The Internet of Things (IoT), connecting large numbers of small embedded devices to the internet, is currently being deployed in critical infrastructures, factories, hospitals, smart buildings, and so on. Compromised or faulty IoT components and systems can cause catastrophic damage to individuals, companies, and society. However, existing software for IoT has not been designed with security as a main objective, but rather to cope with constrained memory, power, processing, and bandwidth resources. Consequently, techniques are needed by which software for IoT can achieve a highest level of security and safety. Such techniques are getting mature for other domains, in particular for mainstream computing systems, but IoT devices feature peculiar characteristics that hinder employing conventional software security techniques. There is a great push to bring advanced software security to IoT. At the same time, a targeted scientific IoT software security forum for discussions, publications and networking is currently lacking.
The IEEE Workshop on Software Security for IoT (SSIoT) 2019 is the first international conference focusing primarily on the software security for the Internet of Things (IoT). SSIoT aims to provide a forum for exploring and evaluating ideas on bringing secure software to IoT and a venue to publish novel research ideas on this topic. SSIoT strongly encourages proposals of new, speculative ideas, evaluations of new or known techniques in practical settings, and discussions of emerging threats and important problems. We are especially interested in position papers that are radical, forward-looking, and likely to lead to lively and insightful discussions that will influence future research on IoT security.The scope of SSIoT includes, but is not limited to:
We invite both full papers and short papers. For short papers we especially encourage the submission of position papers that are likely to generate lively discussion.
Submissions should be PDF documents formatted according to the IEEE EuroS&P 2019 formatting requirements provided at https://www.ieee-security.org/TC/EuroSP2019/cfp.php . Both full and short papers must describe work not published in other refereed venues. Accepted papers will appear as publication through IEEE Xplore in a volume accompanying the main IEEE EuroS&P 2019 proceedings.
Submissions should be anonymized for review. Please refer to your own related work in the third person, as though someone else had written it. This also includes, e.g., data sets: "We received data from the authors of  which we reused for this experiment." Do not blind citations except in extraordinary circumstances.
In keeping with IEEE guidelines, all submissions must be original work; authors must clearly document any overlap with previously published or simultaneously submitted papers from any of the authors. Simultaneous submission of the same paper to another venue with proceedings or a journal is not allowed. Serious infringements of these policies may cause the paper to be rejected from publication and the authors put on a warning list, even if the paper is initially accepted by the program committee.