MeSSa 2015 - 3rd International Workshop on Measurability of Security in Software Architectures

Security-related incidents are increasing, and at the same time the society is based more and more on reliability of cyber-physical systems. Systematic approaches to measure security and to build security in are thus needed in order to build secure software systems and to offer security evidence for software architects, decision makers and end-users. Security measuring from software architectures is required to produce sufficient evidence of security level as early as in the design phase. Consequently, design-time security measuring supports "security by design" approach. In addition, software architectures have to support runtime security measuring to obtain up-to-date security information from online software systems. Runtime security measuring is exploited in situation-awareness and self-adaptive security, such as security of IoT in eHealth. Security metrics for adaptation should also support evaluation and validation of runtime security adaptation. The area of security metrics and security assurance metrics research is evolving, but still lacks widely accepted definitions of metrics and applicable measuring techniques for design-time and runtime security monitoring.
The workshop will provide a forum for dissemination, demonstration and discussion of original scientific and experimental results of security measurement topics. MeSSa 2015 solicits contributions on the following issues (but not limited to):
Security, trust and privacy metrics
Security assurance metrics
Security, trust and privacy measurement systems and associated data gathering
Security measuring from software architectures and measurability-increasing mechanisms
Metrics for self-adaptive security
Taxonomies and ontologies on security metrics
Trade-off analysis and decision-making
Adaptive metrics approach for measuring risks, threats, operational activities, and the effectiveness of data protection
Metrics for evaluation and validation of security adaptation
Evolutionary techniques for developing adaptive security metrics
Adaptive metric for measuring security level of a real-time system
Visualizing security metrics
Methods for analyzing sensitivity and assessing uncertainty in adaptive security
Techniques for integrating data analytics to support security decision-making and adaptive control
Optimization and security challenges in IoT-based architectures for eHealth
Cognitive security capabilities of IoT-based architectures for eHealth
Evaluation of adaptive security and privacy solutions
Real-time anomaly detection in communication networks
Innovative visualization methods for detection of attacks in networks
Security functionality in network management systems to assist administrators/operators
SDN-based methods for security monitoring and assurance
Security issues of SDN-based network control software
Security assurance for third party control applications in SDN
IMPORTANT DATES
Submission of papers: May 22, 2015
Author notification: June 5, 2015
Submission of camera-ready paper: June 22, 2015