y
==================================================================== -------------------------------------------------------------------- FMSE 2005 3nd ACM Workshop on Formal Methods in Security Engineering From Specifications to Code held in association with the 12th ACM Conference on Computer and Communications Security CCS 2005 on November 11th, 2005 Hilton Alexandria Mark Center, Alexandria, VA, USA Call for Papers -------------------------------------------------------------------- ==================================================================== Organized by ETH Zurich and IBM Research Web-page: http://www.ti.informatik.uni-kiel.de/~kuesters/FMSE05/ IMPORTANT DATES: - Submission of papers: June 3, 2005 - Notification of acceptance: July 29, 2005 - Submission of final camera-ready paper: August 28, 2005 Information security has become a crucial concern for the commercial deployment of almost all applications and middleware. Despite this commonly recognized fact, the incorporation of security requirements in the software development process is not yet well understood. The deployment of security mechanisms is often done in an ad-hoc manner only, without a formal security specification, often without a thorough security analysis and almost necessarily without a formal security validation of the final product. That is, a process is lacking for making the transition from high-level security models and policies through development to code. We aim to bring together researchers and practitioners from both the security and the software engineering communities, from academia and industry, who are working on applying formal methods to designing and validating large-scale systems. We are seeking submissions addressing foundational issues in: - security specification techniques, - formal trust models, - combination of formal techniques with semi-formal techniques like UML, - formal analyses of specific security properties relevant to software development, - security-preserving composition and refinement of processes, - faithful abstractions of cryptographic primitives and protocols in process abstractions, and - integration of formal security specification, refinement and validation techniques in development methods and tools. The primary focus is on high-quality original unpublished research and case studies. Submitted papers must not substantially overlap with papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings. The paper must list all authors and their affiliations; in case of multiple authors, the contact author must be indicated. It should begin with a title, a short abstract, and a list of key words, and its introduction should summarize the contributions of the paper at a level appropriate for a non-specialist reader. The paper should be at most 12 pages excluding the bibliography and clearly marked appendices, and at most 15 pages in total, using at least 11-point font, reasonable margins, and page numbers on each page. Committee members are not required to read appendices; the paper should be intelligible without them. The document must be in Acrobat PDF format and must be legible after printing on standard grayscale printers, both those that use A4 and those that use 8-1/2x11" paper. Submissions not meeting these guidelines risk rejection without consideration of their merits. Authors are invited to submit their papers electronically. A detailed description of the electronic submission procedure will be given at http://www.ti.informatik.uni-kiel.de/~kuesters/FMSE05/. Submissions must conform to this procedure and be received by June 3, 2005, 23:59 EST to be considered. Late submissions and non-electronic submissions will not be considered. Notification of acceptance or rejection will be sent to the authors no later than July 29, 2005. Authors of accepted papers must guarantee that their paper will be presented at the workshop. Proceedings will be published by ACM and will be available at the workshop. Instructions about the preparation of a final proceedings version will be sent to the authors of accepted papers. The final copies of the accepted papers will be due on August 28, 2005. Organizing Committee: Michael Backes, IBM Zurich Research Lab, Switzerland David Basin, ETH Zurich, Switzerland Michael Waidner, IBM Zurich Research Lab, Switzerland Program Chairs: Ralf Kuesters, University of Kiel, Germany John Mitchell, Stanford University, USA Program Committee: Michael Backes, IBM Zurich, Switzerland David Basin, ETH Zurich, Switzerland Veronique Cortier, INRIA/LORIA, France Anupam Datta, Stanford University, USA Prem Devanbu, UC Davis, USA Riccardo Focardi, Università Ca' Foscari di Venezia, Italy Ralf Kuesters, University of Kiel, Germany (co-chair) Marta Kwiatkowska, University of Birmingham, UK Heiko Mantel, ETH Zurich, Switzerland John Mitchell, Stanford University, USA (co-chair) Frank Piessens, Katholieke Universiteit Leuven, Belgium Riccardo Puccella, Cornell University, USA Tomas Uribe, SRI, USA Steve Zdancewic, University of Pennsylvania, USA