We solicit research and experience papers on a broad range of topics relating to secure systems development. Examples of topics that are in scope include: development libraries, tools, or processes to produce systems resilient to certain attacks; formal foundations that underpin a language, tool, or testing strategy that improves security; techniques that drastically improve the scalability of security solutions for practical deployment; and experience, designs, or applications showing how to apply cryptographic techniques effectively to secure systems.
SecDev also seeks hands-on and interactive tutorials on processes, frameworks, languages, and tools for building security in. The goal is to share knowledge on the art and science of secure systems development.
SecDev also has calls for other types of contributions such as posters and tool demos, and abstracts from practitioners. Information on these solicitations are available on the SecDev website.
Areas of interest include (but are not limited to):
- Security/resiliency-focused system designs (HW/SW/architecture)
- Tools and methodology for secure code development
- Risk management and testing strategies to improve security
- Security engineering processes, from requirements to maintenance
- Security benchmarks
- Comparative experimental evaluation
- From research to practice – gaps and transitions
- Programming languages, development tools, and ecosystems supporting security
- Static program analysis for software security
- Dynamic analysis and runtime approaches for software security
- Automation of programming, deployment, and maintenance tasks for security
- Software ecosystem and software supply chain security
- Distributed systems design and implementation for security
- Privacy by design
- Human-centered design for systems security
- Formal verification and other high-assurance methods for security
- Code reviews, red teams, and other human-centered assurance