[FOSDEM] Call for Participation: Confidential Computing Devroom 2023
Fritz Alder
fritz.alder at kuleuven.be
Mon Nov 14 11:16:38 UTC 2022
We are happy to announce that the former Hardware-Aided Trusted
Computing Devroom has been renamed to Confidential Computing Devroom and
will again be held in 2023.
You can find the CfP here: https://falder.org/fosdem23-cfp
Please feel free to reach out to us if you have any questions. We are
looking forward to seeing you at FOSDEM 2023!
Full CfP in text:
# FOSDEM 2023 (Hybrid) - Call For Participation : Confidential Computing
Devroom (formerly Hardware-Aided Trusted Computing Devroom)
Submission deadline: December 2 2022
FOSDEM dates: February 4 & 5 2023
## About FOSDEM
FOSDEM (https://fosdem.org/2023/) is a free event for software
developers to meet, share ideas and collaborate. Every year, thousands
of developers of free and open source software from all over the world
gather at the event in Brussels. In 2023, they will again be able to
meet in-person in Brussels. FOSDEM is free to attend. There is no
registration.
## Devroom overview and objectives
Following the success of the last years' editions (
https://archive.fosdem.org/2022/schedule/track/hardware_aided_trusted_computing/
), we are for the 4th time organizing a devroom devoted to the emerging
open source ecosystem around *hardware-based Trusted Execution
Environments (TEEs)* which nowadays is also known under the term
*Confidential Computing* (CC). Under TEEs, we understand architectures
that allow to isolate and attest trusted "enclave" software components
running on top of a potentially compromised operating system. Over the
last years, all major processor vendors have developed some form of TEE
support, e.g., Intel's Software Guard Extensions (SGX) (
https://software.intel.com/content/www/us/en/develop/topics/software-guard-extensions.html
) and Trust Domain Extensions (TDX) (
https://software.intel.com/content/www/us/en/develop/articles/intel-trust-domain-extensions.html
), ARM's TrustZone (
https://developer.arm.com/ip-products/security-ip/trustzone ) and
upcoming Confidential Compute Architecture (Arm CCA) (
https://developer.arm.com/architectures/architecture-security-features/confidential-computing
), AMD's Secure Encrypted Virtualization (SEV) (
https://developer.amd.com/sev/ ) and upcoming SEV-ES/SEV-SNP extensions,
and IBM's Protected Execution Facility (PEF) (
https://www.kernel.org/doc/html/latest/powerpc/ultravisor.html ).
Hence, with today's mainstream consumer hardware being increasingly
shipped with these advanced trusted computing technologies, this devroom
wants to foster discussion on the much-needed open source confidential
computing ecosystem amongst industry players, academics, enthusiasts,
hobbyists, and project maintainers.
## Desirable topics
The devroom's topics of interest include, but are not limited to:
* Free and open source confidential computing.
* An introduction to the existing solutions and the use cases they
cover.
* Programming frameworks for TEEs.
* How to develop free and open source software that can run inside
enclaves (e.g., Apache Teaclave, Enarx, Gramine-SGX libOS, Inclavare
containers, Intel SGX-SDK, Linux kernel support for SEV/SGX/TDX, Occlum
libOS, OpenEnclave SDK, Rust-EDP, SGX-LKL libOS, etc).
* New frameworks or framework updates to the community.
* Recent challenges (solved or appearing).
* Attestation in confidential computing.
* FOSS approaches to attestation.
* Unifying attestation across different technologies.
* Compiler and language support.
* Free and open source enclave processor designs (e.g., RISC-V TEEs).
* Applying Confidential Computing to the Cloud Native space.
* Confidential Computing Deployment.
* Challenges and benefits of confidential computing.
* Use cases and applications.
* TEE-specific attacks and defenses: reverse engineering, side-channels,
vulnerabilities, exploits.
* Vision: future TEEs (what is missed, proposals, wishes, discussions).
* Confidential Computing and trust.
* Where is my trust boundary? - Confidential VMs vs Confidential
Pods vs Confidential Containers.
* Trust and FOSS? What can I trust if I don't trust anyone?
## Old new rules: Back to Brussels but better?
For 2023, FOSDEM is once again planning an in-person event. However, it
will also be possible to participate remotely. All talks presented live
on the campus in Brussels will also be streamed. Additionally, some
talks may be pre-recorded and broadcast online using the same matrix
platform as in 2021 and 2022. Since we do not want to lose our remote
audience that grew over the last years, we will split the confidential
computing devroom into two parts, each a half-day:
1. Saturday afternoon: A purely **online** event where pre-recorded
talks are followed by a live (online) Q&A. During this first half day we
give the stage to existing or new projects in the space of confidential
computing that want to present their work to the FOSDEM audience. This
online part then also allows people to present at FOSDEM that cannot or
want not come to Brussels in-person.
2. Sunday afternoon: We follow that part with the **main (in-person)**
event where we focus on exciting and inciting topics in confidential
computing. We will try to center this day on community building and
attempt to hold some discussions and panel debates here. This in-person
part is streamed and accessible to the remote audience but we
acknowledge that remote attendees never really get the whole experience
or as much say as the live audience when it comes to discussions.
In summary, the procedure will be as follows:
* The reference time will again be Brussels local lime (CET) (
https://www.timeanddate.com/worldclock/belgium/brussels ).
* This year there are two types of talks: Conventional in-person talks,
and pre-recorded talks.
* When submitting a proposal you must indicate whether you will be
attending the main event in-person in Brussels, or cannot make it to the
in-person event and would present via a pre-recording online. All talks
will be accompanied by live text-based chat and moderated Q&A and
discussion.
* Conventional talks will be held at the confidential computing devroom
in Brussels *on Sunday afternoon* and live streamed to the remote audience.
* Pre-recorded, online, talks will be streamed during the first part of
the devroom on *Saturday afternoon*. If your talk is selected, you can
expect a recording deadline around January 9 so that we can fix all
issues with videos 2 weeks before the event. During the stream of your
talk, you must be available online for the Q&A session.
* Q&A sessions for both talk formats will be taken live by the speaker,
allowing the remote audience to ask questions via the matrix chat
platform already used in the last years.
We had interesting discussions after the talks of last years, so we hope
that the in-person format can give our community a big boost while we
still accommodate our remote attendees from all over the world.
## Key dates
* Submission deadline: 02 December 2022
* Announcement of selected talks: 07 December 2022
* Deadline for the pre-recorded talks of the online day: Around 09
January 2023
* Conference dates 4 & 5 February 2023 **(hybrid)**
* Confidential computing devroom date:
* Online part: Saturday 4 February 2023 (afternoon)
* In-person part: Sunday 5 February 2023 (afternoon)
## Submit a talk proposal
Submissions are required to proceed through the FOSDEM 2023 Pentabarf
website ( https://penta.fosdem.org/submission/FOSDEM23 ). If you do not
know how to use Pentabarf yet, you can read a beginner's guide here (
https://medium.com/@maartjeme/beginners-guide-to-pentabarf-78808a1ce5bf ).
Your submission must include the following information:
* Your contact email.
* The title (and possible subtitle) of your talk: please be descriptive,
as the audience will have to choose to attend your talk out of a listing
with ~500 talks from other projects at FOSDEM.
* Select "Confidential Computing devroom" as the track.
* We anticipate to mostly use the event type "Presentation" and maybe
allow one or two "Discussion" style panel debates.
* A short abstract of one paragraph.
* A longer description if you wish to do so.
* Links to related websites / blogs etc.
* Please use the submission notes to let us know whether you can do an
in-person talk or only a remote pre-recorded talk. Note that the main
event is the physical devroom and we strongly encourage you to try to be
there if possible.
You should target a **talk duration of 20 minutes** with 5 mins of live
Q&A (leaves us with 5 mins buffer and change over for talks).
## Contact and organizers
If you have any questions, feel free to reach out to Fritz Alder
(fritz.alder at kuleuven.be) or to any of the below co-organizers.
* Organizers: Fritz Alder (fritz.alder at kuleuven.be), Fabiano Fidencio
(fabiano.fidencio at intel.com), Jo Van Bulck (jo.vanbulck at cs.kuleuven.be),
Sergio Lopez (slp at redhat.com)
* Devroom URL on the FOSDEM website:
<https://fosdem.org/2023/schedule/track/confidential_computing/>
More information about the FOSDEM
mailing list