Previous Editions

SecSE 2019

Oxford, UK, 3-4 June 2019

In conjunction with Cyber Security 2019.

SecSE 2018

Porto, Portugal, 25 May 2018

In conjunction with XP 2018.

SecSE 2017

Oslo, Norway, 11-15 September 2017

In conjunction with ESORICS 2017, European Symposium on Research in Computer Security.

Proceedings available here: http://ceur-ws.org/Vol-1977/

For 7 years we organized the International Workshop on Secure Software Enginering (SecSE) as part of the ARES conference.

SecSE 2013

Regensburg, Germany, September 3, 2013

In conjunction with ARES 2013, International Conference on Availability, Reliability and Security

SecSE 2012

The sixth international workshop on secure software engineering (SecSE'12) was held in Prague, Czech Republic on August 21st 2012. The presented papers are available in the ARES'12 proceedings.

  1. Representing Threats in BPMN 2.0
    Per Håkon Meland and Erlend Andreas Gjære
  2. Type classification against Fault Enabled Mutant in Java based Smart Card
    Jean Dubreuil, Guillaume Bouffard, Jean-Louis Lanet and Julien Iguchi-Cartigny
  3. Towards Concurrent Data Sampling using GPU Coprocessing
    Mark M. Seeger and Stephen D. Wolthusen
  4. A Taxonomy of Time and State Attacks and Defenses
    Horia Corcalciuc
  5. Comparing Privacy Requirements Engineering Approaches
    Kristian Beckers
  6. A Comparative Study of Security Pattern Classifications
    Aleem Alvi and Mohammad Zulkernine

SecSE 2011

The fifth international workshop on secure software engineering (SecSE'11) was held in Vienna, Austria on August 23-24 2011. The presented papers are available in the ARES'11 proceedings.

  1. Security Evaluation of Service-oriented Systems with an Extensible Knowledge Base (Presentation)
    Christian Jung, Manuel Rudolph and Reinhard Schwarz

  2. Security in Model Driven Development: A Survey (Presentation)
    Jostein Jensen and Martin Gilje Jaatun

  3. Characterising and Analysing Security Requirements Modelling Initiatives (Presentation)
    Peter Karpati, Guttorm Sindre and Andreas L. Opdahl

  4. User-Centered Information Security Policy Development in a Post-Stuxnet World
    Shamal Faily and Ivan Flechais
  5. Here's Johnny: a Methodology for Developing Attacker Personas (Presentation)
    Andrea Atzeni, Cesare Cameroni, Shamal Faily, John Lyle and Ivan Flechais
  6. Enhancing Fuzzing Technique for OKL4 Syscalls Testing
    Amaury Gauthier, Clément Mazin, Julien Iguchi-Cartigny and Jean-Louis Lanet
  7. Optimising CAPTCHA Generation
    Suliman Alsuhibany and Aad van Moorsel
  8. Evaluating RBAC Supported Techniques and their Validation and Verification
    Nafees Qamar, Yves Ledru and Akram Idani
  9. The Java SPI Framework for Security Protocol Implementation
    Matteo Avalle, Alfredo Pironti, Davide Pozza and Riccardo Sisto

SecSE 2010

The fourth international workshop on secure software engineering (SecSE'10) was held in Krakow, Poland, on February 16th 2010. The presented papers are available in the ARES'10 proceedings.

  1. Investigating the Limitations of Java Annotations for Input Validation
    Federico Mancini, Dag Hovland and Khalid Mughal
  2. Practical Experience Gained from Modeling Security Goals: Using SGITs in an Industrial Project
    Christian Jung, Frank Elberzhager, Alessandra Bagnato and Fabio Raiteri
  3. Security Modeling and Tool Support Advantages
    Egilv Trygve Baadshaug, Gencer Erdogan and Per Håkon Meland
  4. Supporting Authorization Policy Modification in Agile Development of Web Applications
    Steffen Bartsch
  5. The Road to Hell is Paved with Good Intentions: A Story of (In)secure Software Development
    Richard Sasson, Martin Gilje Jaatun and Jostein Jensen
  6. Classification of Buffer Overflow Vulnerability Monitors
    Hossain Shahriar and Mohammad Zulkernine
  7. Katana: A Hot Patching Framework for ELF Executables
    Ashwin Ramaswamy, Sergey Bratus, Sean W. Smith and Michael E. Locasto
  8. Analysing and Visualising Security and Usability in IRIS
    Shamal Faily and Ivan Flechais
  9. Configuration Fuzzing for Software Vulnerability Detection
    Huning Dai, Christian Murphy and Gail Kaiser
  10. Security and Performance Aspects of an Agent-Based Link-Layer Vulnerability Discovery Mechanism
    Ziyad Al-Salloum and Stephen Wolthusen

SecSE 2009

The third international workshop on secure software engineering (SecSE'09) was held in Fukuoka, Japan, March 16th-19th 2009. The presented papers are available in the ARES'09 proceedings.

  1. Protecting Global and Static Variables from Buffer Overflow Attacks
    Yves Younan, Frank Piessens and, Wouter Joosen
  2. Static Code Analysis to Detect Software Security Vulnerabilities - Does Experience Matter?
    Dejan Baca, Kai Petersen, Bengt Carlsson and Lars Lundberg
  3. hACMEgame: A Tool for Teaching Software Security
    Øyvind Nerbråten and Lillian Røstad
  4. Towards Evaluation of Security Assurance during the Software Development Lifecycle
    Ilkka Uusitalo, Kaarina Karppinen, Pasi Ahonen and Heimo Pentikäinen
  5. An architectural foundation for security model sharing and reuse
    Per Håkon Meland, Shanai Ardi, Jostein Jensen, Erkuden Rios, Txus Sanchez, Nahid Shahmehri and Inger Anne Tøndel
  6. A Knowledge Management Approach to Support a Secure Software Development
    Francisco Nunes and Adriano Albuquerque
  7. A Practical Framework for The Dataflow Pointcut in AspectJ
    Amine Boukhtouta and Dima Alhadidi
  8. SecureMDD: A Model-Driven Development Method for Secure Smart Card Applications
    Nina Moebius, Kurt Stenzel, Holger Grandy and Wolfgang Reif
  9. Linking Privacy Solutions to Developer Goals
    Kim Wuyts, Riccardo Scandariato, Bart De Decker and Wouter Joosen
  10. Software Inspections Using Guided Checklists to Ensure Security Goals
    Frank Elberzhager, Alexander Klaus and Marek Jawurek

SecSE 2008

The second international workshop on secure software engineering (SecSE'08) was held in Barcelona, Spain, in March 2008. The presented papers are available in the ARES'08 proceedings.

  1. Security Requirement Engineering at a Telecom Provider
    Albin Zuccato, Viktor Endersz and Nils Daniels
  2. Identifying Security Aspects in Early Development Stages (Presentation)
    Takao Okubo and Hidehiko Tanaka
  3. Using Security Patterns to Combine Security Metrics (Presentation)
    Thomas Heyman, Riccardo Scandariato, Christophe Huygens and Wouter Joosen
  4. Covering Your Assets in Software Engineering (Presentation)
    Martin Gilje Jaatun and Inger Anne Tøndel
  5. Secure Software Design in Practice (Presentation)
    Per Håkon Meland and Jostein Jensen
  6. A Non-Intrusive Approach to Enhance Legacy Embedded Control Systems with Cyber Protection Features
    Shangping Ren and Kevin Kwiat
  7. Towards Incorporating Discrete-Event Systems in Secure Software Development
    Sarah Whittaker, Mohammad Zulkernine and Karen Rudie
  8. How to Open a File and Not Get Hacked (Presentation)
    James Kupsch and Barton Miller
  9. Rules of Thumb for Developing Secure Software: Analyzing and Consolidating Two Proposed Sets of Rules
    Holger Peine

SecSE 2007

The first international workshop on secure software engineering (SecSE'07) was held in Vienna, Austria, in April 2007. The presented papers are available in the ARES'07 proceedings.

  1. Using Privacy Process Patterns for Incorporating Privacy Requirements into the System Design Process
    Christos Kalloniatis, Evangelia Kavakli and Stefanos Gritzalis
  2. How can the Developer Benefit from Security Modeling?
    Shanai Ardi, David Byers, Per Håkon Meland, Inger Anne Tøndel and Nahid Shahmehri
  3. AProSec: an Aspect for Programming Secure Web Applications
    Laurence Duchien, Roberto Gomez, Gabriel Hermosillo and Lionel Seinturier
  4. Empirical and Statistical Analysis of Risk Analysis-Driven Techniques for Threat Management
    Koen Buyens, Bart De Win and Wouter Joosen
  5. Secure Software Development through Coding Conventions and Frameworks
    Takao Okubo and Hidehiko Tanaka
  6. Pastures: Towards Usable Security Policy Engineering
    Sergey Bratus, Doug McIlroy, Alex Ferguson and Sean Smith
  7. A Novel Approach to Building Secure Systems
    Dragan Vidakovic and Dejan Simic