December 5–9, 2011 | Buena Vista Palace Hotel & Spa | Orlando, Florida, USA

• Venue
• Program
•   –   Courses / Tutorials
•   –   FISMA Training
•   –   GTIP Workshop
•   –   LAW Workshop
• Print Proceedings
• Sponsorships & Exhibits
• Committees
• Call for Participation

• About ACSAC
• Past ACSACs
• Mailing List
• Security Bookshelf
• FAQs

2011 Annual Computer Security Applications Conference

Layered Assurance Workshop

Workshop Background and Description

LAW has provided a forum for vital exchange, as well as a maturing source of information, focused on key issues relating to the effective and efficient modular construction and certification of assured systems from assured components. It is widely recognized that such an approach is the most promising way to achieve diverse and flexible systems that can be certified quickly and cost effectively. LAW is concerned with the theoretical, engineering, and certification challenges to be met before this goal can be fully realized.

The Workshop concerns itself with the fundamental problems of "compositional assurance" and with a need for principles, methods, and techniques that can be applied to achieve the assurance necessary for security-critical, safety-critical, and mission-critical components and systems.

For the past four years, the Layered Assurance Workshop has grown and evolved. The first LAW in 2007 took an exploratory approach, relying heavily on the participants' input to establish the agenda. The second LAW in 2008 had several keynote talks chosen from responses to an open invitation, followed by breakout sessions on diverse topics. The third LAW comprised two thematic days (the first day concerned programmatic needs of government, while the second day concerned research and development) of morning keynote talks, afternoon panels and breakout sessions. The fourth LAW had a full program of invited speakers, contributed papers and related discussions. This year, LAW will have two full days of distinguished speakers, contributed papers, discussions, and panels.

Call for Papers

LAW spans the theoretical, engineering, and certification challenges of compositional assurance.

TOPICS OF INTEREST for LAW include:

• theoretical foundations for compositional and incremental assurance
• compositional and incremental certification
• combining methods of assurance (multi-legged assurance)
• component-based and compositional interpretations of hazards, verification, and assurance arguments
• composability of component properties, to achieve system security and safety
• examples of assurance cases for security, safety, correctness
• metrics for measuring safety and security
• standards for assessing assurance of safety and security properties
• case studies and challenges from diverse application domains (e.g., aerospace, critical infrastructures, automotive, medical, Department of Defense and Intelligence Community)
• processes, procedures, tools that would simplify assurance
• arguments for product families
• role of architecture and the relationship of architecture to assurance of system properties
• theory, tools and techniques to support compositional and incremental assurance
• impediments to compositional assurance, such as properties that defy composition or architectures that thwart compositional assurance
• legal aspects of providing assurance

SUBMISSIONS

Submissions should be made through OpenConf.

IMPORTANT DATES for LAW 2011

Paper submissions due: September 15 September 29
Notification of acceptance: October 25
Final papers due: November 22
LAW is held: December 5-6

INSTRUCTIONS FOR SUBMISSION OF PAPERS

Since LAW is a workshop rather than a conference or symposium, submissions do not have to be entirely novel, but they do have to be interesting.

We solicit two categories of papers: practical and research. We request a maximum of 5 pages for practical papers and a maximum of 10 pages for research (2500 or 5000 words respectively). Papers exceeding these limits will be truncated for review. Please indicate with your submission the category (practical or research) for which it is intended.

Papers should be capable of being printed on US letter size paper. The text should be 10 point or larger with reasonable margins. Formatting to common single-column conference proceedings standards is acceptable.

PRESENTATIONS AT THE WORKSHOP

Authors are expected to give a 30 minute presentation of their paper at the Workshop, and are requested to provide their presentation slides at the time of the workshop for publication on the LAW web page along with the final papers.

We will operate under a "No Paper, No Podium" and "No Podium, No Paper" policy. We need your final paper by the Nov. 22, 2011 deadline.

WORKSHOP REGISTRATION

Speakers with accepted papers will be required to register for LAW. Registration may be done at the ACSAC 2011 web site.

PROCEEDINGS

LAW will not publish paper proceedings. Accepted submitted papers and presentation slides will be published on the LAW 2011 web page the week that LAW is held and will be archived there indefinitely. By submitting a paper an author agrees to online publication of the final version of the paper and presentation material if the paper is accepted.

LAW Organizing Committee

Joyce Brookins	Air Force Cryptographic Modernization Program Office (CMPO)
Gabriela Ciocarlie	Coverity
Rance J. DeLong	LynuxWorks, Santa Clara University, Consultant
George W. Dinolt	Naval Postgraduate School
Peter G. Neumann	SRI International
Michael Putney	MITRE
Gordon Uchenick	Coverity

Contacts:

Rance J. DeLong -- LynuxWorks -- Workshop Chair
Gabriela Ciocarlie -- Coverity -- Program Chair

Home | Mailing List | FAQs | Privacy Policy | Contact Us

Copyright © 2011 ACSAC