Fourth International Workshop on Secure Software Engineering (SecSE2010)
http://www.sintef.org/secse

In conjunction with ARES 2010
February, 15th - 18th 2010
Andrzej Frycz Modrzewski Cracow College, Krakow, Poland
http://www.ares-conference.eu/conf/

Preliminary Call for Papers
===========================

Software is an integral part of everyday life, and we expect and depend
upon software systems to perform correctly. Software security is about
ensuring that systems continue to function correctly also under
malicious attack. As most systems now are web-enabled, the number of
attackers with access to the system increases dramatically and thus the
threat scenario changes. The traditional approach to secure a system
includes putting up defence mechanisms like IDS and firewalls, but such
measures are no longer sufficient by themselves. We need to be able to
build better, more robust and more secure systems. Even more
importantly, however, we should strive to achieve these qualities in all
software systems, not just the ones that need special protection. This
workshop will focus on techniques, experiences and lessons learned for
building secure and dependable software.

Topics
======
Suggested topics include, but are not limited to:
- Secure architecture and design
- Security in agile software development
- Aspect-oriented software development for secure software
- Security requirements
- Risk management in software projects
- Secure implementation
- Secure deployment
- Testing for security
- Quantitative measurement of security properties
- Static and dynamic analysis for security
- Verification and assurance techniques for security properties
- Lessons learned
- Security and usability
- Teaching secure software development
- Experience reports on successfully attuning developers to secure
software engineering

Important dates:
- Submission Deadline: September 30th 2009
- Author Notification: November 1st 2009
- Author Registration: November 11th 2009
- Proceedings Version: November 11th 2009
- Conference/ Workshop: February, 15th - 18th 2010

Submission Guidelines
=====================
Authors are invited to submit papers in IEEE Computer Society
Proceedings Manuscripts style (two columns, single-spaced, including
figures and references, using 10 pt fonts, and number each page). Please
consult the IEEE CS Author Guidelines at the following web page:
http://www2.computer.org/portal/web/cscps/formatting

We solicit the submission of academic workshop papers (6 pages)
representing original, previously unpublished work. Submitted papers
will be carefully evaluated based on originality, significance,
technical soundness, and clarity of exposition.

Duplicate submissions are not allowed. A submission is considered to be
a duplicate submission if it is submitted to other
conferences/workshops/journals or if it has been already accepted to be
published in other conferences/workshops/journals. Duplicate submissions
thus will be automatically rejected without review.

Contact author must provide the following information: Paper title,
authors' names, affiliations, postal address, phone, fax, and e-mail
address of the author(s), about 200-250 word abstract, and about five
keywords. Paper registration and submission is done through the ARES &
CISIS 2010 Paper Management System at the following address:
https://stdev.ifs.tuwien.ac.at/ares2010/

Submission of a paper implies that should the paper be accepted, at
least one of the authors will register for the ARES conference and
present the paper in the workshop. Accepted papers will be given
guidelines in preparing and submitting the final manuscript(s) together
with the notification of acceptance. Note that SecSE 2010 does not
require anonymized submissions.

Publication
All accepted papers will be published as ISBN proceedings by the IEEE
Computer Society, and will be available online through IEEE Xplore (EI
indexing).

Journal special issue: Distinguished papers submitted to SecSE will be
invited for possible publication in the International Journal of Secure
Software Engineering (ISSN 1947-3036 - http://www.igi-global.com/ijsse).

Organizing committee:
Martin Gilje Jaatun, SINTEF ICT, Norway
Torbjørn Skramstad, Norwegian University of Science and Technology
(NTNU) Lillian Røstad, Norwegian University of Science and Technology (NTNU)

Enquiries to the organizing committee may be sent to: SecSE "replace
with at-character" sislab.no

Program committee (to be confirmed)
Rubén Alonso, Visual Tools, Spain
Sergey Bratus, Dartmouth College, USA
Ana Cavalli, GET/INT, France
Ivan Flechais, University of Oxford, UK
Khaled M. Khan, Qatar University, Qatar
Andrea Lanzi, Institute Eurecom, France
Per Håkon Meland, SINTEF ICT, Norway
Khalid Mughal, University of Bergen, Norway
Jong Hyuk Park, Kyungnam University, Korea
Pierre Parrend, FZI, Germany
Erkuden Rios, European Software Institute, Spain
Chunming Rong, University of Stavanger, Norway
Lillian Røstad, NTNU, Norway
Riccardo Scandariato, KU Leuven, Belgium
Christoph Schuba, Sun Microsystems Inc., USA
Nahid Shahmehri, Linköping University, Sweden
Torbjørn Skramstad, NTNU, Norway
Panagiotis Trimintzios, ENISA, EU
Bart De Win, KU Leuven, Belgium
Stephen Wolthusen, Royal Holloway University of London, UK
George Yee, Carleton University, Canada
Mohammad Zulkernine, Queens University, Canada