Incorporating Security Quality Requirements Engineering (SQUARE) into Standard Life-Cycle Models

SQUARE (Security Quality Requirements Engineering) is a method for eliciting and prioritizing security requirements in software development projects. This report describes how SQUARE can be incorporated in standard life-cycle models for security-critical projects. Life-cycle models and process methods considered for the report are the waterfall model, Rational Unified Process, the spiral model, and Dynamic Systems Development Method (an agile method).

This report is for information technology managers and security professionals, management personnel with technical and information security knowledge, and any personnel who manage security-critical projects that follow standard life-cycle models.

View Complete Report

PDF [676 KB]

Authors

Nancy R. Mead

Venkatesh Viswanathan

Deepa Padmanabhan

Anusha Raveendran

This report is related to the following area(s) of work:

Security and Survivability

Technical Note
CMU/SEI-2008-TN-006
May 2008

Related Links

Privacy Risk Assessment Case Studies in Support of SQUARE
Introducing the CERT Resiliency Engineering Framework: Improving the Security and Sustainability Processes
See more library items

CERT Tactical Response and Analysis Challenge Tests Cybersecurity Skills
Testimony to the U.S. Senate Homeland Security and Governmental Affairs Committee
See more related news

Advanced Information Security for Technical Staff
Information Security for Technical Staff
See more related courses

Jan 11 - 14	FloCon 2010
Mar 22 - 25	SEPG North America 2010
See more related events.

For more information

info@sei.cmu.edu

412-268-5800

Library

Incorporating Security Quality Requirements Engineering (SQUARE) into Standard Life-Cycle Models

Related Links

For more information