The Fourth Layered Assurance Workshop (LAW) 6-7 December 2010 The Four Seasons, Austin, Texas LAW is a unique opportunity for interchange on the topic of compositional (or modular) assurance. It is founded on the bold proposition that it is possible to build assured systems from compositions of previously assured components, while being able to derive the system level properties (e.g., safety & security) systematically from the properties of the components. LAW spans the theoretical, engineering, and certification challenges to be met in making compositional assurance for such systems a reality. We say "layered" assurance, rather than compositional assurance, to encompass the multiple aspects of assurance for component composition, incremental certification (incremental cost for incremental changes), and leveraging assurance effort within a product family (i.e., assurance that is robust in the face of the variations typical among members of a product line). The LAW Organizing Committee in cooperation with Applied Computer Security Associates is pleased to announce that LAW 2010 will be held as an affiliated workshop of the 26th Annual Computer Security Applications Conference (ACSAC). LAW, previously a small but growing workshop, will now be associated with this major conference of high- ranking impact. LAW is concerned with the fundamental problems of compositional assurance, and with a need for principles, methods, and techniques applicable to achieve the assurance necessary for security-critical, safety-critical, and mission-critical components and systems. LAW spans the theoretical, engineering, and certification challenges to be met in making compositional assurance for such systems a reality. TOPICS OF INTEREST for LAW submissions include: theoretical foundations for compositional and incremental assurance compositional and incremental certification combining methods of assurance (multi-legged assurance) component-based and compositional interpretations of hazards, verification, and assurance arguments composability of component properties, to achieve system security and safety explicit assurance cases for security, safety, correctness standards for measuring assurance (e.g., security, safety) case studies from diverse application domains (e.g., aerospace, critical infrastructures, automotive, medical, Department of Defense and Intelligence Community) outstanding challenges from diverse application domains assurance for product families role of architecture and the relationship of architecture to assurance of system properties architectural frameworks that can enhance assurance tools and techniques to support compositional and incremental assurance impediments to compositional assurance, such as properties that defy composition or architectures that thwart compositional assurance The preceding list of topics above is not intended to be exhaustive. Submissions are encouraged on any topics that prospective authors consider relevant to the Layered Assurance Workshop. IMPORTANT DATES Paper submissions due: 15 October 2010 Notification of acceptance/rejection: 1 November 2010 Final papers due: 1 December 2010 LAW is held: 6-7 December 2010 INSTRUCTIONS FOR SUBMISSION OF PAPERS Since LAW is a workshop rather than a conference or symposium, submissions do not have to be entirely novel, but they do have to be interesting and relevant to LAW. We solicit two categories of papers: practical and research. We request a maximum of 5 pages for practical papers and a maximum of 10 pages for research (2500 or 5000 words respectively). Papers exceeding these limits will be truncated for review. Please indicate with your submission the category (practical or research) for which it is intended. Papers should be capable of being printed on US letter size paper. The text should be 10 point or larger with reasonable margins. Formatting to common single-column conference proceedings standards is acceptable. To submit a paper, please go to http://www.easychair.org/conferences/?conf=law2010 PRESENTATIONS AT THE WORKSHOP Authors are expected to give a 30 minute presentation of their paper at the Workshop, and are requested to provide their presentation slides at the time of the workshop for publication on the LAW web page along with the final papers. We will operate under a "No Paper, No Podium" and "No Podium, No Paper" policy. We need your final paper by the December 1 deadline. WORKSHOP REGISTRATION Speakers with accepted papers will be required to register for LAW. Registration may be done at the ACSAC 2010 web site, http://www.acsac.org . PROCEEDINGS LAW will not publish paper proceedings. Accepted submitted papers and presentation slides will be published on the LAW 2010 web page the week that LAW is held and will be archived there indefinitely. By submitting a paper an author agrees to online publication of the final version of the paper and presentation material if the paper is accepted. SPONSORSHIP LAW is sponsored again this year by the U.S. Air Force Research Laboratory and the Air Force Cryptographic Modernization Program Office. This year marks a transition for LAW from its present and past sponsorship to being an ACSAC affiliated workshop. CONTACT Either through EasyChair link above, or rdelong "at" engr.scu.edu ACSAC is sponsored by Applied Computer Security Associates (ACSA), a group of professionals who are working to facilitate information sharing among colleagues. We're an all-volunteer not-for-profit organization. Our postal address is 2906 Covington Road, Silver Spring, MD 20910-1206. You can help ACSAC reach people who might benefit from this information. Feel free to forward this message with a personal note to your friends and colleagues. You can add, delete, or change your email subscription by clicking on ACSAC Mailing List at http://www.acsac.org