Abstract
Software security and privacy requirements engineering can be a daunting task even with the proper expertise. The Security Quality Requirements Engineering (SQUARE) methodology was developed by the Software Engineering Institute at Carnegie Mellon University to aid with security requirements engineering. SQUARE was then later adapted for privacy requirements engineering. It is a nine step process that guides project teams to analyze and review security and privacy concerns using a structured methodology. 2-SQUARE is a web based tool for semi-automation of the SQUARE process for both Security and Privacy requirements engineering. This application handles many of the menial tasks such as organizing and maintaining an up to date set of artifacts developed throughout the process. Users are given interfaces designed for the tasks while also including guidance on the task at hand. As users enter artifacts and upload documents, all participants within a project are able to view up to date documents. 2-SQUARE also includes features to foster communication between project team members by allowing the easy sharing of comments and documents throughout the process. Finally 2-SQUARE was built to be easily expandable, it has the capabilities to easily incorporate additional variations of SQUARE as well as individual modules for certain steps of the process. The system is implemented in C# using the Asp.Net MVC framework with a Microsoft SQL database. The system will be deployed to a cloud based hosting service.