The Fourth International Workshop on Graphical Models for Security Santa Barbara, CA, USA - August 21, 2017

http://gramsec.uni.lu Co-located with CSF 2017 LNCS proceedings confirmed

Following several requests, the submission deadline has been extended until Sunday, May 28.

SCOPE Graphical security models provide an intuitive but systematic approach to analyze security weaknesses of systems and to evaluate potential protection measures. Cyber security researchers, as well as security professionals from industry and government, have proposed various graphical security modeling schemes. Such models are used to capture different security facets (digital, physical, and social) and address a range of challenges including vulnerability assessment, risk analysis, defense analysis, automated defensing, secure services composition, policy validation and verification. The objective of the GraMSec workshop is to contribute to the development of well-founded graphical security models, efficient algorithms for their analysis, as well as methodologies for their practical usage.

TOPICS The workshop seeks submissions from academia, industry, and government presenting novel research on all theoretical and practical aspects of graphical models for security. The topics of the workshop include, but are not limited to:

• Graphical models for threat modeling and analysis • Graphical models for risk analysis and management • Graphical models for requirements analysis and management • Textual and graphical representation for system, organizational, and business security • Visual security modeling and analysis of socio-technical and cyber-physical systems • Graphical security modeling for cyber situational awareness • Graphical models supporting the security by design paradigm • Methods for quantitative and qualitative analysis of graphical security models • Formal semantics and verification of graphical security models • Methods for (semi-)automatic generation of graphical security models • Enhancement and/or optimization of existing graphical security models • Scalable evaluation of graphical security models • Evaluation algorithms for graphical security models • Dynamic update of graphical security models • Game theoretical approaches to graphical security modeling • Attack trees, attack graphs and their variants • Stochastic Petri nets, Markov chains, and Bayesian networks for security • UML-based models and other graphical modeling approaches for security • Software tools for graphical security modeling and analysis • Case studies and experience reports on the use of graphical security modeling paradigm

INVITED SPEAKER To be confirmed.

PAPER SUBMISSION We solicit two types of submissions: • Regular papers (up to 15 pages, excluding the bibliography and well-marked appendices) describing original and unpublished work within the scope of the workshop. • Short papers (up to 7 pages, excluding the bibliography and well-marked appendices) describing original and unpublished work in progress.

The reviewers are not required to read the appendices, so the papers should be intelligible without them. All submissions must be prepared using the LNCS style: http://www.springer.com/computer/lncs?SGWID=0-164-6-793341-0

Each paper will undergo a thorough review process. All accepted (regular and short) papers will be included in the workshop's post-proceedings. The GraMSec 2017 post-proceedings will be published in the Lecture Notes in Computer Science (LNCS) series of Springer. Submissions should be made using the GraMSec 2017 EasyChair web site: https://www.easychair.org/conferences/?conf=gramsec17

IMPORTANT DATES • Submission deadline: Sunday, May 28, 2017 (firm) • Acceptance notification: Friday, July 7, 2017 • Workshop: Monday, August 21, 2017

GENERAL CHAIR • Sjouke Mauw, University of Luxembourg, Luxembourg

PROGRAM CHAIRS • Peng Liu, Pennsylvania State University, USA • Ketil Stølen, SINTEF Digital and University of Oslo, Norway

PC MEMBERS Mathieu Acher, University Rennes 1, Inria, France Massimiliano Albanese, George Mason University, USA Ludovic Apvrille, Télécom ParisTech, France Thomas Bauereiss, DFKI, Germany Kristian Beckers, Technical University of Munich, Germany Giampaolo Bella, University of Catania, Italy Stefano Bistarelli, Università di Perugia, Italy Marc Bouissou, EDF RD, France Frédéric Cuppens, Télécom Bretagne, France Nora Cuppens-Boulahia, Télécom Bretagne, France Binbin Chen, Advanced Digital Sciences Center, Singapore Hervé Debar, Télécom SudParis, France Harley Eades, Augusta University, USA Mathias Ekstedt, KTH - Royal Institute of Technology, Sweden

Ulrik Franke, Swedish Institute of Computer Science - SICS, Sweden Frank Fransen, TNO, The Netherlands Olga Gadyatskaya, University of Luxembourg, Luxembourg Paolo Giorgini, University of Trento, Italy Dieter Gollmann, Hamburg University of Technology, Germany Joshua Guttman, WPI and MITRE, USA René Rydhof Hansen, Aalborg University, Denmark Maritta Heisel, Universität Duisburg-Essen, Germany Hannes Holm, Swedish Defence Research Agency, Sweden Siv Hilde Houmb, Secure-NOK AS, Norway Sushil Jajodia, George Mason University, USA Ravi Jhawar, University of Luxembourg, Luxembourg Henk Jonkers, BiZZdesign, The Netherlands Cristian Johansen, University of Oslo, Norway Florian Kammueller, Middlesex University London, UK Nima Khakzad, TU Delft, The Netherlands Dong Seong Kim, University of Canterbury, New Zealand Barbara Kordy, INSA Rennes, IRISA, France Pascal Lafourcade, Université Clermont Auvergne, LIMOS, France Jean-Louis Lanet, Inria, France Per Håkon Meland, SINTEF Digital, Norway Jogesh Muppala, HKUST, Hong Kong, SAR China Simin Nadjm-Tehrani, Linköping University, Sweden Andreas L. Opdahl, University of Bergen, Norway Xinming Ou, University of South Florida, USA Stéphane Paul, Thales Research and Technology, France Wolter Pieters, TU Delft, The Netherlands Ludovic Piètre-Cambacédès, EDF, FR Sophie Pinchinat, University Rennes 1, IRISA, France Vincenzo Piuri, University of Milan, Italy Marc Pouly, Lucerne University of Applied Sciences and Arts, Switzerland Nicolas Prigent, Supélec, France Christian W. Probst, Technical University of Denmark, Denmark David Pym, UCL, UK Saša Radomirovic, University of Dundee, UK Indrajit Ray, Colorado State University, USA Arend Rensink, University of Twente, The Netherlands Yves Roudier, Université Côte d'Azur, CNRS, I3S, UNS, France Guttorm Sindre, NUST, Norway Mariëlle Stoelinga, University of Twente, The Netherlands Xiaoyan Sun, California State University, USA Axel Tanner, IBM Research - Zurich, Switzerland Alexandre Vernotte, KTH - Royal Institute of Technology, Sweden Luca Viganò, King's College London, UK Lingyu Wang, Concordia University, Canada Jan Willemson, Cybernetica, Estonia

CONTACT For inquiries please send an e-mail to gramsec17@easychair.org