Solicited papers

C&ESAR invites submissions on a broad range of cybersecurity topics, covering:

  • All phases of system and operation lifecycles – from requirements elicitation to decommissioning, including legal and regulatory aspects, DevSecOps, operational cyber defense, penetration testing, and influence operations.
  • All types of technologies and environments – including socio-economic systems, networks, embedded systems, industrial control systems, IoT, personal devices, cloud, and edge computing.

C&ESAR solicits small (2-4 pages), short (5-9 pages) and regular (10-16 pages) submissions across several dimensions:

  • From Research to Practice:

    • Research papers (at least 5, ideally 10 pages): Contributions presenting technical, theoretical, or experimental advancements.
    • Practice papers: Didactic insights on practical knowledge and “lessons learned” of particular interest to C&ESAR’s audience, covering engineering, legal, social, or geopolitical aspects of cybersecurity operations.

  • From Topic-Focused to SoK:

    • Topic-Focused papers: Specialized contributions addressing a specific problem, technology, theory, or case study. These papers aim to provide deep-dive technical details or localized solutions to well-defined operational or research challenges.
    • Systematization of Knowledge (SoK) papers (at least 10 pages): Contributions that “evaluate, systematize, and contextualize existing [research or practical] knowledge” (see JSys research SoK description and IEEE S&P research SoK examples).

  • From Original to Abstract and Replication:

    • Original papers: Original, unpublished work.
    • Extended abstracts: Summaries of previously published peer-reviewed work (by the same authors of the submission). We specifically welcome reports on the state of the art/practice, surveys, experience reports, and directly applicable solutions to common problems.
    • Replication papers (at least 5 pages): Submissions that replicate, question, or clarify existing published work to validate results or explore their limits in different operational contexts.

  • From Mature work to Work in Progress (WiP):

    • Mature work: Submissions presenting consolidated results based on thorough evaluation, extensive field testing, or established theoretical proofs. Evaluations will prioritize technical soundness, completeness, and potential for immediate impact.
    • Work in Progress (WiP): Submissions that introduce promising concepts even if they are incomplete or preliminary. Evaluations will prioritize novelty and relevance over completeness and correctness.