[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PVS] [ESSOS] International Symposium on Engineering Secure Software and Systems (ESSoS) - Call for Participation

International Symposium on Engineering Secure Software and Systems (ESSoS)

February 27 - March 1, 2013 
Paris, France
In cooperation with: ACM SIGSAC and SIGSOFT and IEEE CS (TCSE).

Trustworthy, secure software is a core ingredient of the modern world.
Hostile, networked environments, like the Internet, can allow
vulnerabilities in software to be exploited from anywhere. To address this,
high-quality security building blocks (e.g., cryptographic components) are
necessary, but insufficient. Indeed, the construction of secure software is
challenging because of the complexity of modern applications, the growing
sophistication of security requirements, the multitude of available software
technologies and the progress of attack vectors. Clearly, a strong need
exists for engineering techniques that scale well and that demonstrably
improve the software's security properties.

The goal of this symposium, which will be the fifth in the series, is to
bring together researchers and practitioners to advance the states of the
art and practice in secure software engineering. Being one of the few
conference-level events dedicated to this topic, it explicitly aims to
bridge the software engineering and security engineering communities, and
promote cross-fertilization. The symposium will feature two days of
technical program. The full program can be found here:

In addition to the main conference, a third day with a workshop, tutorials
and a doctoral symposium will be held.

Workshop EternalS' 13: The Third International Workshop on Trustworthy
Eternal Systems via Evolving Software, Data and Knowledge

The EternalS' 13 workshop is supported by the coordination action (CA)
targets from the European Community in advanced research in the direction of
eternal systems such as, software engineering, secure systems, machine
learning, natural language processing as well as the increasing impact of
social computing. The workshop aims at bringing together experts and
stakeholders of the above technologies. For this purpose, eleven speakers,
representing state-of-the-art research in Eternal Systems have been invited
to give talks, organized in four sessions exploring interesting topics of
EternalS, i.e., Secure Eternal Software: a model-centric perspective,
Eternal Software-intensive Systems, Machine Learning for Software
Engineering and Social Computing. The outcome of the discussion between
speakers and attendees will be considered for inclusion in the roadmap that
the CA is designing, which, in turn, will be an input to the European
Community for the definition of future Work Programmes.
More information:

Tutorial: Easily Fighting Murphy: High-level Application Development in the
IoT with Fault Tolerance

The Internet of Things (IoT) holds great promises as an enabler of a wide
spectrum of pervasive applications (e.g., urban monitoring, smart home or
emergency scenario). As the range of applications of IoT extends in the
fields of industrial and mission-critical, additional requisites relating to
robustness and reliability appear. We are faced with systems that are
noteworthy for their gathering ability but fail in ensuring their own
reliance and proper operation. In this tutorial, we start by first
discussing the various aspects of faults, with particular focus on those
encountered in Wireless Sensor Networks and Internet of Things. We then
cover the techniques of detection, tolerance and injection of faults in
these systems. Finally, we discuss techniques for high-level application
development in the IoT, coupled with new developments in expressing and
ensuring fault tolerance requirements in IoT applications. The theoretical
part of the tutorial will be followed by a practical session, where we will
use the Srijan macroprogramming toolkit to develop IoT applications,
including fault-tolerant components.
More information:

Tutorial: Techniques for Secure Programming

Security is crucial to the software that we develop and use. With the growth
of both Grid and Cloud services, security is becoming even more critical.
This tutorial is relevant to anyone wanting to learn about minimizing
security flaws in the software they develop. You will learn skills critical
for software developers and analysts concerned with security. This tutorial
presents coding practices subject to vulnerabilities, with examples of how
they commonly arise, techniques to prevent them, and exercises to reinforce
them. Most examples are in Java, C, C++, Perl and Python, and come from real
code belonging to Cloud and Grid systems we have assessed.
More information: