[SAMATE Home | IntrO TO SAMATE | SARD | SATE | Bugs Framework | Publications | Tool Survey | Resources]
29 June 2006
U.S. National Institute of Standards and Technology
NIST North room 152
Gaithersburg, MD, USA
"Black-box" software testing cannot realistically find maliciously implanted Trojan horses or subtle errors which have many preconditions. For maximum reliability and assurance, static analysis must be applied to all levels of software artifacts, from models to source code to byte code to binaries. As noted in the CFP the goal of this summit is to convene researchers, developers, and government and industrial users to explore the state of the art in software static analysis tools and techniques with an emphasis on software security. It is also to serve as a prelude to an international summit in Spring 2007.
We solicit contributions describing basic research, novel applications, experience, and proposals relevant to static analysis tools, techniques, and their evaluation. Questions and topics of particular interest are:
Papers should be from 1 to 8 pages long. Papers exceeding eight pages will not be reviewed. All submissions should clearly identify their novel contributions.
Submit papers electronically in PDF or ASCII text by 20 May 2006 to Liz Fong <efong [at] nist.gov (efong[at]nist[dot]gov)>. Your submission constitutes permission for us to publish it in workshop proceedings.
We will notify submitters of acceptance by 1 June 2006.
You do not have to have an accepted paper to attend. We invite those who develop, use, purchase, or review software security evaluation tools. Academicians who are working in the area of semi- or completely automated tools to review or assess the security properties of software are especially welcome. We are looking for participation from researchers, students, developers, and users in industry, government, and universities.
On-line registration is closed. To register, please send email to Teresa Vicente teresa.vicente [at] nist.gov (<teresa[dot]vicente[at]nist[dot]gov>) and pay when you register. NIST's conferences SAS page has registration contact information.
NIST has a visitor information web page with information on accommodations, directions, and the local area. Please note that the summit will be at NIST North, not on the main campus.
8:30 - 9:00 : registration
9:00 - 9:30 :
9:30 - 10:20 : moderator: Sam Redwine
10:20 - 10:45 : Break
10:45 - 12:00 : moderator: Jack Danahy
12:00 - 1:00 : Lunch
1:00 - 1:30 : Keynote: Dawson Engler
1:30 - 2:45 : moderator: W. Bradley Martin
2:45 - 3:10 : Break
3:10 - 4:00 : moderator: Michael Koo
4:00 - 4:30 : The next, international meeting: Format & structure? Where? When? Who else should be invited?
Accepted papers, along with Dawson Engler's keynote presentations, were published in the workshop proceedings as NIST Special Publication 500-262.
20 May 2006 - Paper submission deadline
1 June 2006 - Author notification
13 June 2006 - Final camera-ready copy due
29 June 2006 - Summit
Paul E. Black | NIST | paul.black [at] nist.gov (paul[dot]black[at]nist[dot]gov) |
Helen Gill | NSF | hgill [at] nsf.gov (hgill[at]nsf[dot]gov) |
W. Bradley Martin | NSA | wbmarti [at] tycho.nsa.gov (wbmarti[at]tycho[dot]nsa[dot]gov) |
Freeland Abbott | Georgia Tech |
Paul Ammann | George Mason U. |
Paul Anderson | GrammaTech |
John Anton | Kestrel |
Ira Baxter | Semantic Designs |
Rogier Boon | ITsec Security |
Djenna Campara | KDM Analytics |
Pravir Chandra | Secure Software |
Ben Chelf | Coverity |
Brian Chess | Fortify |
Jack Danahy | Ounce Labs |
Elizabeth Fong | NIST |
Larry Johnsen | Parasoft |
Michael Kass | NIST |
Michael Koo | NIST |
Robert E. Lee | GMRI |
Robert A. Martin | MITRE Corp. |
Vadim Okun | NIST |
Daniel J. Quinlan | LLNL |
Ioana Rus | Fraunhofer USA |
Ravi Sandhu | George Mason U. |
Robert C. Seacord | CERT/CC |
Liz Fong
efong [at] nist.gov (efong[at]nist[dot]gov)
Romain Gaucher
romain.gaucher [at] nist.gov (romain[dot]gaucher[at]nist[dot]gov)
National Institute of Standards and Technology (NIST)
Software Assurance Metrics and Tool Evaluation (SAMATE) Project
Static Analysis Summit
29 June 2006
Gaithersburg, MD, USA
----------------------------------------------------------------------------
"Black-box" software testing cannot realistically find maliciously implanted Trojan horses or subtle errors which have many preconditions. For maximum reliability and assurance, static analysis must be applied to all levels of software artifacts, from models to source code to byte code to binaries. The goal of this workshop is to convene researchers, developers, and government and industrial users to explore the state of the art in software static analysis tools and techniques with an emphasis on software security.
We solicit contributions describing basic research, novel applications, experience, and proposals relevant to static analysis tools, techniques, and their evaluation. Questions and topics of particular interest are:
SUBMISSIONS:
Papers should be from 1 to 8 pages long. Papers exceeding eight pages will not be reviewed. All submissions should clearly identify their novel contributions.
Submit papers electronically in PDF or ASCII text by 20 May 2006 to Liz Fong <efong [at] nist.gov (efong[at]nist[dot]gov)>. Your submission constitutes permission for us to publish it in workshop proceedings. We will notify submitters of acceptance by 1 June 2006.
PUBLICATION:
Accepted papers, along with workshop presentations where possible, will be published in the workshop proceedings as a NIST Special Publication.
IMPORTANT DATES:
20 May: Paper submission deadline
1 June: Author notification
13 June: Final camera-ready copy due
29 June: Workshop
GENERAL
CHAIR Paul E. Black paul.black [at] nist.gov (paul[dot]black[at]nist[dot]gov)