CONTEXT AND MOTIVATION
Trustworthy, secure software is a core ingredient of the modern world.
Unfortunately, the Internet is too. Hostile, networked environments,
like the Internet, can allow vulnerabilities in software to be exploited
from anywhere. To address this, high-quality security building blocks (e.g., cryptographic components) are necessary, but insufficient. Indeed, the construction of secure software is challenging because
of the complexity of modern applications, the growing sophistication of security requirements, the multitude of available software technologies and the progress of attack vectors. Clearly, a strong need exists for
engineering techniques that scale well and that demonstrably improve the software's security properties.
GOAL AND SETUP
The goal of this symposium, which will be the second in the series,
is to bring together researchers and practitioners to advance the states
of the art and practice in secure software engineering. Being one of the
few conference-level events dedicated to this topic, it explicitly aims to bridge the software engineering and security engineering communities, and promote cross-fertilization. The symposium will feature two days of
technical program as well as one day of tutorials. The technical program includes an experience track for which the submission of highly informative case studies describing (un)successful secure software project experiences and lessons learned is explicitly encouraged.