From Integrity to Trust: Rethinking Software Supply Chain Security

Conference Details
M3AAWG 67th General Meeting
Montreal, Canada
June 08, 2026 - June 12, 2026

Presenters

Authors

Abstract

Modern software supply chains increasingly require demonstrable security, transparency, and trust. Traditional integrity checks and image signing alone are no longer sufficient to meet evolving regulatory, compliance, and operational expectations. Software trust must instead be grounded in verifiable evidence and independent attestation.

This session examines the regulatory and industry drivers behind this shift and explores how software trust can be assessed beyond static artifacts, including SBOMs, lifecycle security testing, vulnerability analysis, evidence‑based attestations, provenance, and trust validation at deployment and runtime.

Presentation Slides

Download the complete presentation as a PDF document.

Chat