SecAssure 2022 : 1st International Workshop on System Security Assurance

Call For Papers
----------------------------------------------------------------------------------------

1st International Workshop on System Security Assurance (SecAssure 2022)

https://www.ntnu.edu/secassure/call-for-papers

Co-located with the 27th European Symposium on Research in Computer Security (ESORICS 2022)
https://esorics2022.compute.dtu.dk/

Copenhagen, Denmark - 26-30, Sep., 2022

Submit your paper https://easychair.org/conferences/?conf=secassure2022

----------------------------------------------------------------------------------------
Scope and topics:
----------------------------------------------------------------------------------------

The advancement in information and communication technology has revolutionized social and economic systems. The governement, as well as commercial and non-profit organizations, rely heavily on information to conduct their business. Aside from the significant benefits of information and computing systems, their increasing connectivity, criticality, and comprehensiveness present new challenges for cybersecurity professionals. Information and services that are compromised in terms of confidentiality, integrity, availability, accountability, and authenticity can harm an organization's operations, so this information and data need to be protected. For this reason, it has become a crucial task for security researchers and practitioners to manage the security risks by mitigating the potential vulnerabilities and threats with new techniques and methodologies, thus ensuring the acceptable security assurance of an information and computing system, so the stakeholders can have greater confidence that the system works as intended or claimed. Security assurance can be defined as the cofidence that a system meets its security requirements and is resilient against security vulnerabilities and failures. According to NIST, security assurance is a measure of confidence that the security features, practices, procedures, and architecture of an information system accurately mediates and enforces the security policy.

SecAssure 2022 aims to bring together researchers from academia, and practitioners from industry and government bodies on a forum to meet and exchange ideas on recent research and furture directions for security assurance. The techical topics of interest to the workshop include, but are not limited to:

----------------------------------------------------------------------------------------
Security Assurance Approaches
----------------------------------------------------------------------------------------
-Security, trust, and privacy metrics
-Formal methods
-Threat Modelling
-Security Testing
-Security Assurance Trade-off analysis
-Re-assurance Methods
-Quantitative Methods
-Runtime Security Assurance
-Evolutionary techniques
-Security Assurance Tools
-Security Protocols
-Security education and training
-Vulnerability, threat, and risk analysis

----------------------------------------------------------------------------------------
Model-based Techniques for Security Assurance
----------------------------------------------------------------------------------------
-Model-based Security Assurance Framework
-Modelling Secure Architecture
-Adaptive Security Assurance Modelling
-Cyber Attack Defence Modelling
-Security Vulnerability Modelling
-Machine Learning and AI enabled Security of Systems

----------------------------------------------------------------------------------------
Security Requirements Engineering
----------------------------------------------------------------------------------------
-Security Requirements Identification
-Security Requirements Elicitation
-Security Requirements Specification
-Security Requirements Tracing
-Security Requirements Modelling
-Security Requirements Prioritization
-Security Requirements Aggregation

----------------------------------------------------------------------------------------
Security Assurance Metrics
----------------------------------------------------------------------------------------
-Security Metrics Specification
-Security Metrics Development
-Security Metrics Modelling
-Security Metrics Aggregation Techniques

----------------------------------------------------------------------------------------
Applications
----------------------------------------------------------------------------------------
-IoT Security
-Cloud/Fog Security
-5G and Software-Defined Networks
-Critical-Infrastructure Security
-Security Assurance in Access Control
-Networking and communication security
-Big data security
-Biometrics Authentication

________________________________________________________________________________________
Workshop organizers
________________________________________________________________________________________

Organizing Chairs:

-Basel Katt, Norwegian Univeristy of Science and Technology, Norway
-Habtamu Abie, Norwegian Computing Center, Oslo, Norway
-Sandeep Pirbhulal, Norwegian Computing Center, Oslo, Norway
-Ankur Shukla, Norwegian University of Science and Technology, Norway

----------------------------------------------------------------------------------------
Program Committee (tentative):

-Sokratis Katsikas, Norwegian University of Science and Technology, Norway
-Einar Snekkenes, Norwegian University of Science and Technology, Norway
-Cristina Alcaraz, University of Malaga, Spain
-Mauro Conti, University of Padua, Italy
-Dieter Gollmann, Hamburg University of Technology, Germany
-Rejjo Savola, University of Jyväskylä, Finland
-Christos Xenakis, University of Piraeus, Greece
-Ijlal Loutfi, Norwegian Computing Center, Norway
-Ethiopia Nigussie, University of Turku, Finland
-Arda Goknil, SINTEF, Norway
-Ketil Stølen, SINTEF, Norway
-Phu H. Nguyen, SINTEF, Norway
-Martin Gilje Jaatun, University of Stavanger, Norway
-Michael Felderer, University of Innsbruck, Austria
-Sebastian Schrittwieser, University of Vienna, Austria
-Edgar Weippl, University of Vienna, Austria
-Simon Tjoa, St. Poelten University of Applied Sciences, Austria
-Eduardo B. Fernandez, Florida Atlantic University, USA
-Pontus Johnson, KTH Royal Institute of Technology, Sweden
-Volker Gruhn, University of Duisburg-Essen, Germany
-Yves Le Traon, University of Luxembourg, Luxembourg
-Jan Jürjens, Universität Koblenz-Landau, Germany
-Hanno Langweg, HTWG Konstanz University of Applied Sciences, Germany
-Shao-Fang Wen, Norwegian University of Science and Technology, Norway
-Vidhyashree Nagaraju, The University of Tulsa, USA
-Wolfgang Leister, Norwegian Computing Center, Norway
-Tapio Frantti, University of Oulu, Finland
-Lorenzo Blasi, Hewlett-Packard Italiana S.r.l, Italy
-Denis Trcek, University of Ljublana, Slovenia
-Juha Röning, University of Oulu, Finland
-Muhammad Ali Babar, The University of Adelaide, Australia
-Nuno Laranjeiro, University of Coimbra, Portugal
________________________________________________________________________________________

Submission Guidelines
________________________________________________________________________________________

-Submissions are to be made to the submission website https://easychair.org/conferences/?conf=secassure2022 in pdf format. At least one author of each accepted paper is required to register and present their work at the workshop; otherwise, the paper will not be included in the proceedings.

-Submitted papers must not substantially overlap with papers that have been published or that have been simultaneously submitted to a journal or a conference with proceedings. Submissioins should be at most 20 pages long (full paper) or 10 pages (short paper), including the bibliography and appendices, and should follow the LNCS style (https://www.springer.com/gp/computer-science/lncs/conference-proceedings-guidelines).

-Pre-proceedings will be made available at the workshop. Accepted conference papers are planned to be published by Springer in the LNCS collection.