London software testing news UK

1st IEEE International Workshop on Security Testing

Posted in Acceptance testing by testing in London on January 19, 2008

EXTENDED DEADLINE – Friday, January 25th

Collocated with the International Conference on Software Testing Lillehammer, Norway, April 9-11, 2008

Testing is an activity that aims at both demonstrating discrepancies between a system’s actual and intended behaviors and increasing the confidence that there is no such discrepancy. The security of a system classically relates to the confidentiality and integrity of data as well as the availability of systems and the non-repudiation of transactions.

Because confidentiality and integrity can be compromised in many different ways, because availability and non-repudiation guarantees are tremendously difficult to give, and because testing the mere functionality of a system alone is a fundamentally critical task, testing security properties is a real challenge, both from an academic and a practical point of view.

The goal of this workshop on security testing is to provide a forum for practitioners and researchers to exchange ideas, perspectives on problems, and solutions. We solicit both full (8 pages) and short (2 pages; both in the IEEE two-column format provided at
submissions in the following non-exclusive areas:

  • network security testing
  • application security testing
  • testing access control requirements
  • security requirements
  • runtime monitoring of security-relevant applications
  • security testing of legacy systems
  • stopping criteria for security testing
  • cost effectiveness issues
  • comparisons with security-by-design and formal analyses
  • adapting classical testing techniques to security
  • security test generation and oracle derivation
  • specifying testable security constraints
  • test automation
  • penetration testing
  • regression testing for security
  • robustness and fault tolerance to attacks
  • test-driven diagnosis of security weaknesses
  • process and models for designing and testing secure system
  • tools and case studies
  • industrial experience reports
  • when to perform security analysis and testing
  • white box security testing techniques
  • compile time fault detection and program verification

We encourage authors of technical and position papers as well as experience reports to submit their work in pdf format via the easychair system at Submissions must not be submitted elsewhere, and authors of technical papers are asked to precisely state the problem they are solving. Accepted papers will be published in the IEEE digital library. One author of each paper must agree to attend the workshop that is collocated with ICST in Lillehammer, Norway.

Important Dates:
Submissions due : January 25th, 2008
Reviews back: March 2nd, 2008
Camera-ready copies: March 10th, 2008
Workshop: TBA (around April 10th, 2008)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: