SECUTE2024: 1st International Workshop on Security Testing for Complex Software Systems Salerno, Italy, June 21, 2024 |
Conference website | https://secute-ws.github.io/ |
Submission link | https://easychair.org/conferences/?conf=secute2024 |
Submission deadline | March 8, 2024 |
The 1st edition of the Security Testing for Complex Software Systems (SECUTE) workshop aims to provide a forum for researchers and practitioners to present and discuss empirical research on security testing.
Topics
We expect that the workshop will help to:
- Providing researchers with a comprehensive understanding of the current state of security testing practices.
- Defining key terms, challenges, and opportunities in the field.
- Analyzing case studies to understand the experience of software engineers working with security testing.
- Encouraging participants to share their experiences and insights regarding challenges faced in dealing with security in real-world complex systems.
- Developing a roadmap for future research directions on the matter.
Topics of interest include, but are not limited to, the following:
- Studies on the effectiveness of security testing in complex architectures and systems, e.g., AI-enabled, cyber-physical, IoT, and Virtual Reality systems.
- Adoption of security testing in non-source artifacts, like Infrastructure-as-Code scripts.
- Empirical studies on security testing methodologies.
- Presentation of novel methods for soliciting the adoption of security testing during the development.
- Presentation of novel automated tools for security testing.
- Evolution and improvement of existing methods and techniques for security testing.
- Assessment or re-evaluation of existing automated tools for security testing.
- User studies to understand the experience of software engineers working with security testing;
- Case studies on real-world contexts where security testing practices are adopted.
- Lessons learned and challenges faced while dealing with security in real-world complex systems.
In line with the main conference call for papers, we welcome papers employing any of the following empirical methods in SE:
- Action Research.
- Benchmarking.
- Case Study.
- Case Survey.
- Data Science.
- Engineering Research (aka design as research, design science).
- Experiment with human participants.
- Grounded Theory.
- Longitudinal Study.
- Meta-science.
- Mixed Methods (also select methods that were mixed).
- Optimization Studies.
- Qualitative Survey (i.e., interview study).
- Quantitative Simulation.
- Questionnaire Survey (quantitative).
- Repository Mining.
- Systematic Literature Review.
- Mixed methods and multi-methodology.
- Replication studies.
SECUTE also welcomes studies with negative findings or non-significant results.
How to Submit
All papers must be submitted in PDF format through EasyChair and written in English.
The authors have two options for submitting their papers:
- Full research papers (max 10 pages) that describe empirical research (i.e. quantitative, qualitative, and mixed research) on topics related to security testing in complex systems and architectures. Negative results papers are welcome as long as they can support advice or lessons learned. Papers reporting replications of empirical studies are welcome as well.
- Ongoing research papers (max 5 pages) that describe ongoing research on topics related to the workshop. The purpose of these papers is to communicate new ideas in the context of security testing in complex systems for which the authors want to obtain early feedback from the workshop community, especially on the evaluation and assessment strategies. An ongoing research paper must describe the idea as well as the proposed evaluation and assessment strategy, possibly (but not necessarily) with some preliminary results.
All submissions must use the official ACM Primary Article Template as specified in the official EASE site’s call for papers
Review Criteria
All papers will be subjected to a thorough peer review, focusing on originality, quality, soundness, and relevance, each reviewed by three program committee members.
The review process will be following the same criteria of the main conference, namely:
- Soundness: The extent to which the paper’s contributions and/or innovations address its research questions and are supported by rigorous application of appropriate research methods.
- Significance: The extent to which the paper’s contributions can impact the field of software engineering and under which assumptions (if any).
- Novelty: The extent to which the contributions are sufficiently original with respect to the state-of-the-art.
- Verifiability and Transparency: The extent to which the paper includes sufficient information to understand how an innovation works; how data was obtained, analyzed, and interpreted; and how the paper supports independent verification or replication of the paper’s claimed contributions.
- Presentation: The extent to which the paper’s quality of writing meets the high standards of EASE, including clear descriptions, adequate use of the English language, absence of major ambiguity, clearly readable figures and tables, and adherence to the formatting instructions provided above.
Important Dates
Papers submission: March 8th, 2024
Papers notification: April 12th, 2024
Papers camera-ready: April 26th, 2024
Early registration deadline: May 5th, 2024
Conference Attendance Expectation
At least one author of each accepted paper must register and present the paper at SECUTE 2024 in order for the paper to be published in the proceedings.