ACM SIGMM Interest List


Options: Use Classic View

Use Monospaced Font
Show HTML Part by Default
Condense Mail Headers

Topic: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Message-ID: <[log in to unmask]>
Sender: ACM SIGMM Interest List <[log in to unmask]>
From: Alessandro Brighente <[log in to unmask]>
Date: Sat, 11 Mar 2023 10:23:24 +0100
Content-Type: multipart/alternative; boundary="000000000000a9fb0505f69c6e9a"
MIME-Version: 1.0
Reply-To: Alessandro Brighente <[log in to unmask]>
Parts/Attachments: text/plain (3688 bytes) , text/html (17 kB)
Dear colleagues,

we extended the deadline for the Workshop on DevSecOps Research and
Opportunities (DevSecOpsRO) that will be held in conjunction with EuroS&P
2023 as a pre-conference workshop on July 3rd 2023.

Security should not be treated as an add-on to software products; rather,
it should be deeply integrated within the whole Software Development
Life-Cycle (SDLC). The need for this integration and the design of suitable
methodologies to make agile software development secure are paving their
way in the security community. In this context, we often refer to DevSecOps
or SecDevOps when discussing security integration in agile software
production. Recently, players such as NIST, Google, OWASP, and the Cloud
Security Alliance proposed their frameworks for secure software
development. However, this provides only an initial step towards tackling
the challenges related to the security of the many and iterated steps of

Machine learning and AI can play a crucial role in DevSecOps as they can be
used to analyse large amounts of data, including network traffic and system
logs, to identify potential security threats, monitor system behaviour and
identify anomalies that may indicate a security breach. By using machine
learning in DevSecOps, organisations can more effectively detect and
respond to security threats and improve their overall security posture.
Moreover, they can be used in an automated way to interweave security in
existing DevOps pipelines.

Scope and topics: With this workshop, we aim to attract novel contributions
to the secure SDLC to foster the creation of more conscious, robust,
resilient, and advanced methodologies to prevent security issues at the
different stages of the development pipeline. Topics of interest include
but are not limited to:


   Methodological approaches to agile secure software development

   Security testing integration in the software supply chain

   Static and dynamic software bill of materials

   Secure software development via cloud testing

   Security as a service

   Machine learning approaches to speed up security testing

   Maturity models for secure software development

   Application  of DevSecOps in different fields

   Integration of incident and response teams operations

   Artificial intelligence for software security analysis

   Tracking and handling updates along the software supply chains

   AI support to Secure Software Development

   Automated vulnerability detection

   AI & ML in fuzzing

Paper submission deadline: Mar. 31, 2023

Notification of acceptance: Apr. 30, 2023

Final papers: May 15, 2023

For additional information on paper format and submission guidelines,
please visit the DevSecOpsRO website at

Looking forward to seeing you at EuroS&P 2023!

The program chairs

Alessandro Brighente, University of Padua

Mauro Conti, University of Padua

Constantinos Patsakis, University of Piraeus

Agusti Solanas, Rovira i Virgili University, & APWG.EU <>

Qiang Tang, Luxembourg Institute of Science and Technology



[log in to unmask]

If you don't already have a password for the LISTSERV.ACM.ORG server, we recommend
that you create one now. A LISTSERV password is linked to your email
address and can be used to access the web interface and all the lists to
which you are subscribed on the LISTSERV.ACM.ORG server.

To create a password, visit:


Once you have created a password, you can log in and view or change your
subscription settings at: