CFP STAI@ECML-PLDD -- Deadline June,5
Giuseppina Andresini
SORRY FOR MULTIPLE POSTS
=====================================================================
STAI 2026
The 1st Workshop on Secure and Trustworthy AI
September 7, 2026 - Naples, Italy
co-located with ECML-PKDD 2026
European Conference on Machine Learning and Principles and Practice of Knowledge Discovery
September 7-11, 2026 - Naples, Italy
================================================================================
OVERVIEW
--------
We invite submissions to the 1st STAI Workshop on Secure and Trustworthy AI to be held in conjunction with ECML-PKDD 2026 - European Conference on Machine Learning and Principles and Practice of Knowledge Discovery.
Overview
The increasing adoption of Artificial Intelligence (AI) technologies in critical infrastructure and decision-making processes has made AI-driven components a foundational part of complex software, cyber-physical, and socio-technical systems (e.g., malware detection, fraud detection, autonomous driving, and biometric systems). In these settings, AI outputs directly influence automated and human-in-the-loop decisions, making failures consequential beyond technical performance and raising fundamental concerns regarding the security, robustness, transparency, and trustworthiness of AI systems. While machine learning has demonstrated remarkable performance across a wide range of applications, a growing body of research has shown that AI systems are inherently vulnerable. Adversarial manipulation can compromise not only model predictions but also other critical properties of AI systems, exposing organizations and individuals to significant risks. Vulnerabilities such as adversarial examples, neural backdoors, bias, privacy leakage, and lack of transparency can undermine safety, reliability, and public trust, particularly in security- and safety-critical environments.
This workshop addresses the challenge of holistically securing AI systems beyond an accuracy-centric perspective. It focuses on vulnerabilities and defense strategies across the full AI lifecycle, including adversarial learning, security-critical AI applications, and the role of auxiliary components that support model deployment, interpretation, and human oversight. In particular, the workshop emphasizes the security implications of mechanisms such as explainability, uncertainty estimation, and system-level constraints, considering them as integral parts of AI systems rather than isolated add-ons.
STAI welcomes both research papers reporting results from mature work and recently published work, as well as more speculative papers describing new ideas or preliminary exploratory work. Papers reporting industry experiences and case studies will also be encouraged. Submissions are accepted in two formats:
- Regular research papers with 12 to 16 pages, including references. Research papers must be original, not published previously, and not submitted concurrently elsewhere to be published in the proceedings.
- Short research statements of at most 6 pages, including references. Research statements aim at fostering discussion and collaboration. They may review previously published research or outline emerging ideas. Papers based on recently published work will not be considered for publication in the proceedings.
TOPICS OF INTEREST
------------------
Topics of interest include but not limited to:
- Trustworthy and secure-by-design training and AI pipelines
- Adversarial machine learning
- Evasion, poisoning, backdoor, jailbreak, physical-world, and supply-chain attacks
- Prompt injection and security risks in foundation and generative models
- Model extraction, inversion, membership inference, and other privacy attacks
- Attacks on explanations, uncertainty estimation, confidence calibration, and sustainability constraints
- Robustness and defenses against adversarial and system-level attacks
- System-level robustness assessment beyond predictive accuracy
- Trustworthiness evaluation metrics and holistic AI security benchmarks
- Explainability of machine learning and deep learning models
- Explainable AI for the explanation of security AI-based systems
- Explainable AI to improve the accuracy of AI models
- Explainable AI to improve the robustness of AI models against malicious attacks
- Attacks on explainability methods and explanation manipulation
- Privacy and information leakage through interpretability mechanisms
- Privacy-preserving learning and differential privacy under adversarial settings
- Human-in-the-loop security and adversarial decision manipulation
- Security and trustworthiness of agentic and autonomous AI systems
- Applications of AI to improve security in safety-critical applications (e.g., cybersecurity, fraud detection, biometrics, autonomous systems)
- Artificial Intelligence for cyber threat detection (e.g., in malware detection, intrusion detection, spam detection)
- Data-centric security, including poisoning detection, secure data curation, and lifecycle protection
SUBMISSION GUIDELINES
---------------------
All the papers must be written in English and formatted according to the Springer LNCS style
(available here: https://www.springer.com/gp/computer-science/lncs/conference-proceedings-guidelines?countryChanged=true ).
Contributions should be submitted in PDF format, electronically, using the workshop
submission site at https://cmt3.research.microsoft.com/ECMLPKDDWT2026/Track/34/Submission/Create.
PROCEEDINGS
-----------
Accepted papers will be part of the ECML-PKDD 2026 workshop post-proceedings, which will be likely published as a Springer CCIS volume, jointly with other ECML-PKDD 2026 workshops (this is what happened in the last years).
IMPORTANT DATES (11:59pm AoE time)
-----------------------------------
Paper Submission deadline: June 5, 2026
Acceptance notification: June 27, 2026
Camera-ready deadline: July 10, 2026
Workshop date: September 7, 2026 (afternoon)
Workshop chairs
----------
Giuseppina Andresini, University of Bari, Italy
Antonio Emanuele Cinà, University of Genoa, Italy
Christian Wressnegger, Karlsruhe Institute of Technology (KIT), KASTEL Security Research Labs, Germany