The SAMATE Project Department of Homeland Security



			        CALL FOR PAPERS
	     National Institute of Standards and Technology (NIST)
        Software Assurance Metrics and Tool Evaluation (SAMATE) Project

		           Static Analysis Summit II

			      November 8 & 9, 2007
			     Fairfax, Virginia, USA
           at SIGAda 2007
Static analyzers are quite capable and are developing quickly.  Yet,
developers, auditors, and examiners could use far more capabilities.
The goal of this summit is to define obstacles to such urgently-needed 
capabilities and try to identify feasible approaches to overcome them,
either engineering or research.

We solicit contributions of papers or proposals for discussion sessions.  
Contributions should describe basic research, applications, experience, 
or proposals relevant to static analysis tools, techniques, and their 
evaluation.  Questions and topics of interest include, but are not
limited to:
* How can embedded, SCADA, uncommon, etc. systems be analyzed?
* Binaries need to be handled better - how is that possible?
* Good software starts with good design.  What's SOA at requirements level?
* Obfuscation vs. analysis techniques - which will win?
* Formal pattern languages to describe vulnerabilities.
* Higher level function extraction.
* Temporal and inter-tool information sharing.
* What is the minimum performance bar for a source code security analyzer?
* Static analysis' contribution to software security assurance
* Flaw catching effectiveness of methods, techniques, or tools
* Benchmarks or reference datasets
* Software security assurance metrics
* User experience drawing useful lessons or comparisons

Papers should be from 1 to 8 pages long.  Papers over eight pages will not
be reviewed.  Papers should clearly identify their novel contributions.

Discussion session proposals should give a session title and name a
moderator and at least two other participants.  The proposal should
clearly identify the topic or question for discussion.

Submit papers and proposals electronically in PDF or ASCII text by 
3 September 2007 to Wendy Havens <>.

We will notify submitters of acceptance by 3 October 2007.

PROGRAM: The program will be a mix of presentations of accepted papers
and discussion sessions.  There may be some parallel tracks if warranted.

PUBLICATION: Accepted papers will be invited to publish in Ada Letters.

 3 September: Paper and discussion proposal submission deadline
 3 October:  Author notification
22 October:  Final publication-ready copy due

Paul E. Black