IEEE Secure Development Conference 
September 24-26, 2017 At the Hyatt Regency, Cambridge, MA

Call For Papers

SecDev is a venue for presenting ideas, research, and experience about
how to develop secure systems.

SecDev is distinguished by its focus on the theory, techniques, and
tools for how to “build security in” to computing systems, and not
simply discover the absence of security. Its goal is to encourage and
disseminate ideas for secure system development between both academia
and industry. Developers have valuable experiences and ideas that can
inform academic research, and researchers have concepts, studies, and
even code and tools that could benefit developers. Great SecDev
contributions could come from attendees of industrial conferences like
AppSec, RSA, Black Hat, and Shmoocon; from attendees of academic
conferences like IEEE S&P, USENIX Security, PLDI, FSE, ISSTA, SOUPS,
and others; and from newcomers.

SecDev is soliciting two types of contributions. First, SecDev is a
forum for short papers that present innovations, experience-based
insights, or a vision about how to build security in to existing and
new computing systems. New work is encouraged. A summary of an ongoing
research agenda is also welcome. Second, SecDev is also interested in
tutorials on processes, frameworks, languages, and tools for building
security in. The goal is to propose useful and thought-provoking
ideas, and to share knowledge on the art and science of secure systems

Areas of interest include (but are not limited to):

    Security engineering processes, from requirements to maintenance
    Security-focused system designs (HW/SW/architecture)
    Distributed systems design and implementation for security
    Human-centered design for systems security
    Programming languages, development tools, 
        and ecosystems supporting security
    Risk management and testing strategies to improve security
    Static program analysis for software security
    Dynamic analysis and runtime approaches for software security
    Explorations of formal verification 
        and other high-assurance methods for security
    Automation of programming, deployment, and maintenance tasks for security
    Code reviews, red teams, and other human-centered assurance

What makes SecDev different from other conferences?

SecDev is interested in work that can demonstrate a practical
connection to building systems that are more secure. It is not enough
to show that an existing system, however prominent, is insecure. Nor
is it enough to propose a new cryptosystem or formal security model
with nice mathematical properties, but with no concrete experience of
how it would be used to build systems more securely. Examples of
topics that are in scope include: how a development library, tool, or
process can produce systems resilient to certain attacks; how a formal
foundation can underpin a language, tool, or testing strategy that
improves security; and experience, designs, or applications showing
how to apply cryptographic techniques effectively to secure systems.

A great SecDev paper resembles an elaborated vision statement, a grant
proposal, or a mini-keynote summarizing prior work and proposing a new
direction or future vision of how to build security in for new and
existing systems. We are not seeking only complete works that manage
to fit in a few pages; rather, we want bigger ideas (previously
published or not) that will lead to a stimulating, thoughtful, and
perhaps (gently) provocative discussion.

A great SecDev tutorial will introduce interested practitioners and
researchers to technologies (e.g., languages, tools, frameworks) that
show promise in aiding the development of secure systems.  Submission

Submit your papers here: [TBD]

Papers must be submitted using the two-column IEEE Proceedings style:

Submissions may be one of three categories:

(Up to) 5-page papers. These must be well-argued and worthy of
publication and citation, on the topics above. They may present new
work or ideas, or draw substantially from the authors' previously
published results. Authors of accepted papers will present their work
at the conference (likely in a 20 minute slot), and their papers will
appear in the conference's formal proceedings. The page count does not
include bibliographic references.

One-page abstracts. Abstracts will be reviewed lightly and all
accepted abs tracts will be published on the SecDev 2017 web
page. Authors of accepted abstracts will be invited to give a talk
during a “5-minute madness” session at the conference.

Tutorial proposals. Tutorials should aim to be 90 minutes
long. Preference will be given to tutorials that are hands-on, rather
than simply slide presentations. Proposals should be 2 pages and cover
(a) the topic; (b) a summary of the tutorial format with possible
pointers to relevant materials; (c) the expected audience and expected
learning outcomes; (d) prior tutorials or talks on similar topics by
the authors (and audience size), if any.

Tutorials will occur on the first day of the conference and will be
included as part of the conference. Note that if an accepted tutorial
requires special materials or environments for the hands-on
participation, we expect the authors to provide necessary preparation
instructions for the attendees (we will contact the authors after we
accept the proposal).

We are seeking broad representation in the program, and may take this
into account when reviewing multiple submissions from the same
authors. We prefer experienced presenters and each submission must
indicate on the submission site which co-author will present the paper
at the meeting. Accepted papers will appear in the conference

If you have any questions about submissions, send an email to

If you have any questions about tutorials, send an email to

Important Dates
Submission: 	May 30, 2017
Tutorial Submission: 	June 2, 2017
Decisions announced: 	June 23, 2017
Final versions due: 	July 21, 2017
Conference: 	Sept. 24-26, 2017
Program Committee

    Michael D. Ernst, University of Washington
    Trent Jaeger, Pennsylvania State University
    Fan Long, Massachusetts Institute of Technology