In conjunction with the ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE) - https://2022.esec-fse.org

PROCEEDINGS: All accepted contributions will be published in the conference electronic proceedings and in the ACM Digital Library.

**WORKSHOP ORGANIZERS**

Melina Vidoni - Australian National University, Australia.
Nicolás Díaz Ferreyra - Hamburg University of Technology, Germany.
Zadia Codabux - University of Saskatchewan, Canada.

**WORKSHOP THEME AND GOALS**

Privacy and Security (P&S) are multifaceted and complex research areas spanning across different knowledge domains (e.g., engineering, law, and psychology). Challenges in P&S cannot be solely addressed from a single discipline as they often involve human factors, technological artefacts, and regulatory/legal frameworks. Particularly, the quest for P&S solutions requires in-deep knowledge and actionable information about its users/stakeholders, vulnerabilities/flaws, and potential attackers.

Mining Software Repositories (MSR) techniques can support this quest by providing means to understand the P&S dimensions of information systems, thus help shaping privacy- and security-friendly software. This workshop aims to explore the application of MSR at the different stages of P&S engineering.

**TOPICS OF INTEREST**

- MSR applications for security risk assessment
- MSR applications for privacy requirements engineering
- MSR applications for security vulnerabilities detection
- Engineering PETs through MSR methodologies
- Privacy-Enhancing Technologies through MSR
- MSR-based research for safety/security by design
- Privacy-friendly MSRs (including mixed-methods)
- MSR-based mixed-methods on P&S research
- Privacy requirements in MSR-based research
- Integrating MSRs into P&S research (empirical)
- Analysis of repositories to mine for P&S research
- Tools supporting MSR-based research for P&S
- Datasets used for MSR-based research for P&S
- MSR applications to P&S assurance

**SPECIAL TOPICS OF INTEREST**

Any paper within the scope of the workshop will be considered. Additionally, this year we specially welcome submissions elaborating on MSR for the analysis and extraction of privacy and security anti-patterns–namely, solutions that demonstrate knowledge of poor development practices.

**SUBMISSION DETAILS**

Workshop papers must follow the ESEC/FSE 2022 Format and Submission Guidelines:

https://2022.esec-fse.org/track/fse-2022-how-to-submit

The workshop follows a double-blind peer review process, aligned with ESEC/FSE’s Double-Blind Review Process' policies. Papers submitted must not reveal the authors’ identities in any way, omitting the names from the submission and referring to self-citations in the third person. The only exception will be dataset and tools papers, which will employ an optional single-blind review process.

All submitted papers will be reviewed regarding technical quality, relevance, significance, and clarity by the program committee. All workshop papers should be submitted electronically in PDF format through the workshop website. Accepted papers will become part of the workshop proceedings.

**PAPER TYPES AND LENGTHS**

(I) Regular Papers: up to 8 pages, including references. It must describe original contributions in research and/or practice. Although they can be work-in-progress, the authors must present a clear path forward. These will be given a 15-minute presentation during the workshop.

(II) Short Papers: up to 4 pages, including references. It welcomes position papers, experience reports, work-in-progress, new trends papers, industrial reports, datasets and tools. These will be given a 7-minutes presentation during the workshop.

**IMPORTANT DATES**

Submission Deadline: July 24, 2022 (AoE)

Notification: August 15, 2022

Submission Link: https://msr4ps-22.hotcrp.com