Software Engineering Institute Carnegie Mellon

RSS  

Incorporating Security Quality Requirements Engineering (SQUARE) into Standard Life-Cycle Models

    

Parent Program

CERT Program

 

Parent Project

Survivable Systems Engineering

 

Related Publications

How To Compare the Security Quality Requirements Engineering (SQUARE) Method with Other Methods

Security Quality Requirements Engineering (SQUARE): Case Study Phase III

System Quality Requirements Engineering (SQUARE): Case Study on Asset Management System, Phase II

System Quality Requirements Engineering (SQUARE) Methodology: Case Study on Asset Management System

SQUARE Project: Cost/Benefit Analysis Framework for Information Security Improvement Projects in Small Companies

 

 

Nancy R. Mead
Venkatesh Viswanathan
Deepa Padmanabhan
Anusha Raveendran

Technical Note
CMU/SEI-2008-TN-006

PDF Download

SQUARE (Security Quality Requirements Engineering) is a method for eliciting and prioritizing security requirements in software development projects. This report describes how SQUARE can be incorporated in standard life-cycle models for security-critical projects. Life-cycle models and process methods considered for the report are the waterfall model, Rational Unified Process, the spiral model, and Dynamic Systems Development Method (an agile method).

This report is for information technology managers and security professionals, management personnel with technical and information security knowledge, and any personnel who manage security-critical projects that follow standard life-cycle models.

 

  

Additional Author Publications

Nancy R. Mead
Venkatesh Viswanathan
Deepa Padmanabhan
Anusha Raveendran
transparent transparent

 

 

  
transparent transparenttransparent transparent transparent