An Evaluation of A-SQUARE for COTS Acquisition
May 2014 • Technical Note
An evaluation of the effectiveness of Software Quality Requirements Engineering for Acquisition (A-SQUARE) in a project to select a COTS product for the advanced metering infrastructure of a smart grid.
Software Engineering Institute
CMU/SEI Report Number
Developed by the Software Engineering Institute (SEI) at Carnegie Mellon University, Software Quality Requirements Engineering for Acquisition (A-SQUARE) is a methodology used for eliciting and prioritizing security requirements as part of the acquisition process. In the project described in this paper, we evaluated the effectiveness of the A-SQUARE method by applying it to a COTS product for the advanced metering infrastructure of a smart grid. We evaluated the ability of the A-SQUARE method to identify security requirements for the COTS product;identify candidate COTS products;elicit, categorize, and prioritize security requirements;prioritize COTS products;and select a COTS product. We also evaluated the usability of the A-SQUARE tool using qualitative evaluation criteria.