{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,13]],"date-time":"2026-01-13T16:26:56Z","timestamp":1768321616081,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":47,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,5,16]],"date-time":"2022-05-16T00:00:00Z","timestamp":1652659200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Austrian Research Promotion Agency (FFG)","award":["FO999887054"],"award-info":[{"award-number":["FO999887054"]}]},{"DOI":"10.13039\/501100006012","name":"Christian Doppler Forschungsgesellschaft","doi-asserted-by":"publisher","award":["CD-Laboratory for Private Digital Authentication in the Physical World (Digidow)"],"award-info":[{"award-number":["CD-Laboratory for Private Digital Authentication in the Physical World (Digidow)"]}],"id":[{"id":"10.13039\/501100006012","id-type":"DOI","asserted-by":"publisher"}]},{"name":"State of Upper Austria","award":["LIT Secure and Correct Systems Lab"],"award-info":[{"award-number":["LIT Secure and Correct Systems Lab"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,5,16]]},"DOI":"10.1145\/3507657.3528537","type":"proceedings-article","created":{"date-parts":[[2022,5,7]],"date-time":"2022-05-07T11:30:36Z","timestamp":1651923036000},"page":"6-19","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Automating the Quantitative Analysis of Reproducibility for Build Artifacts derived from the Android Open Source Project"],"prefix":"10.1145","author":[{"given":"Manuel","family":"P\u00f6ll","sequence":"first","affiliation":[{"name":"Johannes Kepler University Linz, Linz, Austria"}]},{"given":"Michael","family":"Roland","sequence":"additional","affiliation":[{"name":"Johannes Kepler University Linz, Linz, Austria"}]}],"member":"320","published-online":{"date-parts":[[2022,5,16]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Android Open Source Project 2020. Android Developer Codelab. Android Open Source Project. https:\/\/source.android.com\/setup\/start  Android Open Source Project 2020. Android Developer Codelab. Android Open Source Project. https:\/\/source.android.com\/setup\/start"},{"key":"e_1_3_2_1_2_1","unstructured":"Android Open Source Project 2020. Dynamic Partitions. Android Open Source Project. https:\/\/source.android.com\/devices\/tech\/ota\/dynamic_partitions  Android Open Source Project 2020. Dynamic Partitions. Android Open Source Project. https:\/\/source.android.com\/devices\/tech\/ota\/dynamic_partitions"},{"key":"e_1_3_2_1_3_1","unstructured":"Android Open Source Project 2020. Generic System Images. Android Open Source Project. https:\/\/source.android.com\/setup\/build\/gsi  Android Open Source Project 2020. Generic System Images. Android Open Source Project. https:\/\/source.android.com\/setup\/build\/gsi"},{"key":"e_1_3_2_1_4_1","unstructured":"Android Open Source Project 2020. Images (in Architecture: Bootloader). Android Open Source Project. https:\/\/source.android.com\/devices\/bootloader\/images  Android Open Source Project 2020. Images (in Architecture: Bootloader). Android Open Source Project. https:\/\/source.android.com\/devices\/bootloader\/images"},{"key":"e_1_3_2_1_5_1","unstructured":"Android Open Source Project 2022. Android Shared System Image. Android Open Source Project. https:\/\/source.android.com\/devices\/bootloader\/ partitions\/shared-system-image  Android Open Source Project 2022. Android Shared System Image. Android Open Source Project. https:\/\/source.android.com\/devices\/bootloader\/ partitions\/shared-system-image"},{"key":"e_1_3_2_1_6_1","unstructured":"Android Open Source Project 2022. Codenames Tags and Build Numbers. Android Open Source Project. https:\/\/source.android.com\/setup\/start\/buildnumbers#source-code-tags-and-builds  Android Open Source Project 2022. Codenames Tags and Build Numbers. Android Open Source Project. https:\/\/source.android.com\/setup\/start\/buildnumbers#source-code-tags-and-builds"},{"key":"e_1_3_2_1_7_1","volume-title":"Greece, Dec. 1--3","author":"Aspiration","year":"2015","unstructured":"Aspiration 2015. Open Technology Fund Community Lab: Reproducible Builds Summit (Athens , Greece, Dec. 1--3 , 2015 ). Aspiration, San Francisco, CA, USA . https:\/\/reproducible-builds.org\/files\/ AspirationOTFCommunityLabReproducibleBuildsSummitReport .pdf Aspiration 2015. Open Technology Fund Community Lab: Reproducible Builds Summit (Athens, Greece, Dec. 1--3, 2015). Aspiration, San Francisco, CA, USA. https:\/\/reproducible-builds.org\/files\/ AspirationOTFCommunityLabReproducibleBuildsSummitReport.pdf"},{"key":"e_1_3_2_1_8_1","volume-title":"Germany, Dec. 13--15","author":"Aspiration","year":"2016","unstructured":"Aspiration 2016. Reproducible Builds Summit II (Berlin , Germany, Dec. 13--15 , 2016 ). Aspiration, San Francisco, CA, USA . https:\/\/reproducible-builds.org\/files\/ ReproducibleBuildsSummitIIReport .pdf Aspiration 2016. Reproducible Builds Summit II (Berlin, Germany, Dec. 13--15, 2016). Aspiration, San Francisco, CA, USA. https:\/\/reproducible-builds.org\/files\/ ReproducibleBuildsSummitIIReport.pdf"},{"key":"e_1_3_2_1_9_1","volume-title":"Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies. medium.com. https:\/\/medium.com\/@alex.birsan\/ dependency-confusion-4a5d60fec610","author":"Birsan Alex","year":"2021","unstructured":"Alex Birsan . 2021 . Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies. medium.com. https:\/\/medium.com\/@alex.birsan\/ dependency-confusion-4a5d60fec610 Alex Birsan. 2021. Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies. medium.com. https:\/\/medium.com\/@alex.birsan\/ dependency-confusion-4a5d60fec610"},{"key":"e_1_3_2_1_10_1","unstructured":"J\u00e9r\u00e9my Bobbio Juri Dispan Paul Gevers Georg Koppen Chris Lamb Holger Levse and Niko Tyni. 2020. Reproducible Builds Documentation: Timestamps. reproducible-builds.org. https:\/\/reproducible-builds.org\/docs\/timestamps\/  J\u00e9r\u00e9my Bobbio Juri Dispan Paul Gevers Georg Koppen Chris Lamb Holger Levse and Niko Tyni. 2020. Reproducible Builds Documentation: Timestamps. reproducible-builds.org. https:\/\/reproducible-builds.org\/docs\/timestamps\/"},{"key":"e_1_3_2_1_11_1","unstructured":"J\u00e9r\u00e9my Bobbio Paul Gevers Georg Koppen Chris Lamb and Peter Wu. 2020. Reproducible Builds Documentation: Deterministic build systems. reproduciblebuilds.org. https:\/\/reproducible-builds.org\/docs\/deterministic-build-systems\/  J\u00e9r\u00e9my Bobbio Paul Gevers Georg Koppen Chris Lamb and Peter Wu. 2020. Reproducible Builds Documentation: Deterministic build systems. reproduciblebuilds.org. https:\/\/reproducible-builds.org\/docs\/deterministic-build-systems\/"},{"key":"e_1_3_2_1_12_1","unstructured":"Copperhead 2022. Building CopperheadOS. Copperhead. https:\/\/copperhead.co\/ android\/docs\/building\/  Copperhead 2022. Building CopperheadOS. Copperhead. https:\/\/copperhead.co\/ android\/docs\/building\/"},{"key":"e_1_3_2_1_13_1","volume-title":"Euro-Par 2015: Parallel Processing Workshops (Vienna, Austria) (LNCS","author":"Court\u00e8s Ludovic","unstructured":"Ludovic Court\u00e8s and Ricardo Wurmus . 2015. Reproducible and User-Controlled Software Environments in HPC with Guix . In Euro-Par 2015: Parallel Processing Workshops (Vienna, Austria) (LNCS , Vol. 9523). Springer, Cham, 579-- 591 . https: \/\/doi.org\/10.1007\/978--3--319--27308--2_47 10.1007\/978--3--319--27308--2_47 Ludovic Court\u00e8s and Ricardo Wurmus. 2015. Reproducible and User-Controlled Software Environments in HPC with Guix. In Euro-Par 2015: Parallel Processing Workshops (Vienna, Austria) (LNCS, Vol. 9523). Springer, Cham, 579--591. https: \/\/doi.org\/10.1007\/978--3--319--27308--2_47"},{"key":"e_1_3_2_1_14_1","unstructured":"Cybersecurity and Infrastructure Security Agency (CISA). 2020. Advanced Persistent Threat Compromise of Government Agencies Critical Infrastructure and Private Sector Organizations. Alert AA20--352A. National Cyber Awareness System. https:\/\/us-cert.cisa.gov\/ncas\/alerts\/aa20--352a  Cybersecurity and Infrastructure Security Agency (CISA). 2020. Advanced Persistent Threat Compromise of Government Agencies Critical Infrastructure and Private Sector Organizations. Alert AA20--352A. National Cyber Awareness System. https:\/\/us-cert.cisa.gov\/ncas\/alerts\/aa20--352a"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2018.2816033"},{"key":"e_1_3_2_1_16_1","volume-title":"Challenges and Implications of Verifiable Builds for Security-Critical Open-Source Software. In ACSAC '14: Proceedings of the 30th Annual Computer Security Applications Conference","author":"Carn\u00e9 de Carnavalet Xavier","year":"2014","unstructured":"Xavier de Carn\u00e9 de Carnavalet and Mohammad Mannan . 2014 . Challenges and Implications of Verifiable Builds for Security-Critical Open-Source Software. In ACSAC '14: Proceedings of the 30th Annual Computer Security Applications Conference ( New Orleans, LA, USA). ACM, New York, NY, USA, 16--25. https:\/\/doi.org\/10.1145\/2664243.2664288 10.1145\/2664243.2664288 Xavier de Carn\u00e9 de Carnavalet and Mohammad Mannan. 2014. Challenges and Implications of Verifiable Builds for Security-Critical Open-Source Software. In ACSAC '14: Proceedings of the 30th Annual Computer Security Applications Conference (New Orleans, LA, USA). ACM, New York, NY, USA, 16--25. https:\/\/doi.org\/10.1145\/2664243.2664288"},{"key":"e_1_3_2_1_17_1","unstructured":"Debian Wiki 2020. ReproducibleBuilds. Debian Wiki. https:\/\/wiki.debian.org\/ ReproducibleBuilds  Debian Wiki 2020. ReproducibleBuilds. Debian Wiki. https:\/\/wiki.debian.org\/ ReproducibleBuilds"},{"key":"e_1_3_2_1_18_1","unstructured":"devrandom 2022. Gitian: a secure software distribution method. devrandom. https:\/\/gitian.org\/  devrandom 2022. Gitian: a secure software distribution method. devrandom. https:\/\/gitian.org\/"},{"key":"e_1_3_2_1_19_1","volume-title":"Evaluating and Mitigating Software Supply Chain Security Risks","author":"Ellison Robert J.","year":"2010","unstructured":"Robert J. Ellison , John B. Goodenough , Charles B. Weinstock , and Carol Woody . 2010. Evaluating and Mitigating Software Supply Chain Security Risks . Technical Note Carnegie Mellon University\/SEI- 2010 -TN-016. Carnegie Mellon University, Software Engineering Institute . https:\/\/resources.sei.cmu.edu\/asset_files\/technicalnote\/2010_ 004_001_15176.pdf Robert J. Ellison, John B. Goodenough, Charles B. Weinstock, and Carol Woody. 2010. Evaluating and Mitigating Software Supply Chain Security Risks. Technical Note Carnegie Mellon University\/SEI-2010-TN-016. Carnegie Mellon University, Software Engineering Institute. https:\/\/resources.sei.cmu.edu\/asset_files\/technicalnote\/2010_ 004_001_15176.pdf"},{"key":"e_1_3_2_1_20_1","unstructured":"Daniel Fullmer. 2022. robotnix - Build Android (AOSP) using Nix. GitHub Project. https:\/\/github.com\/danielfullmer\/robotnix  Daniel Fullmer. 2022. robotnix - Build Android (AOSP) using Nix. GitHub Project. https:\/\/github.com\/danielfullmer\/robotnix"},{"key":"e_1_3_2_1_21_1","unstructured":"Google 2020. Android Continuous Integration dashboard. Google. https:\/\/ci. android.com  Google 2020. Android Continuous Integration dashboard. Google. https:\/\/ci. android.com"},{"key":"e_1_3_2_1_22_1","unstructured":"Google Developers 2021. Driver Binaries for Nexus and Pixel Devices. Google Developers. https:\/\/developers.google.com\/android\/drivers  Google Developers 2021. Driver Binaries for Nexus and Pixel Devices. Google Developers. https:\/\/developers.google.com\/android\/drivers"},{"key":"e_1_3_2_1_23_1","unstructured":"Google Developers 2021. Factory Images for Nexus and Pixel Devices. Google Developers. https:\/\/developers.google.com\/android\/images  Google Developers 2021. Factory Images for Nexus and Pixel Devices. Google Developers. https:\/\/developers.google.com\/android\/images"},{"key":"e_1_3_2_1_24_1","unstructured":"GrapheneOS 2022. Build. GrapheneOS. https:\/\/grapheneos.org\/build# reproducible-builds  GrapheneOS 2022. Build. GrapheneOS. https:\/\/grapheneos.org\/build# reproducible-builds"},{"key":"e_1_3_2_1_25_1","unstructured":"Guardian Project 2022. Services. Guardian Project. https:\/\/guardianproject.info\/ services\/  Guardian Project 2022. Services. Guardian Project. https:\/\/guardianproject.info\/ services\/"},{"key":"e_1_3_2_1_26_1","unstructured":"hashbang. 2022. AOSP Build. GitHub Project. https:\/\/github.com\/hashbang\/ aosp-build  hashbang. 2022. AOSP Build. GitHub Project. https:\/\/github.com\/hashbang\/ aosp-build"},{"key":"e_1_3_2_1_28_1","unstructured":"Joe Hicks. 2020. Welcome Android Open Source Project (AOSP) to the Bazel ecosystem. Google Developers. https:\/\/developers.googleblog.com\/2020\/11\/welcomeandroid-open-source-project.html  Joe Hicks. 2020. Welcome Android Open Source Project (AOSP) to the Bazel ecosystem. Google Developers. https:\/\/developers.googleblog.com\/2020\/11\/welcomeandroid-open-source-project.html"},{"key":"e_1_3_2_1_29_1","volume-title":"SAFECOMP","volume":"249","author":"J\u00e4mthagen Christopher","year":"2016","unstructured":"Christopher J\u00e4mthagen , Patrik Lantz , and Martin Hell . 2016 . Exploiting Trust in Deterministic Builds. In Computer Safety, Reliability, and Security (35th International Conference , SAFECOMP 2016, Trondheim, Norway) (LNCS , Vol. 9922). Springer, Cham, 238-- 249 . https:\/\/doi.org\/10.1007\/978--3--319--45477--1_19 10.1007\/978--3--319--45477--1_19 Christopher J\u00e4mthagen, Patrik Lantz, and Martin Hell. 2016. Exploiting Trust in Deterministic Builds. In Computer Safety, Reliability, and Security (35th International Conference, SAFECOMP 2016, Trondheim, Norway) (LNCS, Vol. 9922). Springer, Cham, 238--249. https:\/\/doi.org\/10.1007\/978--3--319--45477--1_19"},{"key":"e_1_3_2_1_31_1","volume-title":"Young","author":"Lamb Chris","year":"2019","unstructured":"Chris Lamb , Clemens Lang , and Valerie R . Young . 2019 . Reproducible Builds Documentation : Definition . reproducible-builds.org. https:\/\/reproducible-builds.org\/ docs\/definition\/ Chris Lamb, Clemens Lang, and Valerie R. Young. 2019. Reproducible Builds Documentation: Definition. reproducible-builds.org. https:\/\/reproducible-builds.org\/ docs\/definition\/"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSECP.2003.1203227"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3448609"},{"key":"e_1_3_2_1_34_1","volume-title":"The state of open source security report. Report","author":"Miller Alyssa","year":"2020","unstructured":"Alyssa Miller , Simon Maple , Ron Powell , and Vincent Danen . 2020. The state of open source security report. Report . Snyk Ltd . https:\/\/info.snyk.io\/sooss-report 2020 Alyssa Miller, Simon Maple, Ron Powell, and Vincent Danen. 2020. The state of open source security report. Report. Snyk Ltd. https:\/\/info.snyk.io\/sooss-report2020"},{"key":"e_1_3_2_1_35_1","volume-title":"Provenance-Aware Storage Systems. In Annual Tech '06: 2006 USENIX Annual Technical Conference. USENIX Association","author":"Muniswamy-Reddy Kiran-Kumar","year":"2006","unstructured":"Kiran-Kumar Muniswamy-Reddy , David A. Holland , Uri Braun , and Margo Seltzer . 2006 . Provenance-Aware Storage Systems. In Annual Tech '06: 2006 USENIX Annual Technical Conference. USENIX Association , Boston, MA, USA, 43--56. https:\/\/www.usenix.org\/legacy\/events\/usenix06\/tech\/muniswamyreddy.html Kiran-Kumar Muniswamy-Reddy, David A. Holland, Uri Braun, and Margo Seltzer. 2006. Provenance-Aware Storage Systems. In Annual Tech '06: 2006 USENIX Annual Technical Conference. USENIX Association, Boston, MA, USA, 43--56. https:\/\/www.usenix.org\/legacy\/events\/usenix06\/tech\/muniswamyreddy.html"},{"key":"e_1_3_2_1_36_1","volume-title":"DIMVA","volume":"43","author":"Ohm Marc","year":"2020","unstructured":"Marc Ohm , Henrik Plate , Arnold Sykosch , and Michael Meier . 2020 . Backstabber's Knife Collection: A Review of Open Source Software Supply Chain Attacks. In Detection of Intrusions and Malware, and Vulnerability Assessment (17th International Conference , DIMVA 2020, Lisbon, Portugal) (LNCS , Vol. 12223). Springer, Cham, 23-- 43 . https:\/\/doi.org\/10.1007\/978--3-030--52683--2_2 10.1007\/978--3-030--52683--2_2 Marc Ohm, Henrik Plate, Arnold Sykosch, and Michael Meier. 2020. Backstabber's Knife Collection: A Review of Open Source Software Supply Chain Attacks. In Detection of Intrusions and Malware, and Vulnerability Assessment (17th International Conference, DIMVA 2020, Lisbon, Portugal) (LNCS, Vol. 12223). Springer, Cham, 23--43. https:\/\/doi.org\/10.1007\/978--3-030--52683--2_2"},{"key":"e_1_3_2_1_37_1","unstructured":"Open Source Initiative 2018. History of the OSI. Open Source Initiative. https: \/\/opensource.org\/history  Open Source Initiative 2018. History of the OSI. Open Source Initiative. https: \/\/opensource.org\/history"},{"key":"e_1_3_2_1_38_1","volume-title":"Detection, assessment and mitigation of vulnerabilities in open source dependencies. Empir Software Eng 25 (Sept","author":"Ponta Serena Elisa","year":"2020","unstructured":"Serena Elisa Ponta , Henrik Plate , and Antonino Sabetta . 2020. Detection, assessment and mitigation of vulnerabilities in open source dependencies. Empir Software Eng 25 (Sept . 2020 ), 3175--3215. https:\/\/doi.org\/10.1007\/s10664-020- 09830-x 10.1007\/s10664-020- Serena Elisa Ponta, Henrik Plate, and Antonino Sabetta. 2020. Detection, assessment and mitigation of vulnerabilities in open source dependencies. Empir Software Eng 25 (Sept. 2020), 3175--3215. https:\/\/doi.org\/10.1007\/s10664-020- 09830-x"},{"key":"e_1_3_2_1_39_1","unstructured":"Red Hat Inc. 2021. The state of Enterprise Open Source. A Red Hat Report. Red Hat Inc. https:\/\/www.redhat.com\/en\/enterprise-open-source-report\/2021  Red Hat Inc. 2021. The state of Enterprise Open Source. A Red Hat Report. Red Hat Inc. https:\/\/www.redhat.com\/en\/enterprise-open-source-report\/2021"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1145\/3180155.3180224"},{"key":"e_1_3_2_1_41_1","unstructured":"Reproducible Builds project 2022. diffoscope: in-depth comparison of files archives and directories. Reproducible Builds project. https:\/\/diffoscope.org\/  Reproducible Builds project 2022. diffoscope: in-depth comparison of files archives and directories. Reproducible Builds project. https:\/\/diffoscope.org\/"},{"key":"e_1_3_2_1_42_1","unstructured":"Reproducible Builds project 2022. Reproducible Builds - a set of software development practices that create an independently-verifiable path from source to binary code. Reproducible Builds project. https:\/\/reproducible-builds.org\/  Reproducible Builds project 2022. Reproducible Builds - a set of software development practices that create an independently-verifiable path from source to binary code. Reproducible Builds project. https:\/\/reproducible-builds.org\/"},{"key":"e_1_3_2_1_43_1","unstructured":"Aamir Siddiqui. 2020. Everything you need to know about Android's Project Mainline. XDA Developers. https:\/\/www.xda-developers.com\/android-projectmainline-modules-explanation\/  Aamir Siddiqui. 2020. Everything you need to know about Android's Project Mainline. XDA Developers. https:\/\/www.xda-developers.com\/android-projectmainline-modules-explanation\/"},{"key":"e_1_3_2_1_44_1","volume-title":"May 16--19","author":"Simpson Stacy","year":"2022","unstructured":"Stacy Simpson . 2008. Fundamental Practices for Secure Software Development: A Guide to the Most Effective Secure Development Practices in Use Today. Rep. SAFECode. https:\/\/safecode.org\/publication\/SAFECode_Dev_Practices1108.pdf WiSec '22 , May 16--19 , 2022 , San Antonio, TX , USA Manuel P\u00f6ll and Michael Roland Stacy Simpson. 2008. Fundamental Practices for Secure Software Development: A Guide to the Most Effective Secure Development Practices in Use Today. Rep. SAFECode. https:\/\/safecode.org\/publication\/SAFECode_Dev_Practices1108.pdf WiSec '22, May 16--19, 2022, San Antonio, TX, USA Manuel P\u00f6ll and Michael Roland"},{"key":"e_1_3_2_1_45_1","volume-title":"Mobile Operating System Market Share Worldwide --","author":"Global StatCounter","year":"2021","unstructured":"StatCounter Global Stats 2021. Mobile Operating System Market Share Worldwide -- Jan 2021 - Dec 2021. StatCounter Global Stats . https:\/\/gs.statcounter.com\/osmarket-share\/mobile\/worldwide\/#monthly-201201--202112 StatCounter Global Stats 2021. Mobile Operating System Market Share Worldwide -- Jan 2021 - Dec 2021. StatCounter Global Stats. https:\/\/gs.statcounter.com\/osmarket-share\/mobile\/worldwide\/#monthly-201201--202112"},{"key":"e_1_3_2_1_46_1","unstructured":"Hans-Christoph Steiner Michael P\u00f6hn Tobias Groza Andreas Schildbach and kitsunyan. 2020. Reproducible Builds. F-Droid Ltd. https:\/\/www.f-droid.org\/en\/ docs\/Reproducible_Builds\/  Hans-Christoph Steiner Michael P\u00f6hn Tobias Groza Andreas Schildbach and kitsunyan. 2020. Reproducible Builds. F-Droid Ltd. https:\/\/www.f-droid.org\/en\/ docs\/Reproducible_Builds\/"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1145\/358198.358210"},{"key":"e_1_3_2_1_48_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Torres-Arias Santiago","year":"2019","unstructured":"Santiago Torres-Arias , Hammad Afzali , Trishank Karthik Kuppusamy , Reza Curtmola , and Justin Cappos . 2019 . in-toto: Providing farm-to-table guarantees for bits and bytes . In 28th USENIX Security Symposium (USENIX Security 19) . USENIX Association, Santa Clara, CA, USA, 1393--1410. https:\/\/www.usenix. org\/conference\/usenixsecurity19\/presentation\/torres-arias Santiago Torres-Arias, Hammad Afzali, Trishank Karthik Kuppusamy, Reza Curtmola, and Justin Cappos. 2019. in-toto: Providing farm-to-table guarantees for bits and bytes. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, USA, 1393--1410. https:\/\/www.usenix. org\/conference\/usenixsecurity19\/presentation\/torres-arias"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSAC.2005.17"}],"event":{"name":"WiSec '22: 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks","location":"San Antonio TX USA","acronym":"WiSec '22","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control","SIGMOBILE ACM Special Interest Group on Mobility of Systems, Users, Data and Computing"]},"container-title":["Proceedings of the 15th ACM Conference on Security and Privacy in Wireless and Mobile Networks"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3507657.3528537","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3507657.3528537","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T20:12:27Z","timestamp":1750191147000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3507657.3528537"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,5,16]]},"references-count":47,"alternative-id":["10.1145\/3507657.3528537","10.1145\/3507657"],"URL":"https:\/\/doi.org\/10.1145\/3507657.3528537","relation":{},"subject":[],"published":{"date-parts":[[2022,5,16]]},"assertion":[{"value":"2022-05-16","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}