London software testing news UK

Call for Papers on Security Testing

Posted in security testing,Software testing by testing in London on November 22, 2007

From Eventseer

Collocated with the International Conference on Software Testing, Lillehammer, Norway, April 9-11, 2008

Testing is an activity that aims at both demonstrating discrepancies between a system’s actual and intended behaviors and increasing theconfidence that there is no such discrepancy. The security of a systemclassically relates to the confidentiality and integrity of data as well as the availability of systems and the non-repudiation of transactions.

Because confidentiality and integrity can be compromised in many different ways, because availability and non-repudiation guarantees aretremendously difficult to give, and because testing the mere functionality of a system alone is a fundamentally critical task, testing security properties is a real challenge, both from an academicand a practical point of view.

The goal of this workshop on security testing is to provide a forum forpractitioners and researchers to exchange ideas, perspectives on problems, and solutions. We solicit both full (8 pages) and short (2 pages  in the following non-exclusive areas:

  • network security testing
  • application security testing
  • testing access control requirements
  • runtime monitoring of security-relevant applications
  • security testing of legacy systems
  • stopping criteria for security testing
  • cost effectiveness issues
  • comparisons with security-by-design and formal analyses
  • adapting classical testing techniques to security
  • security test generation and oracle derivation
  • specifying testable security constraints
  • test automation
  • penetration testing
  • regression testing for security
  • robustness and fault tolerance to attacks
  • test-driven diagnosis of security weaknesses
  • process and models for designing and testing secure system
  • tools and case studies
  • industrial experience reports
  • when to perform security analysis and testing
  • white box security testing techniques
  • compile time fault detection and program verification

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: