Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

Metricon 4.0 CFP

From: gunnar at arctecgroup.net (Gunnar Peterson)
Date: Tue, 31 Mar 2009 15:48:54 -0500
http://www.securitymetrics.org/content/Wiki.jsp?page=Metricon4.0
Metricon 4.0
CALL FOR PAPERS
MetriCon 4 - The Importance of Context

MetriCon 4.0 is intended as a forum for lively, practical discussion  
in the area of security metrics. It is a forum for quantifiable  
approaches and results to problems afflicting information security  
today, with a bias towards practical, specific approaches that  
demonstrate the value of security metrics with respect to a security- 
related goal. Topics and presentations will be selected for their  
potential to stimulate discussion in the workshop. MetriCon 4.0 will  
be a one-day event, Tuesday, August 11, 2009, co-located with the 18th  
USENIX Security Symposium
-------------- next part --------------
A non-text attachment was scrubbed...
Name: out.png
Type: image/png
Size: 927 bytes
Desc: not available
Url : http://krvw.com/pipermail/sc-l/attachments/20090331/f5cf2363/attachment.png 
-------------- next part --------------
  in Montreal, Quebec. Beginning first thing in the morning, with  
meals taken in the meeting room, and extending into the evening.  
Attendance will be by invitation and limited to 60 participants. All  
participants will be expected to "come with findings" and be willing  
to address the group in some fashion, formally or not. In keeping with  
the theme of The Importance of Context, preference will be given to  
the authors of position papers/presentations who have actual work in  
progress that demonstrates the value of security metrics with respect  
to a security-related goal. Topics that demonstrate the importance of  
context include:
        ? Data and analyses emerging from ongoing metrics efforts
        ? Studies in specific subject matter areas
        ? Time and situation-dependent aspects of security metrics
        ? Long-term trend analysis and forecasts
        ? Measures of the depth and breadth of security defenses
        ? Metrics definitions that can be operationalized
        ? Incorporating unknown vulnerabilities into security metrics
        ? Security and risk modeling calibrations
        ? Security measures in system design
        ? Software assurance initiatives
        ? Security metrics relationship to security assessments

The program committee will also consider any innovative security  
metrics related workHow to ParticipateSubmit a short position paper or  
description of work done or ongoing. Your submission must be brief --  
no longer than two pages including both text and graphical displays of  
quantitative information. Author names and affiliations should appear  
first in the submission. Submissions may be in PDF, PowerPoint, HTML,  
or plaintext email and must be submitted to the MetriCon 4.0 Program  
Committee
-------------- next part --------------
A non-text attachment was scrubbed...
Name: out.png
Type: image/png
Size: 927 bytes
Desc: not available
Url : http://krvw.com/pipermail/sc-l/attachments/20090331/f5cf2363/attachment-0001.png 
-------------- next part --------------
. These requests to participate are due no later than noon GMT,  
Monday, May 25, 2009 (a hard deadline). You should receive an email  
acknowledgment of your submission within a day or two of posting; take  
action if you do not.
The Program Committee will invite both attendees and presenters.  
Participants of either sort will be notified of acceptance quickly --  
by June15, 2009. Presenters who want hardcopy materials to be  
distributed at the Workshop must provide originals of those materials  
to the Program Committee by July 27, 2009. All slides, position  
papers, and what-not will be made available to all participants at the  
Workshop. No formal academic proceedings are intended, but a digest of  
the meeting will be prepared and distributed to participants and the  
general public. (Digests for previous MetriCon meetings are on the  
past event pages mentioned above.) Plagiarism is dishonest, and the  
organizers of this Workshop will take appropriate action if dishonesty  
of this sort is found.

Submission of recent, previously published work as well as  
simultaneous submissions to multiple venues is entirely acceptable,  
but only if you disclose this in your proposal.

Program CommitteeJennifer Bayuk, Independent Consultant, Chair
Warren Axelrod, Financial Services Technology Consortium (FSTC)
Fred Cohen, Fred Cohen & Associates & California Sciences Institute
Lloyd Ellam, Iceberg Networks
Dan Geer, In-Q-Tel
Andrew Jaquith, Forrester Research
Wayne Jansen, National Institute of Standards and Technology (NIST)
Gene Kim, Tripwire
Gunnar Peterson, Arctec Group
Chris Walsh, SurePayroll
Previous By Date Next
Previous By Thread Next

Current thread: