5th International Workshop on Secure systems methodologies using patterns
(SPattern 2011)

To be held in conjunction with the Sixth International Conference on Availability, Reliability and Security (ARES 2011 – http://www.ares-conference.eu).

August 22nd – 26th, 2011
Vienna University of Technology
Vienna, Austria

Security patterns have arrived to a stage where there are a significant number of them, two books about them have been published, and industry is starting to accept and use them. Analysis and design patterns have been around for about fifteen years and have found practical use in many projects; they have been incorporated into several software development methodologies where less experienced developers can use them to receive the advice and knowledge of experts. The situation is not so clear for security patterns because no accepted methodology exists for their use and their naming has not been unified. In spite of their value, it is not clear how much they are actually used in practice.

Catalogs of security patterns are a good step, but they are not enough. Building secure systems is a difficult process where security aspects are interlaced with the satisfaction of functional requirements as well as other non-functional requirements. Developers are typically experts on a language or a development methodology but know little about security, which results in them not knowing what security mechanisms make sense at which moments. We need methodologies that guide a designer at each stage of the development cycle. A few of them have appeared, but none of them has been tested in production applications. We still need more patterns to build more complete catalogs. Unification of pattern catalogs is becoming urgent because the several existing repositories confuse the designers. Tool support is also important for their acceptance.
Related patterns are also important, i.e. reliability and safety patterns. Usability is an important aspect is some cases.

Topics of interest comprise but are not limited to:

  • Methodologies to build secure systems using patterns
  • New aspects of existing methodologies
  • Tradeoffs or combinations between security and other requirements expressed as patterns, e.g. reliable security patterns or secure reliability patterns.
  • New security patterns
  • New types of security-related patterns, e.g. misuse or attack patterns
  • Pattern languages
  • Classification of security patterns
  • Tool support for security patterns
  • Secure reference architectures
  • Usability aspects
  • Experiences in applying security patterns

Important dates

Submission Deadline April 17th, 2011
Author Notification May 09th, 2011
Author Registration June 01st, 2011
Proceedings Version June 01st, 2011
Conference/Workshop August 22nd - 26th, 2011

Submission Guidelines

The submission guidelines valid for the workshop are the same as for the ARES conference. They can be found at:


Workshop Co-Chairs

Prof. Eduardo B. Fernandez

Florida Atlantic University, Boca Raton, FL 33431, USA


Prof. Sergio Mujica

Universidad Andres Bello, Santiago, Chile


Program Committee

Eduardo Fernández-Medina Patón, Universidad de Castilla-La Mancha, Ciudad Real, Spain                  
Jan Jürjens, TU Dortmund & Fraunhofer ISST, Germany
Costas Lambrinoudakis, University of Piraeus, Greece
Antonio Maña, University of Malaga, Spain
Haris Mouratidis, University of East London,  London, UK
Jaime Muñoz-Arteaga, University of Aguascalientes, Mexico
Alfonso Rodríguez Ríos, Universidad del Bío-Bío,  Chillán, Chile
Markus Schumacher , Virtual Forge GmbH & Fraunhofer SIT, Germany
Dan Thomsen, SIFT, LLC, USA
Michael VanHilst, Florida Atlantic University, USA
Hironori Washizaki, Waseda University, Japan
Marcel Winandy, Ruhr-University Bochum, Germany
Joe Yoder, The Refactory, Inc., USA
Nobukazu Yoshioka, National Institute of Informatics, Japan