[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PVS] [ESSOS] CFP: International Symposium on Engineering SecureSoftware and Systems (ESSoS)

International Symposium on Engineering Secure Software and Systems (ESSoS)

February 09-10, 2011
Madrid, Spain

Trustworthy, secure software is a core ingredient of the modern world.
Unfortunately, the Internet is too. Hostile, networked environments, like
the Internet, can allow vulnerabilities in software to be exploited from
anywhere. To address this, high-quality security building blocks (e.g.,
cryptographic components) are necessary, but insufficient. Indeed, the
construction of secure software is challenging because of the complexity of
modern applications, the growing sophistication of security requirements,
the multitude of available software technologies and the progress of attack
vectors. Clearly, a strong need exists for engineering techniques that scale
well and that demonstrably improve the software's security properties.

The goal of this symposium, which will be the third in the series, is to
bring together researchers and practitioners to advance the states of the
art and practice in secure software engineering. Being one of the few
conference-level events dedicated to this topic, it explicitly aims to
bridge the software engineering and security engineering communities, and
promote cross-fertilization. The symposium will feature two days of
technical program, as well as both tutorials and workshops. In addition to
academic papers, the symposium encourages submission of high-quality,
informative experience papers about successes and failures in security
software engineering and the lessons learned. Furthermore, the symposium
also accepts short idea papers that crisply describe a promising direction,
approach, or insight.

Two workshops will be held at the symposium: the PREDICT-11 Security
Predictions Workshop and the International Workshop on Security Engineering
for Lifelong Evolvable Systems.

The Symposium seeks submissions on subjects related to its goals. This
includes a diversity of topics including (but not limited to):
- scalable techniques for threat modeling and analysis of vulnerabilities
- specification and management of security requirements and policies
- security architecture and design for software and systems
- model checking for security
- specification formalisms for security artifacts
- verification techniques for security properties
- systematic support for security best practices
- security testing
- security assurance cases
- programming paradigms, models and DLS's for security
- program rewriting techniques
- processes for the development of secure software and systems
- security-oriented software reconfiguration and evolution
- security measurement
- automated development
- trade-off between security and other non-functional requirements
- support for assurance, certification and accreditation

The proceedings of the symposium are published by Springer-Verlag in the
Lecture Notes in Computer Science Series (http://www.springer.com/lncs).
Submissions should follow the formatting instructions of Springer LNCS.
Submitted papers must present original, non-published work of high quality.
Two types of papers will be accepted:

Full papers (max 12 pages without bibliography/appendices) - May describe
original technical research with a solid foundation, such as formal analysis
or experimental results, with acceptance determined mostly based on novelty
and validation. Or, may describe case studies applying existing techniques
or analysis methods in industrial settings, with acceptance determined
mostly by the general applicability of techniques and the completeness of
the technical presentation details.

Idea papers (max 8 pages with bibliography) - May crisply describe a novel
idea that is both feasible and interesting, where the idea may range from a
variant of an existing technique all the way to a vision for the future of
security technology. Idea papers allow authors to introduce ideas to the
field and get feedback, while allowing for later publication of complete,
fully-developed results. Submissions will be judged primarily on novelty,
excitement, and exposition, but feasibility is required, and acceptance will
be unlikely without some basic, principled validation (e.g., extrapolation
from limited experiments or simple formal analysis).

Online submission for papers is available through EasyChair, at

Proposals for tutorials are welcome, with submission guidelines on the
symposium website.

Abstract submission: September 13, 2010
Paper submission: September 20, 2010
Author notification: November 12, 2010
Camera-ready: December 3, 2010

Jorge Cuellar (Siemens AG)
Wouter Joosen (Katholieke Universiteit Leuven) - chair
Fabio Massacci (UniversitÓ di Trento)
Gary McGraw (Cigital)
Bashar Nuseibeh (The Open University)
Daniel Wallach (Rice University University)

General chair: Manuel Clavel (Imdea Software/ Universidad Complutense de
Madrid, Spain)
Program co-chair: Ulfar Erlingsson (Google Inc., USA, and Reykjavik
University, Iceland)
Program co-chair: Roel Wieringa (University of Twente, NL)
Publication chair: N. Zannone (Eindhoven Technical University, NL)
Publicity chair: Pieter Philippaerts (Katholieke Universiteit Leuven, BE)
Local arrangements chair: Marina Egea (Imdea Software, Spain)

Thomas Alspaugh (University of California, Irvine, US) 
Jo Atlee (University of Waterloo, Canada) 
Bruno Blanchet (Ecole Normale Superieure, France) 
Hao Chen (University of California, Davis, US) 
Frederic Cuppens (Ecole Nationale SupÚrieure de TÚlÚcommunication Bretagne,
Prem Devanbu (University  of California at Davis, US) 
Eric Dubois (Centre de Recherche Public Henri Tudor, Luxembourg) 
Christof Ebert (Vector Consulting, Germany) 
Manuel Fahndrich (Microsoft Research, US) 
Eduardo Fernandez-Medina (Universidad de Castilla-La Mancha, Spain) 
Robert France (Colorado State University, US) 
Vinod Ganapathy (Rutgers University, US) 
Dieter Gollman (Hamburg University of Technology, DE) 
Siv Hilde Houmb (Telenor, Norway) 
Martin Johns (SAP Research, Germany) 
Jan Jurjens (Technische Universitet Dortmund, Germany) 
Yuecel Karabulut (SAP Labs, US) 
Seok-Won Lee (University of North Carolina Charlotte, US) 
Lin Liu (Tsinghua University, China) 
Vaclav (Vashek) Matyas (Masaryk University, Czech Republic) 
Robert Martin (MITRE, US) 
Sjouke Mauw (University of Luxembourg) 
Chris Mitchell (Royal Holloway, UK) 
Akito Monden (Nara Institute of Science and Technology, Japan) 
Haralambos Mouratidis (University of East London, UK) 
Marcus Peinado (Microsoft Research, US) 
Erik Poll (University of Nijmegen, The Netherlands) 
David Sands (Chalmers University, Sweden) 
Angela Sasse (University College London, UK) 
Venkat Venkatakrishnan (University of Illinois at Chicago, US)