2021 Workshop on Human Centric Software Engineering and Cyber Security

The 2021 Workshop on Human-Centric Software Engineering & Cyber Security (HCSE&CS-2021) will be co-hosted with the 36th IEEE/ACM International Conference on Automated Software Engineering and will be taking a virtual format on 15 November 2021.

Update: Authors of top-quality papers will be invited to submit their extended article to a Special Issue on Human-Centric Software Engineering – Approaches, Technologies, and Applications, with Elsevier Journal of Systems and Software.

Call for Papers:

Humans are a key part of software development, including customers, designers, coders, testers, and end-users. While most current software engineering research and practices are function, data, or process-oriented, human-centric software engineering focuses on the human factors in engineering software systems. After the successful inaugural event at ASE2020, the 2nd International Workshop on Human-Centric Software Engineering and Cyber Security will continue its aim to bring together researchers and practitioners to continue the discussion on fundamentally new ways to systematically capture and use human-centric software requirements during software development and verify that systems meet these requirements. At present, there are major issues with misaligned software applications related to human factors, such as accessibility, usability, emotions, personality, age, gender, and culture. This workshop serves as the ideal venue to share research ideas and outcomes on requirements, enhanced theory, models, tools, and capability for next-generation human-centric software engineering aiming to achieve significant benefits of greatly improved software quality and user experience, developer productivity, and cost savings.

In addition, this workshop has a special focus on cyber security. The increased attention on a human-centric design in software engineering is the focus of contemporary research in cyber security. Particularly, the focus is shifting towards embedding human behaviour and cognitive perception to ensure a fully human-centric cyber security solution that not only protects humans from the harmful after-effects of cyber security events but does so in unison with human thinking and behavioural patterns. In this workshop, we solicit recent research works in the field of human-centric cyber security engineering.

The topics of this workshop focus on all software engineering tasks and processes during the human-centric software development lifecycle, including cyber security issues, but not limited to:

  • Human-centric modelling tools
  • Human-centric requirements engineering
  • Human-centric methodologies and practices
  • Accessible and usable cyber security
  • Incorporating human factors into requirements and design e.g., emotions, bias, personality, and culture
  • Context-awareness in human-centric software (and systems) engineering
  • Proactive help for modellers/designers/engineers e.g. design critics
  • Impact of human factors on development processes and software teams
  • Human factors considerations for engineers and developers
  • Performance appraisal and software engineering tasks
  • Usable security/privacy evaluation of existing and/or proposed solutions
  • Mental models that contribute to, or inform security and privacy design and deployment
  • Design foundations of usable security and privacy including usable security and privacy patterns
  • Modelling of security behaviours
  • In-the-wild observation of security and privacy behaviour studies
  • Tools and models for capturing and interpreting user behaviours
  • Software applications that demonstrate the practice of human-centric software engineering
  • Conceptual/Position papers about the impact of the pandemic on personal privacy and security during home working

Submission Process:

Submissions are now finalized and accepted papers will be published as part of the IEEE/ACM ASE 2021 proceedings.

Important Dates:

  • Workshop Date: 15 November 2021


For up-to-date registration information, please visit https://conf.researchr.org/home/ase-2021.


All times are displayed in AEDT. To calculate the time in your own timezone, please use https://www.timeanddate.com/worldclock/meetingtime.html

15 November 2021

Time (AEDT) Session Details
12:00  Welcome/Opening Mohan Baruwal Chhetri
12:10  Keynote 1 Leveraging requirements from the crowd for more inclusive software
Kelly Blincoe, University of Auckland, New Zealand

Abstract: There has been significant research in recent years on leveraging online user feedback of software products to better understand user needs and identify software product improvements. Given software’s importance to modern society, it is important that software is accessible and usable for the people who need it. Thus, there is great promise in being able to hear a wider range of user voices by leveraging the crowd to identify software requirements. In this talk, I will discuss some of my recent work on identifying software requirements from online user feedback, the representativeness of this online feedback, and key considerations for future research in this area. 




Paper Session #1


Session Chair: Jennifer McIntosh

Decision-making biases and cyber attackers
Chelsea K. Johnson, Robert S. Gutzwiller, and Joseph Gervais (Arizona State University); Kimberly J. Ferguson-Walter (Laboratory for Advanced Cybersecurity Research); Sunny J. Fugate and Mark Bilinski (Naval Information Warfare Center Pacific)

ACSIMA: A Cyber Security Index for Mobile Health Apps
Hamza Sellak, Mohan Baruwal Chhetri, Marthie Grobler, and Kristen Moore (CSIRO’s Data61 Australia)

14:00  Lunch  


Paper Session #2


Session Chair: Marthie Grobler

Oppositional Human Factors in Cybersecurity: A Preliminary Analysis of Affective States
Kimberly J. Ferguson-Walter (Laboratory for Advanced Cybersecurity Research); Robert S. Gutzwiller (Arizona State University); Dakota Scott (Wichita State University); Craig J. Johnson (Arizona State University)

Virtual Reality Enabled Human-Centric Requirements Engineering
Owen Wang, Ben Cheng, Thuong Hoang, Chetan Arora, and Xiao Liu (School of Information Technology, Deakin University)

A Methodology for HumanCentred IoT Collectives Based On Socio-Ethical Policies
Amna Batool, Seng W.Loke, Niroshinie Fernando, and Jonathan Kua (Deakin University)

15:55  Tea Break  
16:15  Panel Discussion Fallouts from failures caused by human errors or errors in software engineering
Panel Moderator: Thuong Hoang
  • Karen Renaud (University of Strathclyde)
  • Jean-Guy Schneider (Deakin University)
  • Carsten Rudolph (Monash University)


Paper Session #3


Session Chair: Thuong Hoang

“I need to know I’m safe and protected and will check”: Users Want Cues to Signal Data Custodians’ Trustworthiness
Oksana Kulyk (IT University of Copenhagen); Karen Renaud (University of Strathclyde)

Crypto Experts Advise What They Adopt
Mohammadreza Hazhirpasand and Oscar Nierstrasz (University of Bern); Mohammad Ghafari (School of Computer Science, University of Auckland)

18:05 Tea Break  
18:25  Paper Session #3 (Contd.) Worrisome Patterns in Developers: a Survey in Cryptography
Mohammadreza Hazhirpasand and Oscar Nierstrasz (University of Bern); Mohammad Ghafari (School of Computer Science, University of Auckland)
18:50  Keynote 2 Empowering the human as a sensor for cyber security and information trustworthiness
George Lukas, The University of Greenwich

Abstract: The hypothesis that following simple user cyber hygiene practices is broadly beneficial in preventing cyber security breaches has been convincingly shown in the literature. We argue that future cyber hygiene practices should go a step further, beyond prevention and into detection. In the Human-as-a-Sensor (HaaS) paradigm, people are not only encouraged to participate actively in prevention but also in detecting and reporting threats against them. The same is the case for information hygiene measures that are routinely recommended for addressing disinformation in social media. Again, we argue that we can advance from prevention into detection. Depending on the area of application, human sensors can be supported with additional information for helping them recognise threats, the technical means for reporting them, and mechanisms for predicting how reliable they are as sensors of different types of threats. This talk will explore the different solutions and remaining challenges in the use of HaaS to address semantic social engineering attacks, disinformation, and novel threats to AI systems at home.

19:50  Closing Xiao Liu

Organising Committee:

  • Mohan Baruwal Chhetri, CSIRO’s Data61, Australia
  • Xiao Liu, Deakin University, Australia
  • Marthie Grobler, CSIRO’s Data61, Australia
  • Thuong Hoang, Deakin University, Australia
  • Karen Renaud, University of Strathclyde, United Kingdom
  • Jennifer McIntosh, Monash University, Australia