SecSE 2012 - Sixth International Workshop on Secure Software Engineering

Software security is about protecting information and ensuring that systems continue to function correctly even when under malicious attack. The traditional approach of securing a system has been to create defensive walls such as intrusion detection systems and firewalls around it, but there are always cracks in these walls, and thus such measures are no longer sufficient by themselves. We need to be able to build better, more robust and more “inherently secure” systems, and we should strive to achieve these qualities in all software systems, not just in the ones that “obviously” need special protection. This workshop will focus on techniques, experiences and lessons learned for engineering secure and dependable software.

Suggested topics include, but are not limited to:
Secure architecture and design
Security in agile software development
Aspect-oriented software development for secure software
Security requirements
Risk management in software projects
Secure implementation
Secure deployment
Testing for security
Quantitative measurement of security properties
Static and dynamic analysis for security
Verification and assurance techniques for security properties
Security and usability
Design and deployment of secure services
Secure composition and adaptation of services
Teaching secure software development
Lessons learned
Experience reports on successfully attuning developers to secure software engineering