COMPUTING, SOFTWARE, CRITICAL INFRASTRUCTURE AND APPLICATIONS

31st Annual IEEE International Computer Software and Applications Conference


Beijing, July 23-27, 2OO7

The First IEEE International Workshop on Security in Software Engineering (IWSSE)

The First IEEE International Workshop on
Security in Software Engineering (IWSSE)

in conjunction with IEEE COMPSAC 2007, Beijing, July 23-27, 2007

MOTIVATIONS AND BACKGROUND

The ever growing demand in software security has made it a well recognized multi-disciplinary sub-area across software engineering, security engineering, and programming languages. Software security has thus become a fundamental problem in software engineering, as it mainly focuses on developing secure software and understanding the security risks and managing these risks throughout the lifecycle of software.

Members of security boards and councils voice concern about software security in today's highly distributed software systems. The lack of comprehensive, cost-effective, systematic and adaptive engineering approaches to ensure software security and protect software systems poses major challenges to both industrial practitioners and scientists.

The workshop invites international scholars and industrial practitioners to discuss and present their work on different aspects of the processes, methods, theories, tools, techniques, and experience that have addressed security in software engineering practices and studies and made contributions to further assure/improve security in software systems and applications. 

CALL FOR PAPERS

The purpose of the workshop is to bring together researchers and practitioners in software and application security in order to create a forum for discussing recent advances in improving security in software engineering and inspiring research on new methods and techniques to advance security engineering in industrial practice. Researchers and practitioners worldwide are invited to present their research expertise and experience, and discuss the issues and challenges in security from software engineering perspective.

SCOPE OF THE WORKSHOP AND EXPECTED CONTRIBUTIONS

Submissions are invited of quality papers in the following non-exhaustive list of topics:

  • Management of software security in industrial practice
  • Security requirements and policies
  • Abuse cases and threat modeling
  • Architecture and design for security
  • Model-based security
  • Language-based security
  • Malicious code prevention and code safety
  • Security risk analysis
  • Security taxonomy and metrics
  • Testing for security
  • Application security: detection and protection
  • Software piracy and protection

Research papers and technical papers identifying research problems and presenting scientific approaches or technical solutions (max 6 pages);

Industry papers, containing experience reports and relevant industrial problem statements (max 4 pages).

PROGRAMME COMMITTEE

Jon A. Solworth, Univeristy of Illinois at Chicago, USA

Janos Sztipanovits, Vanderbilt University, USA

Kevin Butler, Pennsylvania State University, USA

Jon Giffin, Georgia Tech University, USA

Yuanyuan Zhou, University of Illinois at Urbana-Champaign, USA

Mike Burmester, Florida State University, USA

Yong Guan, Iowa State Unviersity, USA

Hossein Saiedian, University of Kansas, USA

Johann Schumann, NASA Ames Research Center, USA

Ninghui Li, Purdue University, USA

Hervé DEBAR, France Telecom, France

Chuang Lin, Tsinghua University, China

Aneesh Krishna, University of Wollongong, Australia

IMPORTANT DATES
  • March 20, 2007 deadline for paper submission
  • April 16, 2007 notification of acceptance
  • April 30, 2007 camera-ready and author registration due

PAPER SUBMISSION

Papers are submitted via the IWSSE 2007 submission website.

Accepted papers will be published in the Workshop Proceedings of the 31st IEEE Computer Software and Applications Conference (HTUCOMPSAC 2007UTH). It should be noted that all IEEE COMPSAC conference proceedings are published by IEEE Computer Society Conference Publishing Services (CPS). All CPS Publications are captured in the online IEEE Digital Library, and professionally indexed through INSPEC and EI Index (Elsevier's Engineering Information Index). At least one of the authors of each accepted paper must register as a full participant of the workshop for the paper to be included in the proceedings.At least one of the authors of each accepted paper must register as a full participant in the workshop to have the paper published in the COMPSAC 2007 Proceedings.

PAPER PUBLICATION

Accepted papers will be published in the Workshop Proceedings of the 31st IEEE Computer Software and Applications Conference (HTUCOMPSAC 2007UTH). At least one of the authors of each accepted paper must register as a full participant in the workshop to have the paper published in the COMPSAC 2007 Proceedings.

WORKSHOP FORMAT

This one-day workshop will include presentation sessions and a moderated panel session.

WORKSHOP ORGANIZATION

General Chairs

 

Michael Jiang (Motorola Labs, USA)

Patrick McDaniel (Pennsylvania State University, USA)

 

Program Chairs

 

Jan Jurjens (The Open University, UK)

Yan Liu (Motorola Labs, USA)

 

WORKSHOP INFORMATION AND GENERAL INQUIRIES

Michael Jiang (Michael.Jiang@motorola.com)