Wed, 14 Mar 2012 01:18:05 +0900
[Apologies for cross postings. Please circulate to colleagues and prospective interested parties.]

2nd Workshop on Resilience and IT-Risk in Social Infrastructures (RISI 2012)

Call for Papers

To be held in conjunction with the 7th International Conference on Availability, Reliability, and Security (ARES 2012

August 2024, 2012
University of Economics in Prague
Prague, Czech Republic

Accepted papers will be published in the ARES proceedings.
Submission deadline: April 14, 2012.
The submission server is ready to welcome your submissions: <>

Information technology (IT) supports domains of social infrastructures in monitoring and controlling their physical environment. These embedded systems must inevitable deliver correct services for at least the critical functions according to the current situation. However, interferences due to crime, terrorism, and natural disasters threaten IT support and therewith safety. Affected systems should adapt to both the changed situation and the failure of services. Adaptive systems following the computing paradigm of Ubiquitous Computing promise to achieve liveness properties of data processing in any case of faults and changes. Hence, they are an option for improving cyber-physical systems in monitoring and controlling social infrastructures even in hostile environments. Although on demand orchestration of services creates adaptive systems of systems to implement the required functionality, these desired interdependencies bear vulnerabilities by, e.g., covert channels.

Whereas many security solutions are well studied for models and their implementation for separated security domains, this is not the case for adaptive systems. Firstly, adaptive systems change continuously their state. A model can only consider those states, which have already passed. Secondly, security domains overlap in adaptive systems, which demand a disclosure of private data to third parties resulting in data aggregation at services of different security domains. Thirdly, some processing purposes are not predictable at the time of data collection and service orchestration should not be excluded for new services. Enforcement of security in adaptive systems equals to enforcement of liveness and safety properties to achieve correct services by means of dependable and secure computing. The ability of a system to maintain an acceptable level of service in the face of any faults and challenges to normal operation is understood as resilience.

Since resilience research is still in its infancy, the main objective of this workshop is to identify research problems and to discuss future research initiatives regarding IT support for "Resilience in Social Infrastructures" as well as the necessity to take non-technical aspects into consideration. We encourage academic researchers and industry experts to present and discuss novel ideas and ongoing work. Contributions addressing promising approaches to provide and manage resilient infrastructures are invited as research in progress and best practices.

Autonomic and dependable computing
* Methods and techniques for self-configuration, self-healing, self-protecting, etc.
* Flexible and secure orchestration of IT services
* Trustworthy organic computing

Risk assessment and vulnerability analysis
* Economics of controls
* Risk assessment within adaptive systems
* Identification of vulnerabilities in Service-Oriented Computing

Policy management
* Policy languages for isolation in adaptive systems
* Matching of high-level policies with security-related execution traces
* Automatic identification of conflicts between policies
* Automatic resolution of policy conflicts
* Pattern-driven security engineering

Policy enforcement
* Recovery-Oriented Computing
* Enforcement of data removal
* Usage control mechanisms
* Observability of control and data flows
* Simulations of system behavior
* Conformance checking
* Data provenance
* Model checking for adaptive systems
* Digital forensics

Methods for resilience & best practices
* Privacy and security in participatory sensing 
* Business continuity plan and business continuity management
* Critical information infrastructure protection
* Human-centric resilience systems
* Measurements of resilience
* Resilience in cryptographic and communications protocols

Important Dates
2012-04-14: Submission deadline
2012-05-01: Author notification
2012-05-18: Author registration
2012-06-01: Proceedings version
2012-08-20 - 2012-08-24: Conference/Workshop

Submission Guidelines
The submission guidelines valid for the workshop are the same as for the ARES conference. They can be found at: <>

Workshop Co-Chairs
Isao Echizen
National Institute of Informatics (NII), Japan
[log in to unmask]

Stefan Sackmann
Martin-Luther University Halle-Wittenberg, Germany
[log in to unmask]

Sven Wohlgemuth
National Institute of Informatics (NII), Japan
[log in to unmask]

Program Committee
Bernd Heinrich, University of Innsbruck, Austria
Kai Kittel, Martin-Luther University of Halle-Wittenberg, Germany
Dennis Kundisch, University of Paderborn, Germany
Javier Lopez, University of Malaga, Spain
Hiroshi Maruyama, Institute of Statistical Mathematics, Japan
Guenter Mueller, Albert Ludwig University Freiburg, Germany
Hubert Oesterle, University of St. Gallen, Switzerland
Eiji Okamoto, University of Tsukuba, Japan
Alexander Pretschner, Karlsruhe Institute of Technology, Germany
Ryoichi Sasaki, Tokyo Denki University, Japan
Stephan Sigg, National Institute of Informatics, Japan
Noboru Sonehara, National Insitute of Informatics, Japan
A Min Tjoa, Vienna University of Technology, Austria
Edgar Weippl, Secure Business Austria, Austria
Hiroshi Yoshiura, The University of Electro-Communications of Tokyo, Japan

Sven Wohlgemuth, Dr.
Associate Professor
National Institute of Informatics (NII)
Transdisciplinary Research Integration Center (TRIC)	
2-1-2 Hitotsubashi, Chiyoda-ku		
Tokyo 101-8430						
Phone	+81 3 4212 2516
Fax   	+81 3 3556 1916
