Examples​ ​of​ ​topics​ ​that​ ​are​ ​in​ ​scope​ ​include:​ ​​development libraries,​ ​tools,​ ​or​ ​processes​ to ​produce​ ​systems​ ​resilient​ ​to​ ​certain​ ​attacks;​ ​formal foundations that underpin​ ​a​ ​language,​ ​tool,​ ​or​ ​testing​ ​strategy​ ​that​ ​improves​ ​security;​ ​techniques that​ ​drastically​ ​improve​ ​the​ ​scalability​ ​of​ ​security​ ​solutions​ ​for​ ​practical​ ​deployment;​ ​and experience,​ ​designs,​ ​or​ ​applications​ ​showing​ ​how​ ​to​ ​apply​ ​cryptographic​ ​techniques​ ​effectively to​ ​secure​ ​systems.

We solicit research papers, position papers, systematization of knowledge papers, and “best practice” papers. All submissions should present novel results, ​provide novel ​perspectives​ ​and​ ​insights, or present new evidence about existing insights or techniques.

​SecDev also ​seeks hands-on​ ​and​ ​interactive​ ​tutorials​ ​on​ ​processes,​ ​frameworks,​ ​languages,​ ​and​ ​tools​ ​for​ ​building security​ ​in.​ ​The​ ​goal​ ​is​ ​to​ ​share​ ​knowledge​ ​on​ ​the​ ​art​ ​and​ ​science​ ​of​ ​secure​ ​systems development.​

(SecDev also seeks posters and tool demos, and abstracts​ ​from​ ​practitioners​ ​to​ ​share​ ​their​ ​practical experiences​ ​and​ ​challenges​ ​in​ ​security​ ​development. Information on these solicitations are available on the SecDev website https://secdev.ieee.org/.)

Areas of interest include (but are not limited to):

    Security-focused​ ​system​ ​designs​ ​(HW/SW/architecture)
    Tools​ ​and​ ​methodology​ ​for​ ​secure​ ​code​ ​development
    Risk​ ​management​ ​and​ ​testing​ ​strategies​ ​to​ ​improve​ ​security
    Security​ ​engineering​ ​processes,​ ​from​ ​requirements​ ​to​ ​maintenance
    Programming​ ​languages,​ ​development​ ​tools,​ ​and​ ​ecosystems​ ​supporting​ ​security
    Static​ ​program​ ​analysis​ ​for​ ​software​ ​security
    Dynamic​ ​analysis​ ​and​ ​runtime​ ​approaches​ ​for​ ​software​ ​security
    Automation​ ​of​ ​programming,​ ​deployment,​ ​and​ ​maintenance​ ​tasks​ ​for​ ​security
    Distributed​ ​systems​ ​design​ ​and​ ​implementation​ ​for​ ​security
    Privacy by design
    Human-centered​ ​design​ ​for​ ​systems​ ​security
    Formal​ ​verification​ ​and​ ​other​ ​high-assurance​ ​methods​ ​for​ ​security
    Code​ ​reviews,​ ​red​ ​teams,​ ​and​ ​other​ ​human-centered​ ​assurance

Submission​ ​Details

The website for submissions is https://secdev2020.hotcrp.com/.

Submissions must ​use​ ​the​ ​two-column​ ​IEEE​ ​Proceedings​ ​style: https://www.ieee.org/conferences/publishing/templates.html.

Submissions​ ​must​ ​be​ ​one​ ​of​ ​two ​categories:

    Papers​,​ ​up​ ​to​ 6 pages, excluding references and well-marked appendices. ​ ​These​ ​must​ ​be​ ​well-argued​ ​and​ ​worthy​ ​of​ ​publication and​ ​citation,​ ​on​ ​the​ ​topics​ ​above.​ ​Research​ ​papers​ ​must​ ​present​ ​new​ ​work​, evidence, ​or​ ​ideas. Position​ ​papers​ ​with​ ​exceptional​ ​visions​ ​will​ ​also​ ​be​ ​considered.​ Also welcome are systematization of knowledge papers and “best practice” papers, which should ​provide​ ​an integration​ ​and​ ​clarification​ ​of​ ​ideas​ ​on​ ​an​ ​established,​ ​major​ ​research​ ​area,​ ​support​ ​or challenge​ ​long-held​ ​beliefs​ ​in​ ​such​ ​an​ ​area​ ​with​ ​compelling​ ​evidence,​ ​or​ ​present​ ​a convincing,​ ​comprehensive​ ​new​ ​taxonomy​ ​of​ ​some​ ​aspect​ ​of​ ​secure​ ​development.

    Authors​ ​of​ ​accepted papers​ ​will​ ​present​ ​their​ ​work​ ​at​ ​the​ ​conference​ ​(likely​ ​in​ ​a​ ​30-minute​ ​slot)​ ​and​ ​their papers​ ​will​ ​appear​ ​in​ ​the​ ​conference’s​ ​formal​ ​IEEE​ ​proceedings.

    To improve the fairness of the reviewing process, SecDev will follow a light-weight double-blind reviewing process. Submitted papers must (a) omit any reference to the authors’ names or the names of their institutions, and (b) reference the authors’ own related work in the third person (e.g., not “We build on our previous work …” but rather “We build on the work of …”). Nothing should be done in the name of anonymity that weakens the submission or makes the job of reviewing the paper more difficult (e.g., important background references should not be omitted or anonymized). Please see the double-blind FAQ for the answers to many common concerns about SecDev’s double-blind reviewing process. When in doubt, contact the program chairs.
    Tutorial​ ​proposals​.​ ​Tutorials​ ​should​ ​aim​ ​to​ ​be​ ​either​ ​90​ ​minutes​ ​or​ ​180​ ​minutes​ ​long. We​ ​strongly​ ​encourage​ ​tutorials​ ​to​ ​have​ ​hands-on​ ​components​ ​and​ ​audience interactions.​ ​We​ ​do​ ​not​ ​recommend​ ​simply​ ​slide​ ​presentations.​ ​Tutorial​ ​proposals​ ​should be​ ​2​ ​pages​ ​and​ ​cover​ ​(a)​ ​the​ ​topic;​ ​(b)​ ​a​ ​summary​ ​of​ ​the​ ​tutorial​ ​format​ highlighting hands-on aspects and ​possibly pointers​ ​to​ ​relevant​ ​materials;​ ​(c)​ ​the​ ​expected​ ​audience​ ​and​ ​expected​ ​learning outcomes;​ ​(d)​ ​prior​ ​tutorials​ ​or​ ​talks​ ​on​ ​similar​ ​topics​ ​by​ ​the​ ​authors​ ​(and​ ​audience​ ​size), if​ ​any.​ ​Accepted​ ​tutorials​ ​may​ ​provide​ ​an​ ​abstract​ ​that​ ​will​ ​appear​ ​in​ ​the​ ​conference’s formal​ ​IEEE​ ​proceedings.​ ​Tutorials​ ​will​ ​occur​ ​on​ ​the​ ​first​ ​day​ ​of​ ​the​ ​conference​ (Monday September 28). ​Note​ ​that​ ​if​ ​an​ ​accepted​ ​tutorial requires​ ​special​ ​materials​ ​or​ ​environments​ ​for​ ​the​ ​hands-on​ ​participation,​ ​we​ ​expect​ ​the authors​ ​to​ ​provide​ ​necessary​ ​preparation​ ​instructions​ ​for​ ​the​ ​attendees.

    Tutorial proposals do not need to be anonymized.

At least one author of each accepted paper and tutorial must attend the conference and present the paper/tutorial. In the event of difficulty in obtaining visas for travel, exceptions can be made and will be discussed on a case-by-case basis.

We​ ​are​ ​devoted​ ​to​ ​seeking​ ​broad​ ​representation​ ​in​ ​the​ ​program,​ ​and​ ​may​ ​take​ ​this​ ​into​ ​account when​ ​reviewing​ ​multiple​ ​submissions​ ​from​ ​the​ ​same​ ​authors.​

If​ ​you​ ​have​ ​any​ ​questions​,​ please​ ​email​ ​​secdev20-pc@ieee.org.