[FOSDEM] Call for Participation: Confidential Computing Devroom 2023

Fritz Alder fritz.alder at kuleuven.be
Mon Nov 14 11:16:38 UTC 2022 

We are happy to announce that the former Hardware-Aided Trusted 
Computing Devroom has been renamed to Confidential Computing Devroom and 
will again be held in 2023.

You can find the CfP here: https://falder.org/fosdem23-cfp


Please feel free to reach out to us if you have any questions. We are 
looking forward to seeing you at FOSDEM 2023!


Full CfP in text:

# FOSDEM 2023 (Hybrid) - Call For Participation : Confidential Computing 
Devroom (formerly Hardware-Aided Trusted Computing Devroom)

Submission deadline: December 2 2022
FOSDEM dates: February 4 & 5 2023

## About FOSDEM

FOSDEM (https://fosdem.org/2023/) is a free event for software 
developers to meet, share ideas and collaborate. Every year, thousands 
of developers of free and open source software from all over the world 
gather at the event in Brussels. In 2023, they will again be able to 
meet in-person in Brussels. FOSDEM is free to attend. There is no 
registration.

## Devroom overview and objectives

Following the success of the last years' editions ( 
https://archive.fosdem.org/2022/schedule/track/hardware_aided_trusted_computing/ 
), we are for the 4th time organizing a devroom devoted to the emerging 
open source ecosystem around *hardware-based Trusted Execution 
Environments (TEEs)* which nowadays is also known under the term 
*Confidential Computing* (CC). Under TEEs, we understand architectures 
that allow to isolate and attest trusted "enclave" software components 
running on top of a potentially compromised operating system. Over the 
last years, all major processor vendors have developed some form of TEE 
support, e.g., Intel's Software Guard Extensions (SGX) ( 
https://software.intel.com/content/www/us/en/develop/topics/software-guard-extensions.html 
) and Trust Domain Extensions (TDX) ( 
https://software.intel.com/content/www/us/en/develop/articles/intel-trust-domain-extensions.html 
), ARM's TrustZone ( 
https://developer.arm.com/ip-products/security-ip/trustzone ) and 
upcoming Confidential Compute Architecture (Arm CCA) ( 
https://developer.arm.com/architectures/architecture-security-features/confidential-computing 
),  AMD's Secure Encrypted Virtualization (SEV) ( 
https://developer.amd.com/sev/ ) and upcoming SEV-ES/SEV-SNP extensions, 
and IBM's Protected Execution Facility (PEF) ( 
https://www.kernel.org/doc/html/latest/powerpc/ultravisor.html ).

Hence, with today's mainstream consumer hardware being increasingly 
shipped with these advanced trusted computing technologies, this devroom 
wants to foster discussion on the much-needed open source confidential 
computing ecosystem amongst industry players, academics, enthusiasts, 
hobbyists, and project maintainers.

## Desirable topics

The devroom's topics of interest include, but are not limited to:

* Free and open source confidential computing.
     * An introduction to the existing solutions and the use cases they 
cover.
* Programming frameworks for TEEs.
     * How to develop free and open source software that can run inside 
enclaves (e.g., Apache Teaclave, Enarx, Gramine-SGX libOS, Inclavare 
containers, Intel SGX-SDK, Linux kernel support for SEV/SGX/TDX, Occlum 
libOS, OpenEnclave SDK, Rust-EDP, SGX-LKL libOS, etc).
     * New frameworks or framework updates to the community.
     * Recent challenges (solved or appearing).
* Attestation in confidential computing.
     * FOSS approaches to attestation.
     * Unifying attestation across different technologies.
* Compiler and language support.
* Free and open source enclave processor designs (e.g., RISC-V TEEs).
* Applying Confidential Computing to the Cloud Native space.
* Confidential Computing Deployment.
     * Challenges and benefits of confidential computing.
     * Use cases and applications.
* TEE-specific attacks and defenses: reverse engineering, side-channels, 
vulnerabilities, exploits.
* Vision: future TEEs (what is missed, proposals, wishes, discussions).
* Confidential Computing and trust.
     * Where is my trust boundary? - Confidential VMs vs Confidential 
Pods vs Confidential Containers.
     * Trust and FOSS? What can I trust if I don't trust anyone?

## Old new rules: Back to Brussels but better?

For 2023, FOSDEM is once again planning an in-person event. However, it 
will also be possible to participate remotely. All talks presented live 
on the campus in Brussels will also be streamed. Additionally, some 
talks may be pre-recorded and broadcast online using the same matrix 
platform as in 2021 and 2022. Since we do not want to lose our remote 
audience that grew over the last years, we will split the confidential 
computing devroom into two parts, each a half-day:

1. Saturday afternoon: A purely **online** event where pre-recorded 
talks are followed by a live (online) Q&A. During this first half day we 
give the stage to existing or new projects in the space of confidential 
computing that want to present their work to the FOSDEM audience. This 
online part then also allows people to present at FOSDEM that cannot or 
want not come to Brussels in-person.
2. Sunday afternoon: We follow that part with the **main (in-person)** 
event where we focus on exciting and inciting topics in confidential 
computing. We will try to center this day on community building and 
attempt to hold some discussions and panel debates here. This in-person 
part is streamed and accessible to the remote audience but we 
acknowledge that remote attendees never really get the whole experience 
or as much say as the live audience when it comes to discussions.

In summary, the procedure will be as follows:

* The reference time will again be Brussels local lime (CET) ( 
https://www.timeanddate.com/worldclock/belgium/brussels ).
* This year there are two types of talks: Conventional in-person talks, 
and pre-recorded talks.
* When submitting a proposal you must indicate whether you will be 
attending the main event in-person in Brussels, or cannot make it to the 
in-person event and would present via a pre-recording online. All talks 
will be accompanied by live text-based chat and moderated Q&A and 
discussion.
* Conventional talks will be held at the confidential computing devroom 
in Brussels *on Sunday afternoon* and live streamed to the remote audience.
* Pre-recorded, online, talks will be streamed during the first part of 
the devroom on *Saturday afternoon*. If your talk is selected, you can 
expect a recording deadline around January 9 so that we can fix all 
issues with videos 2 weeks before the event. During the stream of your 
talk, you must be available online for the Q&A session.
* Q&A sessions for both talk formats will be taken live by the speaker, 
allowing the remote audience to ask questions via the matrix chat 
platform already used in the last years.

We had interesting discussions after the talks of last years, so we hope 
that the in-person format can give our community a big boost while we 
still accommodate our remote attendees from all over the world.

## Key dates

* Submission deadline: 02 December 2022
* Announcement of selected talks: 07 December 2022
* Deadline for the pre-recorded talks of the online day: Around 09 
January 2023
* Conference dates 4 & 5 February 2023 **(hybrid)**
* Confidential computing devroom date:
     * Online part: Saturday 4 February 2023 (afternoon)
     * In-person part: Sunday 5 February 2023 (afternoon)

## Submit a talk proposal

Submissions are required to proceed through the FOSDEM 2023 Pentabarf 
website ( https://penta.fosdem.org/submission/FOSDEM23 ). If you do not 
know how to use Pentabarf yet, you can read a beginner's guide here ( 
https://medium.com/@maartjeme/beginners-guide-to-pentabarf-78808a1ce5bf ).

Your submission must include the following information:

* Your contact email.
* The title (and possible subtitle) of your talk: please be descriptive, 
as the audience will have to choose to attend your talk out of a listing 
with ~500 talks from other projects at FOSDEM.
* Select "Confidential Computing devroom" as the track.
* We anticipate to mostly use the event type "Presentation" and maybe 
allow one or two "Discussion" style panel debates.
* A short abstract of one paragraph.
* A longer description if you wish to do so.
* Links to related websites / blogs etc.
* Please use the submission notes to let us know whether you can do an 
in-person talk or only a remote pre-recorded talk. Note that the main 
event is the physical devroom and we strongly encourage you to try to be 
there if possible.

You should target a **talk duration of 20 minutes** with 5 mins of live 
Q&A (leaves us with 5 mins buffer and change over for talks).

## Contact and organizers

If you have any questions, feel free to reach out to Fritz Alder 
(fritz.alder at kuleuven.be) or to any of the below co-organizers.

* Organizers: Fritz Alder (fritz.alder at kuleuven.be), Fabiano Fidencio 
(fabiano.fidencio at intel.com), Jo Van Bulck (jo.vanbulck at cs.kuleuven.be), 
Sergio Lopez (slp at redhat.com)
* Devroom URL on the FOSDEM website: 
<https://fosdem.org/2023/schedule/track/confidential_computing/>

More information about the FOSDEM mailing list