Internation Symposium on Secure Software Engineering
Washington DC
March 13-15, 2006
http://www.jmu.edu/iiia/issse/
Sponsored by IEEE Computer Society, Technical Council on Software
Engineering, and in Cooperation with the IEEE-CS Task Force on
Information Assurance with others expected.
Scope and Purpose
Today, security problems involving computers and software are
frequent, widespread, and serious. The number and variety of attacks
by persons and malicious software from outside organizations,
particularly via the Internet, are increasing rapidly, and the amount
and consequences of insider attacks remains serious. Over 90% of
security incidents reported to the CERT Coordination Center result
from defects in software requirements, design, or code.
Successful software security, however, is fundamentally a software
engineering problem - encompassing producing and
evaluating secure software. This new Symposium series is an effort to
further the professional community's response to this need and
reflects the growing interest existing within the commercial,
governmental, educational, and research sectors on improving secure
software engineering and its supporting knowledgebase to meet this
need.
The Symposium covers all aspects of the processes, techniques,
technology, people, and knowledgebase that have or need the capability
to contribute to producing (more) secure software including their
characteristics, interrelationships, creation, sources, transfer,
introduction, use, and improvement.
The Symposium series is international in involvement and scope with
the 1 st ISSSE having Co-Program Chairs from the US and
Europe. Reports on research and experience as well as
survey/historical articles will be welcome if they meet the expected
professional standards of quality, relevance, importance, and
interest; and are not published or submitted elsewhere. Panels,
workshop reports, and invited speakers will also occur as well as
possibly tutorials.
Some Potential Topics
Technically, software security preserves properties -
confidentiality, integrity, and availability (CIA) -
and aids security external to the software from threats'
capabilities. Security is not just about security functionality; these
are emergent systems properties and omnipresent issues throughout the
lifecycle. Potential topics include:
- Threat modeling and analysis of vulnerabilities
- Secure architectures & design
- Formal specification, designs, policies, and proofs
- Model checking for security
- Coding practices
- Static analysis and other automated support
- Processes for producing secure software
- Testing of security in software
- Certification and accreditation
- Relationships among software correctness, reliability, safety, and security
- Market and legal forces
- Lessons learned
- Ethics and human factors
- Technology transfer
Dates
Paper Submittal & Panel Proposals: 6 September 2005
Notification of Acceptance: 6 December 2005
Final Paper for Publication: 6 January 2006
General Chair: Samuel T. Redwine, Jr. (US)
Program Committee
Co-Program Chairs:
Anthony Hall (UK)
Jeannette Wing (US)
Members:
Matt Bishop (US)
John Clark (UK)
Noopur Davis (US)
Andrew Gordon (UK)
Cynthia Irvine (US)
Jan Ju:rjens (Germany)
Khaled Khan (Australia)
Jean-Louis Lanet (France)
Gary McGraw (US)
Mattia Monga (Italy)
Peter Neumann (US)
Peter Ryan (UK)
John Viega (US)
James Whittaker (US)
Bart De Win (Belgium)
Of related interest: Workshop on Secure Software Engineering Education
& Training
For more information contact: Sam Redwine, redwinst@jmu.edu