CLOSED: Call for Papers: Special Issue on Secure Software Before Code/ing

Important Dates

• Submission Deadline: 17 June 2024
• Publication: January/February 2025

The security of software systems is a growing societal concern, and software engineers are routinely called upon to "do more" to ensure that the software they write is secure.  However, despite the existence of many processes and tools, including programming languages, testing and analysis techniques, the number of technical breaches remains challenging. 

This special issue of IEEE Security & Privacy will examine how software is secured through the fundamental engineering activities that precede the production, testing, and analysis of code. It will focus on early secure software development such as requirements engineering, architecture, and design.  We interpret security broadly to include security, privacy, and forensics and from a socio-technical perspective, in which the concern is collectively addressed by software engineering professionals, their companies, and clients.   

We invite submissions that extend and challenge current understanding about how to facilitate the production of secure software before code is written. Suggested topics include, but are not limited to: 

Software Requirements 

• Frameworks and models for eliciting and representing security requirements 
• Analytical techniques for managing requirements trade-offs  
• Tools and techniques for validating security requirements 
• Analytical models of assets and threats 
• Process models for security policy, auditing, and compliance  

Software Architecture and Design 

• Techniques for secure interaction design  
• Techniques for constructing and selecting secure software architectures 
• Patterns for attack-resilient  software architecture and design 
• Process models for creating secure architectures and designs 
• Methods for verification and evaluation of secure architectures and designs 

Studies of Software Development 

• Studies of security cultures in software development environments 
• Examinations of the security behaviour of software engineers and other stakeholders, including: 

• malice and adversaries 
• shadow practices 
• commitment, motivation, and intent 

The guest editors welcome queries from prospective authors to discuss their potential submissions before the deadline. 

Submission Guidelines

For author information and submission criteria for full-papers, please visit the Author Information page. As stated there, full papers should be 4900 – 7200 words in length, with a maximum of 15 references. Please submit full papers through the ScholarOne system, and be sure to select the special-issue name. Manuscripts should not be published or currently submitted for publication elsewhere.

Questions?

Contact the guest editors at sp1-25@computer.org.

• Prof. Dr. Eric Bodden, Paderborn University and Fraunhofer IEM, Germany  
• Dr. Tamara Lopez, The Open University, UK 
• Prof. Bashar Nuseibeh, Lero, Ireland, and The Open University, UK