The 1st Experimental Security
Panoramas (ESP) Workshop
In Association with ISRCS, August 2011
P.O.C. Miles McQueen,

ESP Workshop Agenda


Author Title
Xinming (Simon) Ou Scientific Experimentation for Cyber Security – Mission Impossible?
Annarita Giani Challenges in Cyber Security Experiments: Our Experience
Dr. Stefan Frei The Dynamics and Threats of End-Point Software Portfolios
Lt Col David Robinson, PhD DARPA Initiatives in the Cyber Experimentation Domain
Dr. Fred Cohen Security science and measurement
George Cybenko Informaton Markets for Security Experiments and Metrics
Rahul Telang Effectiveness of Information Disclosure
Panel Discussions:
Michael Condry
Hassan Fallah-Adl
Challenges of SecurityFeature Adoption
Securing Embedded Devices


In general, scientific experimentation refers to the iterative process of observation, hypothesis formation, test and measurement, followed by assessment. Experiments may be executed in tightly controlled settings such as an experimental network in a laboratory, or consist of observational studies of a phenomena in the naturally occurring eco system. The ESP workshop will focus on all forms of experimentation which relate to cyber system security including both software and human vulnerabilities. For example, experimental studies of interest would include but not be limited to:

ESP Workshop Format

The first workshop will be held on the first day of the ISRCS symposium, and will consist of a set of invited cyber security experimentation presentations followed by open discussion. The breadth of cyber security experimentation will be explored with some focus on defining the needs and possibilities for improvement in the use of experiments in cyber security. At the end of the workshop the need, focus, and form of the 2nd ESP workshop--to include the solicitation and selection of research papers-- will be drafted. The workshop will have a working lunch with an invited speaker for all ESP registrants.

ESP Committees

Organizing and technical committees are currently being formed and will be solidified early next year. Invited speakers will be recommended by the committee members, and are expected to consist of leading researchers and government officials with an interest and need for improved experimentation in the discipline and practice of cyber security.