Examples of topics that are in scope include: development libraries, tools, or processes to produce systems resilient to certain attacks; formal foundations that underpin a language, tool, or testing strategy that improves security; techniques that drastically improve the scalability of security solutions for practical deployment; and experience, designs, or applications showing how to apply cryptographic techniques effectively to secure systems.
We solicit research papers, position papers, systematization of knowledge papers, and “best practice” papers. All submissions should present novel results, provide novel perspectives and insights, or present new evidence about existing insights or techniques.
SecDev also seeks hands-on and interactive tutorials on processes, frameworks, languages, and tools for building security in. The goal is to share knowledge on the art and science of secure systems development.
(SecDev also seeks posters and tool demos, and abstracts from practitioners to share their practical experiences and challenges in security development. Information on these solicitations are available on the SecDev website https://secdev.ieee.org/.)
- Security-focused system designs (HW/SW/architecture)
- Tools and methodology for secure code development
- Risk management and testing strategies to improve security
- Security engineering processes, from requirements to maintenance
- Programming languages, development tools, and ecosystems supporting security
- Static program analysis for software security
- Dynamic analysis and runtime approaches for software security
- Automation of programming, deployment, and maintenance tasks for security
- Distributed systems design and implementation for security
- Privacy by design
- Human-centered design for systems security
- Formal verification and other high-assurance methods for security
- Code reviews, red teams, and other human-centered assurance
The website for submissions is https://hotcrp.ctisl.gtri.gatech.edu/.
Submissions must use the two-column IEEE Proceedings style: https://www.ieee.org/conferences/publishing/templates.html.
Submissions must be one of two categories:
- Papers , up to 12 pages, excluding references and well-marked appendices. These must be well-argued and worthy of publication and citation, on the topics above. Research papers must present new work , evidence, or ideas. Position papers with exceptional visions will also be considered. Also welcome are systematization of knowledge papers and “best practice” papers, which should provide an integration and clarification of ideas on an established, major research area, support or challenge long-held beliefs in such an area with compelling evidence, or present a convincing, comprehensive new taxonomy of some aspect of secure development.Authors of accepted papers will present their work at the conference (likely in a 30-minute slot) and their papers will appear in the conference’s formal IEEE proceedings.To improve the fairness of the reviewing process, SecDev will follow a light-weight double-blind reviewingprocess. Submitted papers must (a) omit any reference to the authors’ names or the names of their institutions, and (b) reference the authors’ own related work in the third person (e.g., not “We build on our previous work …” but rather “We build on the work of …”). Nothing should be done in the name of anonymity that weakens the submission or makes the job of reviewing the paper more difficult (e.g., important background references should not be omitted or anonymized). Please see the double-blind FAQ for the answers to many common concerns about SecDev’s double-blind reviewing process. When in doubt, contact the program chairs.
- Tutorial proposals . Tutorials should aim to be either 90 minutes or 180 minutes long. We strongly encourage tutorials to have hands-on components and audience interactions. We do not recommend simply slide presentations. Tutorial proposals should be 2 pages and cover (a) the topic; (b) a summary of the tutorial format highlighting hands-on aspects and possibly pointers to relevant materials; (c) the expected audience and expected learning outcomes; (d) prior tutorials or talks on similar topics by the authors (and audience size), if any. Accepted tutorials may provide an abstract that will appear in the conference’s formal IEEE proceedings. Tutorials will occur on the first day of the conference (Wednesday September 25). Note that if an accepted tutorial requires special materials or environments for the hands-on participation, we expect the authors to provide necessary preparation instructions for the attendees.Tutorial proposals do not need to be anonymized.
At least one author of each accepted paper and tutorial must attend the conference and present the paper/tutorial. In the event of difficulty in obtaining visas for travel, exceptions can be made and will be discussed on a case-by-case basis.
We are devoted to seeking broad representation in the program, and may take this into account when reviewing multiple submissions from the same authors.
If you have any questions , please email firstname.lastname@example.org.