The Evolving Security and Privacy Requirements Engineering (ESPRE) Workshop is a multi-disciplinary, one-day workshop. It brings together practitioners and researchers interested in security and privacy requirements.
ESPRE probes the interfaces between Requirements Engineering and Security & Privacy, and aims to evolve security and privacy requirements engineering to meet the needs of stakeholders; these range from business analysts and security engineers, to technology entrepreneurs and privacy advocates.
We invite research and position papers that address any of the workshop topics.
Please use the IEEE trans template for submissions.
Further Instructions are also on the RE 2017 site
Papers have no more than 6 pages of content. An additional page is allowed for references only. Papers should be submitted electronically in PDF format to EasyChair.
Accepted papers will be published in the workshop proceedings, and made available via IEEE Xplore.
Greater agility of our infrastructure systems will be a key enabler to address the increasingly volatile, uncertain, complex and ambiguous environment that is characteristic of future operations. In this context, agility is the ability for a system to provide a timely response in relation to changes in the mission, threat or environment. Increasingly systems will operate autonomously to reduce human cognitive demands and to respond faster than a human operator could. In order to achieve this, three high level system capabilities are required:
Underpinning the ability to deliver this capability is the need to assure the operation of the system, but due to the agile nature, a static design time assurance process is no longer sufficient. Instead both design time and real time assurance is required.
The talk will describe in more detail the architectures and design principles of agile systems, with an emphasis on information systems. It will give exemplars in relation system security and how the architecture supports risk based analysis. Initial concepts in run-time assurance for secure agile systems will also be described.
Dr Williams graduated from the University of Oxford with a First in Engineering Science, and subsequently gained his PhD from Bristol University on the topic of chaotic waveforms for communications. Alongside periods in industry (Research Manager for Fujitsu) and academia (Research Fellow at Bristol University) much of his career has been in Government defence research (Dstl and predecessors). Areas of expertise include novel waveforms, communications signal processing, dynamic spectrum access, risk based decision making, agile systems and requirements engineering.
|An Approach to Privacy Notices in IoT||Parvaneh Shayegh Boroujeni and Sepideh Ghanavati (Texas Tech University, USA)|
|An Effective Immersive Cyber Security Awareness Learning Platform for Businesses in the Hospitality sector||Jack Holdsworth and Edward Apeh (Bournemouth University, UK)|
|An Ontological Approach to Predict Trade-Offs between Security and Usability for Mobile Application Requirements Engineering||Woori Roh and Seok-Won Lee (Ajou University, Korea)|
|Challenges of privacy requirements modelling in V2X applications: A telematic insurance case study||Sarah Schulz Mukisa and Awais Rashid (Lancaster University, UK)|
|Design as Code: Facilitating Collaboration between Usability and Security Engineers using CAIRIS||Shamal Faily (Bournemouth University, UK) and Claudia Iacob (University of Portsmouth, UK)|
|Exploratory Study of the Privacy Extension for System Theoretic Process Analysis (STPA-Priv) to elicit Privacy Risks in eHealth||Kai Mindermann, Frederik Riedel, Asim Abdulkhaleq, Christoph Stach and Stefan Wagner (University of Stuttgart, Germany)|
|From Requirements to Operation: Components for Risk Assessment in a Pervasive System of Systems||Duncan Ki-Aries, Huseyin Dogan, Shamal Faily, Paul Whittington (Bournemouth University, UK) and Christopher Williams (Defence Science and Technology Laboratory, UK)|