Software Engineering Institute

This paper details the validation of a comprehensive teaching model for security requirements engineering which ensures that security is built into the software from its inception. It centers on the employment of the SQUARE method for secure software requirements engineering, which was developed at Carnegie Mellon University. The effectiveness of the SQUARE method, its learning system and the initial results of using it in student case studies and in a practical, higher education classroom application are reported.