Security requirement is an important aspect of system's development. There are numerous security requirements methodologies, which have been developed till date. Research is still going on to improve or create new methodologies that will make a system as secure as possible. Asset management, risk assessment, validation of functional and non-functional security requirements and security requirements elicitation are some of the important part of a security requirements methodology. However most of the security requirements methodologies in use today such as SQUARE, UMLSec, Secure Tropos and CORAS fail to perform one or more of these functions. Additionally, very few methodologies focus on critical infrastructure industrial systems like SCADA. This paper introduces a methodology (MAR(S)2) that incorporates all the important functions, which will produce a strong methodology that produces a profound and well-defined security requirements for SCADA systems.