The ever growing size and complexity of highly distributed software systems raises concerns in software security. Reflectively, the number of reported attacks exploiting software vulnerabilities has thus been increasing. The lack of comprehensive, cost-effective, systematic and adaptive engineering approaches to ensure software security and protect software systems poses major challenges to both industrial practitioners and researchers.

Secure software engineering has become an emerging interdisciplinary area across software engineering, programming languages, and security engineering. Secure software engineering focuses on developing secure software and understanding the security risks and managing these risks throughout the lifecycle of software. The purpose of the workshop is to bring together researchers and practitioners who work closely in this area to create a forum for reporting and discussing recent advances in improving security in software engineering and inspiring collaborations and innovations on new methods and techniques to advance software security in our practices. Researchers and practitioners worldwide are invited to present their research expertise and experience, and discuss the issues and challenges in security from software engineering perspective.

Submissions of quality papers in the following non-exhaustive list of topics are invited:

· Management of software security in industrial practice

· Security requirements and policies

· Abuse cases and threat modeling

· Architecture and design for security

· Model-based security

· Language-based security

· Malicious code prevention and code safety

· Security risk analysis

· Security taxonomy and metrics

· Testing for security

· Application security: detection and protection

· Software piracy and protection



PROGRAMME COMMITTEE

Gail-Joon Ahn, University of North Carolina, USA

Mike Burmester, Florida State University, USA

Kevin Butler, Pennsylvania State University, USA

Kai Chen, Google Inc., USA

Jason Crampton, University of London, UK

Eduardo Fernandez, Florida Atlantic University, USA

Jon Giffin, Georgia Tech University, USA

Yong Guan, Iowa State Unviersity, USA

Jan Jurjens, the Open University, GB

Aneesh Krishna, University of Wollongong, Australia

Yan Liu, Motorola Labs, USA

Nancy Mead, SEI, Carnegie Mellon University, USA

Hossein Saiedian, University of Kansas, USA

Johann Schumann, NASA Ames Research Center, USA

Jon Solworth, University of Illinois at Chicago, USA

Janos Sztipanovits, Vanderbilt University, USA

Tao Xie, North Carolina State University, USA

Mohammad Zulkernine, Queens University, Canada



IMPORTANT DATES



March 1, 2008


Workshop paper submission due

April 7, 2008


Workshop paper notification

April 30, 2008


All final manuscript and author pre-registration due



PAPER SUBMISSION

All submitted papers will be reviewed by the program committee according to originality, significance, and relevance. Papers are limited to 6 pages including all figures, tables, and references. Please follow the IEEE Computer Society Press Proceedings Author Guidelines to prepare your papers (instruct.pdf or instruct.doc and layout guide format.pdf, under ftp://pubftp.computer.org/press/outgoing/proceedings/).



PAPER PUBLICATION

Accepted papers will be published in the Workshop Proceedings of the 32nd IEEE Computer Software and Applications Conference (COMPSAC 2008). It should be noted that all IEEE COMPSAC conference proceedings are published by IEEE Computer Society Conference Publishing Services (CPS). All CPS Publications are captured in the online IEEE Digital Library, and professionally indexed through INSPEC and EI Index (Elsevier's Engineering Information Index). At least one of the authors of each accepted paper must register as a full participant of the workshop for the paper to be included in the COMPSAC 2008 Proceedings.

WORKSHOP ORGANIZATION



Michael Jiang

Motorola Labs, Motorola Inc.

Schaumburg, IL 60196, USA.



James Joshi

School of Information Sciences

University of Pittsburgh, Pittsburgh, PA 15260, USA