The Reversing and Offensive-oriented Trends Symposium, an academic workshop, is again co-located with the DeepSec conference in its sixth year. ROOTS solicits contributions that focus on theorems and root shells: In security, two things you absolutely cannot argue with.

Security is hard to define. Most often, security is defined by its absence. For scientists, this is particularly unsatisfactory. A lack of definition increases the difficulty to find suitable quantitive and qualitative models. Even though the overall landscape is blurry at best; exploitation, reverse engineering, and offensive techniques have their place. ROOTS aims to explore this territory.

The first European symposium of its kind, ROOTS aims to provide an industry-friendly academic platform to discuss trends in exploitation, reversing, offensive techniques, and effective protections. Submissions should provide novel attack forms, describe novel reversing techniques, or effective deployable defenses. Submissions can also provide a comprehensive overview of the state-of-the-art, and pinpoint promising areas that have not received appropriate attention in the past.

Topics of interest include but are not limited to:

- New exploitation techniques and methodologies
- New reverse engineering techniques and methodologies
- The science of (in)security
- The role of exploitation in the science of security
- The role of reverse engineering in the science of security
- Novel approaches to security scalability, in the actual world or in simulated environments (CTF)
- New unintended programming and execution models (“weird machines”)
wherein the program is encoded in data, metadata, descriptors, etc.
- Automated code analysis and semantic understanding
- Formal models of exploitation and formal methods for exploitation
- Systematization of knowledge in exploitation
- Systematization of knowledge in reverse engineering
- Exploitation of trending platforms and architectures: IoT, cloud, SDNs, etc.
- Reverse engineering of trending platforms and architectures: embedded systems, IoT, cloud, SDNs, etc.
- Exploitation perspectives on emerging trust models: SGX, enclaves, blockchains, etc.
To facilitate interaction with industry, the ROOTS ticket will be valid for all DeepSec conference tracks on both days, including the industry tracks, and tickets for the industry track will be valid for ROOTS.