THE 1st INTERNATIONAL WORKSHOP ON SECURITY IN

advertisement
THE 1st INTERNATIONAL IEEE WORKSHOP ON SECURITY IN SOFTWARE ENGINEERING
WORKSHOP ORGANIZERS
General Chairs
Michael Jiang Ph.D., michael.jiang@motorola.com
Motorola Labs, Motorola Inc., Schaumburg, IL 60196, USA.
Prof. Patrick McDaniel, mcdaniel@cse.psu.edu
Department of Computer Science and Engineering,
Pennsylvania State University, University Park, PA 16802, USA
Program Chairs
Dr. Jan Jurjens,
The Open University, UK
Yan Liu, Ph.D. yanliu@motorola.com
Motorola Labs, Motorola Inc., Schaumburg, IL 60196, USA.
WORKSHOP DURATION
This workshop is planned as a three-session event for a full-day workshop. Most activities will involve
paper presentations and generous time for discussions. If limited by space or time, the workshop can be
condensed to two sessions.
WORKSHOP THEME
The ever growing demand in software security has made it a well recognized multi-disciplinary sub-area
across software engineering, security engineering, and programming languages. Software security has thus
become a fundamental problem in software engineering, as it mainly focuses on developing secure software
and understanding the security risks and managing these risks throughout the lifecycle of software.
Members of security boards and councils voice concern about software security in today's highly
distributed software systems. The lack of comprehensive, cost-effective, systematic and adaptive
engineering approaches to ensure software security and protect software systems poses major challenges to
both industrial practitioners and scientists.
The workshop invites international scholars and industrial practitioners to discuss and present their work on
different aspects of the processes, methods, theories, tools, techniques, and experience that have addressed
security in software engineering practices and studies and made contributions to further assure/improve
security in software systems and applications.
In this workshop, we will discuss the following non-exhaustive list of topics: Management of Software
Security in industrial practice / Security Requirements/ Design for Security/ Language-based Security/
Malicious code prevention and code safety/ Security Risk analysis/ Security Taxonomy and Metrics/
Security Testing/ Application security : detection and protection
EXPECTED ACHIEVEMENTS
31st Annual International Computer and Applications Conference - COMPSAC 2007
1
The purpose of the workshop is to bring together researchers and practitioners in software and application
security in order to create a forum for discussing recent advances in improving security in software
engineering and inspiring research on new methods and techniques to advance security engineering in
industrial practice. We also expect that through this workshop, researchers and practitioners will better
understand the issues and challenges in software safety and security from software engineering perspective.
WORKSHOP FORMAT
The workshop starts with an invited talk, introducing the topic and discussing issues and
challenges of security in software engineering. Technical sessions with paper presentations and
generous time for discussions will follow. The workshop will end with a (moderated) panel
discussion on important issues for future trends in this area. Specific focus will be laid upon the
topic of how the traditional software requirements, design, implementation, test, and maintenance
process needs to be adapted in order to address security.
PUBLICITY
As security has become a growing concern for both academia and industry, many researchers from
academia and commercial labs have worked in this area. To participate in the workshop, we will invite
scholars who are interested to submit an abstract of their paper. We will also advertise the workshop on
various newsgroups in the appropriate research areas.
PROGRAM COMMITTEE
Jon A. Solworth,
University of Illinois at Chicago, USA
Janos Sztipanovits,
Vanderbilt University, USA
Kevin Butler
Pennsylvania State University, USA
Jon Giffin
Georgia Tech University, USA
Hervé DEBAR
France Telecom
Yuanyuan Zhou
University of Illinois at Urbana-Champaign, USA
Mike Burmester,
Florida State University, USA
Yong Guan
Iowa State Unviersity, USA
Hossein Saiedian ,
University of Kansas, USA
Johann Schumann
NASA Ames Research Center, USA
Chuang Lin
Tsinghua University, China
31st Annual International Computer and Applications Conference - COMPSAC 2007
2
Ninghui Li
Purdue University
31st Annual International Computer and Applications Conference - COMPSAC 2007
3
Download