Formal Methods in Security Engineering: 
From Specifications to Code (FMSE 2003)

Submission deadline is June 10, 2003
The workshop is held on October 30, 2003 in Washington D.C. 
The web page can be found at http://www.zurich.ibm.com/~mbc/FMSE02
Paper submission is done via the conference web page.

deployment of almost all applications and middleware.  Despite this commonly
recognized fact, the incorporation of security requirements in the software
development process is not yet well understood.  The deployment of security
mechanisms is often done in an ad-hoc manner only, without a formal security
specification, often without a thorough security analysis and almost
necessarily without a formal security validation of the final product.  That
is, a process is lacking for making the transition from high-level security
models and policies through development to code.

We aim to bring together researchers and practitioners from both the
security and the software engineering communities, from academia and
industry, who are working on applying formal methods to designing and
validating large-scale systems.  We are seeking submissions addressing
foundational issues in:

- security specification techniques
- formal trust models
- combination of formal techniques with semi-formal techniques like
   UML
- formal analyses of specific security properties relevant to
   software development
- security-preserving composition and refinement of processes
- faithful abstractions of cryptographic primitives and protocols
   in process abstractions
- integration of formal security specification, refinement and
   validation techniques in development methods and tools.

More information can be found at http://www.zurich.ibm.com/~mbc/FMSE02