Workshop on Research Software Supply Chain Security (RS3)
==========================================================

The **Workshop on Research Software Supply Chain Security (RS3)** will bring
together research software engineers, scientists, infrastructure operators, and
cybersecurity researchers to examine how software supply chain risks affect
scientific computing.

RS3 focuses on the research software supply chain as a foundational part of
scientific cyberinfrastructure. The workshop is intended as a venue for
operational experience reports, position papers, early-stage research, and
short technical papers that address the security, integrity, trustworthiness,
and usability of research software ecosystems.

.. grid:: 1 1 2 2

   .. grid-item-card:: Call for Papers
      :link: call-for-papers
      :link-type: doc

      Topics include research software ecosystems, supply chain threats,
      provenance, security practices, governance, and human factors.

   .. grid-item-card:: Program
      :link: program
      :link-type: doc

      The workshop is planned as a full-day event with a keynote, paper talks,
      a panel, posters, and breakout sessions.

   .. grid-item-card:: Organizers
      :link: organizers
      :link-type: doc

      Meet the organizing team from Purdue University, Loyola University
      Chicago, and the University of Alabama.

   .. grid-item-card:: Program Committee
      :link: program-committee
      :link-type: doc

      Reviewers shaping the workshop program.

   .. grid-item-card:: Logistics
      :link: logistics
      :link-type: doc

      Location, conference context, publication details, and website status.

   .. grid-item-card:: Suggested Readings
      :link: suggested-readings
      :link-type: doc

      Example papers and orientation readings organized by workshop theme.

Why This Workshop
-----------------

Modern scientific discovery depends on layered software ecosystems: research
code, open source dependencies, packaging tools, execution environments, data
platforms, and shared cyberinfrastructure. These dependencies shape
reproducibility and velocity, but they also introduce security and trust risks
that are often invisible in day-to-day scientific practice.

RS3 creates a forum to discuss those risks without losing sight of the values
that make scientific software effective: openness, reuse, interoperability, and
rapid experimentation.

Scope
-----

The workshop will explore:

- research software supply chains in laboratories, institutions, and scientific
  collaborations
- security and trust implications for reproducibility and scientific integrity
- technical mechanisms such as provenance, signing, attestation, and dependency
  transparency
- operational and organizational issues including governance, compliance, and
  adoption
- emerging challenges from AI-enabled science and autonomous research agents


.. toctree::
   :maxdepth: 1
   :hidden:

   call-for-papers
   suggested-readings
   program
   organizers
   program-committee
   logistics