search menu icon-carat-right cmu-wordmark

Cybersecurity Engineering Research: Security Quality Requirements Engineering (SQUARE) Collection

Collection
This research helps organizations to build security into the early stages of the production and acquisition lifecycles, including privacy.
Publisher

Software Engineering Institute

Abstract

Security Quality Requirements Engineering (SQUARE) is a nine-step process that helps organizations build security, including privacy, into the early stages of the production lifecycle. Instructional materials are available for download that can be used to teach the SQUARE method.

Using SQUARE can enable your organization to develop more secure, survivable software and systems, more predictable schedules and costs, and achieve lower costs.

SQUARE for Privacy, or P-SQUARE, is available for free to help you use the SQUARE process for security, privacy, or both.

SQUARE for Acquisition, or A-SQUARE, is available for free to help stakeholders, requirements engineers, and contractors/vendors, for a variety of acquisition cases.

See the following publications for more information about SQUARE and SQUARE tools:

Collection Items

technical-note-thumbnail-1

SQUARE Frequently Asked Questions (FAQ)

White Paper
By

This paper contains information about SQUARE, a process that helps organizations build security into the early stages of the software production lifecycle.

Read
webcast-thumb-1

CERT SQUARE for Acquisition (A-SQUARE)

Software
By

SQUARE-A is designed for stakeholders, requirements engineers, and contractors/vendors to use in acquisitions and provides documentation support for a variety of use cases.

Download
technical-note-thumbnail-1

CERT SQUARE for Privacy (P-SQUARE)

Software
By

P-SQUARE was designed for stakeholders, requirements engineers, and administrators and supports the security and privacy aspects of SQUARE.

Download