Florianópolis, the capital of innovation,
is waiting for you.


The I Workshop for Regulation, Conformity Assessment and Certification on Security (WRAC+) is a scientific event organized as a satellite event of XIV Brazilian Symposium on Information and Computational Systems Security (SBSeg 2015). The WRAC+ will be a forum in which Regulators, Certification Bodies, Laboratories, Government, Academia and Industry will be able to discuss different aspects of Conformity Assessment in the area of Information and Computer Systems Security.


The so-called "Cyberspace" includes a set of software, hardware and communication networks often invisible, though it supports most of the applications we use every day. This "space" contains Internet and its computers, and also includes a great number of intelligent devices and equipments dedicated to specific applications, in addition to networks interconnecting all of them - those networks may be connected to the Internet or may simply be a segregated network.

More and more, it becomes evident that engendered attacks in Cyberspace may have a major impact on the Society welfare. Thus, cyberspace should be subject to some sort of control by the State, in search for its safe operation. Such control takes place by means of a regulatory process in which the State establishes some rules and conduct patterns in order to ensure minimum security in cyberspace - or part of it.

WRAC+ will provide a forum in which all stakeholders interested in Cybersecurity issues will be able to interact and discuss how to build rules so that Brazil can reach an appropriate security status in its Cyberspace.

Topics address issues of interest to the Academy, Industry and Government, such as:

  • Which areas are subject to some sort of regulation/control by the State?
  • How to define a set of appropriate requirements for each kind of application?
  • How to specify systematic procedures (tests) to assess compliance with requirements as regarding equipments, software or smart devices operating in Cyberspace?
  • How to evaluate laboratory competency as for the implementation of security assessment activities of equipments, software or smart devices?
  • How to set up a conformity assessment infrastructure and how to integrate it to approval/regulators registration systems?
  • What are the technical limitations of conformity assessment tools?


WRAC+ will be opened for paper presentation of the whole community - Academia, Government and Industry - acting on issues of interest to the Workshop.


Although WRAC+ is mainly focused on Regulation and Conformity Assessment, information systems and any embedded software devices are very important objects in assessment process. Therefore, we are also concerned about issues involving Software and Smart Devices Security. WRAC+ intends to deepen discussions related to "security requirements specification" for software and intelligent devices and its "validation" with respect to a given set of requirements.

Topics of interest include - but are not limited to - the following:

  • Software protection and analysis
  • Software testing, verification and validation
  • Software debugging and understanding
  • Metrics, measurement and software analysis
  • Software Vulnerabilities
  • Formal methods
  • Malware detection and analysis
  • Risk management
  • Security regulations and standards
  • Hardware Security: invasive, semi-invasive and non-invasive methods
  • Products and Processes conformity assessment
  • Laboratory accreditation for security testing


Registration and Submission
August 31 September 25, 2015
Notification of Acceptance
September 30, 2015
Final Version
October 09, 2015


Papers may be submitted in two categories:

Full Papers: a full paper should present a research work developed to the point of producing original and relevant results, fully analyzed and validated. They are limited to a maximum of 10 pages.
Short Paper: a short paper should describe a research work in progress or practical experiments and "cases". They should contain between 4 and 6 pages.

Text formatting should adhere to the SBC template available at www.sbc.org.br/index.php?option=com_jdownloads&Itemid=195&task=finish&cid=38&catid=32. Submissions will be accepted solely in PDF format, through SBC's JEMS system (https://submissoes.sbc.org.br/home.cgi?c=2367).

Papers will undergo a double-blind review process by the Program Committee. Accepted papers must be presented by one of the registered authors in order to be published in the conference proceedings.


To have your work published on SBSeg 2015 it is mandatory to send a Copyright Assignment Contract to SBC with your accepted work. This contract must be filled out carefully with all required information and submitted on SBC's JEMS tool.

Download the Copyright Assignment Contract to SBC (RTF version)


WRAC+ Chair

General Chairs


Carlos D'Avila (UFRJ)
Danielle Vieira (Inmetro)
Davidson Boccardo (Inmetro)
Jayme Szwarcfiter (UFRJ)
Jonny Doin (Grid Vortex)
Luiz Fernando Rust da Costa Carmo (Inmetro)
Ruy Ramos (ITI)
Virginia Franqueira (University of Derby)

SBSeg is an initiative of the Brazilian Computer Society (SBC): http://www.sbc.org.br