Strategic Seminars
Responding to the need for closer ties with the European ICT industry, the ERCIM Board of Directors embarked on the initiative to organize a series of annual strategic seminars on current topics within ICT and Mathematics. The rationale behind this strategic decision is manifold: to enhance the impact of research taking place within ERCIM institutes and Working Groups by actively disseminating results towards industrial stakeholders; to expose researchers to ongoing research activities with an industrial take-up potential; and to help bridge the gap between research and industrial practice.
2008 EC-ERCIM Seminar on ICT Security: "Engineering Secure Complex Software Systems and Services"
Brussels, 16 October 2008
ERCIM and the Eurpean Commission were jointly organising a Strategic Seminar on “Engineering Secure Complex Software Systems and Services”. The seminar was the result of a joint effort of ERCIM, its Security and Trust Management Working Group, and the European Commission (Unit F5 “Security” of DG INFSO).
Organising Committee of the Seminar:- Javier Lopez, U. of Malaga
- Volkmar Lotz, SAP Research
- Fabio Martinelli, IIT-CNR
- Aljosa Pasic, Atos Origin
- Dimitris Plexousakis, ERCIM
- Manuel Carvalhosa and Thomas Skordas, EC, DG INFSO-F5.
Seminar Report
List of participants
Programme and Presenation Slides
Scope and Objectives
In particular, this ERCIM strategic seminar aimed at collecting the relevant academic and industrial expertise in secure software engineering and at linking it with industry's best practices in the field in order to increase the trustworthiness of the resulting ICT systems.
Indeed, the growing complexity of ICT systems and the services they provide creates demands for a continuously increasing level of assurance on their expected functional behaviour as well as on non-functional properties such as performance, reliability, scalability and in particular security. Today however, the task of secure engineering (from collecting requirements to implementation and operation) of such systems and services is difficult, due to a number of reasons, such as:
- the lack of effective support in writing secure code sections, developing secure systems and assessing their security status
- the lack of adequate methodological support for the elicitation and specification of system-level security requirements based on domain- and application-specific risk analysis
- the lack of support to compare different system implementations with regard to their security properties and expected behaviour.
In order to contribute to addressing these relevant issues, this EC-ERCIM Strategic Seminar:
- presented latest progress on key research and development initiatives in engineering secure complex software systems and services and in achieving ICT system-level assurance
- encouraged the dialogue between scientists and industrial players from the field with a view to promoting collaboration; in particular, discuss the balance between rigorous scientific approaches aiming at achieving provably secure systems and cost-benefit considerations
- identified future key research challenges to be addressed in the field.
Participation was by invitation only.
Links:
ERCIM WG on Security and Trust Management: http://www.iit.cnr.it/STM-WG/
European Commission’s DG INFSO Unit F5 "Security":
http://cordis.europa.eu/fp7/ict/security/home_en.html
Contacts:
Dimitris Plexousakis, FORTH-ICS, Greece (dpics.forth.gr)
Fabio Martinelli, IIT-CNR, Italy (Fabio.Martinelliiit.cnr.it)
Thomas Skordas, European Commission (Thomas.Skordasec.europa.eu)
ERCIM office (contactercim.org)
Programme
Programme and Presentation Slides