HILT 2018 Workshop on Languages and Tools for Ensuring Cyber-Resilience in Critical Software-Intensive Systems
This is the fifth in the HILT series of conferences and workshops focused on the use of High Integrity Language Technology to address challenging issues in the engineering of software-intensive critical systems. HILT 2018 will focus on addressing cybersecurity and cyber-resilience issues that arise in real-time, embedded, and/or safety-critical systems. Submissions are encouraged describing theoretical and practical efforts related to the use of safe languages, formal methods, model-based development, and advanced static analysis to identify and mitigate cybersecurity vulnerabilities in software-intensive systems. The workshop will bring together academic, industrial, and government researchers and practitioners focused on the use of these advanced language technology and tools, with a particular focus on addressing the growing cybersecurity threats.
Accepted Papers
Keynotes at HILT 2018
Monday Keynote
: Bob Martin, MITRE
Common Vulnerabilities Enumeration (CVE), Common Weakness Enumeration (CWE), and Common Quality Enumeration (CQE) – Attempting to systematically catalog the safety and security challenges for modern, networked, software-intensive systems.
Tuesday Keynote
: Ray Richards, DARPA
DARPA’s new Cyber-Assured Systems Engineering (CASE) Program – Motivations, Challenges, and Technical Approaches to addressing cyber-resilience in critical software-intensive systems
Please click on the Program
tab above for the full HILT 2018 program details
HILT 2018 Workshop Sponsors
Gold: 
Bronze: 
Call for Papers and Extended Abstracts
HILT 2018
Workshop on Languages and Tools for Ensuring Cyber-Resilience in Critical Software-Intensive Systems
As part of SPLASH 2018, November 5 & 6, 2018, Boston, MA, USA
Sponsored by ACM SIGAda
The High Integrity Language Technology (HILT) 2018 Workshop is focused on the cyber-resilience needs of critical software systems, where such a system must be trusted to maintain a continual delivery of services, as well as ensuring safety in its operations. Such needs have common goals and shared strategies, tools, and techniques, recognizing the multiple interactions between security and safety.
We encourage papers and extended abstracts relating to:
- Language features that can be used to build security and/or safety into software-intensive systems; Approaches to apply effectively the emerging technologies of AI and Machine Learning in critical software systems;
- Mechanisms that can be used to understand, certify, and manage systems that are “data driven,” relying on “soft code,” where control flow and algorithms are expressed using data rather than “hard code” expressed directly in programming languages;
- Extending contract-based programming to specifying security resistance and resilience properties as well as safety and/or correctness properties;
- Strategies to minimize risk when applying complex software requirements to cyber-physical systems;
- Modeling and/or programming language features and analysis techniques that aid in code analysis and verification and that increase the level of abstraction and expressiveness;
- Language features that support continuous requirements maturation to support evolving needs, particularly in cyber-physical systems, while ensuring that security and safety properties are preserved.
This workshop is designed as a forum for communities of researchers and practitioners from academic, industrial, and governmental settings, to come together, share experiences, and forge partnerships focused on integrating and deploying tool and language combinations to address the challenges of building cyber-resilient software-intensive systems. The workshop will be a combination of presentations and panel discussions, with one or more invited speakers.
Attendees wishing to present at the workshop should prepare full papers (approx. 6-8 pages), or extended abstracts (approx. 2-4 pages) for their proposed presentations, and the workshop program committee will select presentations and organize them into sessions. Other interested participants are welcome to register for the HILT 2018 Workshop as part of their SPLASH 2018 registration.
Aug 1now Aug 17: Papers or Extended abstracts due;Sep 1now Sep 17: Notification of submissions accepted for presentationOct 1now Oct 10: Final submissions due- Nov 5&6: Workshop as part of SPLASH 2018
Please submit papers and extended abstracts, by Aug 17, 2018, on HotCRP: https://hilt18.hotcrp.com/
Workshop Co-Chairs
- Bill Bail, MITRE
- Tucker Taft, AdaCore, Inc
Organizing Committee
- Dirk Craeynest, ACM SIGAda International Representative, KU Leuven
- Drew Hamilton, Chair, ACM SIGAda, Mississippi State University, CCI
- Clyde Roby, Secretary-Treasurer, ACM SIGAda, Institute for Defense Analyses
- Alok Srivastava, Editor, ACM Ada Letters, Engility Corp.
- Ricky E. Sward, Past Chair, ACM SIGAda, MITRE
URLs:
- SPLASH 2018: http://www.splashcon.org
- HILT 2018 Information: http://sigada.org/conf/hilt2018
- HILT 2018 Submissions: https://hilt18.hotcrp.com/
- ACM SIGAda: http://sigada.org
Written with StackEdit.
Mon 5 Nov Times are displayed in time zone: Guadalajara, Mexico City, Monterrey change
08:30 - 10:00 | |||
08:30 45mDay opening | Welcome to the HILT 2018 Workshop HILT Tucker TaftAdaCore | ||
09:15 45mTalk | CVE, CWE, CQE and all that -- enumerating the security and safety challenges for networked softwareKeynote HILT Robert A. MartinThe MITRE Corporation |
10:30 - 12:00 | |||
10:30 45mTalk | Programming Language Systems for Developing Cyber Resilient Software HILT | ||
11:15 45mTalk | Cyber-Resilience: What does it really mean, and how do we design it into our systems? HILT Deborah BodeauThe MITRE Corporation |
13:30 - 15:00 | |||
13:30 45mTalk | Tool support for Confidentiality by Construction HILT S: Tobias RungeTU Braunschweig, S: Ina SchaeferTechnische Universität Braunschweig, Alexander KnüppelTU Braunschweig, Germany, Loek CleophasEindhoven University of Technology (TU/e) and Stellenbosch University, Derrick KourieStellenbosch University, Bruce WatsonStellenbosch University; and Centre for AI Research, CSIR | ||
14:15 45mOther | Panel on Language-based Security HILT P: Stephen ChongHarvard University, Ina SchaeferTechnische Universität Braunschweig, Tobias RungeTU Braunschweig, Lucas WagnerRockwell Collins, Sam ProcterCarnegie Mellon Software Engineering Institute, Tucker TaftAdaCore |
15:30 - 17:00 | |||
15:30 30mShort-paper | SPARK by Example: an introduction to formal verification through the standard C++ library HILT | ||
16:00 30mShort-paper | Soundness of a Dataflow Analysis for Memory Monitoring HILT P: Dara LyCEA LIST, Nikolai KosmatovCEA List, Frederic LoulergueNorthern Arizona University, Julien SignolesCEA LIST | ||
16:30 25mShort-paper | Minimal Specifications for Detecting Security Vulnerabilities HILT P: Andrew BernsUniversity of Northern Iowa, James CurbowUniversity of Northern Iowa, Joshua HilliardUniversity of Northern Iowa, Sheriff JorkehUniversity of Northern Iowa, Miho SandersUniversity of Northern Iowa | ||
16:55 5mSocial Event | 6:30PM HILT Banquet at Legal Seafoods, Park Plaza, preceded by SIGAda EC meeting from 5:15 to 6:15PM HILT |
Tue 6 Nov Times are displayed in time zone: Guadalajara, Mexico City, Monterrey change
08:30 - 10:00 | |||
08:30 15mAwards | SIGAda Awards and Sponsor Intros HILT Tucker TaftAdaCore | ||
08:45 20mTalk | SAFECode.org and Secure Software Development Practices HILT Eric BaizeSAFECode / Dell | ||
09:05 55mTalk | DARPA CASE program, motivation and challengesKeynote HILT Raymond RichardsDARPA |
10:30 - 12:00 | |||
10:30 45mTalk | SpeAR – Using a formal specification language for safety and security HILT Lucas WagnerRockwell Collins | ||
11:15 45mTalk | Architecture-level security in a safety-critical system HILT S: Sam ProcterCarnegie Mellon Software Engineering Institute, Peter FeilerCarnegie Mellon Software Engineering Institute |
13:30 - 15:00 | |||
13:30 45mTalk | Who decides what is allowed? User Interactions and Permissions Use on Android HILT Jeffrey S. FosterTufts University | ||
14:15 45mTalk | A Language for Programmable Hardware Security HILT Chris CasinghinoDraper Laboratory |
15:30 - 17:00 | |||
15:30 25mIndustry talk | Security Showcae -- Modernizing Static Analysis Tools to Facilitate Integrations HILT Paul AndersonGrammaTech, Inc | ||
15:55 25mIndustry talk | Security Showcase -- Ensuring Cyber Resilience through Entropy-Augmented Replication HILT Mario TroianiVirtual Software Systems | ||
16:20 25mIndustry talk | Security Showcase -- SPARK Formal Verification for Security HILT Tucker TaftAdaCore | ||
16:45 15mDay closing | Workshop Wrapup HILT Tucker TaftAdaCore |