Call for Papers
MetriSec 2011
7th International Workshop on
SECURITY MEASUREMENTS AND METRICS
Affiliated with the International Symposium on
Empirical Software Engineering and Measurement (ESEM)
September 21, 2011
Banff, Alberta, Canada
Workshop overview
Quantitative assessment is a major stumbling block for software and
system security. Although some security metrics exist, they are rarely
adequate. The engineering importance of metrics is intuitive: you
cannot consistently improve what you cannot measure. Economics is an
additional driver for security metrics: customers are unlikely to pay
a premium for security if they are unable to quantify what they
receive.
The goal of the workshop is to foster research into security
measurements and metrics and to continue building the community of
individuals interested in this field. This year, MetriSec continues
its co-location with ESEM, which offers an opportunity for the
security metrics folks to meet the metrics community at large.
The organizers solicit original submissions from industry and academic
experts on the development and application of repeatable, meaningful
measurements in the fields of software and system security. The topics
of interest include, but are not limited to:
* Security metrics
* Security measurement and monitoring
* Development of predictive models
* Experimental validation of models
* Formal theories of security metrics
* Security quality assurance
* Empirical assessment of security architectures and solutions
* Mining data from attack and vulnerability repositories: e.g. CVE, CVSS
* Software security metrics
* Static analysis metrics
* Simulation and statistical analysis
* Security risk analysis
* Industrial experience
Important dates
Submission of papers: May 30, 2011
Notification to authors: July 3
Submission of camera-ready: July 24
Publication
Authors of accepted papers must present their work at the workshop.
The proceedings of the workshop will be electronically published by
the IEEE.
PAPER SUBMISSION
Submissions are sought in any of the following three categories:
(a) Research papers describing original results, both theoretical and
experimental, are solicited in any of the above mentioned topics.
Theoretical papers should clearly state the contribution and include
some initial validation. Experimental papers are particularly welcome.
In this case, authors are required to explicitly state their
hypothesis, to detail the methodology used, and to describe the
experiment set-up.
(b) Preliminary research results or new ideas can be submitted in the
form of short papers.
(c) Industry experience reports are also welcome. Industry papers
should have at least one author from industry or government, and will
be considered for their industrial relevance.
The page limit for the final proceedings version is 10 pages in
double-column format; short papers are limited to 4 pages. Authors
should use the IEEE Conference Proceedings Template when preparing
their submission. Only PDF files are accepted.
DETAILS
Details about workshop organization, registration, and location can be
found at http://metrisec2011.cs.nku.edu/ .