[ The Types Forum (announcements only),
http://lists.seas.upenn.edu/mailman/listinfo/types-announce ]
Registration is open for [Secure Development (SecDev)
2019](https://secdev.ieee.org/), which will be held September 25-27 in
McLean, VA. More details are below, including program highlights. The
early registration deadline is August 25. Student travel grants are
available.
Also, there are still a few days left (Monday August 12) to submit a
poster or tool demo proposal. Submission is light weight: it is just a
one-page description of the poster or tool demo. See
https://secdev.ieee.org/2019/posters/ for more details.
We hope to see you at SecDev 2019!
Best,
SecDev 2019 Organizing Committee
# IEEE Secure Development Conference (SecDev) 2019 Call for
Participation
https://secdev.ieee.org/
*Sponsored by the IEEE Computer Society Technical Committee on Security
and Privacy*
*September 25-September 27, 2019 at the Hilton Tysons Corner, McLean,
VA, USA*
## Overview
SecDev is a venue for presenting ideas, research, and experience about
how to develop secure systems. It focuses on theory, techniques, and
tools to "build security in" to existing and new computing systems, and
does not focus on simply discovering the absence of security.
The goal of SecDev is to encourage and disseminate ideas for secure
system development among academia, industry, and government. It aims to
bridge the gap between constructive security research and practice and
to enable real-world impact of security research in the long run.
Developers have valuable experiences and ideas that can inform academic
research, and researchers have concepts, studies, and even code and
tools that could benefit developers.
## Important Dates
- Early registration deadline: August 25
- Conference: Wednesday September 25 to Friday September 27, 2019
## Program highlights
* Keynote talks:
- June Andronick (Data61/CSIRO and UNSW). [Componentise, Isolate,
Prove; The seL4 Security Story](http://secdev.ieee.org/2019/june/)
- Colm MacCárthaigh (Amazon Web Services). [Baking the Best
Security Layer-Cake](http://secdev.ieee.org/2019/colm/)
* Tutorials (afternoon of Wednesday Sept 25):
- [Implementing Differential Privacy
Securely](https://secdev.ieee.org/2019/tutorials/). Simson Garfinkel,
Phil Leclerc (US Census Bureau)
- [LLVM for Security
Practitioners](https://secdev.ieee.org/2019/tutorials/). John Criswell
(University of Rochester)
- [A Practical Introduction to Formal Development and Verification
of High-Assurance Software with
SPARK](https://secdev.ieee.org/2019/tutorials/). Benjamin Brosgol,
Claire Dross, Yannick Moy (AdaCore)
- [Deploying Secure Multi-Party Computation on the Web Using
JIFF](https://secdev.ieee.org/2019/tutorials/). Kinan Dak Albab, Rawane
Issa, Andrei Lapets, Peter Flockhart, Lucy Qin, Ira Globus-Harris
(Boston University)
* Research papers:
- A Qualitative Investigation of Insecure Code Propagation from
Online Forums
*Michelle Mazurek, Wei Bai, Omer Akgul (University of Maryland)*
- Compositional Testing of Network Protocols
*Kenneth L. McMillan (Microsoft Research); Lenore D. Zuck
(University of Illinois at Chicago)*
- CryptoAPI-Bench: A Comprehensive Benchmark on Java Cryptographic
API Misuses
*Sharmin Afrose, Sazzadur Rahaman, Danfeng (Daphne) Yao (Virginia
Tech)*
- Detecting Callback Related Deep Vulnerabilities in Linux Device
Drivers
*Tuba Yavuz (University of Florida)*
- Downright: A Framework and Toolchain For Privilege Handling
*Remo Schweizer, Stephan Neuhaus (Zurich University of Applied
Sciences)*
- Exploitation Techniques and Defenses for Data-Oriented Attacks
*Long Cheng (Clemson University); Hans Liljestrand (Aalto
University, Finland); Md Salman Ahmed (Virginia Tech); Thomas Nyman
(Aalto University, Finland); Danfeng (Daphne) Yao (Virginia Tech); Trent
Jaeger (Pennsylvania State University); N. Asokan (Aalto University,
Finland)*
- On the Universally Composable Security of OpenStack
*Hoda Maleki (University of Connecticut); Kyle Hogan (MIT); Reza
Rahaeimehr (University of Connecticut); Ran Canetti, Mayank Varia, Jason
Hennessey (Boston University); Marten van Dijk (University of
Connecticut); Haibin Zhang (UMBC)*
- Polymorphic Relaxed Noninterference
*Raimil Cruz (University of Chile); Éric Tanter (University of
Chile & Inria)*
- Role-Based Ecosystem for the Design, Development, and Deployment
of Secure Multi-Party Data Analytics Applications
*Andrei Lapets, Kinan Dak Albab, Rawane Issa, Lucy Qin, Mayank
Varia, Azer Bestavros, Frederick Jansen (Boston University)*
- Self-Authenticating Traditional Domain Names
*Paul Syverson, Matthew Traudt (U.S. Naval Research Laboratory)*
- Start your ENGINEs: Dynamically Loadable Contemporary Crypto
*Nicola Tuveri, Billy Bob Brumley (Tampere University)*
- System-Level Framework for Logic Obfuscation with Quantified
Metrics for Evaluation
*Vivek Venugopalan, Gaurav Kolhe, Andrew Schmidt, Joshua Monson,
Matthew French (USC-Information Sciences Institute); Yinghua Hu, Peter A
Beerel, Pierluigi Nuzzo (University of Southern California)*
* Practitioner papers:
- Development Cycle Estimation Modeling
*Samuel Denard, Susan Mengel, Atila Ertas, Stephen Ekwaro-Osire
(Texas Tech University)*
- Effective Static Analysis Enforcement in Complex Cloud Native
Dockerized Systems
*Abhishek Pathak, Kaarthik Sivakumar, Jin Sheng, Anlu Yan, Mazhar
Haque (Cisco)*
- Multi-Cluster Visualization and Live Reporting of Static Analysis
(Coverity SAST) Warnings
*Abhishek Pathak, Kaarthik Sivakumar, Mazhar Haque (Cisco)*
- OpenOSC: Open Source Object Size Checking Library With Built-in
Metrics
*Yongkui Han, Pankil Shah, Richard Livingston (Cisco Systems)*
- Using Rules Engine in the Automation of System Security Review
*Abdulrahman Alnaim (Saudi Aramco)*
- With Great Abstraction Comes Great Responsibility: Sealing the
Microservices Attack Surface
*Chien An Chen (Palo Alto Networks)*
