Measuring the Software Security Requirements Engineering Process

Although there has been much research work in security requirements engineering, we do not have adequate ways of measuring this and other security engineering processes. In this paper, we study a measurement approach to security requirements engineering, align it with the Security Quality Requirements Engineering (SQUARE) method, and use both the original and revised security requirements measurement approach to analyze projects that were developed with and without SQUARE.