The invention discloses a formalized modeling based software security requirement acquisition method. The method includes functional requirement acquisition, security environment analysis, security objective analysis, security requirement elicitation and final generation of a system security requirement file, wherein the file at least includes information of system asset, behavioral sequence, defects, threats, security strategies, security assumptions, security objectives, security requirement levels, security guarantee levels, security functional modules and security guarantee modules. Compared with the prior art, the formalized modeling based software security requirement acquisition method has the advantages that automation in acquisition of software security requirements is realized while precision in acquisition of the security requirements is greatly improved; the problems of failure in realization of computer processing, ambiguity and fuzziness of security knowledge bases in natural language description are solved to lay the foundation for automatic elicitation of the software security requirements; the method which is a typical software security requirement acquisition method is applicable to different types of software systems and high in universality.