SQUARE
From Square Root
SQUARE stands for Security QUAlity Requirements Engineering.
Steps
- Agree on definition of terms
- Identify safety, security, and privacy goals
- Develop artifacts
- Perform risk assessment
- Select requirements elicitation technique
- Elicit security requirements
- Categorize security requirements
- Prioritize security requirements
- Inspect security requirements
SQUARE Prototype
A folder of documents on the SQUARE prototype.
Studio introduction and background information (Movie - requires Windows Media Player plug-in)
Resources
SQUARE Technical Report (PDF) - SEI Website
SQUARE Case Study Reports
- Case Study on Asset Management System
- Case Study on Asset Management System, Phase II
- Case Study Phase III
- SQUARE-Lite Case Study
BSI content on requirements engineering
"Software Security Engineering: A Guide for Project Managers", Addison-Wesley
"Integrating Security and Software Engineering", IDEA Group Publishing (http://www.idea-group.com)
