posted by user: brighent || 2057 views || tracked by 2 users: [display]

DevSecOpsRO 2023 : 1st Workshop on DevSecOps Research and Opportunities (DevSecOpsRO) (in conjunction with EuroS&P 2023)

FacebookTwitterLinkedInGoogle

Link: https://spritz.math.unipd.it/events/2023/devSecOpsRO/CFP.html
 
When Jul 3, 2023 - Jul 3, 2023
Where Delft, The Netherlands
Submission Deadline Mar 10, 2023
Notification Due Apr 30, 2023
Final Version Due May 15, 2023
Categories    security   software   agile development
 

Call For Papers

Dear colleagues,

We are happy to announce the 1st Workshop on DevSecOps Research and Opportunities (DevSecOpsRO) that will be held in conjunction with EuroS&P 2023 as a pre-conference workshop on July 3rd 2023.

Security should not be treated as an add-on to software products; rather, it should be deeply integrated within the whole Software Development Life-Cycle (SDLC). The need for this integration and the design of suitable methodologies to make agile software development secure are paving their way in the security community. In this context, we often refer to DevSecOps or SecDevOps when discussing security integration in agile software production. Recently, players such as NIST, Google, OWASP, and the Cloud Security Alliance proposed their frameworks for secure software development. However, this provides only an initial step towards tackling the challenges related to the security of the many and iterated steps of SDLC.
Machine learning and AI can play a crucial role in DevSecOps as they can be used to analyse large amounts of data, including network traffic and system logs, to identify potential security threats, monitor system behaviour and identify anomalies that may indicate a security breach. By using machine learning in DevSecOps, organisations can more effectively detect and respond to security threats and improve their overall security posture. Moreover, they can be used in an automated way to interweave security in existing DevOps pipelines.
Scope and topics: With this workshop, we aim to attract novel contributions to the secure SDLC to foster the creation of more conscious, robust, resilient, and advanced methodologies to prevent security issues at the different stages of the development pipeline. Topics of interest include but are not limited to:

- Methodological approaches to agile secure software development
- Security testing integration in the software supply chain
- Static and dynamic software bill of materials
- Secure software development via cloud testing
- Security as a service
- Machine learning approaches to speed up security testing
- Maturity models for secure software development
- Application of DevSecOps in different fields
- Integration of incident and response teams operations
- Artificial intelligence for software security analysis
- Tracking and handling updates along the software supply chains
- AI support to Secure Software Development
- Automated vulnerability detection
- AI & ML in fuzzing

Paper submission deadline: Mar. 10, 2023
Notification of acceptance: Apr. 30, 2023
Final papers: May 15, 2023

For additional information on paper format and submission guidelines, please visit the DevSecOpsRO website at https://spritz.math.unipd.it/events/2023/devSecOpsRO/

Looking forward to seeing you at EuroS&P 2023!

The program chairs
Alessandro Brighente, University of Padua
Mauro Conti, University of Padua
Constantinos Patsakis, University of Piraeus
Agusti Solanas, Rovira i Virgili University, & APWG.EU Spain
Qiang Tang, Luxembourg Institute of Science and Technology

Related Resources

DevSecOpsRO 2024   2nd Workshop on DevSecOps Research and Opportunities (DevSecOpsRO) (in conjunction with EuroS&P 2024)
IEEE COINS 2024   IEEE COINS 2024 - London, UK - July 29-31 - Hybrid (In-Person & Virtual)
CPAIOR 2024   International Conference on the Integration of Constraint Programming, Artificial Intelligence, and Operations Research
CSW 2024   2024 3rd International Conference on Cyber Security
ICAIR 2024   4th International Conference on AI Research (formally the European Conference on the Impact of Artificial Intelligence and Robotics)
CEVVE 2024   2024 2nd International Conference on Electric Vehicle and Vehicle Engineering (CEVVE 2024)
CIA 2024   2nd Workshop on Cyber Intelligence and Applications - In conjunction with the 24th International Conference on Computational Science and its Applications (ICCSA 2024)
CIoT 2024   6th International Conference on Internet of Things
International Conference on Health 2024   Fourteenth International Conference on Health, Wellness & Society- Health, Wellness, and Society Research Network and Malmö University, Malmö, Sweden
SMM4H 2024   The 9th Social Media Mining for Health Research and Applications Workshop and Shared Tasks — Large Language Models (LLMs) and Generalizability for Social Media NLP