32nd Annual IEEE International Computer Software and Applications Conference

Turku, Finland, July 28 - August 1, 2008
dddddddddddCo-located with IPSJ/IEEE SAINT 2008

2nd IEEE International Workshop on Security in Software Engineering (IWSSE 2008) 2008)


The Second IEEE International Workshop on
Security in Software Engineering (IWSSE 2008)
Call for paper (pdf)




(Go to Workshop Homepage)



The ever growing size and complexity of highly distributed software systems raises concerns in software security. Reflectively, the number of reported attacks exploiting software vulnerabilities has thus been increasing. The lack of comprehensive, cost-effective, systematic and adaptive engineering approaches to ensure software security and protect software systems poses major challenges to both industrial practitioners and researchers.


Secure software engineering has become an emerging interdisciplinary area across software engineering, programming languages, and security engineering. Secure software engineering focuses on developing secure software and understanding the security risks and managing these risks throughout the lifecycle of software. The purpose of the workshop is to bring together researchers and practitioners who work closely in this area to create a forum for reporting and discussing recent advances in improving security in software engineering and inspiring collaborations and innovations on new methods and techniques to advance software security in our practices. Researchers and practitioners worldwide are invited to present their research expertise and experience, and discuss the issues and challenges in security from software engineering perspective.


Submissions of quality papers in the following non-exhaustive list of topics are invited:

  •   Management of software security in industrial practice
  •   Security requirements and policies
  •   Abuse cases and threat modeling
  •   Architecture and design for security
  •   Model-based security
  •   Language-based security
  •   Malicious code prevention and code safety
  •   Security risk analysis
  •   Security taxonomy and metrics
  •   Testing for security
  •   Application security: detection and protection
  •   Software piracy and protection


Gail-Joon Ahn, University of North Carolina, USA

Mike Burmester, Florida State University, USA

Kevin Butler, Pennsylvania State University, USA

Kai Chen, Google Inc., USA

Jason Crampton, University of London, UK

Eduardo Fernandez, Florida Atlantic University, USA

Jon Giffin, Georgia Tech University, USA

Yong Guan, Iowa State Unviersity, USA

Jan Jurjens, the Open University, GB

Aneesh Krishna, University of Wollongong, Australia

Yan Liu, Motorola Labs, USA

Nancy Mead, SEI, Carnegie Mellon University, USA

Hossein Saiedian, University of Kansas, USA

Johann Schumann, NASA Ames Research Center, USA

Jon Solworth, University of Illinois at Chicago, USA

Janos Sztipanovits, Vanderbilt University, USA

Tao Xie, North Carolina State University, USA

Mohammad Zulkernine, Queens University, Canada




March 1March 10, 2008

Workshop paper submission due

April 7, 2008

Workshop paper notification

April 30, 2008

All final manuscript and author pre-registration due



Please submit your Paper electronically via IWSSE2008 Submission Site. All submitted papers will be reviewed by the program committee according to originality, significance, and relevance. Papers are limited to 6 pages including all figures, tables, and references. Please follow the IEEE Computer Society Press Proceedings Author Guidelines to prepare your papers (



Accepted papers will be published in the Workshop Proceedings of the 32nd IEEE Computer Software and Applications Conference (COMPSAC 2008). It should be noted that all IEEE COMPSAC conference proceedings are published by IEEE Computer Society Conference Publishing Services (CPS). All CPS Publications are captured in the online IEEE Digital Library, and professionally indexed through INSPEC and EI Index (Elsevier's Engineering Information Index). At least one of the authors of each accepted paper must register as a full participant of the workshop for the paper to be included in the COMPSAC 2008 Proceedings.



Michael Jiang

Motorola Labs, Motorola Inc.

Schaumburg, IL 60196, USA.


James Joshi

School of Information Sciences

University of Pittsburgh, Pittsburgh, PA 15260, USA



Please contact Michael Jiang ( or James Joshi (