SecAssure 2023 : The 2nd International Workshop on System Security Assurance (SecAssure)

Call for papers

Scope and topics

The advancement in information and communication technology has revolutionized social and economic systems. The government, as well as commercial and non-profit organizations, rely heavily on information to conduct their business.

Aside from the significant benefits of information and computing systems, their increasing connectivity, criticality, and comprehensiveness present new challenges for cybersecurity professionals. Information and services that are compromised in terms of confidentiality, integrity, availability, accountability, and authenticity can harm an organization's operations, so this information and data need to be protected. For this reason, it has become a crucial task for security researchers and practitioners to manage the security risks by mitigating the potential vulnerabilities and threats with new techniques and methodologies, thus ensuring the acceptable security assurance of an information and computing system, so the stakeholders can have greater confidence that the system works as intended or claimed. Security assurance can be defined as the cofidence that a system meets its security requirements and is resilient against security vulnerabilities and failures. According to NIST, security assurance is a measure of confidence that the security features, practices, procedures, and architecture of an information system accurately mediates and enforces the security policy.

Who is SecAssure for?

SecAssure aims to bring together researchers from academia, and practitioners from industry and government bodies on a forum to meet and exchange ideas on recent research and furture directions for security assurance.

Techincal topics

The techical topics of interest to the workshop include, but are not limited to:

Security Assurance Approaches

Security, trust, and privacy metrics
Formal methods
Threat Modelling
Security Testing
Security Assurance Trade-off analysis
Re-assurance Methods
Quantitative Methods
Runtime Security Assurance
Evolutionary techniques
Security Assurance Tools
Security Protocols
Security education and training
Vulnerability, threat, and risk analysis

Model-based Techniques for Security Assurance

Model-based Security Assurance Framework
Modelling Secure Architecture
Adaptive Security Assurance Modelling
Cyber Attack Defence Modelling
Security Vulnerability Modelling
Machine Learning and AI enabled Security of Systems

Security Requirements Engineering

Security Requirements Identification
Security Requirements Elicitation
Security Requirements Specification
Security Requirements Tracing
Security Requirements Modelling
Security Requirements Prioritization
Security Requirements Aggregation

Security Assurance Metrics

Security Metrics Specification
Security Metrics Development
Security Metrics Modelling
Security Metrics Aggregation Techniques

Applications

IoT Security
Cloud/Fog Security
5G and Software-Defined Networks
Critical-Infrastructure Security
Security Assurance in Access Control
Networking and communication security
Big data security
Biometrics Authentication

Submission Guidelines

Submissions are to be made to the submission website in pdf. format. At least one author of each accepted paper is required to register and present their work at the workshop; otherwise, the paper will not be included in the proceedings.
Submitted papers must not substantially overlap with papers that have been published or that have been simultaneously submitted to a journal or a conference with proceedings. Submissioins should be at most 20 pages long (full paper) or 10 pages (short paper), including the bibliography and appendices, and should follow the LNCS style.
Pre-proceedings will be made available at the workshop. Accepted conference papers are planned to be published by Springer in the LNCS collection.

If you have any question, please contact us at: [email protected]