Call for Papers

International Workshop on Secure Software Engineering in DevOps and Agile Development (SecSE 2017)

http://secse.org

Oslo, Norway, September 11-15, 2017

In conjunction with ESORICS 2017, European Symposium on Research in Computer Security

----------------------------------------------------------------------------------------
Contribute by either submitting a paper, or an ignite talk proposal (see details below).
----------------------------------------------------------------------------------------

Software security is about protecting information and ensuring that
systems continue to function correctly even when under malicious
attack. The traditional approach of securing a system has been to
create defensive walls such as intrusion detection systems and
firewalls around it, but there are always cracks in these walls, and
thus such measures are no longer sufficient by themselves. We need to
be able to build better, more robust and more "inherently secure"
systems, and we should strive to achieve these qualities in all
software systems, not just in the ones that "obviously" need special
protection.

This workshop will focus on techniques, experiences and lessons
learned for engineering secure and dependable software using the
DevOps paradigm, as well as other forms of agile development.

Suggested topics include, but are not limited to:

Security in DevOps
Security aspects of software deployment
Security in Continuous Deployment
Security Architecture in Agile Development
Security testing in DevOps
Container security for DevOps
Security automation tools
Security in agile software development
Agile security requirements
Risk management in software projects
Agile testing for security
Quantitative measurement of security properties
Static and dynamic analysis for security
Verification and assurance techniques for security properties
Security and usability
Design and deployment of secure services
Secure composition and adaptation of services
Teaching secure software development
Experience reports on successfully attuning developers to secure
software engineering
Industry experience talks

Important Dates
===============
July 1st, 2017 Submission Deadline
August 1st, 2017 Author Notification
August 7th, 2017 Author Registration
September 14-15, 2017 Workshops
September 30th, 2017 Camera-ready versions (post-proceedings)

Submission Guidelines
=====================
Papers must be between 5 and 15 pages long. If you need more space, save it for the journal version!

Paper submission is done through the EasyChair system:
https://easychair.org/conferences/?conf=secse2017
We provide templates in LaTeX
(http://sislab.no/secse/upload/secse-template-2017.tex) and MS Word (http://sislab.no/secse/upload/secse-template-2017.docx).

Submitted papers will be carefully evaluated based on originality,
significance, technical soundness and clarity of exposition.

Duplicate submissions are not allowed. A submission is considered to
be a duplicate submission if it is submitted to other
conferences/workshops/journals or if it has been already accepted to
be published in other conferences/workshops/journals. Duplicate
submissions thus will be automatically rejected without reviews.

Submission of a paper implies that should the paper be accepted, at
least one of the authors will register for the ESORICS workshops and
present the paper in the workshop. No-show papers will be removed from
the digital library after the workshop. Accepted papers will be given
guidelines in preparing and submitting the final manuscript(s)
together with the notification of acceptance.

Double blind review: SecSE requires anonymized submissions - please
make sure that submitted paper contains no author names or obvious
self-references.

Publication
===========
Accepted papers will be published in CEUR Workshop Proceedings (ISSN
1613-0073).

Journal Special Issue
=====================
Distinguished papers submitted to SecSE will be invited to submit
revised and extended versions for publication in the International
Journal of Secure Software Engineering (ISSN 1947-3036).

Ignite talks (NEW!)
===================
We will have a session of 5-minute ignite talks (a variant of
PechaKucha) as part of the workshop. An ignite talk is perfect for
industrial experience reports! Ignite talks are meant to present ideas
and generate discussion. Share with us your novel, ground breaking
software security related message as an Ignite presentation. Tell us
about tools, processes, tips, tricks, war stories, etc. Submit
proposals of an Ignite Talk as a Title and Abstract (500 words
maximum) by email to sos-agile@sintef.no. The contributions are less
scientific in their nature but should be argued in a compelling way
accompanied by 20 auto-advance slides.