[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PVS] [ESSOS] CFP: International Symposium on Engineering SecureSoftware and Systems (ESSoS)



CALL FOR PAPERS
================
International Symposium on Engineering Secure Software and Systems  
(ESSoS)

February 03-04, 2010
Pisa, Italy
http://distrinet.cs.kuleuven.be/events/essos2010

In cooperation with ACM SIGSAC and SIGSOFT, and IEEE CS (TCSE) - Pending

CONTEXT AND MOTIVATION
Trustworthy, secure software is a core ingredient of the modern world.
Unfortunately, the Internet is too. Hostile, networked environments,  
like
the Internet, can allow vulnerabilities in software to be exploited from
anywhere. To address this, high-quality security building blocks (e.g.,
cryptographic components) are necessary, but insufficient. Indeed, the
construction of secure software is challenging because of the  
complexity of
modern applications, the growing sophistication of security  
requirements,
the multitude of available software technologies and the progress of  
attack
vectors. Clearly, a strong need exists for engineering techniques that
scale well and that demonstrably improve the software's security
properties.

GOAL AND SETUP
The goal of this symposium, which will be the second in the series, is  
to
bring together researchers and practitioners to advance the states of  
the
art and practice in secure software engineering. Being one of the few
conference-level events dedicated to this topic, it explicitly aims to
bridge the software engineering and security engineering communities,  
and
promote cross-fertilization. The symposium will feature two days of
technical program as well as one day of tutorials. The technical program
includes an experience track for which the submission of highly  
informative
case studies describing (un)successful secure software project  
experiences
and lessons learned is explicitly encouraged.

TOPICS
The Symposium seeks submissions on subjects related to its goals. This
includes a diversity of topics including (but not limited to):
- scalable techniques for threat modeling and analysis of  
vulnerabilities
- specification and management of security requirements and policies
- security architecture and design for software and systems
- model checking for security
- specification formalisms for security artifacts
- verification techniques for security properties
- systematic support for security best practices
- security testing
- security assurance cases
- programming paradigms, models and DLS's for security
- program rewriting techniques
- processes for the development of secure software and systems
- security-oriented software reconfiguration and evolution
- security measurement
- automated development
- trade-off between security and other non-functional requirements
- support for assurance, certification and accreditation

SUBMISSION AND FORMAT
The proceedings of the symposium are published by Springer-Verlag in the
Lecture Notes in Computer Science Series (http://www.springer.com/lncs).
Submissions should follow the formatting instructions of the Springer  
LNCS
Style.

Submitted papers must present original, non-published work of high  
quality.
The PC will select the papers into three categories:

Full Papers (16 pages plus bibliography)- describe novel original  
research
which is validated by either formal results, experimental analysis or
significant case study validation. The critical bar for acceptance in  
this
category is novelty and validation.

Industrial Reports (12 pagesplus bibliography) - describe the  
application
of existing research techniques or analysis methods to an industry level
case studies. The research results might be already published elsewhere,
here you show that you have applied them to something that is actually  
used
in an industrial setting (eg a real SAP product or a RedHat  
distribution).
A critical issue for acceptance here is applicability to a large scale.

Idea papers (8 pages plus bibliography) - describe an interesting novel
idea whose formal or experimental validation is not at the level of a  
full
paper, but whose potential is promising. An idea paper allows you to
timestamp your research contribution while giving you the chance to  
present
fully validate result at later conferences.

Proposals for tutorials are highly welcome as well. Further guidelines  
will
appear on the website of the symposium.

IMPORTANT DATES
Abstract submission: September 15, 2009
Paper submission: September 30, 2009
Author notification: November 15, 2009
Camera-ready: December 5, 2009
Tutorial submission: October 24, 2009
Tutorial notification: November 21, 2009

STEERING COMMITTEE
Jorge Cuellar (Siemens AG)
Wouter Joosen (Katholieke Universiteit Leuven) - chair
Fabio Massacci (Universita di Trento)
Gary McGraw (Cigital)
Bashar Nuseibeh (The Open University)
Daniel Wallach (Rice University University)

ORGANIZING COMMITTEE
General chair: Fabio Martinelli (C.N.R., IT)
Program co-chairs:
   Fabio Massacci (Universita di Trento, IT) and
   Dan Wallach (Rice University, USA)
Publication chair: N. Zannone (Eindhoven Technical Univ., NL)
Publicity chair: Yves Younan (Katholieke Universiteit Leuven, BE)

PROGRAM COMMITTEE
Juergen Doser (IMDEA, ES)
Manuel Fahndrich (Microsoft Research, US)
Michael Franz (UC Irvine, US)
Dieter Gollmann (Hamburg University of Technology, DE)
Jan Jurjens (Open University, UK)
Seok-Won Lee (Univ. North Carolina Charlotte, US)
Antonio Mana (University of Malaga, ES)
Robert Martin (MITRE, USA)
Mattia Monga (Milan University, IT)
Fabio Massacci (Univ. of Trento) - Chair
Haris Mouratidis (Univ. of East London, UK)
Gunther Pernul (Universitat Regensburg, DE)
Samuel Redwine (James Madison University, USA)
David Sands (Chalmers Univ., SE)
Riccardo Scandariato (Katholieke Universiteit Leuven, BE)
Ketil Stolen (Sintef, NO)
Jon Whittle (Lancaster University, UK)
Mohammad Zulkernine (Queen's University, CA)
Neeraj Suri (Tech. Univ. Darmstadt, DE)
Yingjiu Li (Singapore Management Univ., SG)
Hao Chen (UC Davis, US)
Richard Clayton (Cambridge University, UK)
Eduardo Fernandez-Medina (University of Castilla-La Mancha, ES)
Yucel Karabulut (Office of CTO, SAP)
Vijay Varadharajan (Maquarie Univ, AU)
Jungfeng Yang (Columbia University, US)
Dan Wallach (Rice University) - Chair