The overall objective of this workshop is to present significant information dealing with the issue of reusing security and safety mechanisms in software systems. First of all, the workshop will focus on the definition of security and safety by design processes which maintain separation of concern. This involves approaches for designing the storage of security and safety mechanisms separately, as well as approaches for integrating them. Secondly, the workshop will focus on supporting specific processes of various application sectors.
Special emphasis will be devoted to promote discussion and interaction between researchers and practitioners focused on the particularly challenging task of efficiently integrating security and safety solutions within the restricted available design space for software systems. Furthermore, one important focus is on the potential benefits of the combination of model-driven engineering and formal methods with pattern-based representation of security and dependability solutions. Of particular interest is the exchange of concepts, prototypes, research ideas, and other results which contribute to the academic area and also benefit business and industrial communities. Some of the topics that we seek to include in the workshop are related to the development of modeling language, methods and tools to support the inclusion of security, safety and architecture issues into the software engineering process. Topics of interest include, but are not limited to:

  • Modeling the interplay of architecture, security and safety models
  • Formalization of security and safety properties
  • Verification, testing and validation of security, safety and architecture properties by design
  • Design process of security and safety patterns and tactics
  • Model-based repository of security and safety patterns and tactics
  • Security and safety requirements engineering for system and software development
  • Inheritance of security and safety properties upon integration
  • Architecture decisions related to safety and security
  • Tradeoffs between quality attributes and safety/security
  • Evaluation of architecture,  security and safety and their subsequent redesign
  • Adaptable architectures for achieving security, safety and managing their trade-offs
  • Architectural support for self-protecting, self-healing, self-repairing, self-stabilizing systems
  • Architecture-level diversity for security and safety
  • (Architecture-level) compliance and standards for security and safety
  • Integration process of security, safety and architecture
  • Customization of application sector specific processes
  • Support tools for assisting modeling, deployment and configuration of security and safety by design
  • Case studies, empirical results, experience reports, benchmarks and artifacts, etc…

In conjunction with ECSA 2017 (