From SAMATE
CALL FOR PAPERS
---------------------------------------------------------------------------
National Institute of Standards and Technology (NIST)
Software Assurance Metrics and Tool Evaluation (SAMATE) Project
Static Analysis Summit II
November 8 & 9, 2007
Fairfax, Virginia, USA
https://samate.nist.gov/SASII
at SIGAda 2007 http://www.sigada.org/conf/sigada2007/
---------------------------------------------------------------------------
Static analyzers are quite capable and are developing quickly. Yet,
developers, auditors, and examiners could use far more capabilities.
The goal of this summit is to define obstacles to such urgently-needed
capabilities and try to identify feasible approaches to overcome them,
either engineering or research.
We solicit contributions of papers or proposals for discussion sessions.
Contributions should describe basic research, applications, experience,
or proposals relevant to static analysis tools, techniques, and their
evaluation. Questions and topics of interest include, but are not
limited to:
* How can embedded, SCADA, uncommon, etc. systems be analyzed?
* Binaries need to be handled better - how is that possible?
* Good software starts with good design. What's SOA at requirements level?
* Obfuscation vs. analysis techniques - which will win?
* Formal pattern languages to describe vulnerabilities.
* Higher level function extraction.
* Temporal and inter-tool information sharing.
* What is the minimum performance bar for a source code security analyzer?
* Static analysis' contribution to software security assurance
* Flaw catching effectiveness of methods, techniques, or tools
* Benchmarks or reference datasets
* Software security assurance metrics
* User experience drawing useful lessons or comparisons
SUBMISSIONS:
Papers should be from 1 to 8 pages long. Papers over eight pages will not
be reviewed. Papers should clearly identify their novel contributions.
Discussion session proposals should give a session title and name a
moderator and at least two other participants. The proposal should
clearly identify the topic or question for discussion.
Submit papers and proposals electronically in PDF or ASCII text by
3 September 2007 to Wendy Havens <wendy.havens@nist.gov>.
We will notify submitters of acceptance by 3 October 2007.
PROGRAM: The program will be a mix of presentations of accepted papers
and discussion sessions. There may be some parallel tracks if warranted.
PUBLICATION: Accepted papers will be invited to publish in Ada Letters.
IMPORTANT DATES:
3 September: Paper and discussion proposal submission deadline
3 October: Author notification
22 October: Final publication-ready copy due
GENERAL CHAIR
Paul E. Black paul.black@nist.gov
