Editorial Message for the International Workshop on Designing and Measuring CyberSecurity in Software Architectures (DeMeSSA)

With the growing complexity of software and in particular of software-reliant systems and systems-of-systems, the focus of cybersecurity on network and code has been increasingly shifted to design and more recently to "cybersecurity by design" or "design for cybersecurity", where the software architecture is the keystone for enforcing cybersecurity. Early evidence of cyber risks, attacks and vulnerabilities enables efficient and effective cybersecurity solutions. Security measurement of software architectures is needed to produce sufficient evidence of cybersecurity level in the design phase. Moreover, software architectures have to support runtime security measurement to obtain up-to-date cybersecurity information. This is essential for self-protecting systems and self-adaptive cybersecurity solutions.