These are journal articles and books that will help you become educated about risk analysis, which is a core part of software testing.
Journal Articles
Dahlman, C., & Mackor, A. R. (2019). Coherence and probability in legal evidence. Law, Probability and Risk, 18(4), 275–294. https://doi.org/10.1093/lpr/mgz016
Nance, D. A. (2019). Belief functions and burdens of proof. Law, Probability and Risk, 18(1), 53–76. https://doi.org/10.1093/lpr/mgy020
Ben-Haim, Y. (2019). Assessing ‘beyond a reasonable doubt’ without probability: an info-gap perspective. Law, Probability and Risk, 18(1), 77–95. https://doi.org/10.1093/lpr/mgy021
Card, A. J. (2017). The problem with ‘5 whys.’ BMJ Quality & Safety, 26(8), 671–677. https://doi.org/10.1136/bmjqs-2016-005849
Hansson, S. O., & Aven, T. (2014). Is Risk Analysis Scientific?: Is Risk Analysis Scientific? Risk Analysis, 34(7), 1173–1183. https://doi.org/10.1111/risa.12230
Aven, T., & Zio, E. (2014). Foundational Issues in Risk Assessment and Risk Management: Perspectives. Risk Analysis, 34(7), 1164–1172. https://doi.org/10.1111/risa.12132
Cox Jr., L. A. T. (2011). Clarifying Types of Uncertainty: When Are Models Accurate, and Uncertainties Small?: Commentary. Risk Analysis, 31(10), 1530–1533. https://doi.org/10.1111/j.1539-6924.2011.01706.x
Siefert, W. T., & Smith, E. D. (2011). Cognitive biases in engineering decision making. 2011 Aerospace Conference, 1–10. https://doi.org/10.1109/AERO.2011.5747663
Colyvan, M. (2008). Is Probability the Only Coherent Approach to Uncertainty? Risk Analysis, 28(3), 645–652. https://doi.org/10.1111/j.1539-6924.2008.01058.x
Slovic, P., Finucane, M. L., Peters, E., & MacGregor, D. G. (2007). The affect heuristic. European Journal of Operational Research, 177(3), 1333–1352. https://doi.org/10.1016/j.ejor.2005.04.006
Battles, J. B., Dixon, N. M., Borotkanics, R. J., Rabin-Fastmen, B., & Kaplan, H. S. (2006). Sensemaking of Patient Safety Risks and Hazards. Health Services Research, 41(4p2), 1555–1575. https://doi.org/10.1111/j.1475-6773.2006.00565.x
Apostolakis, G. E. (2004). How Useful Is Quantitative Risk Assessment? Risk Analysis, 24(3), 515–520. https://doi.org/10.1111/j.0272-4332.2004.00455.x
Slovic, P., Finucane, M. L., Peters, E., & MacGregor, D. G. (2004). Risk as Analysis and Risk as Feelings: Some Thoughts about Affect, Reason, Risk, and Rationality. Risk Analysis, 24(2), 311–322. https://doi.org/10.1111/j.0272-4332.2004.00433.x
Finucane, M. L., Alhakami, A., Slovic, P., & Johnson, S. M. (2000). The affect heuristic in judgments of risks and benefits. Journal of Behavioral Decision Making, 13(1), 1–17. https://doi.org/10.1002/(SICI)1099-0771(200001/03)13:1<1::AID-BDM333>3.0.CO;2-S
Slovic, P. (1997). Trust, emotion, sex, politics, and science: surveying the risk assessment battlefield. U. Chi. Legal F., 59.
Fischhoff, B. (1995). Risk Perception and Communication Unplugged: Twenty Years of Process1. Risk Analysis, 15(2), 137–145. https://doi.org/10.1111/j.1539-6924.1995.tb00308.x
Rowe, W. D. (1994). Understanding Uncertainty. Risk Analysis, 14(5), 743–750. https://doi.org/10.1111/j.1539-6924.1994.tb00284.x
Slovic, P. (1993). Perceived Risk, Trust, and Democracy. Risk Analysis, 13(6), 675–682. https://doi.org/10.1111/j.1539-6924.1993.tb01329.x
Jasanoff, S. (1993). Bridging the Two Cultures of Risk Analysis. Risk Analysis, 13(2), 123–129. https://doi.org/10.1111/j.1539-6924.1993.tb01057.x
Kasperson, R. E., Renn, O., Slovic, P., Brown, H. S., Emel, J., Goble, R., Kasperson, J. X., & Ratick, S. (1988). The Social Amplification of Risk: A Conceptual Framework. Risk Analysis, 8(2), 177–187. https://doi.org/10.1111/j.1539-6924.1988.tb01168.x
Slovic, P. (1987). Perception of risk. Science, 236(4799), 280–285. https://doi.org/10.1126/science.3563507
Dreyfus, S. E. (1984). The risks! and benefits? of risk-benefit analysis. Omega, 12(4), 335–340. https://doi.org/10.1016/0305-0483(84)90068-9
Slovic, P., Fischhoff, B., & Lichtenstein, S. (1982). Why Study Risk Perception? Risk Analysis, 2(2), 83–93. https://doi.org/10.1111/j.1539-6924.1982.tb01369.x
Cumming, R. B. (1981). Is Risk Assessment A Science? Risk Analysis, 1(1), 1–3. https://doi.org/10.1111/j.1539-6924.1981.tb01347.x
Slovic, P., Fischhoff, B., & Lichtenstein, S. (1980). Facts and Fears: Understanding Perceived Risk. In R. C. Schwing & W. A. Albers (Eds.), Societal Risk Assessment (pp. 181–216). Springer US. https://doi.org/10.1007/978-1-4899-0445-4_9
Mintzberg, H., Raisinghani, D., & Theoret, A. (1976). The Structure of “Unstructured” Decision Processes. Administrative Science Quarterly, 21(2), 246. https://doi.org/10.2307/2392045
Books in My Library
Taleb, N. N. (2014). Antifragile: things that gain from disorder (Random House Trade Paperback edition). Random House Trade Paperbacks.
Rolt, L. T. C. (2009). Red for Danger: The Classic History of British Railways. History Press Limited. https://books.google.com/books?id=WESKPwAACAAJ
Cerulo, K. A. (2008). Never Saw It Coming: Cultural Challenges to Envisioning the Worst. University of Chicago Press.
Taleb, N. (2007). The black swan: the impact of the highly improbable. Random House.
Norman, D. A. (2005). The design of everyday things (Nachdr.). Basic Books.
Taleb, N. N. (2005). Fooled by randomness: the hidden role of chance in life and in the markets (2nd ed). Random House Trade Paperbacks.
Swiderski, F., & Snyder, W. (2004). Threat modeling. Microsoft Press.
Morgan, M. G. (Ed.). (2002). Risk communication: a mental models approach. Cambridge University Press.
Weinberg, G. M. (2001). An introduction to general systems thinking / Gerald M. Weinberg (Silver anniversary ed). Dorset House.
Perrow, C. (1999). Normal accidents: living with high-risk technologies: with a new afterword and a postscript on the Y2K problem. Princeton University Press.
Kaner, C. (1998). Bad software: what to do when software fails. Wiley.
Bernstein, P. L. (1998). Against the gods: the remarkable story of risk. John Wiley & Sons.
Dörner, D. (1996). The logic of failure: why things go wrong and what we can do to make them right (1st American ed). Metropolitan Books.
Vaughan, D. (1996). The Challenger launch decision: risky technology, culture, and deviance at NASA. University of Chicago Press.
Berger, B. (1994). Beating Murphy’s Law: the amazing science of risk. Delta.
American Telephone and Telegraph Company. (1993). Design to reduce technical risk. London : McGraw-Hill.
Petroski, H. (1992). To engineer is human: the role of failure in successful design (1st Vintage Books ed). Vintage Books.
Reason, J. T. (1990). Human error. Cambridge University Press.
Software risk management. (1989). IEEE Computer Society Press.