[Owasp-board] FW: [SC-L] International Symposium on Engineering Secure Software and Systems (ESSoS)

Sebastien Deleersnyder seba at deleersnyder.eu
Thu Jun 26 20:48:02 UTC 2008

Fyi - we should position some owasp topics

-----Original Message-----
From: sc-l-bounces at securecoding.org [mailto:sc-l-bounces at securecoding.org]
On Behalf Of Brian Chess
Sent: donderdag 26 juni 2008 4:27
To: Secure Coding
Subject: [SC-L] International Symposium on Engineering Secure Software and
Systems (ESSoS)

International Symposium on Engineering Secure Software and Systems (ESSoS)
February 04-06, 2009
Leuven, Belgium

Trustworthy, secure software is a core ingredient of the modern world.
Unfortunately, most software developed today runs on a network exposing it
to a hostile environment. The Internet can allow vulnerabilities in software
to be exploited from anywhere in the world. High-quality security building
blocks (e.g., cryptographic components) are necessary, but insufficient to
address this. Indeed, the construction of secure software is challenging
because of the complexity of applications, the growing security
requirements, and the multitude of software technologies and attack vectors.
Clearly, a strong need exists for engineering techniques for secure software
and systems that scale well and that demonstrably improve the software's
security properties.

The goal of this symposium, which will be the first in a series of events,
is to bring together researchers and practitioners to advance the states of
the art and practice in secure software engineering. Being one of the few
conference-level events dedicated to this topic, it explicitly aims to
bridge the software engineering and security engineering communities, and
promote cross-fertilization. The symposium will feature two days of
technical programme as well as one day of tutorials. The technical programme
includes an experience track for which the submission of highly informative
case studies describing (un)successful secure software project experiences
and lessons learned is explicitly encouraged.

The Symposium seeks submissions on topics related to its goals. This
includes a diversity of topics including (but not limited to):
-    scalable techniques for threat modeling and analysis of vulnerabilities
-    specification and management of security requirements and policies
-    security architecture and design for software and systems
-    model checking for security
-    specification formalisms for security artifacts
-    verification techniques for security properties
-    systematic support for security best practices
-    security testing
-    security assurance cases
-    programming paradigms, models and DLS's for security
-    program rewriting techniques
-    processes for the development of secure software and systems
-    security-oriented software reconfiguration and evolution
-    security measurement
-    automated development
-    trade-off between security and other non-functional requirements
-    support for assurance, certification and accreditation

The proceedings of the symposium will be published as a Springer-Verlag
volume in the Lecture Notes in Computer Science Series
(http://www.springer.com/lncs). Submitted papers must present original,
non-published work of high quality that has not been submitted for potential
publication in parallel. Submitted papers should follow the formatting
instructions of the Springer LNCS Style, and should include maximally 15
pages for research papers and 10 pages for industrial papers (figures and
appendices included). Proposals for tutorials are highly welcome as well.
Further guidelines will appear on the website of the symposium.

Abstract submission: September 8, 2008
Paper submission: September 15, 2008
Author notification: November 5, 2008
Camera-ready: November 24, 2008
Tutorial submission: October 24, 2008
Tutorial notification: November 21, 2008

Jorge Cuellar (Siemens AG)
Wouter Joosen (Katholieke Universiteit Leuven)
Fabio Massacci (Universit` di Trento)
Gary McGraw (Cigital)
Bashar Nuseibeh (The Open University)
Samuel Redwine (James Madison University)

General chair: Bart De Win (Katholieke Universiteit Leuven)
Program co-chairs: Fabio Massacci (Universit` di Trento) and Samuel Redwine
(James Madison University)
Publication chair: Nicola Zannone (University of Toronto)
Tutorial chair: Riccardo Scandariato (Katholieke Universiteit Leuven)

Matt Bishop, University of California (Davis) - USA
Brian Chess, Fortify Software - USA
Richard Clayton, Cambridge University - UK
Christian Collberg, University of Arizona - USA
Bart De Win, Katholieke Universiteit Leuven - BE
Juergen Doser, ETH - CH
Eduardo Fernandez-Medina, University of Castilla-La Mancha - ES
Dieter Gollmann, University of Hamburg - DE
Michael Howard, Microsoft - USA
Cynthia Irvine, Naval Postgradual School - USA
Jan Jurjens, Open University - UK
Volkmar Lotz, SAP Labs - FR
Antonio Mana, University of Malaga - ES
Robert Martin, MITRE - USA
Fabio Massacci, Universit` di Trento - IT
Mira Mezini, Darmstadt University - DE
Mattia Monga, Milan University - IT
Andy Ozment, DoD - USA
Gunther Pernul, Universitat Regensburg - DE
Domenico Presenza, Engineering - IT
Samuel Redwine, James Madison University - USA
Riccardo Scandariato, Katholieke Universiteit Leuven - BE
Ketil Stolen, Sintef - NO
Eric Vetillard, Trusted Logic - FR
Jon Whittle, Lancaster University - UK
Mohammad Zulkernine, Queens University - AU

Secure Coding mailing list (SC-L) SC-L at securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
No virus found in this incoming message.
Checked by AVG. 
Version: 8.0.101 / Virus Database: 270.4.1/1519 - Release Date: 25/06/2008

More information about the Owasp-board mailing list