@book{threat:shostack,
  title={Threat modeling: Designing for security},
  author={Shostack, Adam},
  year={2014},
  publisher={John Wiley \& Sons}
}

@inproceedings{threat:attack_tree,
 author = {Salter, Chris and Saydjari, O. Sami and Schneier, Bruce and Wallner, Jim},
 title = {Toward a Secure System Engineering Methodolgy},
 booktitle = {Proceedings of the 1998 Workshop on New Security Paradigms},
 series = {NSPW '98},
 year = {1998},
 isbn = {1-58113-168-2},
 location = {Charlottesville, Virginia, USA},
 pages = {2--10},
 numpages = {9},
 url = {http://doi.acm.org/10.1145/310889.310900},
 doi = {10.1145/310889.310900},
 acmid = {310900},
 publisher = {ACM},
 address = {New York, NY, USA},
}