FYI, there's an ACM Queue issue out that focuses on security -- see http://acmqueue.com/modules.php?name=Content&pa=list_pages_issues&issue_id=14
Two articles there that should be of interest to SC-L readers include Marcus Ranum's "Security: The root of the problem -- Why is it we can't seem to produce secure, high quality code?" and Philip Laplante's "First, Do No Harm: A Hippocratic Oath for Software Developers". Enjoy... Cheers, Ken van Wyk -- KRvW Associates, LLC http://www.KRvW.com