Workshop on Research Software Supply Chain Security (RS3)

Workshop on Research Software Supply Chain Security (RS3)#

The Workshop on Research Software Supply Chain Security (RS3) will bring together research software engineers, scientists, infrastructure operators, and cybersecurity researchers to examine how software supply chain risks affect scientific computing.

RS3 focuses on the research software supply chain as a foundational part of scientific cyberinfrastructure. The workshop is intended as a venue for operational experience reports, position papers, early-stage research, and short technical papers that address the security, integrity, trustworthiness, and usability of research software ecosystems.

Call for Papers

Topics include research software ecosystems, supply chain threats, provenance, security practices, governance, and human factors.

Call for Papers
Program

The workshop is planned as a full-day event with a keynote, paper talks, a panel, posters, and breakout sessions.

Program
Organizers

Meet the organizing team from Purdue University, Loyola University Chicago, and the University of Alabama.

Organizers
Program Committee

Reviewers shaping the workshop program.

Program Committee
Logistics

Location, conference context, publication details, and website status.

Logistics
Suggested Readings

Example papers and orientation readings organized by workshop theme.

Suggested Readings

Why This Workshop#

Modern scientific discovery depends on layered software ecosystems: research code, open source dependencies, packaging tools, execution environments, data platforms, and shared cyberinfrastructure. These dependencies shape reproducibility and velocity, but they also introduce security and trust risks that are often invisible in day-to-day scientific practice.

RS3 creates a forum to discuss those risks without losing sight of the values that make scientific software effective: openness, reuse, interoperability, and rapid experimentation.

Scope#

The workshop will explore:

  • research software supply chains in laboratories, institutions, and scientific collaborations

  • security and trust implications for reproducibility and scientific integrity

  • technical mechanisms such as provenance, signing, attestation, and dependency transparency

  • operational and organizational issues including governance, compliance, and adoption

  • emerging challenges from AI-enabled science and autonomous research agents