EASE 2024
Tue 18 - Fri 21 June 2024 Salerno, Italy

Over the last decade, many organizations have focused on software security because modern applications typically operate in a hostile network-based environment. Traditionally, organizations have tried to address security concerns by finding and fixing security vulnerabilities once the software development cycle is completed. Software needs to be secured against any unauthorized users, and this can be achieved by incorporating security mechanisms into different phases of the software development lifecycle. However, incorporating security practices and processes into different software development life cycle phases remains a challenge. Software security is evolving due to increasing failure rates of software projects, economic downturn, software development without security in mind, globalization, and outsourcing. The empirical software engineering researchers need new approaches, models, and tools for addressing various emerging software security challenges in this modern age. There is a need for empirical evidence to support different new approaches in software security research and practice. This will provide researchers with innovative knowledge on developing different software security processes and practices. This will also help improve existing software security approaches and processes to build secure software effectively. This workshop will bring together and advance the work undertaken on software security. The outcome of this workshop will provide researchers and practitioners with a firm basis on which to develop different practices/ tools/ techniques based on an understanding of how and where they fit into secure software development and research. New practices/ tools/ techniques could then be developed targeting the secure software engineering community.
More details are available at: http://www.softwareengineeringresearch.net/SSW24/index.html

Plenary
You're viewing the program in a time zone which is different from your device's time zone change time zone

Fri 21 Jun

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

10:30 - 11:00
Coffee BreakCatering
11:00 - 12:30
Secure Software Workshop: Session 2Secure Software at Room Vietri
11:00
15m
Talk
5G Secure Solution Development and Security Master Role
Secure Software
Muhammad Ovais Ahmad Karlstad University
11:15
15m
Talk
An Empirical Investigation of the Security Weaknesses in Open-Source Projects
Secure Software
Haifa Al-Shammare , Nehal Al-Otaiby , Muradi Al-Otabi King Fahd University of Petroleum & Minerals, Mohammad Alshayeb King Fahd University of Petroleum & Minerals
11:30
15m
Talk
Challenges in Developing Secure Software within Agile Environments
Secure Software
11:45
15m
Talk
MLOps-Enabled Security Strategies for Next-Generation Operational Technologies
Secure Software
Tazeem Ahmad , Mohd adnan , Saima Rafi University of Murcia, Muhammad Azeem Akbar LUT University, Ayesha Anwar
12:00
15m
Talk
The Security Culture Readiness Model (SCRM) for Saudi Universities: A Preliminary Structure
Secure Software
Mona Albinali , Mahmood Niazi King Fahd University of Petroleum and Minerals
12:15
15m
Talk
Triaging Microservice Security Smells, with TriSS
Secure Software
Francisco Ponce , Jacopo Soldani University of Pisa, Italy, Carla Taramasco Universidad Andrés Bello, Chile, Hernan Astudillo Universidad Andrés Bello, Chile, Antonio Brogi Università di Pisa
12:30 - 14:00
12:30
90m
Lunch
Lunch
Catering

Call for Papers

The aim of this workshop is to provide a venue to discuss software security challenges, opportunities and lessons learned under the umbrella of empirical software engineering and software evaluation. This workshop will bring together researchers and practitioners from academia, industry and governments to report empirical studies and discuss the issues relating to software security. This workshop will seek submissions reporting original, unpublished research on software security covering any aspect of experimental, empirical and evidence-based software engineering, for example the use of quantitative and qualitative methods for empirical evaluation of software security techniques, processes, methods, tools and best practices. This will be a one-day paper-based presentations workshop, which will accept research and software industry papers on the topic of software security.
More details are available at: http://www.softwareengineeringresearch.net/SSW24/index.html

This workshop aspires to provide an opportunity for the empirical software engineering researchers and practitioners to present the state of the art, state of the practice, and the future directions on the following topics of software security.

  • Systematic literature reviews and mapping studies on software security
  • Tertiary studies on software security
  • Empirically based decision-making
  • Controlled experiments and quasi-experiments
  • Case studies, surveys, observational studies, Delphi studies, field studies on software security
  • Empirical studies on software security using qualitative, quantitative, and mixed methods
  • Evaluation of software security techniques, tools and models
  • Secure software requirements
  • Secure software design
  • Secure software coding
  • Secure software acceptance
  • Secure software deployment, operations and maintenance
  • Secure software acquisition
  • Project management for secure software development
  • Best practices and lessons learned in secure software development projects
  • Software security in global projects
  • Secure software metrics
  • Best practices and lessons learned in secure software development projects

Paper Submission
The maximum page length for the workshop is 6 pages. Workshop proceedings will be integrated in the EASE 2024 conference companion proceedings. Submitted papers must be written in English, contain original unpublished work, and conform to the ACM proceedings format.
Please submit manuscripts via EasyChair, and in pdf format: https://easychair.org/conferences/?conf=ease2024