Call for papers

Scope and topics

The advancement in information and communication technology has revolutionized social and economic systems. The governement, as well as commercial and non-profit organizations, rely heavily on information to conduct their business.

Aside from the significant benefits of information and computing systems, their increasing connectivity, criticality, and comprehensiveness present new challenges for cybersecurity professionals. Information and services that are compromised in terms of confidentiality, integrity, availability, accountability, and authenticity can harm an organization's operations, so this information and data need to be protected. For this reason, it has become a crucial task for security researchers and practitioners to manage the security risks by mitigating the potential vulnerabilities and threats with new techniques and methodologies, thus ensuring the acceptable security assurance of an information and computing system, so the stakeholders can have greater confidence that the system works as intended or claimed. Security assurance can be defined as the cofidence that a system meets its security requirements and is resilient against security vulnerabilities and failures. According to NIST, security assurance is a measure of confidence that the security features, practices, procedures, and architecture of an information system accurately mediates and enforces the security policy.

Who is SecAssure for? 

SecAssure aims to bring together researchers from academia, and practitioners from industry and government bodies on a forum to meet and exchange ideas on recent research and furture directions for security assurance.

Techincal topics

The techical topics of interest to the workshop include, but are not limited to:

Security Assurance Approaches

• Security, trust, and privacy metrics
• Formal methods
• Threat Modelling
• Security Testing
• Security Assurance Trade-off analysis
• Re-assurance Methods
• Quantitative Methods
• Runtime Security Assurance
• Evolutionary techniques
• Security Assurance Tools
• Security Protocols
• Security education and training
• Vulnerability, threat, and risk analysis

Model-based Techniques for Security Assurance

• Model-based Security Assurance Framework
• Modelling Secure Architecture
• Adaptive Security Assurance Modelling
• Cyber Attack Defence Modelling
• Security Vulnerability Modelling
• Machine Learning and AI enabled Security of Systems

Security Requirements Engineering

• Security Requirements Identification
• Security Requirements Elicitation
• Security Requirements Specification
• Security Requirements Tracing
• Security Requirements Modelling
• Security Requirements Prioritization
• Security Requirements Aggregation

Security Assurance Metrics

• Security Metrics Specification
• Security Metrics Development
• Security Metrics Modelling
• Security Metrics Aggregation Techniques

Applications

• IoT Security
• Cloud/Fog Security
• 5G and Software-Defined Networks
• Critical-Infrastructure Security
• Security Assurance in Access Control
• Networking and communication security
• Big data security
• Biometrics Authentication 

• Submissions are to be made to the submission website in pdf. format. At least one author of each accepted paper is required to register and present their work at the workshop; otherwise, the paper will not be included in the proceedings.
• Submitted papers must not substantially overlap with papers that have been published or that have been simultaneously submitted to a journal or a conference with proceedings. Submissioins should be at most 20 pages long (full paper) or 10 pages (short paper), including the bibliography and appendices, and should follow the LNCS style. 
• Pre-proceedings will be made available at the workshop. Accepted conference papers are planned to be published by Springer in the LNCS collection.

If you have any question, please contact us at: secassure2023@easychair.org