STAST2019 9th International Workshop on Socio-Technical Aspects in SecuriTy 26th September 2019, Luxembourg City, Luxembourg http://stast.uni.lu/index.html Affiliated with the European Symposium on Research in Computer Security (ESORICS 2019) https://esorics2019.uni.lu/ Goals The workshop intends to stimulate an exchange of ideas and experiences on how to design systems that are secure in the real world where they interact with non-expert users. It aims at bringing together experts in various areas of computer security and in social and behavioral sciences. Workshop Topics Contributions should focus on the interplay of technical, organizational and human factors in breaking and in achieving computer security, for example: Usability and user experience in security Requirements for socio-technical systems Feasibility of policies from the socio-technical perspective Threat models that combine technical and human-centered strategies Socio-technical factors in decision making in security and privacy Balance between technical measures and social strategies Studies of real-world security incidents socio-technical perspective Social factors in organizations security policies and processes Lessons from design and deployment of security mechanisms and policies Models of user behaviour and user interactions with technology Perceptions of security, risk, and their influence on humans Interplay of law, ethics and politics with security and privacy measures Social engineering, persuasion, and other deception techniques Socio-technical analysis of security incidents Strategies, methodology and guidelines cyber-security intelligence analysis Type of contributions Full Papers, discussing original research, answering well-defined research questions, and presenting full and stable results; Position Papers, original contributions discussing existing challenges and introducing and motivating new research problems; Case Studies, describing lessons learned from design and deployment of security mechanisms and policies in research and in industry. Work in Progress, describing original but unfinished research, which is nevertheless based on solid research questions or hypothesis soundly argued be innovative compared with the state of the art. Proceedings Accepted papers will be published as post-proceedings with Springer in their Lecture Notes in Computer Science series (pending). Timeline Full Paper Submission: June 30, 2019 (Anywhere on Earth) Notification: July 30, 2019 Camera Ready: August 6, 2019 Workshop Organizers Giampaolo Bella (University of Catania) Gabriele Lenzini (University of Luxembourg) Programme Chairs Theo Tryfonas (University of Bristol) Thomas Gross (Newcastle University)