[TYPES/announce] [ESSoS'18] International Symposium on Engineering Secure Software and Systems (Deadline in 2 days!)

Wed Mar 7 08:11:56 EST 2018

+----------------------------------------------------------------------+
|                                                                      |
|                      International Symposium on                      |
|                Engineering Secure Software and Systems               |
|                               (ESSoS)                                |
|                                                                      |
|                          June 26-27, 2018                            |
|                     Campus Paris-Saclay, France                      |
|                        (Co-Located with DIMVA)                       |
|                                                                      |
|                                                                      |
|    https://distrinet.cs.kuleuven.be/events/essos/2018/index.html     |
|                                                                      |
|                In cooperation with: ACM SIGSAC and SIGSOFT (pending) |
+----------------------------------------------------------------------+

+----------------------------------------------------------------------+
| Next important date:                                                 |
| *Paper submission*: Friday, March 9, 2018 (firm)                     |
+----------------------------------------------------------------------+

+------------------------+
| Context and motivation |
+------------------------+

Software-based systems permeate the very fabric of our society -- from
enterprise IT systems and mobile devices to smart home and city
environments. Consequently, computer security is becoming an
increasingly inter-disciplinary subject requiring attention to the
various aspects of securing our software-based infrastructure. One must
pay careful attention to ensure compatibility with existing software and
the wider socio-technical context (e.g., users and organisations) which
it inhabits. This, in turn, requires an approach that integrates
insights from computer security research with rigorous software
engineering methods to ensure the security and resilience of our digital
infrastructure. ESSoS therefore welcomes contributions that are at the
border of system security and software engineering.

+----------------+
| Goal and setup |
+----------------+

The goal of this symposium is to bring together researchers and
practitioners to advance the state of the art and practice in secure
software engineering. Being one of the few conference-level events
dedicated to this topic, it explicitly aims to bridge the software
engineering and software security communities. The symposium features
two days of technical program including two keynote presentations. In
addition to academic papers, the symposium encourages submission of
high-quality, informative industrial experience papers about successes
and failures in secure software engineering and the lessons learned.
Furthermore, the symposium also accepts short idea papers that crisply
describe a promising direction, approach, or insight.

+--------+
| Topics |
+--------+

The Symposium seeks submissions on subjects related to its goals. This
includes a diversity of topics including (but not limited to):
  - Secure software engineering
  - Security by design
  - Empirical secure software engineering
  - Security-oriented software reconfiguration and evolution
  - Processes for the development of secure software and systems
  - Security testing
  - Security requirements analysis and modelling
  - Model checking for security Secure programming
  - Programming paradigms, models, and domain-specific languages for
      security
  - Verification techniques for security properties
  - Static and dynamic code analysis for security
  - Program rewriting techniques for security
  - Security measurements Systems Security
  - Cloud security, virtualization for security
  - Mobile devices security
  - Operating system security
  - Web applications security Malware and vulnerability analysis
  - Automated techniques for vulnerability discovery and analysis
  - Binary code analysis, reverse-engineering
  - Malware: detection, analysis, mitigation
  - Computer forensics Human factors
  - Usable security
  - Studies of developers’ behaviours
  - Organisational practices pertaining to secure development
      Infrastructure security
  - Security in critical infrastructures
  - Embedded software security
  - Security of cyber-physical systems and IoT

+-----------------+
| Important dates |
+-----------------+

Paper submission: Friday, March 9, 2018 (firm)
Paper acceptance notification: Friday, April 27, 2018
Artifact evaluation submission: Wednesday, May 2, 2018
Poster submission: Friday, May 4, 2018
Poster acceptance notification: Friday, May 18, 2018
Camera-ready: Friday, May 11, 2018
Conference: Tuesday to Wednesday, June 26-27, 2018
(DIMVA is held June 28-29, following ESSoS)

+-----------------------+
| Submission and format |
+-----------------------+

The proceedings of the symposium are published by Springer-Verlag in the
Lecture Notes in Computer Science Series
(http://www.springer.com/computer/lncs, pending approval). Submissions
should follow the formatting instructions of Springer LNCS. Submitted
papers must present original, unpublished work of high quality.

Two types of papers will be accepted:

- Full papers (max 14 pages excluding bibliography/appendices)
Such papers may describe original technical research with a solid
foundation, such as formal analysis or experimental results, with
acceptance determined mostly based on novelty and validation. Or they
may describe case studies applying existing techniques or analysis
methods in industrial settings, with acceptance determined mostly by the
general applicability of techniques and the completeness of the
technical presentation details.

- Idea papers (max 8 pages including bibliography)
Such papers may crisply describe a novel idea that is both feasible and
interesting, where the idea may range from a variant of an existing
technique all the way to a vision for the future of security technology.
Idea papers allow authors to introduce ideas to the field and get
feedback, while allowing for later publication of complete,
fully-developed results. Submissions will be judged primarily on
novelty, excitement, and exposition, but feasibility is required, and
acceptance will be unlikely without some basic, principled validation
(e.g., extrapolation from limited experiments or simple formal
analysis). In the proceedings, idea papers will clearly identified by
means of the "Idea" tag in the title.

- Posters
ESSoS will have a poster session to present ideas, discuss prototypes,
and feature ongoing work. Authors of accepted papers and authors with
evaluated artifacts are invited to submit a poster as well. Poster
abstracts are limited to 1 page.

- Approved Artifacts
Due to the secure software engineering focus, we expect the majority of
papers to be based on an accompanying software artifact, data set, or
similar. We strongly encourage the authors of accepted papers to submit
such artifacts for evaluation. Artifact Evaluation will take place after
accepted papers have been announced. Further information will be given
closer to the paper-submission deadline. Submissions where the artifact
evaluation committee can reproduce the software artifacts and evaluation
will receive the “approved artifact” badge. Authors of approved
artifacts are further given the opportunity to demo their artifact at
the conference. In addition, the committee will select a best artifact
to receive the Distinguished Artifact Award.