Telecom Paris Tech, Paris, France, 10 April 2010
http://www.shields-project.eu/?q=node/62
In conjunction with ICST 2010
Third International Conference on Software Testing, Verification and Validation
Paris, France
(http://vps.it-sudparis.eu/icst2010/)
------------ --------- --------- --------
Organizing committee:
------------ --------- --------- --------
Alessandra Bagnato (TXT e-solutions, Corporate Research Division Italy)
Wissam Mallouli (Montimage, France)
Amel Mammar (Telecom SudParis, France)
Enquiries to the organizing committee may be sent to:
wissam.mallouli< at>montimage. com
------------ --------- --------- --------
Introduction
------------ --------- --------- --------
With the quick proliferation of complex, open and distributed systems, any software security breach becomes a real issue that needs to be fixed since these systems are often used in critical domains like transport, finance, politic, etc which makes attackers more and more motivated to cause important damages by exploiting security
vulnerabilities.
To improve the software security, several techniques have been developed but the problem remains unsolved. The objective of this workshop is to share ideas, methods, techniques, and tools that help users model and detect vulnerabilities in software. The workshop will try to bring together people from both academia and industry, from all the different areas that want to develop new techniques to model and detect vulnerabilities, to report their experience on using tools or methods to detect vulnerabilities. This workshop with try to answer the following questions:
• How vulnerability modelling can help user to understand the occurrence of vulnerabilities to avoid them?
• What are the advantages/drawback s of the existing models to represent vulnerabilities? Are they satisfactory? Otherwise, how they can be improved?
• What are the existing techniques to detect vulnerabilities? Are they
satisfactory? Otherwise, how they can be improved?
• How verification and testing techniques can help to detect and prevent vulnerabilities?
• How tools can help developers to detect vulnerabilities and improve the software quality?
------------ --------- --------- --------
Topics
------------ --------- --------- --------
The workshop addresses different techniques to model and detect vulnerabilities. The topics of interest include, but are not restricted to:
• Security requirements definition and modelling
• Security goals modelling
• Security and vulnerability modelling
• Formal approaches for vulnerability detection
• Testing and verification techniques for vulnerability detection
• Formal approaches for security validation
• Theorem proving for vulnerability detection
• Good practises for security flaws avoidance
• Security related Tools (modelling, checking)
------------ --------- --------- --------
Important dates:
------------ --------- --------- --------
Paper submission: 15 January 2010
Notification of acceptance: 1 March 2010
Final manuscript due: 21 March 2010
Workshop: 10 April 2010
------------ --------- --------- --------
Submission Guidelines
------------ --------- --------- --------
Authors are invited to submit research and application papers in IEEE Computer Society Proceedings Manuscripts style (two columns, single-spaced, including figures and references, using 10 pt fonts, and number each page). Please consult the IEEE CS Author Guidelines at the following web page:
http://www2.computer.org/portal/web/cscps/formatting
The workshop is open to contributions that focus on methods and tools to modelling and detecting vulnerabilities. Industrial experience report (success story and even failed ones), progress, new methods and solutions in that context are very encouraged. In all these cases, we expect well-focused contributions to help participants understand problems, open issues, and available solutions, and also to foster rich and fruitful discussions. Papers should try to be bold and visionary, but limited to 10 pages. The emphasis should be on defining and setting problems, on technical details of proposed solutions, or on the rationale behind success stories.
Contact author must provide the following information: paper title, authors' names, affiliations, postal address, phone, fax, and e-mail address of the author(s), about 200-250 word abstract, and about five keywords.
Paper registration and submission is by email attachment (Word format) to wissam.mallouli
------------ --------- --------- --------
Proceedings
------------ --------- --------- --------
Workshop Proceedings will be published in the IEEE Digital Library with assigned ISBN.
------------ --------- --------- --------
Workshop Location:
------------ --------- --------- --------
The MDV Workshop will be held in the heart of Paris at Telecom ParisTech (http://www.telecom-paristech.fr/en/). This engineering school is situated in the south-eastern part of the French capital,
the 13th district. It is in the middle of the picturesque district of Butte-aux-Cailles and will benefit from the dynamics of the economic, academic and socio-cultural activities of left bank of the Seine River.
Please quote 10 Academic Resources Daily in your application to this opportunity!
