The existence of well-defined or documented sets of standards, guidelines, or best practices for developing secure systems is limited. Those that are available often lack focus and specificity, making compliance either too difficult or too easy. As a result, many practitioners are never quite sure what needs to be done to demonstrate that they have …