icon-carat-right menu search cmu-wordmark

Measuring the Software Security Requirements Engineering Process

White Paper
In this paper, Nancy Mead describes a measurement approach to security requirements engineering to analyze projects that were developed with and without SQUARE.
Publisher

Software Engineering Institute

Abstract

Although there has been much research work in security requirements engineering, we do not have adequate ways of measuring this and other security engineering processes. In this paper, we study a measurement approach to security requirements engineering, align it with the Security Quality Requirements Engineering (SQUARE) method, and use both the original and revised security requirements measurement approach to analyze projects that were developed with and without SQUARE.