search menu icon-carat-right cmu-wordmark

Privacy Risk Assessment Case Studies in Support of SQUARE

Special Report
In this report, the authors describe enhancements to the SQUARE method for addressing privacy requirements.

Software Engineering Institute

CMU/SEI Report Number
DOI (Digital Object Identifier)


This report contributes to further development of the Security Quality Requirements Engineering (SQUARE) method to address privacy. Risk assessment is Step 4 in the standard SQUARE process. This report examines privacy definitions, privacy regulations, and risk assessment techniques for privacy. The risk assessment techniques are classified using a standard method, and promising techniques are applied to two case studies. The case study results are provided along with future plans for SQUARE for Privacy.