| 18 October 2013 |
| 16:15 - 16:30 | Welcome |
| Formal analysis of security protocols |
| 16:30 - 17:30 | Basin. Developing Security Protocols by Refinement |
| 17:30 - 18:30 | Barthe. Towards Verified Implementations of Cryptographic Constructions |
| 18:30 - 19:00 | Panel: The difficult problems are those that no one is working on [Jim Massey]: security research vs security practice |
| 19 October 2013 |
| Cyber-Physical Systems |
| 09:00 - 09:30 | Di Mauro, Fafoutis, Mödersheim, Dragoni. Detecting and Preventing Beacon Replay Attacks in Receiver-Initiated MAC Protocols for Energy Efficient WSNs |
| 09:30 - 10:00 | Vigo, Bruni, Yüksel. Security Games for Cyber-Physical Systems |
| 10:00 - 10:30 | Burgers, Verdult, van Eekelen. Prevent session hijacking by binding the session to the cryptographic network credentials |
| Security Policies |
| 11:00 - 11:30 | Hasu, Bagge, Haveraaen. Inferring Required Permissions for Statically Composed Programs |
| 11:30 - 12:00 | Ter Louw, Phung, Krishnamurti, Venkatakrishnan. SAFESCRIPT: JavaScript transformation for policy enforcement |
| First optional excursion |
| Information Flow |
| 16:00 - 16:30 | Balliu. A Logic for Information Flow Analysis of Distributed Programs |
| 16:30 - 17:00 | Pettai, Laud. Dynamics and Secure Information Flow for a Higher-Order Pi-Calculus |
| 17:00 - 17:15 | Buiras, Russo. Lazy Programs Leak Secrets |
| Security Experiences |
| 17:30 - 18:00 | Ansper, Buldas, Freudenthal, Willemson. High-performance qualified digital signatures for X-Road |
| 18:00 - 18:30 | Carlsson, Ayalew, Kidane. Identification and Evaluation of Security Activities in Agile Projects |
| 18:30 - 18:45 | Nagy, Asokan, Ott. PeerShare: A System Secure Distribution of Sensitive Data Among Social Contacts |
| 20 October 2013 |
| Cyber-Physical Systems |
| 09:00 - 09:30 | Krotofil, Cárdenas. Resilience of Process Control Systems to Cyber-Physical Attacks |
| 09:30 - 10:00 | Van Den Broek, Wichers Schreur. Femtocell Security in Theory and Practice |
| 10:00 - 10:30 | Antonini, Barenghi, Pelosi. Security Analysis of Building Automation Networks - Threat Model and Viable Mitigation Techniques |
| Web Security |
| 11:00 - 11:30 | Sans, Cervesato, Hussein. Controlling Data Flow with a Policy-Based Programming Language for the Web |
| 11:30 - 12:00 | Braun, Pollak, Posegga. A Survey on Control-Flow Integrity Means in Web Application Frameworks |
| Second optional excursion |
| Security Policies |
| 16:00 - 16:30 | Milushev, Clarke. Incremental hyperproperty model checking via games |
| 16:30 - 17:00 | Stokes. Graph k-Anonymity through k-Means and as Modular Decomposition |
| Network Security |
| 17:15 - 17:45 | Paladi, Gehrmann, Morenius. Domain-Based Storage Protection (DBSP) in Public Infrastructure Clouds |
| 17:45 - 18:15 | Hachem, Garcia-Alfaro, Debar. An Adaptive Mitigation Framework for Handling Suspicious Network Flows via MPLS Policies |
| 18:15 - 18:30 | Buldas, Kroonmaa, Laanoja. Keyless Signatures' Infrastructure: How to Build Global Distributed Hash-Trees |
