RESCALE was proud to take part in HiPEAC 2026 in Kraków, Poland, engaging with one of Europe’s most important communities for computing systems research and innovation. Across the conference, our team connected with researchers, practitioners and industry stakeholders working at the intersection of hardware and software systems, performance, AI, and cybersecurity.

Our participation combined two key activities: on-site project posters to share RESCALE’s vision, objectives and progress, and a full-day RESCALE workshop dedicated to discussion and exchange around supply-chain assurance and “trust with proof”.

Thank you to everyone who stopped by, asked questions, shared insights, and helped make RESCALE’s presence at HiPEAC 2026 so valuable.

RESCALE posters on site: bringing the project to the community

Throughout HiPEAC 2026, RESCALE posters were available on Level 1, offering attendees an at-a-glance introduction to the project’s overall mission and the supply-chain challenge it addresses, why traditional “trust” signals in software and hardware supply chains are no longer enough and RESCALE’s vision for scalable, evidence-based assurance across the lifecycle.

Poster sessions are often where the most direct conversations happen and we were delighted to meet people with diverse perspectives, including those focused on embedded systems, cloud services, development toolchains and certification pathways. 

A successful full-day RESCALE workshop at HiPEAC 2026

A highlight of the conference was the dedicated RESCALE workshop, which took place on the last day of the conference and brought together participants from across the community to exchange practical experiences of supply-chain risk in modern systems, technical ideas for improving assurance and traceability and views on how to make “secure-by-design” measurable, maintainable and adoptable. The session created space for open, constructive discussion. Precisely the kind of community engagement RESCALE aims to foster.

Why supply-chain assurance needs a cross-layer view

Today’s computing systems are assembled from a complex mix of source code and third-party dependencies, binaries, firmware, and configuration artifacts, hardware components and platform features, and continuous updates and vulnerability intelligence that evolve over time. This reality makes “supply-chain security” more than a single check or document. It requires a holistic, cross-layer approach that can scale with the system. RESCALE is built around this principle, bringing together secure-by-design methods and tooling across the chain.

What RESCALE brings to the table: from SBOM to TBOM

One of the workshop’s core themes was RESCALE’s Trusted Bill of Materials (TBOM). While a classic SBOM helps answer “what is included?”, the TBOM goes further by supporting visibility across software and hardware components, traceability for where components come from and how they evolve, and verifiable security assurances backed by evidence rather than static claims. This idea reflects a wider shift in cybersecurity: trust is increasingly something that must be demonstrated and maintained, not assumed.

Connecting with HiPEAC’s community priorities

HiPEAC brings together people who build and study systems that are often performance-critical, safety- and security-relevant, highly heterogeneous (hardware/software co-design, accelerators, edge-to-cloud setups), and dependent on large stacks of third-party components. These environments make supply-chain assurance especially challenging—and especially important. For RESCALE, HiPEAC 2026 was an excellent place to test assumptions, compare approaches, and invite feedback on how supply-chain “trust records” can work in practice.

If you missed the workshop, or want to explore the project’s motivations and direction in more depth, here you can find the RESCALE feature in HiPEACinfo #77.  

What’s next for RESCALE

RESCALE continues to advance its platform and methods to support automated, evidence-based supply-chain assurance, with a focus on real-world adoption and integration. We will keep sharing updates, results, and opportunities to engage through our website channels.