[fg-arc] [ESSOS] [ESSoS'16] CfP: Deadlines approaching!

Raoul Strackx raoul.strackx at CS.KULEUVEN.BE
Thu Sep 10 06:54:40 CEST 2015


=======================================================================
==                   International Symposium on                      ==
==           Engineering Secure Software and Systems (ESSoS)         ==
==                                                                   ==
==                       April 6 - 8, 2016,                          ==
==                   Royal Holloway, London, UK                      ==
==                                                                   ==
==        https://distrinet.cs.kuleuven.be/events/essos/2016         ==
==                                                                   ==
==      In cooperation with (pending): ACM SIGSAC and SIGSOFT        ==
=======================================================================

== Approaching deadlines ==

  Abstract submission: September 25, 2015 (anywhere on earth)
  Paper submission:    October 2, 2015 (anywhere on earth)




== Context and motivation ==
Trustworthy, secure software is a core ingredient of the modern world.
So is the Internet. Hostile, networked environments, like the Internet,
can allow vulnerabilities in software to be exploited from anywhere.
High-quality security building blocks (e.g., cryptographic components)
are necessary but insufficient to address these concerns. Indeed, the
construction of secure software is challenging because of the
complexity of modern applications, the growing sophistication of
security requirements, the multitude of available software technologies
and the progress of attack vectors. Clearly, a strong need exists for
engineering techniques that scale well and that demonstrably improve
the software's security properties.

== Goal and setup ==
The goal of this symposium, which will be the eighth in the series, is
to bring together researchers and practitioners to advance the states
of the art and practice in secure software engineering. Being one of
the few conference-level events dedicated to this topic, it explicitly
aims to bridge the software engineering and security engineering
communities, and promote cross-fertilization. The symposium will
feature two days of technical program including two keynote
presentations. In addition to academic papers, the symposium encourages
submission of high-quality, informative industrial experience papers
about successes and failures in security software engineering and the
lessons learned. Furthermore, the symposium also accepts short idea
papers that crisply describe a promising direction, approach, or
insight.

== Topics ==
The Symposium seeks submissions on subjects related to its goals. This
includes a diversity of topics including (but not limited to):

- Cloud security, virtualization for security
- Mobile devices security
- Automated techniques for vulnerability discovery and analysis
- Model checking for security
- Binary code analysis, reverse-engineering
- Programming paradigms, models, and domain-specific languages for
   security
- Operating system security
- Verification techniques for security properties
- Malware: detection, analysis, mitigation
- Security in critical infrastructures
- Security by design
- Static and dynamic code analysis for security
- Web applications security
- Program rewriting techniques for security
- Security measurements
- Empirical secure software engineering
- Security-oriented software reconfiguration and evolution
- Computer forensics
- Processes for the development of secure software and systems
- Security testing
- Embedded software security

== Important dates ==
Abstract submission: September 25, 2015 (anywhere on earth)
Paper submission: October 2, 2015 (anywhere on earth)
Paper notification: December 7, 2015
Artifact evaluation submission: December, 16, 2015
Artifact evaluation notification: January, 6, 2016
Paper camera-ready: January 8, 2016

== Submission and format ==
The proceedings of the symposium are published by Springer-Verlag in
the Lecture Notes in Computer Science Series
(http://www.springer.com/lncs). Submissions should follow the
formatting instructions of Springer LNCS. Submitted papers must present
original, unpublished work of high quality.

Two types of papers will be accepted:

= Full papers (max 14 pages without bibliography/appendices) =
Such papers may describe original technical research with a solid
foundation, such as formal analysis or experimental results, with
acceptance determined mostly based on novelty and validation. Or they
may describe case studies applying existing techniques or analysis
methods in industrial settings, with acceptance determined mostly by
the general applicability of techniques and the completeness of the
technical presentation details.

= Idea papers (max 8 pages with bibliography) =
Such papers may crisply describe a novel idea that is both feasible and
interesting, where the idea may range from a variant of an existing
technique all the way to a vision for the future of security
technology. Idea papers allow authors to introduce ideas to the field
and get feedback, while allowing for later publication of complete,
fully-developed results. Submissions will be judged primarily on
novelty, excitement, and exposition, but feasibility is required, and
acceptance will be unlikely without some basic, principled validation
(e.g., extrapolation from limited experiments or simple formal
analysis). In the proceedings, idea papers will clearly identified by
means of the "Idea" tag in the title.

== Artifact evaluation ==
For possibly the first time at a security conference, ESSOS’16 will
offer a voluntary artifact evaluation. Artifact evaluation is meant to
encourage the submission and publication of proven, reusable research
artifacts. Authors of accepted papers will be able to apply their
artifacts (software, datasets, etc.) to be examined by the Artifact
Evaluation Committee (AEC). Artifacts will be submitted after paper
notification. If all artifacts perform to the satisfaction of the
committee, in particular if they allow for the paper’s results to be
reproduced, then the paper will be recognized with the Artifact
Evaluation Award and the authors will enjoy the following benefits:
 - Authors will be able to mention the award on the paper’s front
    page, in the form of a virtual award plaque.
 - Awarded artifacts will be recognized on the conference web page.
 - Authors can use one additional page in the proceedings, which can be
    used to describe their artifacts.
 - Authors will be able to briefly present their awarded artifacts in a
    dedicated artifact session (in addition to their usual paper
    presentation).
Artifact evaluation submissions will be mainly evaluated based on two
criteria: (1) Artifact packaging and reproducibility. (2) Artifact
implementation and usability.
More information is available on the ESSOS web page. More information
about previous artifact evaluations can be found at:
http://www.artifact-eval.org/

Important dates:
Artifact evaluation submission: December 16, 2015
Artifact evaluation notification: January 6, 2016

== Confirmed invited speakers ==
Apart from technical presentations, the following invited speakers have
confirmed their participation in ESSOS:
 - David Basin, ETH Zürich
 - Karsten Nohl, Security Research Labs


== Steering committee ==
Jorge Cuellar (Siemens AG)
Wouter Joosen (Katholieke Universiteit Leuven) - chair
Fabio Massacci (Università di Trento)
Gary McGraw (Cigital)
Bashar Nuseibeh (The Open University)
Daniel Wallach (Rice University)

== Organizing committee ==
General chair: Lorenzo Cavallaro (Royal Holloway University of London)
Program co-chairs: Eric Bodden (Fraunhofer SIT & TU Darmstadt), Juan
Caballero (IMDEA Software Institute)
Artifact evaluation co-chairs: Alessandra Gorla (IMDEA Madrid), Jacques
Klein (SnT Luxembourg)
Publication chair: Elias Athanasopoulos (FORTH)
Publicity chair: Raoul Strackx (KU Leuven)
Web chair: Ghita Saevels (Katholieke Universiteit Leuven)

== Program committee ==
Javier Alonso, Universidad de Leon & Duke University
Michele Bugliesi, Università Ca' Foscari Venezia
Werner Dietl, University of Waterloo
Michael Franz, University of California, Irvine
Flavio Garcia, University of Birmingham
Christian Hammer, CISPA, Saarland University
Marieke Huisman, University of Twente
Martin Johns, SAP Research
Stefan Katzenbeisser, Technische Universität Darmstadt
Johannes Kinder, Royal Holloway University of London
Andy King, University of Kent
Jacques Klein, University of Luxembourg
Andrea Lanzi, University of Milan
Wenke Lee, Georgia Institute of Technology
Zhenkai Liang, National University of Singapore
Ben Livshits, Microsoft Research
Heiko Mantel, Technische Universität Darmstadt
Nick Nikiforakis, Stony Brook University
Martin Ochoa, Singapore University of Technology and Design
Mathias Payer, Purdue University
Frank Piessens, KU Leuven
Alexander Pretschner, Technische Universität München
Awais Rashid, Lancaster University
Mark Ryan, University of Birmingham
Gianluca Stringhini, University College London
Pierre-Yves Strub, IMDEA Software Institute
Helmut Veith, Vienna University of Technology
Santiago Zanella, Microsoft Research - INRIA



More information about the fg-arc mailing list