Layered Assurance Workshop (LAW)


The LAW Organizing Committee in cooperation with Applied Computer Security Associates is pleased to announce that LAW 2017 will again be held as an affiliated workshop of the Annual Computer Security Applications Conference (ACSAC).

LAW is founded on the proposition that it is possible to build assured systems from compositions of independently assured components, deriving system properties (e.g., functional, safety, and security) systematically from the properties of the components. Layered assurance encompasses diverse manifestations including composition, incremental certification, abstraction layers, and polymorphism. LAW spans the theoretical, engineering, and certification challenges to be met in making compositional assurance for complex systems a reality.

NEW: This year LAW has a new format that will enable the layered assurance community to engage even more with the larger security and safety communities. We plan to have a two day workshop that will have different focuses. Each day will include a half-day tutorial and a half-day regular workshop format.

Day 1
Morning: Holistic Layered Assurance Tutorial
Afternoon: Regular workshop format

Day 2
Morning: Practical Formal Methods for the Analysis of Executable Code Tutorial
Afternoon: Regular workshop format

Holistic Layered Assurance Tutorial

The first morning will include a Holistic Layered Assurance tutorial presented by Dr. Wolfgang Kampichler, Fewquentis AG. Participants will hear about:

  • Voice and data communication in air traffic management (as evaluation use case)
  • Layered assurance approach based on a communication demonstrator
  • Declarative language (MILS-AADL) for modeling distributed systems
  • Verification tools to prove security and dependability properties of a model
  • D-MILS Platform components (SK, MILS Console, MILS Network)
  • Tools to automate the development of an assurance case and to generate configurations for platform components
  • Use case deployment and evaluation results (practical examples)

Practical Formal Methods for the Analysis of Executable Code Tutorial

The second morning will include a tutorial presented by Sébastien Bardin, CEA LIST. This course aims to present the current state-of-the-art in formal methods for binary-level security analysis, and especially how semantic analysis coming from source-level safety analysis can be adapted to the context of binary-level security analysis. Especially, we will:

  • Recall the benefits & challenges offered by binary code analysis;
  • Review the new challenges brought to formal methods by binary code analysis;
  • Present promising state-of-the-art techniques (Symbolic Execution, Abstract Interpretation) together with illustrating examples and discussions on limitations – including implementation issues and traps;
  • Describe early achievements obtained by mitigating these limitations through well-chosen combinations of techniques;

Participation and Contributions

LAW solicits contributions on topics of interest to LAW participants. Contributors are expected to give a presentation, and optionally provide their contribution in the form of a paper. Contributors are urged to consider the topics of interest for LAW contributions. below and ACSAC's themes for the year. Presentations, and optionally papers, will be published on the LAW Web page for posterity.

The LAW Committee wishes to encourage the participation of academic researchers and their students in order to engage the engine of research needed to solve the open problems experienced by practitioners..

  • Predictions and speculations on the future of assurance
  • Application domains with emerging need for assurance
  • Assurance for cyber-physical systems (CPS) and the Internet of Things (IoT) / Internet of Everything (IoE)
  • Theoretical foundations for compositional, modular, and incremental assurance / verification
  • Case studies and challenges from diverse application domains (e.g. aerospace, critical infrastructures, automotive, medical, defense, mobile)
  • Combining methods of assurance (multi-legged assurance)
  • Standards and metrics for assessing assurance of safety and security properties
  • Processes, procedures, tools that would simplify assurance
  • Arguments for product families
  • Role of architecture and the relationship of architecture to assurance of system properties
  • Properties that defy composition or architectures that thwart compositional assurance
  • Bridging technical assurance measures to human confidence and trust
  • Requirements assurance

The preceding list of topics is intended to be suggestive. Contributions are encouraged on any topics that prospective authors consider relevant to the Layered Assurance Workshop.


Peter G. Neumann of SRI International will organize and chair panel sessions that always prove to be lively and thought-provoking.

Attendees willing to participate in a panel, or wanting to submit a proposal to organize and chair a panel session should contact Peter Neumann at Panel proposals should include a list of qualified likely panel participants (that is, the proposer should determine the proposed panelists. willingness to participate.


In addition to distinguished invited speakers, contributed papers and panels, the LAW program will include a Work-in-Progress (WIP) session, to provide an opportunity to present relevant ongoing work without writing a full paper. In the spirit of a workshop, we would really like to encourage LAW participants to share their ongoing work. The WIP session provides the opportunity to present in a format that is more structured than off-the-cuff, but without with the formality of a contributed paper, and potentially with more time for questions and discussion.

WIP session slots will be a maximum of 20 minutes in length, including presentation, questions and discussion It is expected that a pdf of the presentation will be contributed to the LAW proceedings. Please submit your proposals for Work-in-Progress presentations to the LAW Program Chair, Gabriela Ciocarlie at by November 1, 2017. Proposals should consist of a one page abstract. Regular contributed paper submissions that are not mature enough for acceptance as a contributed paper may be resubmitted for consideration as a WIP. Notification will be made by November 1, 2017. Presentation pdfs are due December 1, 2017.


Proposed presentation/paper contributions due: November 1, 2017
Notification of contribution acceptance/rejection: November 7, 2017
Camera ready due: November 15, 2017

WIP presentation proposals due: November 1, 2017
WIP proposal acceptance/rejection: November 7, 2017
WIP presentations due: December 1, 2017


Since LAW is a workshop rather than a conference or symposium, submissions do not have to be entirely novel, but they do have to be interesting. We request that submitted papers be a maximum of 5 pages and a maximum of 10 pages (2500 - 5000 words). Papers exceeding the limit will be truncated for review.

Please ensure that your submission is a PDF file (including all references and appendices) generated according to the ACM instructions at, using the template Option 2 "WITH permission block". Reviewers are not required to read the appendices.

To submit a paper, please go to


Authors are expected to give a 30 minute (or negotiated duration) presentation of their paper at the Workshop, and are requested to provide their presentation slides at the time of the workshop for publication on the LAW web page.

We will operate under a "No Paper, No Podium" and "No Podium, No Paper" policy.


Speakers with accepted papers will be required to register for LAW. Registration may be done at the ACSAC 2017 web site, One need not register for ACSAC to register for LAW.


LAW welcomes corporate sponsorship. Interested enterprises please contact

Additional ACSA Events:
NSPW – New Security Paradigms Workshop
LASER – Learning from Authoritative Security Experiment Results