The CFP for Metricon 4.0 says you have about a month to get your submission in if you want to present. As usual, Metricon 4.0 is co-located with Usenix Security, this time in Montreal, eh?
MetriCon 4.0 is intended as a forum for lively, practical discussion in the area of security metrics.
It is a forum for quantifiable approaches and results to problems afflicting information security
today, with a bias towards practical, specific approaches that demonstrate the value of security
metrics with respect to a security-related goal.
One thing I do when designing security services is to try and think when I am designing say authZ - how would I measure the success and/or failure of this service? Its not always possible but the discipline of looking at the service objectively has proved a useful exercise. For more info on how to participate in Meitrco check the CFP.