posted by user: Mallouli || 2086 views || tracked by 4 users: [display]

SECTEST 2012 : The Third International Workshop on Security Testing


When Apr 21, 2012 - Apr 21, 2012
Where Montreal, Quebec, Canada
Submission Deadline Jan 30, 2012
Notification Due Feb 25, 2012
Final Version Due Mar 15, 2012

Call For Papers

Important dates
Papers due: January 30, 2012
Notification: February 25, 2012
Camera-ready due: March 15, 2012

Background, aim and scope

To improve software security, several techniques, including vulnerability modelling and security testing, have been developed but the problem remains unsolved. On one hand, the workshop tries to answer how vulnerability modelling can help users understand the occurrence of vulnerabilities so to avoid them, and what the advantages and drawbacks of the existing models are to represent vulnerabilities. At the same time, the workshop tries to understand how to solve the challenging security testing problem given that testing the mere functionality of a system alone is already a fundamentally critical task, how security testing is different from and related to classical functional testing, and how to assess the quality of security testing. The objective of this workshop is to share ideas, methods, techniques, and tools about vulnerability modelling and security testing to improve the state of the art.

In particular, the workshop aims at providing a forum for practitioners and researchers to exchange ideas, perspectives on problems, and solutions. Both papers proposing novel models, methods, and algorithms and reporting experiences applying existing methods on case studies and industrial examples are welcomed. The topics of interest include, but are not restricted to:

network security testing
application security testing
security requirements definition and modelling
security and vulnerability modelling
runtime monitoring of security-relevant applications
security testing of legacy systems
cost effectiveness issues
comparisons between security-by-design and formal analyses
formal techniques for security testing and validation
security test generation and oracle derivation
specifying testable security constraints
test automation
penetration testing
regression testing for security
robustness and fault tolerance to attacks
test-driven diagnosis of security weaknesses
process and models for designing and testing secure system
when to perform security analysis and testing
"white box" security testing techniques
compile time fault detection and program verification
tools and case studies
industrial experience reports

This workshop is a follow-up and combination of the First International Workshop on Security Testing (SECTEST 2008) and the First International Workshop on Modelling and Detection of Vulnerabilities (MDV 2010), as well as the Second International Workshop on Security Testing (SECTEST 2011).

We solicit both full papers (8 pages) and short papers (2 pages) in IEEE two-column format. We also solicit demonstrations of security testing tools (2 pages).
All submissions will be peer-reviewed. Authors of accepted papers must guarantee that their paper will be presented at the workshop.

Authors are invited to submit their papers electronically, as portable document format (pdf) or postscript (ps); please, do not send files formatted for work processing packages (e.g., Microsoft Word or Wordperfect files). The only mechanism for paper submissions is via the electronic submission web-site powered by EasyChair (;conf=sectest2012).

The proceedings will be published in the IEEE digital library.
Invited Talks

Participation to the workshop will be open to anybody willing to register.

Program Committee

Keqin Li (SAP Research, France; co-chair)
Wissam Mallouli (Montimage, France; co-chair)
Luca Viganò (Università di Verona, Italy; co-chair)
more tba

Steering Committee

Alessandro Armando (University of Genova, Italy)
Ana Cavalli (Telecom SudParis, France)
Jorge Cuellar (Siemens, Germany)
Alexander Pretschner (KIT, Germany)
Yves Le Traon (University of Luxembourg, Luxembourg)

Additional Information

The workshop is supported by the projects Diamonds and SPaCIoS.

Related Resources

NISecurity 2023   2023 International Conference on Network and Information Security (NISecurity 2023)
CSW 2023   2023 International Workshop on Cyber Security (CSW 2023)
CEVVE 2023   2023 International Conference on Electric Vehicle and Vehicle Engineering (CEVVE 2023)
USENIX Security 2024   The 33rd USENIX Security Symposium (Winter)
blockchain_ml_iot 2023   Network (MDPI) Special Issue - Blockchain and Machine Learning for IoT: Security and Privacy Challenges
SECITC 2023   16th International Conference on Security for Information Technology and Communications
USENIX Security 2024   The 33rd USENIX Security Symposium (Fall)
SOEN 2023   8th International Conference on Software Engineering 2023   IEEE AITEST 2022 : THE 5TH IEEE INTERNATIONAL CONFERENCE ON ARTIFICIAL INTELLIGENCE TESTING