Open Source Firmware Conference - Participate now!

Submit until October, 3rd, 2021
EXTENDED until October 15th, 2021

The OSFC is the first conference which focuses on all open-source firmware projects.

Our goal is to bring together as many open-source firmware projects, hardware manufacturers and developers as possible to collaborate and share their knowledge. The conference will take place for the fourth time in 2021 and will be held virtual this year again.

We provide an appropriate platform to bring together as many open-source projects, hardware manufacturers and developers as possible to collaborate, share knowledge and push the firmware development in an open-source manner.
We’re happy to host the OSFC for the fourth time. Therefore, we depend on your contributions to make it a successful conference.

Furthermore, we are happy to host the Practical And Defensive Security Conference (PADSEC) as a pop-up event at the OSFC this year. See below for further information.

List of Topics

  • Free and open-source firmware.
  • Free and open-source hardware from embedded device to server system.
  • State-of-the-art security in firmware.
  • Firmware and hardware reverse engineering.
  • Current hardware / firmware security issues.
  • Advances in open hard- and firmware on the market.
  • Bootloader and Hypervisor integration with firmware components.
  • Firmware testing and tooling.

Submission Guidelines

There are two types of submissions : Talks and live sessions. Please provide a meaningful abstract of at least 150 words. You can upload further resources like papers or slides afterwards. These can be updated until deadline and after acceptance.

In case of submitting a talk, you need to record your presentation after acceptance until November, 1st 2021. We will assist you with tools for the recording.


  • Deadline extended until October, 15th, 2021
  • Choose between short talk (15 min) or long talk (30 min)
  • Submit a meaningful abstract describing your topic
  • Notification of acceptance will be sent to you as soon as possible, latest at October, 15th, 2021 (extended until October, 20th)
  • After acceptance you need to provide your recorded presentation until November 1st 2021
  • We will assist you with tools for recording your presentation

Live Sessions

  • Sessions are like discussion forums
  • Become a moderator of your own round table
  • 40 minutes are recommended, but the time is up to you
  • Invite other people to join with video and audio
  • Sessions can be used to:
    1. Discuss on a certain topic
    2. Presenting a demo
    3. Implementing a project feature
    4. Working on a pull request
  • Provide a descriptive abstract
  • Submit a session until October, 3rd, 2021, so it will show up at the schedule after acceptance and generate traction to the attendees
  • Sessions can also be started spontaneously by any attendee at the event

PADSEC pop-up Conference

The Practical And Defensive Security Conference (PADSEC) is hosted as a popup event at the Open Source Firmware Conference 2021. Together, we want to move the needle and achieve real-world security improvements by looking at current problems and solutions with high technology readiness.

PADSEC Overview and scope

PADSEC is an opportunity to learn from each other and join an emerging community that aims to understand real-world security problems and their technical solutions. A technical solution is defensive if it protects against an identifiable threat and practical if it solves a real problem at the right time without unreasonably undermining other important system properties (such as performance, availability, ease of use, and compatibility). We hope to connect problems that need solutions with solutions that need problems by providing a meeting point for people with different backgrounds. For example, you may be a student, an academic, or an engineer.

You can attend as a presenter of a problem talk (without having a solution), a presenter of a full talk (by having a usable solution or analysis), or as an attendee who takes part in open-ended discussions. The list of topics that define our technical scope is as follows:

  • Trustworthy Systems
  • Managing complexity (as it relates to security)
  • Firmware security
  • OS and user land protection and security
  • Trusted computing
  • Confidential computing
  • Transparency logging
  • Communication security
  • Privacy
  • Anonymity

Note that the broader scope of PADSEC emphasizes technical, practical, and defensive. Examples of non-scope include user studies, clean-slate architectures, and attack demos.

PADSEC Submission Guidelines

Full talks have an immediate facilitated Q/A session, which contrasts with the shorter problem talks in a separate break-out room.

To submit a talk, you need to prepare an abstract of at least 150 words that overviews the problem and the threat model/solution/analysis if it is a full talk. Your overview must be at most one page and need not be anonymized. If accepted, it will be uploaded to the conference website.

PADSEC Full talk

A full talk is expected to be at most 20 minutes and have:
1. A clear problem description and threat model,
2. A technical solution or analysis that can be presented and used, and
3. Applies at least one technical topic that is within the scope of PADSEC.

We encourage talks that apply ideas from multiple orthogonal fields. A facilitated Q/A will follow every full talk. No talk and Q/A combined exceeds 30 minutes.

PADSEC Problem talk

A problem talk is an opportunity to “bring your problem.” It should be 5-15 minutes, down to the point, and culminate in an open-ended discussion regarding potential solutions.

Multiple problem talks will follow each other before breaking out into a separate meeting room. The attendees can jump in and out for 15-25 minutes.


Submissions Due: October, 3rd, 2021, extended until October, 15th, 2021
Notification of Acceptance: After review, the latest October 15th 2021, extended until October, 20th, 2021
Conference: November 30th to December 1st

Speakers of accepted submissions get a ticket refund. (Maximum two ticket refunds per submission)

Digital Venue

The conference is hosted by 9elements Cyber Security at
Information on how to access the event platform will be provided to speakers in due course. At the same time, you will receive instructions for the presentation.


Talks and Sessions will be streamed to the audience via the event platform. Further, talks will be recorded and published afterwards. If a recording is not desired by a speaker, this can be marked during the submission process.
The OSFC 2021 proceedings will be made available online afterwards.

Code of Conduct


email to:
phone to: +49 (0) 234 689 41 88

Please note, all times and dates in this system are CET - Central European Time (UTC+1)

This Call for Papers closed on 2021-10-16 09:00 (Europe/Berlin).