The growing complexity of service-centric systems has increased the need for pertinent and reliable software security and trusted system solutions. Systematic approaches to measuring security in software architectures are needed in order to obtain sufficient and credible proactive evidence of the security level or performance of a system, service or product. The systematic definition of security metrics and security assurance metrics is a young field that still lacks widely accepted definitions of metrics and applicable measuring techniques for design-time and run-time security monitoring.
The workshop will provide a forum for dissemination, demonstration and discussion of original scientific and experimental results of security measurement topics.
MeSSa 2010 solicits contributions on the following issues (but not limited to):
- Security, trust and privacy metrics
- Security assurance metrics
- Security, trust and privacy measurement systems and associated data gathering
- Metrics for adaptive security systems
- Taxonomical and ontological research on security metrics
- Experimental results from security measurements
- Security measurability-increasing mechanisms for software architectures
- The relationship and differences between security metrics and security assurance metrics
- Tradeoff analysis and decision-making at design-time and at run-time
The workshop paper will be published in a second volume of the ECSA 2010 conference proceedings with an ISBN number and through ACM digital library (approval pending). At least one author of all accepted papers must present the paper at the workshop.
- Submission of papers: May 17, 2010
- Author notification: June 7, 2010
- Submission of camera-ready paper: July 1, 2010