[Apologies if you receive multiple copies of this message]
CALL FOR PAPERS
***********************************************************************
International Journal of Computer Systems Science and
Engineering (IJCSSE)
Special Issue on Open Source Certification
http://www.crlpublishing.co.uk/journal.asp?j=csse&s=Aims%20and%20Scope
***********************************************************************
************
Introduction
************
Over the past decade, the Open Source Software (OSS) phenomenon has had
a global impact on the way organisations and individuals create,
distribute, acquire and use software and software-based services. OSS
has challenged the conventional wisdom of the software engineering and
software business communities, has been instrumental for educators and
researchers, and has become an important aspect of e-government and
information society initiatives. Widely acknowledged benefits of
open-source software (OSS) include reliability, low development and
maintenance costs, as well as rapid evolution. However, OSS is a complex
phenomenon and requires an interdisciplinary understanding of its
engineering, technical, economic, legal and socio-cultural dynamics.
As a consequence, OSS adoption and integration within complex
industrial-strength application domains such as telecommunications,
business management and embedded sectors is still quantitatively and
qualitatively less successful than it could be, even in the presence of
detailed adoption guidelines. The stringent requirements of these
applications in terms of software security raise the need for some form
of security certification based on rigorous in-depth system analysis
conducted by independent and internationally recognized organizations.
In this context, security certification can be either model-based, that
is, based on formal proofs that a given property holds for the abstract
model which faithfully represents the software system, or test-based,
that is, asserting a property with a specific level of confidence,
relying on the experimental evidence provided by systematic software
testing. A branch of open source research is aimed at assessing and
certifying the security level of software so that each organization
can choose the software product that best meets its security
requirements, thus increasing OSS adoption and diffusion. Even
though the applicability of security certifications (processes) is
currently restricted to a small proportion of potential target systems,
their use is spreading. As a consequence, it is likely that in a near
future security certifications will become a prerequisite for many
other industries.
******************
Overall Objectives
******************
This special issue is focused on proposals aimed at providing
technological and business solutions for:
+ enabling OSS to become an integral part of systems and devices
produced by technology companies;
+ inserting OSS in the critical path of the development of complex
network and embedded products, including methodologies and tools
for domain-specific OSS testing (also by making laboratory code
available), as well as certification of security, dependability
and safety properties for complex systems;
+ ensuring that integrated systems including OSS meet performance
and security requirements as well as achieving the necessary
certifications, according to the overall strategy of OSS usage
on the part of the adopter.
******
Topics
******
The IJCSSE special issue will focus in particular on formal methods
and techniques that appear promising for the facilitation of open
source certification, as well as on practical case studies.
Authors are invited to submit papers and proposals on a variety of
topics, including but not limited to:
- foundation and new perspectives of open source certification;
- test-based solutions, tools, frameworks for open source
certification;
- Formal Methods tools incorporating open source components or
development techniques;
- open source projects using formal methods in their development,
or whose processes or products have been verified, evaluated or
modeled using formal methods;
- new and/or existing formal methods and/or tools which are
particularly suited to open source contexts, and/or experience
with them;
- new and/or existing certification processes and tools suitable
for open source contexts, and/or experience with them;
- tools and case studies that integrate techniques from
different areas, such as
. product and process certification,
. testing,
. formal modelling,
. formal verification: model checking & theorem proving,
. reverse engineering,
. static analysis and inspection,
. safety and security,
. language design and evolving systems,
. empirical software engineering.
**********
Submission
**********
Submissions are invited for original research papers. Authors are
invited to submit their contributions electronically through the
conference web site available at
http://ra.crema.unimi.it/IJCSSE-OSCERT-openconf.
Submission must be in the form of a PDF file. Manuscripts must be in
English and follow the instructions available at
http://csse.debii.curtin.edu.au/index.php/csse/information/authors
***************
Important dates
***************
Submission deadline: February 1st, 2009
Acceptance notification: March 1st, 2009
Final version due: April 1st, 2009
*************
Guest Editors
*************
Ernesto Damiani, Università degli Studi di Milano, DTI, Crema, Italy
Luis Barbosa, Universidade do Minho, Braga, Portugal
Peter T. Breuer, Universidad Carlos III de Madrid, Madrid, Spain
Claudio A. Ardagna, Università degli Studi di Milano, DTI, Crema, Italy
************************
Publicity and Submission
************************
Nabil El Ioini, Center for Applied Software Engineering, Bolzano, Italy
----------------------------------------------------------------
Additional information about this call can be found at
http://ra.crema.unimi.it/IJCSSE-OSCERT/
For further inquiries, please send an email to [EMAIL PROTECTED]
----------------------------------------------------------------
_______________________________________________
p2p-hackers mailing list
[email protected]
http://lists.zooko.com/mailman/listinfo/p2p-hackers
