The Third International Workshop on Security

Testing Prof. Luca Viganò (Verona University, Italy)

Dr. Keqin Li (SAP Research, France)

Dr. Wissam Mallouli (Montimage, France)

Affiliated with ICST 2012

Montreal, Canada

April 21, 2012

General Statistics◦ Submissions 22◦ Accepted 9◦ Acceptance rate 40.9 %◦ Reviews 65

Authors from 11 countries (France, Canada, India, Italy, Luxembourg, Austria, Germany, Netherlands, Iran, Sweden, USA)

Submissions from academia and industry 5 security testing tools demonstrations

Sectest 2012 statistics

ICST organizers Streering committee

◦ Alessandro Armando (University of Genova, Italy)◦ Ana Cavalli (Telecom SudParis, France)◦ Jorge Cuellar (Siemens, Germany)◦ Alexander Pretschner (KIT, Germany)◦ Yves Le Traon (University of Luxembourg,

Luxembourg) Programm committee Authors and speakers Invited speaker: Prof Ina Schieferdecker

Thanks to

08:00 - 09:00 Registration

Session I Chairs: Wissam Mallouli and Luca Vigano

09:00 - 10:00 Invited talkModel-Based Fuzz TestingIna Schieferdecker (Fraunhofer Fokus, Germany)

10:00 - 10:30 Managing Evolution by Orchestrating Requirements and Testing Engineering ProcessesFederica Paci, Fabio Massacci, Fabrice Bouquet and Stephane Debricon.

10:30 - 11:00 Coffee break

Session II Chair: Ana Cavalli

11:00 - 11:30 XSS Vulnerability Detection Using Model Inference Assisted Evolutionary FuzzingFabien Duchene, Roland Groz, Jean-Luc Richier and Sanjay Rawat.

11:30 - 12:00 A Taint Based Approach for Smart FuzzingSofia Bekrar, Chaouki Bekrar, Roland Groz and Laurent Mounier.

12:00 - 12:30 A Testing Model for Dynamic Malware Analysis SystemsFrédéric Massicotte, Mathieu Couture, Hugues Normandin and Frédéric Michaud.

12:30 - 14:00 Lunch

Agenda (morning)

12:30 - 14:00 Lunch

Session III Chair: Johan Oudinet

14:00 - 14:45 Automatic XACML requests generation for policy testingAntonia Bertolino, Said Daoudagh, Francesca Lonetti and Eda Marchetti.

14:45 - 15:30

Solving Some Modeling Challenges when Testing Rich Internet Aplications for Security Suryakant Choudhary, Mustafa Emre Dincturk, Gregor V. Bochmann, Guy-Vincent Jourdan, Iosif Viorel Onut and Paul Ionescu.

15:30 - 16:00 Coffee break

Session IV Chair: Roland Groz

16:00 - 16:30 SPaCiTE - Web Application Testing EngineMatthias Büchler, Johan Oudinet and Alexander Pretschner.

16:30 - 17:00 Events-Based Security Monitoring Using MMT ToolBachar Wehbi, Edgardo Montes de Oca and Michel Bourdellès.

17:00 - 17:30 The SmartLogic Tool: Analysing and Testing Smart Card ProtocolsGerhard de Koning Gans and Joeri de Ruiter.

17:30 The end

Agenda (afternoon)

Next Sectest 2013 will be held in Luxembourg

Still affiliated to ICST conference

In a better hotel (without noise)

Thank you