Every single piece of software running on every computing device today is produced through a complex supply chain that often involves a myriad of individuals and spans multiple organizations and administrative domains. Recent attacks on the software supply chain, such as Solarwinds, Log4j, Codecov and colors (npm) have highlighted the challenges and the current limitations to safely consume, vet, and maintain third-party software at scale.
Addressing the technical and social challenges to building trustworthy software for deployment in sensitive and/or large-scale enterprise or governmental settings requires innovative solutions and an interdisciplinary approach. The workshop on Software Supply Chain Offensive Research and Ecosystem Defenses (SCORED) is a venue that brings together industry practitioners, academics, and policymakers to present and discuss security vulnerabilities, novel defenses against attacks, project demos, adoption requirements and best practices in the software supply chain.
- Paper/demo abstract submission deadline: August 5, 2022
July 29, 2022(11:59pm AoE)
- Author notification: on/around September 9, 2022
- Camera ready due: September 30, 2022 (hard deadline)
- Workshop: November 11, 2022 (co-located with ACM CCS ‘22)