The Fourth International Workshop on Graphical Models for Security
Santa Barbara, CA, USA - August 21, 2017
Co-located with CSF 2017

Graphical security models provide an intuitive but systematic approach 
to analyze security weaknesses of systems and to evaluate potential 
protection measures. Cyber security researchers, as well as security 
professionals from industry and government, have proposed various 
graphical security modeling schemes. Such models are used to capture 
different security facets (digital, physical, and social) and address a 
range of challenges including vulnerability assessment, risk analysis, 
defense analysis, automated defensing, secure services composition, 
policy validation and verification. The objective of the GraMSec 
workshop is to contribute to the development of well-founded graphical 
security models, efficient algorithms for their analysis, as well as 
methodologies for their practical usage.

The workshop seeks submissions from academia, industry, and government 
presenting novel research on all theoretical and practical aspects of 
graphical models for security. The topics of the workshop include, but 
are not limited to:

 - Graphical models for threat modeling and analysis
 - Graphical models for risk analysis and management
 - Graphical models for requirements analysis and management
 - Textual and graphical representation for system, organizational, and 
business security
 - Visual security modeling and analysis of socio-technical and 
cyber-physical systems
 - Graphical security modeling for cyber situational awareness
 - Graphical models supporting the security by design paradigm
 - Methods for quantitative and qualitative analysis of graphical 
security models
 - Formal semantics and verification of graphical security models
 - Methods for (semi-)automatic generation of graphical security models
 - Enhancement and/or optimization of existing graphical security models
 - Scalable evaluation of graphical security models
 - Evaluation algorithms for graphical security models
 - Dynamic update of graphical security models
 - Game theoretical approaches to graphical security modeling
 - Attack trees, attack graphs and their variants
 - Stochastic Petri nets, Markov chains, and Bayesian networks for security
 - UML-based models and other graphical modeling approaches for security
 - Software tools for graphical security modeling and analysis
 - Case studies and experience reports on the use of graphical security 
modeling paradigm

To be decided.

We solicit two types of submissions:
 - Regular papers (up to 15 pages, excluding the bibliography and 
well-marked appendices)
describing original and unpublished work within the scope of the workshop.
 - Short papers (up to 7 pages, excluding the bibliography and 
well-marked appendices)
describing original and unpublished work in progress.

The reviewers are not required to read the appendices, so the papers 
should be intelligible without them. All submissions must be prepared 
using the LNCS style:

Each paper will undergo a thorough review process. All accepted (regular 
and short) papers will be included in the workshop's post-proceedings. 
As the previous two years, the GraMSec 2017 post-proceedings are planned 
to be published in the Lecture Notes in Computer Science (LNCS) series 
of Springer (confirmation pending). Submissions should be made using the 
GraMSec 2017 EasyChair web site:

 - Submission deadline: Sunday, May 21, 2017
 - Acceptance notification: Friday, July 7, 2017
 - Workshop: Monday, August 21, 2017

 - Sjouke Mauw, University of Luxembourg, Luxembourg

 - Peng Liu, Pennsylvania State University, USA
 - Ketil Stølen, SINTEF Digital and University of Oslo, Norway

Mathieu Acher, University Rennes 1, Inria, France
Massimiliano Albanese, George Mason University, USA
Ludovic Apvrille, Télécom ParisTech, France
Thomas Bauereiss, DFKI, Germany
Kristian Beckers, Technical University of Munich, Germany 	
Giampaolo Bella, University of Catania, Italy
Stefano Bistarelli, Università di Perugia, Italy
Marc Bouissou, EDF RD, France
Frédéric Cuppens, Télécom Bretagne, France
Nora Cuppens-Boulahia, Télécom Bretagne, France
Binbin Chen, Advanced Digital Sciences Center, Singapore
Hervé Debar, Télécom SudParis, France
Harley Eades, Augusta University, USA
Mathias Ekstedt, KTH - Royal Institute of Technology, Sweden 

Ulrik Franke, Swedish Institute of Computer Science - SICS, Sweden	
Frank Fransen, TNO, The Netherlands
Olga Gadyatskaya, University of Luxembourg, Luxembourg		
Paolo Giorgini, University of Trento, Italy
Dieter  Gollmann, Hamburg University of Technology, Germany
Joshua Guttman, WPI, USA
René Rydhof Hansen, Aalborg University, Denmark
Maritta Heisel, Universität Duisburg-Essen, Germany
Hannes Holm, Swedish Defence Research Agency, Sweden	
Siv Hilde Houmb, Secure-NOK AS, Norway	
Sushil Jajodia, George Mason University, USA	
Ravi Jhawar, University of Luxembourg, Luxembourg
Henk Jonkers, BiZZdesign, The Netherlands
Cristian Johansen, University of Oslo, Norway
Florian Kammueller, Middlesex University London, UK
Nima Khakzad, TU Delft, The Netherlands
Dong Seong Kim, University of Canterbury, New Zealand
Barbara Kordy, INSA Rennes, IRISA, France	
Pascal Lafourcade, Université Clermont Auvergne, LIMOS, France	
Jean-Louis Lanet, Inria, France
Per Håkon Meland, SINTEF Digital, Norway
Jogesh Muppala, HKUST, Hong Kong, SAR China
Simin Nadjm-Tehrani, Linköping University, Sweden
Andreas L. Opdahl, University of Bergen, Norway	
Xinming Ou, University of South Florida, USA
Stéphane Paul, Thales Research and Technology, France
Wolter Pieters, TU Delft, The Netherlands
Ludovic Piètre-Cambacédès, EDF, FR
Sophie Pinchinat, University Rennes 1, IRISA, France
Vincenzo Piuri, University of Milan, Italy
Marc Pouly, Lucerne University of Applied Sciences and Arts, Switzerland
Nicolas Prigent, Supélec, France
Christian W. Probst, Technical University of Denmark, Denmark
David Pym, UCL, UK	
Saša Radomirovic, University of Dundee, UK
Indrajit Ray, Colorado State University, USA
Arend Rensink, University of Twente, The Netherlands	
Yves Roudier, Université Côte d'Azur, CNRS, I3S, UNS, France
Guttorm Sindre, NUST, Norway
Mariëlle Stoelinga, University of Twente, The Netherlands
Xiaoyan Sun, California State University, USA
Axel Tanner, IBM Research - Zurich, Switzerland	
Alexandre Vernotte, KTH - Royal Institute of Technology, Sweden
Luca Vigan&oagrave;, King's College London, UK	
Lingyu Wang, Concordia University, Canada	
Jan Willemson, Cybernetica, Estonia

For inquiries please send an e-mail to