search menu icon-carat-right cmu-wordmark

Identifying Security Requirements Using the Security Quality Requirements Engineering (SQUARE) Method - Information Security and Ethics

September 2008 Book Chapter
Nancy R. Mead

In this book chapter, Nancy Mead describes issues in developing security requirements, useful methods, including details about the SQUARE method.


IGI Global

1599049376, 978-1599049373


In this chapter, we describe general issues in developing security requirements, methods that have been useful, and a method (SQUARE) that can be used for eliciting, analyzing, and documenting security requirements for software systems. SQUARE, which was developed by the CERT Program at Carnegie Mellon University's Soft-ware Engineering Institute, provides a systematic approach to security requirements engineering. SQUARE has been used on a number of client projects by Carnegie Mellon student teams, prototype tools have been developed, and research is ongoing to improve this promising method.