SQUARE for Privacy (P-SQUARE)

SQUARE for Privacy, also known as P-SQUARE, is a robust tool to support SQUARE that was developed by a team of Carnegie Mellon Master of Software Engineering students with oversight by staff within the CERT Division. The P-SQUARE tool, designed for use by stakeholders, requirements engineers, and administrators, supports both the security and privacy aspects of SQUARE by

  • recording definitions and searching and adding new terms
  • identifying the project business goals, assets, and security and/or privacy goals
  • adding or editing links to project artifacts
  • performing risk assessment and identify threats
  • comparing and selecting security and/or privacy elicitation techniques
  • linking the elicited requirements to goals, risks, and artifacts
  • classifying requirements based on predefined categories
  • prioritizing security and/or privacy requirements
  • inspecting requirements, viewing traceability to risks and artifacts, and exporting requirements to tools such as Requisite Pro


The tool is available for free, though registration is required to download it. Consult the developer or user installation folders for installation instructions.


See a series of short video demonstrations of the P-SQUARE tool.