Call for Papers

Software security is about protecting information and ensuring that systems continue to function correctly even when under malicious attack. The traditional approach of securing a system has been to create defensive walls such as intrusion detection systems and firewalls around it, but there are always cracks in these walls, and thus such measures are no longer sufficient by themselves. We need to be able to build better, more robust and more “inherently secure” systems, and we should strive to achieve these qualities in all software systems, not just in the ones that “obviously” need special protection.

This workshop will focus on techniques, experiences and lessons learned for engineering secure and dependable software using the DevOps paradigm, as well as other forms of agile development.

Suggested topics include, but are not limited to:

  • Security in DevOps
  • Security aspects of software deployment
  • Security in Continuous Deployment
  • Security Architecture in Agile Development
  • Security testing in DevOps
  • Container security for DevOps
  • Security automation tools
  • Security in agile software development
  • Agile security requirements
  • Risk management in software projects
  • Agile testing for security
  • Quantitative measurement of security properties
  • Static and dynamic analysis for security
  • Verification and assurance techniques for security properties
  • Security and usability
  • Design and deployment of secure services
  • Secure composition and adaptation of services
  • Teaching secure software development
  • Experience reports on successfully attuning developers to secure software engineering
  • Industry experience talks

Important Dates

March 3rd March 10th (extended!), 2018 Submission Deadline
April 6th, 2018 Author Notification
April 15th, 2018 Author Registration
May 25, 2018 Workshop

Submission Guidelines

Papers can be up to 8 pages long in the ACM conference template. If you need more space, save it for the journal version!

Paper submission is done through the EasyChair system.

Submitted papers will be carefully evaluated based on originality, significance, technical soundness and clarity of exposition.

Duplicate submissions are not allowed. A submission is considered to be a duplicate submission if it is submitted to other conferences/workshops/journals or if it has been already accepted to be published in other conferences/workshops/journals. Duplicate submissions thus will be automatically rejected without reviews.

Submission of a paper implies that should the paper be accepted, at least one of the authors will register for the XP conference and present the paper in the workshop. No-show papers will be removed from the digital library after the workshop. Accepted papers will be given guidelines in preparing and submitting the final manuscript(s) together with the notification of acceptance.

Double blind review: SecSE requires anonymized submissions - please make sure that submitted paper contains no author names or obvious self-references.


Accepted papers will be published by ACM conference proceedings (TBC).

Journal Special Issue

Distinguished papers submitted to SecSE will be invited to submit revised and extended versions for publication in the International Journal of Secure Software Engineering (ISSN 1947-3036).

Ignite Talks and Industrial Experience Talks

See here for instructions on submitting Ignite Talks and Industrial Experience Talks.