Sign for Notice Everyday    Sign Up| Sign In| Link| English|

Our Sponsors

    Receive Latest News

    Feedburner
    Share Us


    SESS 2011 - The 7th International Workshop on Software Engineering for Secure Systems (SESS'11)

    View: 1325

    Website | Want to Edit it Edit Freely

    Category SESS 2011

    Deadline: January 21, 2011 | Date: May 22, 2011

    Venue/Country: Hawaii, U.S.A

    Updated: 2010-12-30 12:48:53 (GMT+9)

    Call For Papers - CFP

    The 7th International Workshop on Software Engineering for Secure Systems (SESS'11)

    Soft and secure

    Waikiki, Honolulu, Hawaii, 22 May 2011

    A one day workshop in conjunction with the 33rd International Conference on Software Engineering (ICSE 2011); Stay tuned with our RSS feed!

    Theme and goals (PDF Call for papers)

    Topics

    Important dates

    Program Committee

    Theme and goals

    Nowadays software systems are as flexible as ever: they adapt themselves to the context of operation and their evolving environments. Nevertheless, they should always operate in a secure manner by preserving privacy and trust among the involved parties, even if the dynamic and decentralized nature of these systems poses several challenges in order to protect the exchange of data or services and guarantee the fairness of the system as a whole. Software is at core of most of the business transactions and its smart integration in an industrial setting may be the competitive advantage even when the core competence is outside the ICT field. As a result, the revenues of a firm depend directly on several complex software-based systems. Thus, stakeholders and users should be able to trust these systems to provide data and elaborations with a degree of confidentiality, integrity, and availability compatible with their needs and software engineers have to be familiar with the risks their design choices pose. All in all almost every application has today some kind of security requirement even if its use is not to be considered critical.

    Moreover, the pervasiveness of software products in the creation of critical infrastructures has raised the value of trustworthiness and new efforts should be dedicated to achieve it. The cases in which no one has the complete control on all the components are increasingly common and relevant: for example, "mashup" applications pose several new security challenges since the designers could be partially unaware of the information exchanges that the users introduce into the system logic.

    Security concerns should be taken into account as early as possible, and not added to systems as an after-thought: this is extremely expensive and it may compromise the design integrity in critical ways. Security features such as cryptographic protocols and tamper resistant hardware cannot be simply added on to transform an insecure product to a secure one. Security solutions and patterns are hard to reuse in different contexts, they crosscut all the system components and a single vulnerability alone might compromise the trustworthiness of the whole system. Thus, not surprisingly, several security holes are recurrent, notwithstanding the experience accumulated by security research in the last decades. Software engineers and practitioners should assimilate basic security techniques and discover new techniques for integrating them in the current practice, while understanding associated costs and benefits. Several well-established software engineering disciplines such as verification, testing, program analysis, process support, configuration management, requirement engineering, etc. could contribute to improving security solutions that sometimes lack a coherent methodological approach. Or, as it is the case of security standards proposed by the Common Criteria or BS7799, present challenges that prevent integration with mainstream software engineering practice. Moreover, applications are increasingly deployed in unanticipated environments and even the "attack surface" of an application can be difficult to assess at design time, for example in the now popular case of virtual hosting in which guest applications share physical resources that might open unwanted communication channels.

    The SESS workshop aims at providing a venue for software engineers and security researchers to exchange ideas and techniques. Past editions (first, second, third, fourth, fifth, and sixth) were also held in conjunction of ICSE. Selected and extended version of the papers from the SESS07 and SESS08 have been published (after publisher's rigorous peer review process) to the special issue of the Information and Software Technology -- The Elsevier Journal, Vol. 51, Issue 7, July 2009; and the special issue of the Computers and Security -- The Elsevier Journal, Vol. 29, Issue 3, May 2010, respectively.

    Topics

    Areas of interest include, but are not limited to:

    Security requirements management

    Architecture and design of trustworthy systems

    Architecture and design of protection systems

    Separation of the security concern in complex systems

    Model driven security

    Secure programming

    Black box components trustworthiness

    Security testing

    Static analysis for security

    Trustworthiness verification and clearance

    Defining and supporting the process of building secure software

    Deployment of secure applications

    Monitoring and maintenance of the security solution

    Security usability

    Modeling and integrating dependability requirements with security constraints

    Secure software/process certification and accreditation in socio-technical environment

    Workshop papers must be limited to 7 pages in the ICSE two column format. and should be submitted through the SESS'11 submission system.

    We're also interested in having 1-2 presentations about the ideas of curricula development and experience reports on teaching computer security in software engineering courses.

    We also solicit posters (with a page of abstract) and should be submitted to one of the workshop chairs. Accepted posters and a page of abstract will be displayed in the workshop for discussions.

    Important dates

    Submission of workshop papers

    21 January 2011

    Notification of workshop papers

    19 February 2011

    Publication-ready version

    3 March 2011

    Submission of posters

    1 April 2011

    Workshop dates

    22 May 2011

    Plans for discussion/networking at the workshop

    The workshop will be organized with the following contents. The workshop will start with an invited talk and then the paper presentation (long and short) with Q/A. In the past, the workshop maintained a very interactive and dynamic atmosphere in the discussion of interesting and important topics. Also, a poster session throughout the workshop significantly promoted the dynamics of the interactive discussion. The session chair will wrap up with the discussion of research challenges that were raised during presentations.

    Program Committe

    Davide Balzarotti, Eurecom, France

    Andreas Bauer, National ICT Australia, Australia

    Hao Chen, University of California Davis, USA

    Pau-Chen Cheng, IBM TJ Watson Research Center, USA

    Mihai Christodorescu, IBM TJ Watson Research Center

    Dave Clarke, Katholieke Universiteit Leuven, Belgium

    Hyunsook Do, North Dakota State University, USA

    Eduardo Fernàndez-Medina Patón, Universidad de Castilla-La Mancha, Spain

    Donald Firesmith, Software Engineering Institute, USA

    Robin Gandhi, University of Nebraska at Omaha

    Munawar Hafiz, University of Illinois, USA

    Lin Liu, Tsinghua University, China

    Lorenzo Martignoni, University of California at Berkely, USA

    Raimundas Matulevicius, University of Tartu, Estonia

    Sjouke Mauw, University of Luxembourg

    Nancy Mead, Software Engineering Institute, USA

    Haris Mouratidis, University of East London, UK

    William Robertson, University of California, Berkeley, USA

    Thomas Santen European Microsoft Innovation Center, Germany

    Riccardo Scandariato, Katholieke Universiteit Leuven, Belgium

    Jörg Schreck, Telefonica O2 Munich, Germany

    Wietse Z. Venema, IBM T.J. Watson Research Center

    Liang Xiao, Royal College of Surgeons Ireland, Ireland

    Mohammad Zulkernine, Queens University, Canada

    Organizing Committe (Workshop Chairs)

    Jan Jürjens, Technical University Dortmund, Germany

    Seok-Won Lee, University of Nebraska-Lincoln, USA

    Mattia Monga, Università degli Studi di Milano, Italy


    Keywords: Accepted papers list. Acceptance Rate. EI Compendex. Engineering Index. ISTP index. ISI index. Impact Factor.
    Disclaimer: ourGlocal is an open academical resource system, which anyone can edit or update. Usually, journal information updated by us, journal managers or others. So the information is old or wrong now. Specially, impact factor is changing every year. Even it was correct when updated, it may have been changed now. So please go to Thomson Reuters to confirm latest value about Journal impact factor.