Over the last decade the pendulum has swung decidedly towards agile software development (from a more traditional engineering approach to software development). There are those who feel, however, that the pendulum has swung too far and needs to move back to more of a middle ground between the two approaches.

Agile software development (ASD) has seen enormous growth over the last decade since the announcement of the Agile Manifesto. There is no doubt that it has made a significant and lasting contribution to software development from project management to coding and testing practices and much more.

It is clearly also true that more than a half a century of research and practice in traditional software engineering (TSE) has produced significant findings and made a significant contribution to all aspects of software development. And yet, much of agile software development and many of those in the agile movement seem to ignore or reject traditional software engineering.

This minitrack focuses on research in the middle ground between traditional software engineering (TSE) and agile software development (ASD), or what we call agile software engineering (ASE). It will be an opportunity to present and discuss research that suggests and demonstrates a way to combine the best contributions of each approach (e.g. in practice, in methodologies, in education and training).

It will also accept research that may be critical of either or both approaches. It can do this because it is not committed entirely to either approach. It will also embrace innovative research that seeks to define an agile approach to software engineering (above and beyond the traditional iterative-and-incremental approach), including practices and methodologies.

This minitrack will also be a forum to present and discuss research related to the SEMAT (Software Engineering Method and Theory) initiative. SEMAT aims to find a core theory and method common to the two (and any other) approaches to software development.

Possible topics include (but are not limited to):

ο What is the essence of each approach (TSE and ASD) and are they compatible?

ο Defining agile software engineering (a middle ground between the two approaches)

ο When is a more agile approach and when is a more traditional approach most appropriate?

ο Critiques of agile software development and traditional software engineering

ο Agile modeling (particularly, for requirements, analysis and design)

ο The role of modeling in modern software development

ο Approaches to architecture in modern software development

ο Optimal iteration lengths in modern software development

ο Approaches to teams and team work in modern software development

ο Fitting software development into more waterfall business processes

ο Tools to support an agile approach to software engineering

ο Software Engineering Method and Theory (SEMAT)

ο Teaching a middle ground between traditional SE and agile software development

ο Methodologies for agile software engineering (i.e. that blend the approaches)

Ashey Aitken is a Senior Lecturer in the School of Information Systems at Curtin University of Technology in Perth, Australia. He has a PhD in Computer Science & Engineering from the University of New South Wales. He has also done professional training, consulting and software development in industry through his company Running Code Productions.

SUBMIT INQUIRIES TO:

Ashley Aitken

Curtin University of Technology,

Email: A.Aitken@Curtin.Edu.Au

The following topics will be included in the minitrack:

• Advances in specification and design of assured systems
• Advances in software correctness verification
• Advances in software security assurance
• Advances in system testing and certification
• Assurance for embedded systems
• Assurance for hardware components
• Assurance for large-scale infrastructure systems
• Assurance for SOA architectures and cloud computing environments
• Assurance in system maintenance and evolution
• Automated methods for system assurance
• Assurance through computation of software behavior
• Secure coding techniques
• Management of assurance operations
• Processes and metrics for assurance operations
• Business case and ROI development for system assurance
• Supply chain and standards issues in system assurance
• Case studies of system assurance successes

Jim Alves-Foss is the director of the University of Idaho Center for Secure and Dependable Systems. Dr. Alves-Foss co-founded the center in 1997 in response to the growing need for information assurance education and research. In 1998 the center was recognized as one of the first seven National Centers of Academic Excellence in Information Assurance Education by the National Security Agency. As a researcher in high assurance systems, Dr. Alves-Foss has published over 90 refereed conference and journal papers, has mentored 15 PhD students to completion as well as dozens of MS students. Dr. Alves-Foss received his BS in Mathematics and Physics and Computer Science and his MS and PhD degrees in Computer Science, all from the University of California at Davis. He came to the University of Idaho in 1991 after completing his PhD and is now a full professor.

Carol Woody is a senior member of the technical staff at the Software Engineering Institute. She leads a team of researchers addressing Cyber Security Engineering. Her current research is focused on cyber assurance and supply chain risk analysis. Woody has over 25 years of experience covering all aspects of software and systems planning, design, development, and implementation in large complex organizations. She holds a BS in mathematics from The College of William and Mary, an MBA with distinction from Wake Forest University, and a PhD in Information Systems from NOVA Southeastern University. Woody is a senior member of both IEEE and ACM.

SUBMIT INQUIRIES TO:

Richard Linger (primary contact)
Cyberspace Sciences and Information Intelligence Research Group
Email: LingerR@ornl.gov

Jim Alves-Foss, Director
University of Idaho

Email: jimaf@uidaho.edu

Carnegie Mellon University

This minitrack will bring together papers from academia and practitioners that address current directions in digital forensics. Digital forensics involves the use of software, computer science, software engineering, and criminal justice procedures to explore and investigate digital media with the objective of finding evidence to support a criminal or administrative case. It involves the preservation, identification, extraction, and documentation of computer or network evidence.

We solicit papers in the following areas:

• Papers that describe digital forensics degree programs or the teaching of digital forensics within other programs internationally.
• Papers that address a research agenda that considers practitioner requirements, multiple investigative environments and emphasizes real world usability such as visualization.
• Papers that present an experience report involving the discovery, explanation and presentation of conclusive, persuasive evidence from digital forensics investigations.
• Papers that are 'forward thinking' and identify approaches to solving the digital forensics challenges of the future.

Kara Nance is Professor and Chair of the Computer Science Department at the University of Alaska Fairbanks and runs a computer security consulting firm. Her research interests include digital forensics, data systems, network dynamics, visualization, and computer security. She is the founder and director of the Advanced Systems Security Education, Research and Training (ASSERT) Center, which is a multidisciplinary center to address computer security issues and provides an isolated networked computer environment suitable for computer security education, research, and training that is used by institutions around the world. She serves on a Senior-Executive Advisory Board for the Office of the Director of National Intelligence and is a frequent speaker on cybersecurity as it relates to national security.

Matt Bishop received his Ph.D. in computer science from Purdue University, where he specialized in computer security, in 1984. He was a research scientist at the Research Institute of Advanced Computer Science and was on the faculty at Dartmouth College before joining the Department of Computer Science at the University of California at Davis. His main research area is the analysis of vulnerabilities in computer systems, especially their origin, detection, and remediation. He is also active in the areas of network security, the study of denial of service attacks and defenses, policy modeling, software assurance testing, and formal modeling of access control. He is active in information assurance education, and is a charter member of the Colloquium on Information Systems Security Education. His textbook, Computer Security: Art and Science, was published in December 2002 by Addison-Wesley Professional. He teaches software engineering, machine architecture, operating systems, programming, and (of course) computer security.

Amelia Phillips is a graduate of the Massachusetts Institute of Technology with a BS degree in Astronautical Engineering and a BS in Archaeology. She is currently pursuing her PhD in Computer Security at the University of Alaska Fairbanks. After working as an engineer at the Jet Propulsion Laboratory and TRW, Amelia worked with e-commerce sites and began her training in computer forensics and investigations during the dot-com boom as credit card numbers were being stolen from website databases. She has designed certificate and AAS programs for community colleges in e-commerce, network security, computer forensics and data recovery. She is currently tenured at Highline Community College in Seattle, WA and is serving as the Chair of the Pure & Applied Science Division. She co-authored the textbook Guide to Computer Forensics and Investigations which is now in its fourth edition. She runs the program in Data Recovery/Computer Forensics for Highline Community College in Seattle.

SUBMIT INQUIRIES TO:

University of Alaska at Fairbanks

Email: klnance@alaska.edu

University of California, Davis

Email: bishop@cs.ucdavis.edu

Highline Community College

Email: aphillip@highline.edu

Cloud Computing offers SaaS, PaaS, and IaaS as cost effective ways of doing computation. Initiatives by Governments as well as large and small businesses are motivating the migration of localized data centers, and IT to Internet Cloud Computing facilities. This rapid deployment of Cloud Computing comes with a cost that can leave users open to vulnerabilities such as: Disruptions that may shutdown 24x7 computation availability of essential services since the concentration of government and or multiple businesses resources at a single site is a convenient target for effective cyber-terrorist attacks; Possible theft of Cloud resident software Intellectual Property and confidential Personal Information; and the unwarranted invasions of user data privacy because users and their data may reside in conflicting legal jurisdictions.

This minitrack will be open to research and practitioner contributions alike exploring the technical design issues as well as the solutions facing the challenges of Secure Cloud Computing.

- Security of Public versus Private Cloud services

- Secure, virtual desktop deployment

- Preventing Virtual-Machine co-residency attacks

- Designing a secure Hyper-Visor

- Preventing Intellectual Property and Personal Information theft

- Monitoring, auditing Cloud Services

- Cloud Computing Digital forensics

- Guaranteeing "Five 9's" availability

- Methods to secure The Cloud against DDoS attacks

- Vaccinating PaaS and IaaS Clouds against software viruses

- Secure Cloud deployment of virtually accessible, confidential databases

- Cloud based identity management

- Data privacy and availability in Peer-to-Peer Clouds

- Customer migration from one Cloud provider to another

- Secure cloud interoperability and Service Level Agreements

- Rights and Policy Management in Cloud Computing and Services

- Governance, Risk and Compliance in Cloud Computing and Services

- Security in the Social Cloud of Things

- Ethical, social and legal issues in Cloud Computing

SUBMIT INQUIRIES TO:

Email: byeager@fastmail.fm

KTH/Royal Institute of Technology and Swedish Institute of Computer Science

Email: ali@sics.se

University of Geneva - CUI

Email: Jean-Henry.Morin@unige.ch

Software has become the key asset for competitive products and services in all industries. Thus, competitiveness in software development, maintenance, and related services has become a concern for organizations. There are two primary strategies to deal with this concern: increasing the competitiveness (1) internally through methods such as the strategic acquisition, creation, and reuse of software assets or (2) externally by outsourcing software development, maintenance, and related services to third party service providers. A viable third strategy is to enact both strategies in parallel. This minitrack will focus on the first strategy but submissions dealing with the third strategy are very welcome as well.

This minitrack welcomes contributions to the mainstream product line body of knowledge. Authors with a strong software engineering focus are encouraged to relate their work with the relevant work (e.g., on agile methods) in the other minitracks of the Software Technology track. To help integrate new bodies of knowledge in product line research and practice, the minitrack especially welcomes contributions including but not limited to:

• Business models and strategies for product lines
• Economic valuation of product lines
• Organizational and process designs for product lines
• Distributed leadership in developing open source platforms and product lines
• Knowledge management practices and systems for product lines
• Service systems and their implications for product lines
• International standardization initiatives related to product lines
• Theory building and/or validation from the viewpoints of design and behavioral science

The minitrack is also interested in industrial experiences in product line engineering if they can be used to validate or challenge existing theories and/or create new theories relevant to the software product line engineering body of knowledge.

SUBMIT INQUIRIES TO:

University of JyvŠskylŠ

Email: timokk@jyu.fi

Software testing is a complex, resource-intensive process that addresses properties including functionality, usability, security, and performance. The goal of this minitrack is to bring together researchers from all areas of testing and Internet testbeds to promote sharing and cross-pollination of promising methods and technologies. We will promote a testing discipline characterized by solid foundations and processes that can effectively address the scope and scale of the problem. This minitrack also encompasses other means to assess software; for example, code inspections and reviews and methods for verification and validation.

This minitrack addresses all aspects of the testing. The following topics will be included:

Luanne Burns received her M.S. in Computer Science and her Ph.D. in Cognitive Science from Columbia University. Her work involved neural networks and expert systems in education. She was a Research Staff Member at IBM's Thomas J. Watson Research Center for 18 years. The main focus of her work was on user interface design and implementation in the database, education, and internet domains. Later she was a Senior Engineer at Carnegie Mellon's Software Engineering Institute. Luanne is now a senior member of the technical staff (Cyber Systems) at Johns Hopkins Applied Physics Lab (APL) in the Applied Information Sciences Department. She is currently the Demonstration, Integration and Test Lead for the National Cyber Range project at APL.

Richard Linger is a Senior Research and Development Staff Member in the Cyberspace Sciences and Information Intelligence Research Group at Oak Ridge National Laboratory, where he leads research and development in software behavior computation for verification of smart grid software functionality and security. He previously served as manager of the CERT Survivable Systems Engineering Group at the Software Engineering Institute, Carnegie Mellon University. He directed research and development on Function Extraction (FX) technology for software behavior computation, with focus on application to software test & evaluation and to malware analysis. He also served as a member of the faculty at the CMU Heinz School of Public Policy and Management. At IBM, Linger partnered with Dr. Harlan Mills, IBM Fellow, to create Cleanroom Software Engineering technology for development of ultra-reliable software systems, including box-structure specification, function-theoretic design and correctness verification, and statistical usage-based testing for certification of software fitness for use. He has extensive experience in project management; system specification, architecture, design, verification, testing, and certification; software re-engineering and reverse engineering; and technology transfer and education. He has published three software engineering textbooks, 11 book chapters, and over 60 papers and journal articles. He is a member of the AIAA and ACM, and a senior member of the IEEE.

SUBMIT INQUIRIES TO:

Johns Hopkins University, Applied Physics Lab

Email: luanne.burns@jhuapl.edu

Johns Hopkins University, Applied Physics Lab

Email: ronald.ostrenga@jhuapl.edu

This minitrack is focused on the issues that arise in designing and building wireless networks, and on the applications of wireless networks in solving real-world challenges and connecting people and devices.

Technical issues are found in the protocol stack from the physical layer to the application layer, and include greater efficiency, security, scalability, the design and motivation of new systems, novel applications, better use of existing technology, energy efficiency of communications and use, regulatory issues, and in general, issues that are of concern when designing or building wireless networks. Often, technical solutions must be accompanied by relevant social, environmental, or economic considerations that may be essential to the success of the technology.

The following is a partial list of research topics of interest for this minitrack:

• networking issues, including physical, MAC, routing, transport, application, or cross-layer protocols and algorithms
• theoretical issues of interest in the design or implementation of wireless networks, including communications, scalability, coordination, access control, and other advances in the field
• mobile broadband wireless networks
• ad hoc wireless networks including mesh networks
• wireless sensor networks
• mixed wired and wireless networks
• embedded systems using wireless networks
• security in wireless networks
• network management and localization or dealing with approximate location
• novel applications of wireless networks
• social and environmental benefits and consequences of increased use of wireless networks and new applications.

In general, this minitrack is expansive in welcoming submissions in any area related to wireless networks. Prospective authors are invited to contact the minitrack chairs if they seek more detailed guidance.

Edoardo Biagioni is an associate professor in the department of Information and Computer Sciences at the University of Hawaii at Manoa. His research interests include networking protocols, in particular routing and data transfer protocols for wireless sensor networks and wireless ad-hoc networks, and information assurance.

John McEachen is a professor in the Department of Electrical and Computer Engineering of the Naval Postgraduate School, Monterey, California. His research interests include managing routing in computer networks, wireless networking protocols, patternless intrusion detection, and steganographic communications.

Murali Tummala is a Professor of Electrical and Computer Engineering at the Naval Postgraduate School, Monterey, California, where he conducts research in wireless ad hoc and sensor networking, wireless communications, and signal processing.

SUBMIT INQUIRIES TO:

University of Hawaii at Manoa

Email: esb@hawaii.edu