From Asset
Jump to: navigation, search

MeSSa 2014
2nd International Workshop on Measurability of Security in Software Architectures
Vienna, Austria, August 25, 2014.
Co-located with
The 8th European Conference on Software Architecture (ECSA 2014)


9:00 1st session:

   - Opening
   - Invited talk: Danny Weyns V&V of qualities in self-adaptive systems

10:30 Coffee break

11:00 2nd session 25 minutes for paper presentation and 5 minutes for discussion / paper:

   - Arild B. Torjusen et al. Towards Run-time Verification of Adaptive Security for IoT in eHealth
   - Outi-Marja Latvala et al. A Tool for Security Metrics Modeling and Visualization
   - Arto Juhola et al. Adaptive Risk Management with Ontology Linked Evidential Statistics and SDN

12:30 Lunch

13:30 3rd session

   - Antti Evesti et al. Security Measuring for Self-adaptive Security
   - Invited talk: Reijo Savola Security measuring

15:00 Closing

Workshop Description

Concerns about security have got a lot of new attention, both in a research field and public debate, after the 1st MeSSa workshop. Systematic approaches to measure security are needed in order to build secure software systems and to offer security evidence for users. On one hand, security measuring from software architectures is needed to produce sufficient evidence of security level as early as a software design phase. Consequently, design-time security measuring supports security-by-design approach. On the other hand, software architectures have to support runtime security measuring to obtain up-to-date security information from an online software system or service. Security measuring is exploited in situation-awareness and self-adaptive security. The systematic definition of security metrics and security assurance metrics is a young field that still lacks widely accepted definitions of metrics and applicable measuring techniques for design-time and runtime security monitoring. The workshop will provide a forum for dissemination, demonstration and discussion of original scientific and experimental results of security measurement topics.

Topics of Interest

MeSSa 2014 solicits contributions on the following issues (but not limited to):

  • Security, trust and privacy metrics
  • Risk-driven security effectiveness analysis
  • Security assurance metrics
  • Metrics for threats and risks in software systems
  • Security, trust and privacy measurement systems and associated data gathering
  • Security measuring from software architectures
  • Metrics for self-adaptive security
  • Taxonomies and ontologies on security metrics
  • Experimental results from security measurements
  • Security measurability-increasing mechanisms for software architectures
  • Tradeoff analysis and decision-making at design-time and at runtime
  • Security measuring in real-time software systems
  • Evolutionary techniques for developing adaptive security metrics
  • Visualizing security metrics

Important Dates

Submission of papers (extended): June 15, 2014

Author notification (extended): June 25, 2014

Submission of camera-ready paper (extended): July 4, 2014


Authors should submit a workshop paper no longer than eight pages. The authors should use the ACM template ( for the paper.

The paper should be supplied in MS Word or PDF format to 

The accepted workshop papers will be published in an ACM digital library. At least one author of all accepted papers must present the paper at the workshop.


Reijo Savola, VTT Technical Research Centre of Finland (Finland)

Habtamu Abie, Norwegian Computing Centre (Norway)

Antti Evesti, VTT Technical Research Centre of Finland (Finland)

PROGRAM COMMITTEE (will be extended)

Jennifer Bayuk, Stevens Institute of Technology, USA

Marijke Coetzee, University of Johannesburg, South Africa

Carmen Fernandez, University of Malaga, Spain

Tapio Frantti, University of Oulu, Finland

Jerry den Hartog, Eindhoven Technical University, Netherlands

Marina Krotofil, Hamburg University of Technology, Germany

Martti Lehto, University of Jyväskylä

Fabio Martinelli, Institute of Informatics and Telematics, Italy

Mohammad Mozumdar, California State University, Long Beach, USA

Josef Noll, University of Oslo, Norway

Eila Ovaska, VTT Technical Research Centre of Finland, Finland

Ebenezer Paintsil, Point, Norway

Stefan Poslad, Queen Mary University of London, UK

Juha Röning, University of Oulu, Finland

Pekka Savolainen, VTT Technical Research Centre of Finland, Finland

Riccardo Scandariato, Katholieke Universiteit Leuven, Belgium

Einar Snekkenes, Gjøvik University College, Norway

Denis Treck, University of Ljubljana, Slovenia