Important Dates

  • Paper Submission:
    September 23, 2016
    September 30, 2016 - 23:59, AoE
    (Anywhere on Earth) = UTC-12
  • Notification:
    October 21, 2016
    November 4, 2016
  • Pre-proceeding Version:
    November 30, 2016
  • Final Version
    (after the workshop, TBD)
  • Workshop Date:
    December 5, 2016

Previous Editions

STAST 2015:

STAST 2014:

STAST 2013:

STAST 2012:

STAST 2011:

Supported by




Call for Papers

This call for papers is available in PDF and in TXT.

Type of contributions

We consider the following submission types:

  • Full papers, discussing original research, answering well-defined research questions, and presenting full and stable results;
  • Position papers, original contributions discussing existing challenges and introducing and motivating new research problems;
  • Case studies describing lessons learned from design and deployment of security mechanisms and policies in research and in industry.

See the paper submission page for paper format and instruction for authors

Workshop Topics

Contributions should focus on the interplay of technical, organizational and human factors in breaking and in achieving computer security, for example:

  • Requirements for socio-technical systems
  • Feasibility of policies from the socio-technical perspective
  • Threat models that combine technical and human-centred strategies
  • Technical and social factors that influence decision making in security and privacy
  • Balance between technical measures and social strategies in ensuring security and privacy
  • Studies of real-world security incidents from the socio-technical perspective
  • Technical and social factors that influence changes in organizations security policies and processes
  • Lessons learned from holistic design and deployment of security mechanisms and policies
  • Models of user behaviour and user interactions with technology
  • Perceptions of security, risk and trust and their influence on human behaviour
  • Social engineering, persuasion, and other deception techniques
  • Root cause analysis and analysis of incidents for socio-technical security incidents
  • Strategies, methodology and guidelines for socio-technical and cyber-security intelligence analysis
  • Analysis techniques in cyber-crime science
  • User experience with security technologies

We welcome qualitative and quantitative research approaches from academia and industry


The final proceedings will be published with the ACM International Conference Proceedings Series.