[Owasp-boston] IEEE Secure Development Conference in Cambridge, 24-26 September 2017

Batcheller, Archer [US] (ES&CSO) Archer.Batcheller at ngc.com
Thu Apr 20 19:43:08 UTC 2017


I'd like to encourage your participation in the upcoming IEEE Secure Development Conference this fall. It will be held 24-26 September 2017 right locally in Cambridge, MA. The call for papers is currently open (overview pasted below; deadline May 30th), and the conference includes some great tutorials, keynotes and both regular and lightning talks. SecDev focuses on defensive content, "building security in," and on engagement between industry and research communities.

Conference website: https://secdev.ieee.org/2017/home/

I attended last year, and really enjoyed it, so this year I am helping to organize the con. You can get a taste for the topics addressed by looking at last year's program:  https://secdev.ieee.org/2016/program/. Highlights for me were the tutorial by Kostya Serebryany (Google) on "Dynamic Testing Techniques Continuous fuzzing with libFuzzer and AddressSanitizer" and the keynote by Jonathan Katz (U Maryland) on "How to Think about Cryptography: Common Crypto Flaws and How to Avoid Them." There were many other good papers though too, and as a smaller conference, it provided excellent opportunities to connect with folks both locally and from across the world.


Archer L. Batcheller, PhD
Northrop Grumman Information Security
archer.batcheller at ngc.com<mailto:archer.batcheller at ngc.com>
(o) 516.247.3656 (c) 571.732.5084<tel:571.732.5084>

Call For Papers Overview
Submission deadline: 30 May 2017
Full CfP: https://secdev.ieee.org/2017/papers/

SecDev is a venue for presenting ideas, research, and experience about how to develop secure systems.

SecDev is distinguished by its focus on the theory, techniques, and tools for how to "build security in" to computing systems, and not simply discover the absence of security. Its goal is to encourage and disseminate ideas for secure system development between both academia and industry. Developers have valuable experiences and ideas that can inform academic research, and researchers have concepts, studies, and even code and tools that could benefit developers. Great SecDev contributions could come from attendees of industrial conferences like AppSec, RSA, Black Hat, and Shmoocon; from attendees of academic conferences like IEEE S&P, USENIX Security, PLDI, FSE, ISSTA, SOUPS, and others; and from newcomers.

SecDev is soliciting two types of contributions. First, SecDev is a forum for short papers that present innovations, experience-based insights, or a vision about how to build security in to existing and new computing systems. New work is encouraged. A summary of an ongoing research agenda is also welcome. Second, SecDev is also interested in tutorials on processes, frameworks, languages, and tools for building security in. The goal is to propose useful and thought-provoking ideas, and to share knowledge on the art and science of secure systems development.

Areas of interest include (but are not limited to):

    Security engineering processes, from requirements to maintenance
    Security-focused system designs (HW/SW/architecture)
    Distributed systems design and implementation for security
    Human-centered design for systems security
    Programming languages, development tools, and ecosystems supporting security
    Risk management and testing strategies to improve security
    Static program analysis for software security
    Dynamic analysis and runtime approaches for software security
    Explorations of formal verification and other high-assurance methods for security
    Automation of programming, deployment, and maintenance tasks for security
    Code reviews, red teams, and other human-centered assurance

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-boston/attachments/20170420/376d07c9/attachment.html>

More information about the Owasp-boston mailing list