[Om-announce] SecTest2012: 2nd Call for Papers

avantssar at resin.csoft.net avantssar at resin.csoft.net
Mon Jan 30 17:45:47 CET 2012


(Apologies if you receive this announcement multiple times)

***  By popular request, the submission deadline
***  is extended to February 06.                 

The 3nd International Workshop on Security Testing (SECTEST 2012)
Co-located with ICST 2012
(The 5th Int. Conference on Software Testing, Verification and Validation)
Montreal, Canada, April 21, 2012

SUBMISSION DEADLINE: February 06, 2012

Authors are kindly invited to submit an abstract of their paper as soon as possible.
Full (8 pages) and short (2 pages) research papers and tool demonstration
papers (2 pages) allowed.
The proceedings will be published in the IEEE digital library.

To improve software security, several techniques, including vulnerability
modelling and security testing, have been developed but the problem remains
unsolved. On one hand, the workshop tries to answer how vulnerability modelling
can help users understand the occurrence of vulnerabilities so to avoid them,
and what the advantages and drawbacks of the existing models are to represent
vulnerabilities. At the same time, the workshop tries to understand how to
solve the challenging security testing problem given that testing the mere
functionality of a system alone is already a fundamentally critical task, how
security testing is different from and related to classical functional testing,
and how to assess the quality of security testing. The objective of this
workshop is to share ideas, methods, techniques, and tools about vulnerability
modelling and security testing to improve the state of the art.
In particular, the workshop aims at providing a forum for practitioners and
researchers to exchange ideas, perspectives on problems, and solutions. Both
papers proposing novel models, methods, and algorithms and reporting
experiences applying existing methods on case studies and industrial examples
are welcomed.

The topics of interest include, but are not restricted to:
  * network security testing
  * application security testing
  * security requirements definition and modelling
  * security and vulnerability modelling
  * runtime monitoring of security-relevant applications
  * security testing of legacy systems
  * cost effectiveness issues
  * comparisons between security-by-design and formal analyses
  * formal techniques for security testing and validation
  * security test generation and oracle derivation
  * specifying testable security constraints
  * test automation
  * penetration testing
  * regression testing for security
  * robustness and fault tolerance to attacks
  * test-driven diagnosis of security weaknesses
  * process and models for designing and testing secure system
  * when to perform security analysis and testing
  * "white box" security testing techniques
  * compile time fault detection and program verification
  * tools and case studies
  * industrial experience reports
  * Papers due:  February 06, 2012 
  * Notification:  February 25, 2012 
  * Camera-ready due:  March 15, 2012 
  * Paul Ammann (George Mason University, USA)
  * Alessandra Bagnato (TXT e-solutions, Corporate Research Division, Italy)
  * Ruth Breu (University of Innsbruck, Austria)
  * Achim Brucker (SAP Research, Germany)
  * Frederic Cuppens (Telecom Bretagne, France)
  * Khaled El Fakih (American University of Sharjah, UAE)
  * Daniel Faigin (The Aerospace Corporation, USA)
  * Ylies Falcone (Grenoble University, France)
  * Roland Groz (Grenoble University, France)
  * Bruno Legeard (Smartesting, France)
  * Keqin Li (SAP Research, France; co-chair)
  * Lijun Liu (China Mobile Research Institute, China)
  * Wissam Mallouli (Montimage, France; co-chair)
  * Ronald Ritchey (Booz Allen & Hamilton, USA)
  * Juha Roning (University of Oulu, Finland)
  * Luca Vigano` (Universita` di Verona, Italy; co-chair)
  * Bachar Wehbi (Montimage, France)
  * Alessandro Armando (University of Genova, Italy)
  * Ana Cavalli (Telecom SudParis, France)
  * Jorge Cuellar (Siemens, Germany)
  * Alexander Pretschner (KIT, Germany)
  * Yves Le Traon (University of Luxembourg, Luxembourg)
For further information, please contact http://www.spacios.eu/sectest2012/.

More information about the Om-announce mailing list