The Nineteenth Annual
High Confidence Software and Systems (HCSS) Conference
Call for Presentations and Posters
The nineteenth annual High Confidence Software and Systems (HCSS) Conference will be held April 29 - May 1, 2019 at the Historic Inns of Annapolis in Annapolis, Maryland. We solicit proposals to present talks at the conference and to participate in the poster session.
Our security, safety, privacy, and well-being increasingly depend upon the correctness, reliability, resilience, and integrity of software-intensive systems of all kinds, including cyber-physical systems (CPS). These systems must be capable of interacting correctly, safely, and securely with humans, with diverse other systems, and with the physical world even as they operate in changing, difficult-to-predict, and possibly malicious environments. New foundations in science, technology, and methodologies continue to be needed. Moreover, these methods and tools have to be transitioned into mainstream use to build and assure these systems—and to move towards more effective models for acceptance and certification.
CONFERENCE SCOPE, GOALS, AND VISION
The High Confidence Software and Systems (HCSS) Conference draws together researchers, practitioners, and management leaders from government, universities, non-profits, and industry. The conference provides a forum for dialogue centered upon the development of scientific foundations for the assured engineering of software-intensive complex computing systems and the transition of science into practice. The technical emphasis of the HCSS conference is on mathematically-based tools and techniques, scientific foundations supporting evidence creation, systems assurance, and security. The HCSS vision is one of engaging and growing a community—including researchers and skilled practitioners—that is focused around the creation of dependable systems that are capable, efficient, and responsive; that can work in dangerous or inaccessible environments; that can support large-scale, distributed coordination; that augment human capabilities; that can advance the mission of national security; and that enhance quality of life, safety, and security.
We invite submissions on any topic related to high-confidence software and systems that align with the conference scope and goals listed above. In addition, the 2019 HCSS Conference will highlight the following themes:
· Semantics-Driven Testing: Semantics-driven testing leverages knowledge of an evaluated system to find errors. Smart fuzzing is semantics-driven testing that uses knowledge of an evaluated system’s input structure to generate invalid inputs to identify software coding errors. Other approaches use knowledge of a system’s architecture or implementation to generate test inputs. Uses of semantics-driven testing include identifying security vulnerabilities in fielded systems, finding implementation errors during product development, and meeting certification requirements. Technologies such as symbolic execution, SMT solvers, software architecture analysis, and protocol analysis can be used to generate tests.
We solicit descriptions of semantics-driven testing technology and experience reports. Example topics include
- semantics-driven testing approaches and tools to improve system correctness and robustness,
- assessments of automated testing comprehensiveness or effectiveness,
- how the interplay of testing and analysis can increase system assurance, and
- how automated test generation can meet current or proposed certification requirements.
· Hardware Software Coassurance: In order to create a correct and secure system, it is necessary to have strong assurance about all the layers of its implementation: hardware, firmware, operating system, middleware, and application software. Without these interlocking assurances, an insecurity in one layer can create tunnel insecurities in other layers thereby undercutting even formal guarantees. With sufficiently clear specifications of each layer, rely-guarantee relationships between layers can theoretically permit an end-to-end assurance case for system correctness and security. Unfortunately, mainstream hardware—particularly CPUs—do not provide such guarantees, either for a CPU’s semantics on all possible execution traces or for its information leakage.
We solicit descriptions of assurance approaches and experiences that span multiple layers of implementations. Example topics include
- case studies of failures in proven systems that arise from insecurities in other layers,
- techniques for structuring cross-layer assurances (including delaying hardware vs. software decisions), and
- examples of co-designing, co-implementing, and co-verifying a system's hardware, firmware, and software to create a coassurance case for the system.
· Automated Software Certification: Today’s approach to achieving software certifications such as DO-178c and ISO 26262 often includes labor-intensive activities such as peer reviews of requirements/designs/code, structural testing, and process documentation. Incorporation of components of diverse provenance is a source of complexity that complicates certification. Many product requirements, functionality, and components evolve after certification, leading to needed product recertification—a particular challenge for products with long lifecycles such as avionics and medical equipment. The challenge of improving certification processes is to increase confidence in the resulting critical systems and to reduce cost/schedule. Automated modeling and reasoning technologies (e.g. model checking, theorem proving, assume-guarantee reasoning, architectural modeling) may help meet that challenge.
We solicit descriptions of automated software certification technology and experience reports. Example topics include
- how automated reasoning technologies can be applied to certification activities,
- methods to manage and analyze the provenance of components in certified systems,
- proposed practical improvements to certification standards that add rigor and lower cost,
- approaches that improve the process of certifying previously certified, upgraded systems,
- principled methods for determining risk ownership in complex systems,
- integration of development and certification activities in complex system development, and
- assessments of current and proposed certification standards.
The conference program features invited speakers, panel discussions, poster presentations, and a technical track of contributed talks.
Technical Track Presentations
The technical track features two kinds of talks:
· Technical talks. These talks highlight state-of-the-art techniques and methods for high-confidence software systems with an emphasis on how those techniques and methods can be used in practice. Presenters of these talks should strive to make their material accessible to the broader HCSS community even as they discuss deep technical results in areas as diverse as concurrency analysis, hybrid reasoning approaches, theorem proving, separation logic, analysis, synthesis, analytics, various modeling techniques, etc.
· Experience reports. These talks inform participants about how emerging HCSS and CPS techniques play out in real-world applications, focusing especially on lessons learned and insights gained. Although experience reports do not have to be highly technical, they should emphasize substantive and comprehensive reflection, building on data and direct experience. Experience reports focus on topics such as transitioning science into practice, architecture and requirements, use of advanced languages and tools, evaluation and assessment, team practice and tooling, supply-chain issues, etc.
If you are interested in offering a talk—or nominating someone else to be invited to do so—please upload an abstract of one page or less for your proposed talk or a one paragraph description of your nominee’s proposed talk by Friday January 4, 2019 extended to Sunday, January 20 to https://cps-vo.org/hcss19/presentation/cfp. Abstracts and nomination paragraphs should clearly indicate why the talk would be relevant to HCSS and which, if any, conference themes the talk would address. Notifications of accepted talks will be made by Friday, February 1, 2019.
If you are interested in participating in the poster session, please upload an abstract of your proposed poster theme with title by Friday, February 22, 2019 to https://cps-vo.org/hcss19/poster/cfp. Abstracts should clearly indicate why the poster is relevant to HCSS and which, if any, of this year’s themes the poster would address. Notifications of accepted posters will be made by Friday, March 22, 2019.
The conference organizers will print posters free of charge if design content is electronically submitted by Monday, April 15, 2019. After April 15, poster session participants will be responsible for the printing and delivery of their own posters. Content designs of accepted posters can be submitted electronically in PDF format. The conference organizers will provide easels, foam boards, and tacks for all poster displays. Poster session participants should contact the conference organizers in advance if additional materials or props are desired.
Further instructions for electronically submitting camera-ready abstracts, final slide presentations of accepted talks, and poster designs will be provided in the presenter notification messages. Abstracts of accepted talks and posters will be printed in the 2019 HCSS Conference proceedings.
Proposed Talk Submissions: Friday, January 4, 2019 extended to Sunday, January 20
Notification of Talk Decisions: Friday, February 1, 2019 Wednesday, February 6
Camera-Ready Talk Abstracts Due: Monday, April 1, 2019
Presentation files due: Sunday, April 28, 2019
Proposed Poster Submissions: Friday, February 22, 2019
Notification of Poster Decisions: Friday, March 22, 2019
Camera-Ready Talk Abstracts Due: Monday, April 1, 2019
Poster Files Due: Monday, April 15, 2019
HCSS Conference: April 29 - May 1, 2019
Eric Smith, Kestrel Institute
Matt Wilding, Collins Aerospace
Perry Alexander, University of Kansas
Kathleen Fisher, Tufts University
John Hatcliff, Kansas State University
Nicole Hughes, National Security Agency
Stephen Magill, Galois, Inc.
John Launchbury, Galois, Inc.
Brad Martin, National Security Agency
Ray Richards, DARPA
Bill Scherlis, Carnegie Mellon University
Katie Dey, Vanderbilt University
Anne Dyson, Cyber Pack Ventures
Amy Karns, Vanderbilt University
NITRD HCSS Coordinating Group