Difference between revisions of "MeSSa2014"
(15 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | = | + | <p style="text-align: center"><span style="font-size:larger">''MeSSa 2014''<br/>2nd International Workshop on Measurability of Security in Software Architectures</span></p><p style="text-align: center"><span style="font-size:larger">[http://messa2014.vtt.fi http://messa2014.vtt.fi]<br/>Vienna, Austria, August 25, 2014.<br/>Co-located with<br/>[http://ecsa2014.cs.univie.ac.at/ The 8th European Conference on Software Architecture (ECSA 2014)]</span></p> |
− | http://messa2014.vtt.fi | + | ===Programme=== |
− | Vienna, Austria, August 25, 2014. | ||
− | |||
+ | '''9:00 1st session:''' | ||
+ | |||
+ | - Opening | ||
+ | |||
+ | - Invited talk: Danny Weyns V&V of qualities in self-adaptive systems | ||
+ | |||
+ | '''10:30 Coffee break''' | ||
+ | |||
+ | '''11:00 2nd session''' 25 minutes for paper presentation and 5 minutes for discussion / paper: | ||
+ | |||
+ | - Arild B. Torjusen et al. Towards Run-time Verification of Adaptive Security for IoT in eHealth | ||
+ | |||
+ | - Outi-Marja Latvala et al. A Tool for Security Metrics Modeling and Visualization | ||
+ | |||
+ | - Arto Juhola et al. Adaptive Risk Management with Ontology Linked Evidential Statistics and SDN | ||
+ | |||
+ | '''12:30 Lunch''' | ||
+ | |||
+ | '''13:30 3rd session''' | ||
+ | |||
+ | - Antti Evesti et al. Security Measuring for Self-adaptive Security | ||
+ | |||
+ | - Invited talk: Reijo Savola Security measuring | ||
+ | |||
+ | '''15:00 Closing''' | ||
=== '''Workshop Description''' === | === '''Workshop Description''' === | ||
− | Concerns about security have got a lot of new attention, both in a research field and public debate, after the 1st MeSSa workshop. Systematic approaches to measure security are needed in order to build secure software systems and to offer security evidence for users. On one hand, security measuring from software architectures is needed to produce sufficient evidence of security level as early as a software design phase. Consequently, design-time security measuring supports security-by-design approach. On the other hand, software architectures have to support runtime security measuring to obtain up-to-date security information from an online software system or service. Security measuring is exploited in situation-awareness and self-adaptive security. The systematic definition of security metrics and security assurance metrics is a young field that still lacks widely accepted definitions of metrics and applicable measuring techniques for design-time and runtime security monitoring. | + | |
− | The workshop will provide a forum for dissemination, demonstration and discussion of original scientific and experimental results of security measurement topics. | + | Concerns about security have got a lot of new attention, both in a research field and public debate, after the 1st MeSSa workshop. Systematic approaches to measure security are needed in order to build secure software systems and to offer security evidence for users. On one hand, security measuring from software architectures is needed to produce sufficient evidence of security level as early as a software design phase. Consequently, design-time security measuring supports security-by-design approach. On the other hand, software architectures have to support runtime security measuring to obtain up-to-date security information from an online software system or service. Security measuring is exploited in situation-awareness and self-adaptive security. The systematic definition of security metrics and security assurance metrics is a young field that still lacks widely accepted definitions of metrics and applicable measuring techniques for design-time and runtime security monitoring. The workshop will provide a forum for dissemination, demonstration and discussion of original scientific and experimental results of security measurement topics. |
=== '''Topics of Interest''' === | === '''Topics of Interest''' === | ||
+ | |||
MeSSa 2014 solicits contributions on the following issues (but not limited to): | MeSSa 2014 solicits contributions on the following issues (but not limited to): | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | === '''Important Dates''' === | + | *Security, trust and privacy metrics |
− | Submission of papers: June | + | *Risk-driven security effectiveness analysis |
− | Author notification: June | + | *Security assurance metrics |
− | Submission of camera-ready paper: | + | *Metrics for threats and risks in software systems |
+ | *Security, trust and privacy measurement systems and associated data gathering | ||
+ | *Security measuring from software architectures | ||
+ | *Metrics for self-adaptive security | ||
+ | *Taxonomies and ontologies on security metrics | ||
+ | *Experimental results from security measurements | ||
+ | *Security measurability-increasing mechanisms for software architectures | ||
+ | *Tradeoff analysis and decision-making at design-time and at runtime | ||
+ | *Security measuring in real-time software systems | ||
+ | *Evolutionary techniques for developing adaptive security metrics | ||
+ | *Visualizing security metrics | ||
+ | |||
+ | === '''Important Dates'''<br/> === | ||
+ | |||
+ | Submission of papers (extended): June 15, 2014 | ||
+ | |||
+ | Author notification (extended): June 25, 2014 | ||
+ | |||
+ | Submission of camera-ready paper (extended): July 4, 2014 | ||
+ | |||
+ | === '''SUBMISSION AND PUBLICATION'''<br/> === | ||
+ | |||
+ | Authors should submit a workshop paper no longer than eight pages. The authors should use the ACM template ([http://www.acm.org/sigs/publications/proceedings-templates http://www.acm.org/sigs/publications/proceedings-templates]) for the paper. | ||
− | |||
− | |||
The paper should be supplied in MS Word or PDF format to messa2014@vtt.fi. | The paper should be supplied in MS Word or PDF format to messa2014@vtt.fi. | ||
+ | |||
The accepted workshop papers will be published in an ACM digital library. At least one author of all accepted papers must present the paper at the workshop. | The accepted workshop papers will be published in an ACM digital library. At least one author of all accepted papers must present the paper at the workshop. | ||
=== '''WORKSHOP CO-CHAIRS''' === | === '''WORKSHOP CO-CHAIRS''' === | ||
+ | |||
Reijo Savola, VTT Technical Research Centre of Finland (Finland) | Reijo Savola, VTT Technical Research Centre of Finland (Finland) | ||
+ | |||
Habtamu Abie, Norwegian Computing Centre (Norway) | Habtamu Abie, Norwegian Computing Centre (Norway) | ||
+ | |||
Antti Evesti, VTT Technical Research Centre of Finland (Finland) | Antti Evesti, VTT Technical Research Centre of Finland (Finland) | ||
=== '''PROGRAM COMMITTEE (will be extended)''' === | === '''PROGRAM COMMITTEE (will be extended)''' === | ||
+ | |||
Jennifer Bayuk, Stevens Institute of Technology, USA | Jennifer Bayuk, Stevens Institute of Technology, USA | ||
+ | |||
Marijke Coetzee, University of Johannesburg, South Africa | Marijke Coetzee, University of Johannesburg, South Africa | ||
+ | |||
Carmen Fernandez, University of Malaga, Spain | Carmen Fernandez, University of Malaga, Spain | ||
− | + | ||
− | Tapio Frantti, University of Oulu, Finland | + | Tapio Frantti, University of Oulu, Finland |
− | + | ||
Jerry den Hartog, Eindhoven Technical University, Netherlands | Jerry den Hartog, Eindhoven Technical University, Netherlands | ||
+ | |||
+ | Marina Krotofil, Hamburg University of Technology, Germany | ||
+ | |||
Martti Lehto, University of Jyväskylä | Martti Lehto, University of Jyväskylä | ||
+ | |||
Fabio Martinelli, Institute of Informatics and Telematics, Italy | Fabio Martinelli, Institute of Informatics and Telematics, Italy | ||
+ | |||
Mohammad Mozumdar, California State University, Long Beach, USA | Mohammad Mozumdar, California State University, Long Beach, USA | ||
+ | |||
Josef Noll, University of Oslo, Norway | Josef Noll, University of Oslo, Norway | ||
+ | |||
Eila Ovaska, VTT Technical Research Centre of Finland, Finland | Eila Ovaska, VTT Technical Research Centre of Finland, Finland | ||
+ | |||
Ebenezer Paintsil, Point, Norway | Ebenezer Paintsil, Point, Norway | ||
+ | |||
Stefan Poslad, Queen Mary University of London, UK | Stefan Poslad, Queen Mary University of London, UK | ||
+ | |||
Juha Röning, University of Oulu, Finland | Juha Röning, University of Oulu, Finland | ||
+ | |||
Pekka Savolainen, VTT Technical Research Centre of Finland, Finland | Pekka Savolainen, VTT Technical Research Centre of Finland, Finland | ||
+ | |||
Riccardo Scandariato, Katholieke Universiteit Leuven, Belgium | Riccardo Scandariato, Katholieke Universiteit Leuven, Belgium | ||
+ | |||
Einar Snekkenes, Gjøvik University College, Norway | Einar Snekkenes, Gjøvik University College, Norway | ||
+ | |||
Denis Treck, University of Ljubljana, Slovenia | Denis Treck, University of Ljubljana, Slovenia | ||
− | === '''ORGANISING PROJECTS''' === | + | === '''ORGANISING PROJECTS'''<br/> === |
+ | |||
ASSET (asset.nr.no) | ASSET (asset.nr.no) | ||
+ | |||
SASER-SIEGFRIED | SASER-SIEGFRIED |
Latest revision as of 13:28, 22 August 2014
MeSSa 2014
2nd International Workshop on Measurability of Security in Software Architectures
http://messa2014.vtt.fi
Vienna, Austria, August 25, 2014.
Co-located with
The 8th European Conference on Software Architecture (ECSA 2014)
Contents
Programme
9:00 1st session:
- Opening
- Invited talk: Danny Weyns V&V of qualities in self-adaptive systems
10:30 Coffee break
11:00 2nd session 25 minutes for paper presentation and 5 minutes for discussion / paper:
- Arild B. Torjusen et al. Towards Run-time Verification of Adaptive Security for IoT in eHealth
- Outi-Marja Latvala et al. A Tool for Security Metrics Modeling and Visualization
- Arto Juhola et al. Adaptive Risk Management with Ontology Linked Evidential Statistics and SDN
12:30 Lunch
13:30 3rd session
- Antti Evesti et al. Security Measuring for Self-adaptive Security
- Invited talk: Reijo Savola Security measuring
15:00 Closing
Workshop Description
Concerns about security have got a lot of new attention, both in a research field and public debate, after the 1st MeSSa workshop. Systematic approaches to measure security are needed in order to build secure software systems and to offer security evidence for users. On one hand, security measuring from software architectures is needed to produce sufficient evidence of security level as early as a software design phase. Consequently, design-time security measuring supports security-by-design approach. On the other hand, software architectures have to support runtime security measuring to obtain up-to-date security information from an online software system or service. Security measuring is exploited in situation-awareness and self-adaptive security. The systematic definition of security metrics and security assurance metrics is a young field that still lacks widely accepted definitions of metrics and applicable measuring techniques for design-time and runtime security monitoring. The workshop will provide a forum for dissemination, demonstration and discussion of original scientific and experimental results of security measurement topics.
Topics of Interest
MeSSa 2014 solicits contributions on the following issues (but not limited to):
- Security, trust and privacy metrics
- Risk-driven security effectiveness analysis
- Security assurance metrics
- Metrics for threats and risks in software systems
- Security, trust and privacy measurement systems and associated data gathering
- Security measuring from software architectures
- Metrics for self-adaptive security
- Taxonomies and ontologies on security metrics
- Experimental results from security measurements
- Security measurability-increasing mechanisms for software architectures
- Tradeoff analysis and decision-making at design-time and at runtime
- Security measuring in real-time software systems
- Evolutionary techniques for developing adaptive security metrics
- Visualizing security metrics
Important Dates
Submission of papers (extended): June 15, 2014
Author notification (extended): June 25, 2014
Submission of camera-ready paper (extended): July 4, 2014
SUBMISSION AND PUBLICATION
Authors should submit a workshop paper no longer than eight pages. The authors should use the ACM template (http://www.acm.org/sigs/publications/proceedings-templates) for the paper.
The paper should be supplied in MS Word or PDF format to messa2014@vtt.fi.
The accepted workshop papers will be published in an ACM digital library. At least one author of all accepted papers must present the paper at the workshop.
WORKSHOP CO-CHAIRS
Reijo Savola, VTT Technical Research Centre of Finland (Finland)
Habtamu Abie, Norwegian Computing Centre (Norway)
Antti Evesti, VTT Technical Research Centre of Finland (Finland)
PROGRAM COMMITTEE (will be extended)
Jennifer Bayuk, Stevens Institute of Technology, USA
Marijke Coetzee, University of Johannesburg, South Africa
Carmen Fernandez, University of Malaga, Spain
Tapio Frantti, University of Oulu, Finland
Jerry den Hartog, Eindhoven Technical University, Netherlands
Marina Krotofil, Hamburg University of Technology, Germany
Martti Lehto, University of Jyväskylä
Fabio Martinelli, Institute of Informatics and Telematics, Italy
Mohammad Mozumdar, California State University, Long Beach, USA
Josef Noll, University of Oslo, Norway
Eila Ovaska, VTT Technical Research Centre of Finland, Finland
Ebenezer Paintsil, Point, Norway
Stefan Poslad, Queen Mary University of London, UK
Juha Röning, University of Oulu, Finland
Pekka Savolainen, VTT Technical Research Centre of Finland, Finland
Riccardo Scandariato, Katholieke Universiteit Leuven, Belgium
Einar Snekkenes, Gjøvik University College, Norway
Denis Treck, University of Ljubljana, Slovenia
ORGANISING PROJECTS
ASSET (asset.nr.no)
SASER-SIEGFRIED