Difference between revisions of "MeSSa2016"

From Asset
Jump to: navigation, search
 
(6 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
----
 
----
<p style="text-align: center"><span style="font-size:large">CALL FOR PAPERS<br/>MeSSa 2016<br/>3rd International Workshop on Measurability of Security in Software Architectures<br/>[http://www.vtt.fi/messa2016 http://www.vtt.fi/messa2016]<br/>Istanbul, Turkey, September 5-9, 2016<br/>Co-located with<br/>The 10th European Conference on Software Architecture (ECSA 2016)<br/>[http://ecsa2016.iku.edu.tr/#workshops/ http://ecsa2016.iku.edu.tr/#workshops/]</span></p>
+
<p style="text-align: center"><span style="font-size:large">CALL FOR PAPERS<br/>MeSSa 2016<br/>3rd International Workshop on Monitoring and Measurability of Software and Network Security<br/>[http://www.vtt.fi/messa2016 http://www.vtt.fi/messa2016]<br/> Istanbul, Turkey, September 5-9, 2016<br/>Co-located with<br/>The 10th European Conference on Software Architecture (ECSA 2016)<br/>[http://ecsa2016.iku.edu.tr/#workshops/ http://ecsa2016.iku.edu.tr/#workshops/]</span></p>
'''TOPICS'''<br/>Security-related incidents are increasing, and at the same time the society is based more and more on reliability of cyber-physical systems. Systematic approaches to measure security and to build security in are thus needed in order to build secure software systems and to offer security evidence for software architects, decision makers and end-users. Security measuring from software architectures is required to produce sufficient evidence of security level as early as in the design phase. Consequently, design-time security measuring supports “security by design” approach. In addition, software architectures have to support runtime security measuring to obtain up-to-date security information from online software systems. Runtime security measuring is exploited in situation-awareness and self-adaptive security, such as security of IoT in eHealth. Security metrics for adaptation should also support evaluation and validation of runtime security adaptation. The area of security metrics and security assurance metrics research is evolving, but still lacks widely accepted definitions of metrics and applicable measuring techniques for design-time and runtime security monitoring.
+
'''TOPICS'''<br/>Security-related incidents are increasing, and at the same time our society is increasingly relying on cyber-physical systems. Systematic approaches to monitor and measure security are needed to build secure systems, including IoT and cloud services, and to offer security evidence for system designers and users. Security analysis and measuring on software architecture level produces evidence of security in the design phase, to deal with requirement trade-offs. Architecture-level security analysis supports "security by design". On the other hand, to understand overall security status and get a holistic view, architecture-level security analysis has to be extended to the operational system domain, and needs to include also the network level security monitoring and analysis. Thus, techniques to understand and scale the needs in both measurement and analytics are needed. Together these are able to provide the basis for security situational awareness in the modern complex software infrastructure. Security metrics may also support security adaptation and architecture-based evolution.
  
The workshop will provide a forum for dissemination, demonstration and discussion of original scientific and experimental results of security measurement topics. MeSSa 2016 solicits contributions on the following issues (but not limited to):
+
MeSSa 2016 solicits security-enhancing contributions on the following issues (but not limited to):
  
*Security, trust and privacy metrics
+
* Security, trust and privacy metrics
*Security assurance metrics
+
* Measurement systems and architectures
*Security, trust and privacy measurement systems and associated data gathering
+
* Securing Internet of Things
*Security measuring from software architectures and measurability-increasing mechanisms
+
* Trusted cloud
*Metrics for self-adaptive security
+
* Situational awareness and threat intelligence
*Taxonomies and ontologies on security metrics
+
* Software Defined Networking and Network Function Virtualisation
*Trade-off analysis and decision-making
+
* Self-adaptive and cognitive security
*Adaptive metrics approach for measuring risks, threats, operational activities, and the effectiveness of data protection
+
* Trade-off analysis and decision-making
*Metrics for evaluation and validation of security adaptation
+
* Evolutionary techniques
*Evolutionary techniques for developing adaptive security metrics
+
* Measuring at runtime
*Adaptive metric for measuring security level of a real-time system
+
* Security visualisation and analytics
*Visualizing security metrics
+
* Quality and uncertainty in security measurement and metrics
*Methods for analyzing sensitivity and assessing uncertainty in adaptive security
+
* Anomaly detection
*Techniques for integrating data analytics to support security decision-making and adaptive control
+
* Forensics and data analytics
*Optimization and security challenges in IoT-based architectures for eHealth
+
* Taxonomies and ontologies on security metrics
*Cognitive security capabilities of IoT-based architectures for eHealth
+
* Empirical case studies and pilots
*Evaluation of adaptive security and privacy solutions
+
* Risk-based security measurement and analysis
*Real-time anomaly detection in communication networks
+
* Adaptive metrics and multi-metrics
*Innovative visualization methods for detection of attacks in networks
+
* Semantic provability
*Security functionality in network management systems to assist administrators/operators
 
*SDN-based methods for security monitoring and assurance
 
*Security issues of SDN-based network control software
 
*Security assurance for third party control applications in SDN
 
  
 
<br/>'''IMPORTANT DATES'''<br/>Submission of papers:'''May 22, 2016'''<br/>Author notification: '''June 19, 2016'''<br/>Submission of camera-ready paper: '''June 27, 2016'''
 
<br/>'''IMPORTANT DATES'''<br/>Submission of papers:'''May 22, 2016'''<br/>Author notification: '''June 19, 2016'''<br/>Submission of camera-ready paper: '''June 27, 2016'''
Line 43: Line 39:
 
<br/>'''PROGRAM COMMITTEE'''
 
<br/>'''PROGRAM COMMITTEE'''
  
Noureddine Boudriga, University of Carthage, Tunisia<br/>Iris Adam, NOKIA Networks, Germany<br/>Thorsten Holz, Ruhr-Universität Bochum, Germany<br/>Wolfgang Hommel, Leibniz Supercomputing Centre, Germany<br/>Marina Krotofil, Hamburg University of Technology, Germany<br/>Wolfgang Leister, Norwegian Computing Center, Norway<br/>Fabio Martinelli, Institute of Informatics and Telematics, Italy<br/>Mohammad Mozumdar, California State University, Long Beach, USA<br/>Eila Ovaska, VTT Technical Research Centre of Finland, Finland<br/>Ebenezer Paintsil, Verifone, Norway<br/>Stefan Poslad, Queen Mary University of London, UK<br/>Juha Röning, University of Oulu, Finland<br/>Riccardo Scandariato, Katholieke Universiteit Leuven, Belgium<br/>Einar Snekkenes, Gjøvik University College, Norway<br/>Denis Treck, University of Ljubljana, Slovenia<br/>Yan Zhang, Simula Research Laboratory, Norway
+
Noureddine Boudriga, University of Carthage, Tunisia<br/>Iris Adam, NOKIA Networks, Germany<br/>Thorsten Holz, Ruhr-Universität Bochum, Germany<br/>Wolfgang Hommel, Leibniz Supercomputing Centre, Germany<br/>Marina Krotofil, Hamburg University of Technology, Germany<br/>Wolfgang Leister, Norwegian Computing Center, Norway<br/>Fabio Martinelli, Institute of Informatics and Telematics, Italy<br/>Mohammad Mozumdar, California State University, Long Beach, USA<br/>Eila Ovaska, VTT Technical Research Centre of Finland, Finland<br/>Ebenezer Paintsil, Verifone, Norway<br/>Stefan Poslad, Queen Mary University of London, UK<br/>Juha Röning, University of Oulu, Finland<br/>Riccardo Scandariato, Katholieke Universiteit Leuven, Belgium<br/>Einar Snekkenes, Norwegian University of Science and Technology, Norway<br/>Denis Treck, University of Ljubljana, Slovenia<br/>Yan Zhang, Simula Research Laboratory, Norway
  
  
  
 
'''ORGANISING PROJECTS'''<br/>IoTSec (iotsec.no)<br/>SENDATE Celtic-Plus Flagship
 
'''ORGANISING PROJECTS'''<br/>IoTSec (iotsec.no)<br/>SENDATE Celtic-Plus Flagship

Latest revision as of 09:24, 1 April 2016


CALL FOR PAPERS
MeSSa 2016
3rd International Workshop on Monitoring and Measurability of Software and Network Security
http://www.vtt.fi/messa2016
Istanbul, Turkey, September 5-9, 2016
Co-located with
The 10th European Conference on Software Architecture (ECSA 2016)
http://ecsa2016.iku.edu.tr/#workshops/

TOPICS
Security-related incidents are increasing, and at the same time our society is increasingly relying on cyber-physical systems. Systematic approaches to monitor and measure security are needed to build secure systems, including IoT and cloud services, and to offer security evidence for system designers and users. Security analysis and measuring on software architecture level produces evidence of security in the design phase, to deal with requirement trade-offs. Architecture-level security analysis supports "security by design". On the other hand, to understand overall security status and get a holistic view, architecture-level security analysis has to be extended to the operational system domain, and needs to include also the network level security monitoring and analysis. Thus, techniques to understand and scale the needs in both measurement and analytics are needed. Together these are able to provide the basis for security situational awareness in the modern complex software infrastructure. Security metrics may also support security adaptation and architecture-based evolution.

MeSSa 2016 solicits security-enhancing contributions on the following issues (but not limited to):

  • Security, trust and privacy metrics
  • Measurement systems and architectures
  • Securing Internet of Things
  • Trusted cloud
  • Situational awareness and threat intelligence
  • Software Defined Networking and Network Function Virtualisation
  • Self-adaptive and cognitive security
  • Trade-off analysis and decision-making
  • Evolutionary techniques
  • Measuring at runtime
  • Security visualisation and analytics
  • Quality and uncertainty in security measurement and metrics
  • Anomaly detection
  • Forensics and data analytics
  • Taxonomies and ontologies on security metrics
  • Empirical case studies and pilots
  • Risk-based security measurement and analysis
  • Adaptive metrics and multi-metrics
  • Semantic provability


IMPORTANT DATES
Submission of papers:May 22, 2016
Author notification: June 19, 2016
Submission of camera-ready paper: June 27, 2016


SUBMISSION AND PUBLICATION
Authors should submit a workshop paper no longer than seven pages. Papers of 5 pages in length or longer are considered Full Papers. The authors should use the ACM template (http://www.acm.org/sigs/publications/proceedings-templates) for the paper.

The paper should be supplied in MS Word or PDF format to https://easychair.org/conferences/?conf=messa2016

The accepted workshop papers will be published in an ACM digital library. At least one author of all accepted papers must present the paper at the workshop.


ORGANIZERS
Reijo Savola, VTT Technical Research Centre of Finland, Finland
Habtamu Abie, Norwegian Computing Centre, Norway
Antti Evesti, VTT Technical Research Centre of Finland, Finland


PROGRAM COMMITTEE

Noureddine Boudriga, University of Carthage, Tunisia
Iris Adam, NOKIA Networks, Germany
Thorsten Holz, Ruhr-Universität Bochum, Germany
Wolfgang Hommel, Leibniz Supercomputing Centre, Germany
Marina Krotofil, Hamburg University of Technology, Germany
Wolfgang Leister, Norwegian Computing Center, Norway
Fabio Martinelli, Institute of Informatics and Telematics, Italy
Mohammad Mozumdar, California State University, Long Beach, USA
Eila Ovaska, VTT Technical Research Centre of Finland, Finland
Ebenezer Paintsil, Verifone, Norway
Stefan Poslad, Queen Mary University of London, UK
Juha Röning, University of Oulu, Finland
Riccardo Scandariato, Katholieke Universiteit Leuven, Belgium
Einar Snekkenes, Norwegian University of Science and Technology, Norway
Denis Treck, University of Ljubljana, Slovenia
Yan Zhang, Simula Research Laboratory, Norway


ORGANISING PROJECTS
IoTSec (iotsec.no)
SENDATE Celtic-Plus Flagship