The First International Workshop on Agile Secure Software Development

to be held in conjunction with the 10th International Conference on Availability, Reliability and Security
(ARES 2015 –

August 24-28, 2015
Université Paul Sabatier
Toulouse, France

Most organizations use the agile software development methods, such as Scrum and XP for developing their software. Agile software development methods are not well aligned with the traditional security-related development activities that were developed with waterfall in mind; they allow change of requirements, prefer frequent deliveries, use lightweight documentation, and their practices do not include security engineering activities. These characteristics limit their use for developing secure software. For instance, they do not consider conflicting security requirements that emerge in different iterations.

The goal of the workshop is to bring together security and software development researchers to share their finding, experiences, and positions about developing secure software using the agile methods. The workshop aims to encourage the use of scientific methods to investigate the challenges related to the use of the agile approach to develop secure software. It aims also to increase the communication between security researchers and software development researchers to enable the development of techniques and best practices for developing secure software using the agile methods.

Topics of interest comprise but are not limited to:
Challenges for agile development of secure Software
Processes for agile development of secure software
Incremental development of cyber-physical Systems
Secure software development training and education
Tools supporting incremental secure software development
Usability of agile secure software development
Security awareness for software developers
Security metrics for agile development
Security and robustness testing in agile development
Important Dates
Submission Deadline April 15, 2015 April 22, 2015
Author Notification May 22, 2015
Proceedings Version June 15, 2015
Conference August 24-28, 2015
Workshop Chairs

Juha Röning
University of Oulu

Lotfi ben Othmane
Fraunhofer SIT, Germany

Program Committee

Benjamin Aziz, University of Portsmouth, UK
Bharat Bhargava, Purdue University, USA
Eric Bodden, TU Darmstadt, Germany
Mark van den Brand, The Eindhoven University of Technology, The Netherlands
Brian Fitzgerald, Lero, Ireland
Martin Gilje Jaatun, SINTEF ICT, Trondheim, Norway
Andrey Hoursanov, SAP AG, Germany
Igor Kotenko, Russian Academy of Sciences, Russia
Lotfi ben Othmane, Fraunhofer SIT, Germany
Andreas Poller, Fraunhofer SIT, Germany
Juha Röning, University of Oulu, Finland
Daniela Soares Cruzes, SINTEF ICT, Trondheim, Norway
Klaas-Jan Stol, Lero, Ireland
Sven Türpe, Fraunhofer SIT, Germany
Antti Vähä-Sipilä, Senior Manager, Software Security, F-Secure
Michael Waidner, Fraunhofer SIT, Germany
Mohammad Zulkernine, Queen’s University, Canada


The proceedings of ARES (including workshops) have been published by Conference Publishing Services (CPS). The submission guidelines valid for the ASSD workshop are the same as for the ARES conference. They can be found >>here<<.

Authors of selected papers that are accepted by and presented at the workshop will be invited to submit an extended version to a special issue of the International Journal of Secure Software Engineering (IJSSE). For more information please visit


Leave a reply