CHAINS research project at KTH Royal Institute of Technology

4th KTH Workshop on the Software Supply Chain 2025

Welcome to the 4th KTH Workshop on the Software Supply Chain in Stockholm, Sweden. This workshop is organized in the context of the CHAINS research project.

• Location: KTH, Stockholm, Sweden, Salongen, KTH library
• Date: Friday 25 April, 2025
• Time: 9h-17h
• Registration is free of charge but compulsory for the sake of lunch/fika planning. Register Here 😄

Program

• 8h30 Welcome coffee
• 9h Opening
• 9h15 Keynote: Hervé Boutemy (Sonatype, Apache Software Foundation)
• 10h15 Break + Poster session
• 11h (order may change, duration TBD)
  • Talk 1: Aman Sharma, Build Integrity
  • Talk 2: Julien Malka, Does Functional Package Management Enable Reproducible Builds at Scale? Yes
  • Talk 3: Tina Heidinger (Github), Fredrik Skogman (GitHub), Github Attestations
  • Talk 4: Frank Reyes, Fixing Breaking Dependency Updates Using LLMs
• 12h30 Lunch at Syster-o-bror
• 14h Keynote: Henrik Plate (Endor Labs)
• 15h Break
• 15h30 Tool session
  • maven-lockfile
  • sbom.observer, Andreas Bielk, Generating SBOMs for C/C++
  • dirty-waters
  • ghasum
• 16h45 closing

Sponsors

Previous editions

• 3rd KTH Workshop on the Software Supply Chain
• 2nd KTH Workshop on the Software Supply Chain
• 1st KTH Workshop on the Software Supply Chain

This site is open source. Improve this page.