Over the last decade, an increasing number of organizations have started focusing on software security because modern applications typically operate in a hostile network-based environment. Traditionally, organizations have tried to address security concerns by finding and fixing security vulnerabilities once the software development cycle is completed.A software needs to be secured against any unauthorized users, and this can be achieved by incorporating security mechanisms into different phases of the software development lifecycle. However, incorporating security practices and processes into different phases of the software development life cycle remains a challenge. Software security area is evolving due to different factors such as increasing failure rates of software projects, economic downturn, and software development without security in mind, globalization and outsourcing. The empirical software engineering researchers need new approaches, models, and tools for addressing various emerging challenges of software security in this modern age. There is a need for using empirical evidence to support different new approaches in the software security research and practice which will provide researchers with innovative knowledge on which to develop different software security processes and practices. This will also help in improving existing software security approaches and processes in order to effectively develop secure software. This workshop will bring together and advance the work that has been undertaken on software security. The outcome of this workshop will provide researchers and practitioners with a firm basis on which to develop different practices/ tools/ techniques that are based on an understanding of how and where they fit into secure software development and research. New practices/ tools/ techniques could then be developed targeting secure software engineering community.
The aim of this workshop is to provide a venue to discuss software security challenges, opportunities and lessons learned under the umbrella of empirical software engineering and software evaluation. This workshop will bring together researchers and practitioners from academia, industry and governments to report empirical studies and discuss the issues relating to software security. This workshop will seek submissions reporting original, unpublished research on software security covering any aspect of experimental, empirical and evidence-based software engineering, for example the use of quantitative and qualitative methods for empirical evaluation of software security techniques, processes, methods, tools and best practices. This will be a one-day paper-based presentations workshop, which will accept research and software industry papers on the topic of software security.
This workshop aspires to provide an opportunity for the empirical software engineering researchers and practitioners to present the state of the art, state of the practice, and the future directions on the following topics of software security.
The Extended version of selected papers from this workshop will be invited for submission to the Arabian Journal for Science and Engineering. This journal is published by Springer and it has 1.518 impact factor. A special section of this workshop will be published in the Arabian Journal for Science and Engineering. The reviewers will be asked to comment on whether they believe that the paper should be extended for the special section of the journal. The extended version papers will go through the full review process of Arabian Journal for Science and Engineering and the editor in chief will make the final decision about acceptance or otherwise of each paper.
The maximum page length for the workshop is 6 pages. Workshop proceedings will be integrated in the EASE 2020 conference companion proceedings. Submitted papers must be written in English, contain original unpublished work, and conform to the ACM proceedings format (https://www.acm.org/publications/proceedings-template). Please submit manuscripts via EasyChair, and in pdf format: https://easychair.org/my/conference?conf=ease2020
Notifications to authors
Associate Professor of software engineering at the Information and Computer Science Department, King Fahd University of Petroleum and Minerals, Saudi Arabia. He received his PhD from La Trobe University, Melbourne, Australia. Prior to pursing his PhD, he also worked as a software engineer in United States and Australia. He is an active researcher in the field of software engineering and has published more than 55 articles in peer reviewed journals and international conferences. He has worked as principal and co-investigators in a number of research projects that investigate issues related to global software development and secure software development. His research interests include empirical software engineering, evidence-based software engineering, global software development, secure software development and software process improvement in general.
Professor at the Information and Computer Science Department, King Fahd University of Petroleum and Minerals, Saudi Arabia. He received his MS and PhD in Computer Science and certificate of Software Engineering from the University of Alabama in Huntsville in 2000, 2002 and 1999 respectively. Dr. Alshayeb worked as a senior researcher and Software Engineer and managed software projects in the United States and the Middle East. Dr. Alshayeb taught and coordinated industrial training courses. He provided consulting services to major industrial and educational institutes. Dr. Alshayeb is a member in the editorial board of the Software Engineering Journal, Journal of Software, Journal of Information Technology & Software Engineering and the Arabian Journal of Science and Engineering. Dr. Alshayeb received a number of certificates of excellence and appreciation from many companies. Dr. Alshayeb received Khalifa award for education as "the distinguished University Professor in the Field of Teaching within Arab World", 2016. He also received the "Excellence in Teaching", the "Excellence in Advising" award and the "Instructional Technology" awards from KFUPM. Dr. Alshayeb is a member of a number of professional associations. He is a certified project manager (PMP). Dr. Alshayeb’s research interests include empirical studies in Software Engineering, software refactoring, software quality, software measurement and metrics and object-oriented design.
Professor of Software Engineering at the Information and Computer Science Department, King Fahd University of Petroleum and Minerals Saudi Arabia. He has received the MPhil degree from the University of Manchester, U.K., and the Ph.D. degree from the University of Technology Sydney, Australia. He has spent more than a decade with leading technology ﬁrms and universities as a Process Analyst, a Senior Systems Analyst, a Project Manager, and a Professor. He has participated in and managed several software development projects. Dr. Niazi is an active researcher in the field of empirical software engineering. Dr. Niazi has published over 100 articles He is interested in developing sustainable processes in order to develop systems, which are reliable, secure, and fulﬁl customer needs. His research interests are evidence-based software engineering, requirements engineering, sustainable, reliable and secure software engineering processes, global and distributed software engineering, software process improvement, and software engineering project management. Previously Dr. Niazi worked for Keele University UK, National ICT Australia, University of Technology Sydney Australia, University of Sydney Australia and University of Manchester UK.
Sajjad Mahmood, Mohammad Alshayeb, Mahmood Niazi