This workshop will focus on techniques, experiences and lessons learned for engineering secure and dependable software using the DevOps paradigm, as well as other forms of agile development.

Suggested topics include, but are not limited to:
• Security in DevOps
• Security in Continuous Deployment
• Security testing in DevOps
• Security automation tools
• Agile security requirements
• Security Architecture in Agile Development
• Agile testing for security
• Secure composition and adaptation of services
• Experience reports on successfully attuning developers to secure software engineering
• Static and dynamic analysis for security
• Security aspects of software deployment
• Security and usability
• Container security for DevOps
• Security in agile software development
• Risk management in software projects
• Teaching secure software development
• Design and deployment of secure services
• Quantitative measurement of security properties
• Verification and assurance techniques for security properties
• Industry experience talks


Submission Guidelines
Papers must not exceed 8 pages in the IEEE conference template.
Paper submission is done through the EasyChair system: https://easychair.org/conferences/?conf=secse2019

Submitted papers will be carefully evaluated based on originality, significance, technical soundness and clarity of exposition.

Duplicate submissions are not allowed. A submission is considered to be a duplicate submission if it is submitted to other conferences/workshops/journals or if it has been already accepted to be published in other conferences/workshops/journals. Duplicate submissions thus will be automatically rejected without review.
Submission of a paper implies that should the paper be accepted, at least one of the authors will register for the Cyber Science conference and present the paper in the workshop. No-show papers will be removed from the digital library after the workshop. Accepted papers will be given guidelines in preparing and submitting the final manuscript(s) together with the notification of acceptance.

Double blind review: SecSE requires anonymized submissions – please make sure that submitted paper contains no author names or obvious self-references.

Publication
Accepted papers will be published in the joint Cyber Science proceedings, and submitted to the IEEExplore digital library.

Journal Special Issue
Distinguished papers submitted to SecSE will be invited to submit revised and extended versions for publication in the International Journal of Systems and Software Security and Protection (IJSSSP) ISSN: 2640-4265 (formerly known as International Journal of Secure Software Engineering (ISSN 1947-3036)).

Ignite talks and Experience talks
We will have a session of 5-minute ignite talks (a variant of PechaKucha) as part of the workshop. An ignite talk is perfect for industrial experience reports! Ignite talks are meant to present ideas and generate discussion. Share with us your novel, ground breaking software security related message as an Ignite presentation. Tell us about tools, processes, tips, tricks, war stories, etc. Submit proposals of an Ignite Talk as a Title and Abstract (500 words maximum) by email to sos-agile@sintef.no. The contributions are less scientific in their nature but should be argued in a compelling way accompanied by 20 auto-advance slides.