y CFP: Workshop on Formal Methods in Security Engineering
                             FMSE 2005

     3nd ACM Workshop on Formal Methods in Security Engineering 
                    From Specifications to Code               

                  held in association with the 
   12th ACM Conference on Computer and Communications Security 
                             CCS 2005

                      on November 11th, 2005 

          Hilton Alexandria Mark Center, Alexandria, VA, USA
                          Call for Papers


Organized by ETH Zurich and IBM Research

Web-page:  http://www.ti.informatik.uni-kiel.de/~kuesters/FMSE05/


- Submission of papers: June 3, 2005
- Notification of acceptance: July 29, 2005
- Submission of final camera-ready paper: August 28, 2005    

Information security has become a crucial concern for the commercial
deployment of almost all applications and middleware. Despite this
commonly recognized fact, the incorporation of security requirements
in the software development process is not yet well understood. The
deployment of security mechanisms is often done in an ad-hoc manner
only, without a formal security specification, often without a
thorough security analysis and almost necessarily without a formal
security validation of the final product. That is, a process is
lacking for making the transition from high-level security models and
policies through development to code.

We aim to bring together researchers and practitioners from both the
security and the software engineering communities, from academia and
industry, who are working on applying formal methods to designing and
validating large-scale systems. We are seeking submissions addressing
foundational issues in:

- security specification techniques, 
- formal trust models, 
- combination of formal techniques with semi-formal techniques like 
- formal analyses of specific security properties relevant to software 
- security-preserving composition and refinement of processes, 
- faithful abstractions of cryptographic primitives and protocols in 
  process abstractions, and
- integration of formal security specification, refinement and 
  validation techniques in development methods and tools. 

The primary focus is on high-quality original unpublished research and 
case studies. 

Submitted papers must not substantially overlap with papers that have
been published or that are simultaneously submitted to a journal or a
conference with proceedings. The paper must list all authors and their
affiliations; in case of multiple authors, the contact author must be
indicated. It should begin with a title, a short abstract, and a list
of key words, and its introduction should summarize the contributions
of the paper at a level appropriate for a non-specialist reader. The
paper should be at most 12 pages excluding the bibliography and
clearly marked appendices, and at most 15 pages in total, using at
least 11-point font, reasonable margins, and page numbers on each
page. Committee members are not required to read appendices; the paper
should be intelligible without them. The document must be in Acrobat
PDF format and must be legible after printing on standard grayscale
printers, both those that use A4 and those that use 8-1/2x11"
paper. Submissions not meeting these guidelines risk rejection without
consideration of their merits.

Authors are invited to submit their papers electronically. A detailed
description of the electronic submission procedure will be given at
http://www.ti.informatik.uni-kiel.de/~kuesters/FMSE05/. Submissions must conform
to this procedure and be received by June 3, 2005, 23:59 EST to be considered.
Late submissions and non-electronic submissions will not be considered.

Notification of acceptance or rejection will be sent to the authors no 
later than July 29, 2005. Authors of accepted papers must guarantee 
that their paper will be presented at the workshop.

Proceedings will be published by ACM and will be available at the
workshop.  Instructions about the preparation of a final proceedings
version will be sent to the authors of accepted papers.  The final
copies of the accepted papers will be due on August 28, 2005.

Organizing Committee:

 Michael Backes, IBM Zurich Research Lab, Switzerland
 David Basin, ETH Zurich, Switzerland
 Michael Waidner, IBM Zurich Research Lab, Switzerland

Program Chairs:

 Ralf Kuesters, University of Kiel, Germany
 John Mitchell, Stanford University, USA

Program Committee:

 Michael Backes, IBM Zurich, Switzerland
 David Basin, ETH Zurich, Switzerland
 Veronique Cortier, INRIA/LORIA, France
 Anupam Datta, Stanford University, USA
 Prem Devanbu, UC Davis, USA
 Riccardo Focardi, Università Ca' Foscari di Venezia, Italy
 Ralf Kuesters, University of Kiel, Germany (co-chair)
 Marta Kwiatkowska, University of Birmingham, UK
 Heiko Mantel, ETH Zurich, Switzerland
 John Mitchell, Stanford University, USA (co-chair)
 Frank Piessens, Katholieke Universiteit Leuven, Belgium
 Riccardo Puccella, Cornell University, USA
 Tomas Uribe, SRI, USA
 Steve Zdancewic, University of Pennsylvania, USA