olemus
ISO/IEC 27034:
elutsüklimudel, mis on etaloniks turbetegevuste lisamisel protsessidesse, mis on seotud rakenduse haldusega, rakenduse valmenduse ja käitusega, taristu haldusega ja rakenduse auditiga
= life cycle model used as a reference for the introduction of security activities into processes involved in application management, application provisioning and operation, infrastructure management and application audit

ülevaateid
https://en.wikipedia.org/wiki/Application_security
http://files.messe.de/abstracts/63661_di_10_40_heun.pdf
(in German, but model pp 17-20 is in English)
http://www.iso27001security.com/html/27034.html

standardid
https://www.sis.se/api/document/preview/914038/