The development of a science is an iterative and systematic process that requires rigor and validity both in the conduct of the research and the reporting of the research. Using input from the SoSL community, we developed a set of guidelines describing the information a research report should contain to maximize the contribution of the work and to facilitate the development of a science of security. Then, to gather feedback on the usability of the guidelines, we hosted a workshop at the SoSL Fall quarterly meeting where participants applied the guidelines to their own papers. Building on that work, we are now gathering input from cyber security experts outside of the SoSL community to validate and update the guidelines to improve their robustness across the various sub-domains of cyber security research. This poster describes the interview methodology, the initial guidelines, the findings of the SoSL workshop, and initial results from the external interviews.

Matthew Armstrong is a third year Computer Science PhD student at the University of Alabama. His research interests include Cyber Security and the cross section of Computer Science and Law. Dr. Jeffrey Carver is a Professor of Computer Science at the University of Alabama. His research interests include Empirical Software Engineering, Science of Security, Human Factors in Software Engineering, and Computer Science Education. He is an Associate Editor-in-Chief for Computing in Science & Engineering and on the editorial board for IEEE Transactions on Software Engineering, Empirical Software Engineering, Information and Software Technology, and IEEE Software. He is a Senior Member of IEEE and ACM. Contact him at carver@cs.ua.edu