GraMSec 2017

SCOPE

Graphical security models provide an intuitive but systematic approach to analyze security weaknesses of systems and to evaluate potential protection measures. Cyber security researchers, as well as security professionals from industry and government, have proposed various graphical security modeling schemes. Such models are used to capture different security facets (digital, physical, and social) and address a range of challenges including vulnerability assessment, risk analysis, defense analysis, automated defensing, secure services composition, policy validation and verification. The objective of the GraMSec workshop is to contribute to the development of well-founded graphical security models, efficient algorithms for their analysis, as well as methodologies for their practical usage.

TOPICS

The workshop seeks submissions from academia, industry, and government presenting novel research on all theoretical and practical aspects of graphical models for security. The topics of the workshop include, but are not limited to:

• Graphical models for threat modeling and analysis
• Graphical models for risk analysis and management
• Graphical models for requirements analysis and management
• Textual and graphical representation for system, organizational, and business security
• Visual security modeling and analysis of socio-technical and cyber-physical systems
• Graphical security modeling for cyber situational awareness
• Graphical models supporting the security by design paradigm
• Methods for quantitative and qualitative analysis of graphical security models
• Formal semantics and verification of graphical security models
• Methods for (semi-)automatic generation of graphical security models
• Enhancement and/or optimization of existing graphical security models
• Scalable evaluation of graphical security models
• Evaluation algorithms for graphical security models
• Dynamic update of graphical security models
• Game theoretical approaches to graphical security modeling
• Attack trees, attack graphs and their variants
• Stochastic Petri nets, Markov chains, and Bayesian networks for security
• UML-based models and other graphical modeling approaches for security
• Software tools for graphical security modeling and analysis
• Case studies and experience reports on the use of graphical security modeling paradigm

IMPORTANT DATES

• Submission deadline: Sunday, May 21, 2017 Sunday, May 28, 2017 (firm)
• Notification deadline: Friday, July 7, 2017
• Workshop: Monday, August 21, 2017
• Camera-ready version: Friday, September 22, 2017

INVITED SPEAKER

Dr. Anoop Singhal, Computer Scientist at the National Institiude of Standards and Technology (NIST), Computer Security Division

GENERAL CHAIR

Sjouke Mauw, University of Luxembourg, Luxembourg

PROGRAM CHAIRS

Peng Liu, Pennsylvania State University, USA

Ketil Stølen, SINTEF Digital and University of Oslo, Norway

PUBLICITY CHAIR

Barbara Kordy, INSA Rennes, IRISA, France

WEB CHAIR

Piotr Kordy, University of Luxembourg, Luxembourg