Workshop on: Run-time Software Integrity and Authenticity
Date: 18-19 Sept. 2006
Location: Trento - Italy
Site: Conference Center Panorama
(Beautifully situated above Trento with cable car service to the city)

Photo of the workshop

Within the EU Future and Emerging Technologies project "RE-TRUST: Remote EnTrusting by RUn-time Software auThentication", the University of Trento is organizing an open workshop in the area of "trusted software".


When the software industry discusses software integrity, the current meaning is the protection of static software modules (e.g., by verifying the signature of their originator). In contrast, dynamic software authentication in real-time during execution is a known problem without a satisfactory solution. Specifically, how to ensure that a trusted code (i.e., the software as was specified and implemented) is running on an untrusted machine at all times and that the original code functionality has not been modified prior to or during run-time, is an open research challenge.



The aim of the 2-day workshop is to have an open and stimulating discussion on various research issues that are related to run-time software integrity, which are inter-disciplinary in nature. The research issue can be specific to the project or more general and even skeptical in nature. The following are some subset of issues that we would like to discuss:

  • How strong is a solution if it is using only software?
  • How software reliability and various software engineering techniques be applied?
  • How software techniques, such as, obfuscation and watermarking can be used?
  • How to compare the remote entrusting approach with trusted computing?
  • How trusted computing and the trusted computing module (TPM) can be used?
  • Can this problem be solved without the use of trusted hardware?
  • How to measure/quantify reverse engineering complexity?
  • What specific issues should be addressed in network protocols, operating systems, etc.
Regarding the above general topics, it may worthwhile to identify specific solution domains, such as, trusted client, trusted GRID computing, digital right management, trusted network protocols, and others.



Speakers with provocative and informal presentations are most welcome. The workshop is intended to provide the participants with numerous opportunities for interaction and discussions. Each presentation should be no longer than 20 minutes with 10 minutes for discussion, while the speakers are encouraged to challenge the participants with questions!



Please submit your presentation, title & abstract, to the workshop program chair:
Bruno Crispo       (crispo -at-
Deadline for submission: 31-July-2006
Registration is free, deadline: 31-August-2006

For administrative questions, please contact the project secretary:
Roberta Guidolin       (guidolin -at-