The First International Workshop on Agile Secure Software Development
to be held in conjunction with the 10th International Conference on Availability, Reliability and Security
(ARES 2015 – http://www.ares-conference.eu)
August 24-28, 2015
Université Paul Sabatier
Toulouse, France
Most organizations use the agile software development methods, such as Scrum and XP for developing their software. Agile software development methods are not well aligned with the traditional security-related development activities that were developed with waterfall in mind; they allow change of requirements, prefer frequent deliveries, use lightweight documentation, and their practices do not include security engineering activities. These characteristics limit their use for developing secure software. For instance, they do not consider conflicting security requirements that emerge in different iterations.
The goal of the workshop is to bring together security and software development researchers to share their finding, experiences, and positions about developing secure software using the agile methods. The workshop aims to encourage the use of scientific methods to investigate the challenges related to the use of the agile approach to develop secure software. It aims also to increase the communication between security researchers and software development researchers to enable the development of techniques and best practices for developing secure software using the agile methods.
Topics of interest comprise but are not limited to:
| Challenges for agile development of secure Software Processes for agile development of secure software Incremental development of cyber-physical Systems Secure software development training and education Tools supporting incremental secure software development |
Usability of agile secure software development Security awareness for software developers Security metrics for agile development Security and robustness testing in agile development |
Important Dates
| Submission Deadline | |
| Author Notification | May 22, 2015 |
| Proceedings Version | June 15, 2015 |
| Conference | August 24-28, 2015 |
Workshop Chairs
Juha Röning
University of Oulu
juha[.]roning[at]oulu.fi
Lotfi ben Othmane
Fraunhofer SIT, Germany
lotfi[.]ben[.]othmane[at]sit.fraunhofer.de
Program Committee
Benjamin Aziz, University of Portsmouth, UK
Bharat Bhargava, Purdue University, USA
Eric Bodden, TU Darmstadt, Germany
Mark van den Brand, The Eindhoven University of Technology, The Netherlands
Brian Fitzgerald, Lero, Ireland
Martin Gilje Jaatun, SINTEF ICT, Trondheim, Norway
Andrey Hoursanov, SAP AG, Germany
Igor Kotenko, Russian Academy of Sciences, Russia
Lotfi ben Othmane, Fraunhofer SIT, Germany
Andreas Poller, Fraunhofer SIT, Germany
Juha Röning, University of Oulu, Finland
Daniela Soares Cruzes, SINTEF ICT, Trondheim, Norway
Klaas-Jan Stol, Lero, Ireland
Sven Türpe, Fraunhofer SIT, Germany
Antti Vähä-Sipilä, Senior Manager, Software Security, F-Secure
Michael Waidner, Fraunhofer SIT, Germany
Mohammad Zulkernine, Queen’s University, Canada
Submission
The proceedings of ARES (including workshops) have been published by Conference Publishing Services (CPS). The submission guidelines valid for the ASSD workshop are the same as for the ARES conference. They can be found >>here<<.
Authors of selected papers that are accepted by and presented at the workshop will be invited to submit an extended version to a special issue of the International Journal of Secure Software Engineering (IJSSE). For more information please visit https://www.sit.fraunhofer.de/ijsse/.
Leave a reply