security)
SP800-27-RevA.pdf
SP800-27-RevA.pdf
–SP 800-12 Oct 1995 An Introduction to Computer Security: The NIST Handbook
handbook.pdf
handbook.pdf
–SP 800-142 Oct. 2010 Practical Combinatorial Testing
SP800-142-101006.pdf
SP800-142-101006.pdf
Five Free Pen (Penetration) Testing Tools:www.computerworld.com/s/article/9087439/Five_free_pen_testing_tools
Open Web Application Security Project (OWASP) Cheat Sheets: https://www.owasp.org/index.php/Cheat_Sheets
Taguchi Orthogonal Arrays http://www.weibull.com/DOEWeb/taguchis_orthogonal_arrays.htm
“Design Patterns: Elements of Reusable Object-Oriented Software” by Erich Gamma , Richard Helm , Ralph Johnson , John Vlissides
“Metrics and Models in Software Quality Engineering”, 2nd Edition | InformIT http://www.informit.com/store/product.aspx?isbn=0201729156