The overall objective of this workshop is to discuss advances in reusing and incorporating  security and safety solutions in software systems. First of all, the workshop will focus on the definition of “security and safety by design” processes which maintain separation of concerns. This involves approaches for designing security and safety mechanisms separately, as well as approaches for integrating them. Secondly, the workshop will focus on supporting specific processes on various application domains.

Special emphasis will be devoted to promoting discussion and interaction between researchers and practitioners focused on the particularly challenging task of efficiently integrating security and safety solutions within the restricted available design space for software systems. Furthermore, one important focus is on the potential benefits of the combination of model-driven engineering and formal methods with pattern-based representation of security and safety solutions. Of particular interest is the exchange of concepts, prototypes and other results which advance the state of the art and/or the state of practice of the field. Some of the topics that we seek to include in the workshop are related to the development of modeling languages, methods and tools to support the inclusion of security, safety and architecture issues into the software engineering process. Topics of interest include, but are not limited to:

    • Modeling the interplay of security and safety within architectural models
    • Formalization of security and safety properties
    • Verification, testing and validation of security, safety and architecture properties by design
    • Design processes of security and safety patterns and tactics
    • Model-based repository of security and safety patterns and tactics
    • Security and safety requirements engineering for system and software development
    • Validation of security and safety properties upon integration
    • Architecture decisions related to safety and security
    • Tradeoff between safety/security and other quality attributes
    • Evaluation of architecture, security and safety and their subsequent redesign
    • Defining resilient architectures for achieving security, safety and managing their trade-offs
    • Architecture-level diversity for security and safety
    • (Architecture-level) compliance and standards for security and safety
    • Co-engineering processes of security and safety
    • Customization of application domain-specific processes
    • Tool support for the modeling, deployment and configuration of security and safety by design