The 2nd International Workshop on Designing and Measuring Security in Software Architectures

(DeMeSSA)


@ECSA 2022, Monday 19 September 2022, Prague, Czech Republic

Topics of Interest

DeMeSSA 2022 calls for submissions in the following topics (including but not limited to):

  • Model-based techniques for secure software architectures: Secure Architecture Modeling; Threat Modeling; Defense Modeling; Adaptive Security Modeling; Model-based Security Frameworks; *new* Model-based security analyses of infrastructure-as-code

  • Security architecture techniques: Model-based Security Risk Assessment, Security-Driven Architecture; Design Patterns Driven Security; Security strategic decision-making at the architectural phase; Enforcing Security from Architectural Designs to Implementation Artefacts

  • Metrics and measurement approaches: Security, trust and privacy metrics; Measurement systems and associated data gathering; Measurability-increasing mechanisms for software architectures; Security trade-off analysis; Assurance and re-assurance methods; Runtime security measurements; Evolutionary techniques; *new* Security analyses of infrastructure-as-code

  • Metrics applications: Adaptive and cognitive security; Artificial Intelligence security; Cloud security solutions; Internet of Things security; Situational awareness and threat intelligence; Architecture-based self-protecting systems; 5G and Software Defined Networks; Forensics and data analytics; Visualization approaches for security measurements; Empirical case studies and experimental results from security measurements

  • Security by Architectural Design in Different Kinds of Systems: Critical Systems, Cyber-Physical Systems, Systems of Systems, Cloud Computing, Internet of Things, Service-Oriented Systems

  • Relation of Security with other Extra-Functional Properties: Safety & Security by Architectural Design; Dependability & Security by Architectural Design; Reliability & Security by Architectural Design; Interdependencies and Trade-offs at Architectural Design

  • *new* Diversity and Human Aspects of Securing Software Architectures: empirical protocols for measuring diversity (eg gender, race, seniority, background) bias in current practices and approaches, controlled experiments, descriptive studies, qualitative and quantitative surveys and interviews, industrial case studies, reporting evidence (or lack thereof) diversity bias vis-a-vis quality of analysis outcomes (performed by human analysts)

  • Future Perspectives, Challenges and Roadmaps on Security by Architectural Design.