| Tuesday | Sept. 8th | |
| 5:30 PM | Reception | Herinckhave (in the Restaurant) |
| 7:30 PM | Dinner | Herinckhave |
| 9:30 PM | Socializing | Room 55 |
| Wednesday | Sept. 9th | |
| 7:00 AM | Breakfast | Herinckhave |
| 8:30 AM | Opening | |
| 9:00 AM | Paper 1 | Cormac Herley and Wolter Pieters. "If you were attacked, you'd be sorry": Counterfactuals as security arguments (Chair: Mary Ellen Zurko) |
| 10:00 AM | Break | |
| 10:15 AM | Paper 2 | Peter Hall, Claude Heath, Lizzie Coles-Kemp and Axel Tanner. Examining the Contribution of Critical Visualisation to Information Security (Chair: Robert Biddle) |
| 11:15 AM | Break | |
| 11:30 AM | Paper 3 | Zinaida Benenson, Gabriele Lenzini, Daniela Oliveira, Simon Parkin and Sven Uebelacker. Maybe Poor Johnny Really Cannot Encrypt - The Case for a Complexity Theory for Usable Security (Chair: Benjamin Edwards |
| 12:30 PM | Lunch | |
| 1:30 PM | Paper 4 | Christian T. Zenger, Jan Zimmer, Mario Pietersz, Jan-Felix Posielek and Christof Paar. Exploiting the Physical Environment for Securing the Internet of Things (Chair: Serge Egelman) |
| 2:30 PM | Break | |
| 2:45 PM | Paper 5 | Riccardo Pelizzi and R Sekar. WebSheets: Web Applications for Non-Programmers (Chair: Bill Cheswick) |
| 3:45 PM | Break | |
| 4:00 PM | Paper 6 | Aaron Elliott and Scott Knight. (NSPhD) Towards Managed Role Explosion (Chair: Carrie Gates) |
| 5:00 PM | Break | |
| 6:30 PM | Cocktails | Herinckhave |
| 7:30 PM | Dinner | Herinckhave |
| 9:00 PM | Steering mtg. | Room 55 |
| 10:00 PM | Socializing | Room 55 |
| Thursday | Sept. 10th | |
| 7:00 AM | Breakfast | Herinckhave |
| 9:00 AM | Paper 7 | Alain Forget, Sonia Chiasson and Robert Biddle. Choose Your Own Authentication (Chair: Markus Duermuth) |
| 10:00 AM | Break | |
| 10:15 AM | Paper 8 | Serge Egelman and Eyal Peer. The Myth of the Average User: Improving Privacy and Security Systems through Individualization (Chair: Wolter Pieters) |
| 11:15 AM | Break | |
| 11:30 AM | Paper 9 | Odette Beris, Adam Beautement and Angela Sasse. Employee Rule Breakers, Excuse Makers and Security Champions: Mapping the risk perceptions and emotions that drive security behaviors (Chair: Elizabeth Stobert) |
| 12:30 PM | Lunch | |
| 2:00 PM | Guided Bike Excursion | |
| 6:30 PM | Cocktails | |
| 7:30 PM | Dinner (BBQ) | |
| 9:30 PM | Socializing | Room 55 |
| Friday | Sept. 11th | |
| 7:00 AM | Breakfast | |
| 8:30 AM | Paper 10 | Mohammad Mannan, Arash Shahkar, Atieh Saberi Pirouz and Vladimir Rabotka. Peace vs. Privacy: Leveraging Conflicting Jurisdictions for Email Security (Chair: Matt Bishop) |
| 9:30 AM | Break | |
| 9:45 AM | Paper 11 | Trey Herr and Eric Armbrust. Milware: Identification and Implications of State Authored Malicious Software (Chair: TBA) |
| 10:45 AM | Break | |
| 11:00 AM | Paper 12 | Raquel Hill and Devan Donaldson. Bridging the Trust Gap: Integrating Models of Behavior and Perception (Chair: Anil Somayaji) |
| 12:00 PM | Wrap up and Conclude | |
| 12:15 PM | Lunch |