USENIX Security '26 Call for Artifacts

The 35th USENIX Security Symposium will evaluate research artifacts for availability, functionality, and reproducibility.

For USENIX Security '26, paper acceptance is conditional on verification of the availability of the artifacts provided at paper submission time. In other words, all authors of (conditionally) accepted USENIX Security '26 papers (including shepherded papers) are required to openly share their research artifacts or explain their omission. Each artifact provided at paper submission time must be resubmitted to the artifact evaluation committee for availability verification. In particular, authors need to share 1) the original anonymous artifact link they shared during paper submission time, along with the same deanonymized artifact hosted on a platform that supports permanent storage (see below). Authors are also encouraged to submit their artifacts for functionality and reproducibility assessments.

Before submitting your artifact, please carefully read the artifact evaluation information below. Should you have any questions or concerns, you can reach the AEC chairs at [email protected].

Summary:

  1. Authors of (conditionally) accepted papers have to openly share their artifacts at submission time and submit those artifacts for final availability verification after (conditional) paper acceptance, or have convincingly explained in their paper submission why sharing artifacts was not possible. Artifact functionality and reproducibility assessments remain optional.
  2. Artifacts (including for shepherded papers) should be submitted in the same cycle as the (conditionally) accepted paper.
  3. Artifact availability verification starts after the first author notification deadline for each cycle, but before final papers are due.

Important Dates

Cycle 1

  • Notification to authors (paper): Thursday, December 4, 2025
  • Shepherding author notification (paper): Thursday, December 18, 2025
  • Artifacts due for availability verification:
    • For (Conditionally) Accepted papers: Thursday, December 11, 2025
    • For (Conditionally) Accepted on Shepherd Approval: Thursday, December 18, 2025
  • Artifact available decision notification: Tuesday, January 13, 2026
  • Final papers due: Thursday, January 15, 2026
  • Artifact functional/reproducible submission deadline: Thursday, January 29, 2026
  • Artifact evaluation author discussion period: Friday, February 6, 2026, to Wednesday, March 4, 2026
  • Artifact functional/reproducible decision notification: Wednesday, March 11, 2026
  • Final appendix files due: Wednesday, March 18, 2026

Cycle 2

  • Notification to authors (paper): Thursday, May 14, 2026
  • Shepherding/revision author notification (paper): Thursday, May 28, 2026
  • Artifacts due for availability verification:
    • For (Conditionally) Accepted papers: Thursday, May 21, 2026
    • For (Conditionally) Accepted on Shepherd Approval: Thursday, May 28, 2026
  • Artifact available decision notification: Tuesday, June 9, 2026
  • Final papers due: Thursday, June 11, 2026
  • Artifact functional/reproducible submission deadline: Thursday, June 18, 2026
  • Artifact evaluation author discussion period: Friday, June 26, 2026, to Wednesday, July 22, 2026
  • Artifact functional/reproducible decision notification: Wednesday, July 29, 2026
  • Final appendix files due: Wednesday, August 5, 2026

Artifact Evaluation Information

Overview

A scientific paper consists of a constellation of artifacts that extend beyond the document itself: software, hardware, evaluation data and documentation, raw survey results, mechanized proofs, models, test suites, benchmarks, and so on. In some cases, the quality of these artifacts is as important as that of the paper itself. To emphasize the importance of such artifacts, the benefits to the authors and the community as a whole, and to promote the availability and reproducibility of experimental results, USENIX Security runs an Artifact Evaluation. While research artifacts are expected to be available at paper submission time and submitted for final availability verification after paper (conditional) acceptance by the above given deadlines, authors of accepted papers can also optionally submit their artifacts for functionality and reproducibility assessments. The AEC will review each submitted artifact and also grant Distinguished Artifact Awards to outstanding artifacts accepted to USENIX Security '26.

Process

Similarly to last year at USENIX Security, the AE will take place in two submission phases: (1) a mandatory AE for continued availability verification after conditional paper acceptance and before the final papers are due (note that the papers' conditional acceptance is subject to successfully passing through the AE for availability verification); (2) an optional AE for functionality and reproducibility after final papers are due. In both cases, the submitted artifacts will be reviewed by the AEC. Artifacts should be submitted in the same cycle as the accepted paper.

  1. Mandatory submission of artifacts for availability verification:

    First, authors of (conditionally) accepted papers (including Accepted on Shepherd Approval papers) have to openly share their research artifacts by default and submit them for the AE for availability verification before the final papers are due. If, for some reason, artifacts cannot be shared, a detailed justification must be provided at paper submission time and must be validated by the reviewers (i.e., if the reviewers disagree with the justification, the authors have to submit their artifacts, or their paper will be rejected). For example, some artifacts may be subject to licensing restrictions, NDA, or ethical concerns (in some cases, e.g., interview transcripts or zero-day exploits). Even if the full artifacts cannot be shared (e.g., proprietary datasets), the rest of the artifacts (e.g., source code) are still expected to be publicly and permanently shared and submitted for artifact evaluation. (Conditionally) Accepted papers that do not openly share their artifacts without a satisfactory reason will be rejected. In case of doubt, contact the program chairs and AEC chairs beforehand. Each submitted artifact will be reviewed by the Artifact Evaluation Committee (AEC).

    All papers submitted to USENIX Security '26 have to discuss the artifacts the authors will make publicly available; the authors should add this discussion in the one additional page allowed for discussing “compliance with the open science policy". The text should refer to results from the main body of the paper and clearly enumerate all artifacts that are made available. The AEC will then verify, during the availability verification phase, that all artifacts that were promised to be made available are publicly and permanently available and that those artifacts correspond to what the authors submitted at paper submission time. The AEC will also ensure that all artifacts corresponding to the paper's main contributions were made available.

    Please note that the artifacts need to be made available on a platform that supports permanent access. For this purpose, we recommend Zenodo. Other valid hosting options include institutional and third-party digital repositories such as FigShare, Dryad, and Software Heritage. On the other hand, we do not accept artifacts hosted on personal websites or software development repositories such as GitHub. Please see the artifact submission instructions. In case of any questions, please contact the AEC chairs.

    In some cases, sensitive artifacts cannot be made publicly available. In such cases, we recommend that the authors use the “restricted access" features of the recommended platforms. For example, Zenodo supports this feature for researchers to share data in a restricted manner (https://help.zenodo.org/docs/share/access-requests/). This enables artifacts to be permanently available while allowing the authors to keep the access restricted. This “restricted access" feature should only be used for sensitive artifacts; the remaining non-sensitive artifacts have to be shared publicly (i.e., you may have two repositories, one for sensitive artifacts and one for the rest). Restricting the access of non-sensitive artifacts during or after artifact evaluation is a violation of the Call for Artifacts, and the corresponding USENIX Security papers will see their acceptance rescinded.

    N.B.: Authors of shepherded papers need to submit their artifacts in the same cycle they submitted their paper in. For example, a shepherded paper in Cycle 1 needs to submit their artifacts to the AEC for availability verification in Cycle 1. Note that the shepherding author notification and the submission deadline for availability verification for those papers are on the same day, so authors should anticipate and plan accordingly.

  2. Optional submission of artifacts for functionality and reproducibility assessments:

    Second, authors of accepted papers are encouraged to register their artifacts to also be checked for functionality and reproducibility. Additional information regarding artifact registration (for functionality and reproducibility assessments) and files to be submitted for review are provided here.

    Authors define the contents of their artifact submission. For example, software, hardware, data sets, survey results, test suites, mechanized (but not paper) proofs, access to special hardware, and so on. Authors choose which badges their artifact should be evaluated towards, i.e., one or two of the following: Artifacts Functional and Results Reproduced. In general, good artifacts are expected to be: consistent with the paper, as complete as possible, well documented, and easy to (re)use. The AEC will read the paper and then judge if the artifact meets the criteria for each of the requested badges.

Each artifact submission will be reviewed by at least two AEC members. The review is single-blind (i.e., no need to anonymize the artifacts, neither for availability verification nor for functionality and reproducibility assessments) and strictly confidential. All AEC members are instructed to treat the artifact confidentially during and after completing evaluation and to not retain any part of the artifact after evaluation. Artifacts can include models, data files, proprietary binaries, exploits under embargo, etc. If your paper is under embargo during artifact evaluation, please let the AEC chairs know beforehand; you will still need to submit your artifacts for availability verification. Even if authors cannot make their artifacts publicly accessible (e.g., proprietary files), they could still apply for Artifacts Functional and ResultsReproduced. Since we anticipate small glitches with installation and use, reviewers may communicate with authors during artifact evaluation to help resolve glitches while preserving reviewer anonymity. Please make sure that at least one of the authors is reachable to answer questions in a timely manner.

Contact Information

Specific questions about artifact submissions may be sent to the AEC chairs at [email protected]. The chairs will respond to individual questions about the AE process if contacted at least two working days before the artifact submission deadline.

SUBMIT YOUR ARTIFACT

Artifact Evaluation Committee

Artifact Evaluation Committee Co-Chairs

Aurore Fass, Inria Centre at Université Côte d’Azur
Deepak Kumar, University of California, San Diego
Christian Wressnegger, Karlsruhe Institute of Technology

Artifact Evaluation Publication Chair

Tiago Heinrich, Max Planck Institute for Informatics

Artifact Evaluation Committee

Eric Ackermann, CISPA Helmholtz Center for Information Security
Shubham Agarwal, Max Planck Institute for Security and Privacy
Iman Alipour, Max Planck Institute for Informatics
Arshia Arya, University of California, San Diego
Md Sadik Awal, Florida International University
Sofiane Azogagh, Université du Québec à Montréal
Alessandro Baccarini, Input Output
Juyang Bai, Johns Hopkins University
Weiheng Bai, University of Minnesota
Leonhard Balduf, Technische Universität Darmstadt
Fabian Bäumer, Ruhr University Bochum
Philipp Beer, TU Wien
Paschalis Bekos, Stony Brook University
Nicola Bottura, Prisma s.r.l.
Jiahao Cao, Tsinghua University
Katharina Ceesay-Seitz, ETH Zurich
M.A.P. Chamikara, CSIRO's Data61
Anish Chand, Louisiana State University
Hongyan Chang, Mohamed bin Zayed University of Artificial Intelligence
Xijia Che, University of Illinois Urbana–Champaign
Bocheng Chen, University of Mississippi
Boru Chen, University of California, Berkeley
Junming Chen, George Mason University
Meng Chen, Zhejiang University
Simin Chen, Columbia University
Yuetian Chen, Purdue University
Shao-Yu Chu, University of California, San Diego
Paul Chung, University of California, San Diego
Jian Cui, University of Illinois Urbana–Champaign
Valentino Dalla Valle, CISPA Helmholtz Center for Information Security
Vishnu Dasu, The Pennsylvania State University
Qing Deng, University of California, Riverside
Zizhuang Deng, Shandong University
Guillaume Didier, Saarland University
Wanning Ding, Syracuse University
Weikang Ding, University of Missouri-Kansas City
Tian Dong, The University of Hong Kong
Jan Drescher, Technische Universität Braunschweig
Hassan El Alami, Howard University
Zachary Espiritu, MongoDB Research
Aurore Fass, Inria Centre at Université Côte d'Azur
Aurore Fass, CISPA Helmholtz Center for Information Security
Fabian Fleischer, Georgia Institute of Technology
Marius Fleischer, NVIDIA
Jie Fu, Stevens Institute of Technology
Julian Funk, Friedrich-Alexander-Universität Erlangen-Nürnberg
Eric García Arribas, TU Graz
Dañiel Gerhardt, CISPA Helmholtz Center for Information Security
Rajdeep Ghosh, Indian Institute of Technology Kharagpur
Gwihwan Go, Tsinghua University
Bernd Gruner, German Aerospace Center (DLR)
Michele Guerra, New York University Abu Dhabi
Keno Hassler, CISPA Helmholtz Center for Information Security
Lipeng He, University of Waterloo
Tiago Heinrich, Max Planck Institute for Informatics
Mathé Hertogh, Vrije Universiteit Amsterdam
Yiwei Hou, University of California, Berkeley
Hongsheng Hu, University of Newcastle
Shengtuo Hu, Palo Alto Networks
Long Huang, University of Michigan
Yujin Huang, The University of Melbourne
Yujin Huang, The University of Melbourne
Michele Ianni, University of Calabria, Italy
Abdullah Al Ishtiaq, The Pennsylvania State University
Noa Izsak, CISPA Helmholtz Center for Information Security
Malvika Jadhav, University of Florida
Ismat Jarin, University of California, Irvine
Patrick Jattke, ETH Zurich
Fujiao Ji, University of Tennessee, Knoxville
Zhengjie Ji, Virginia Tech
Jinan Jiang, The Hong Kong Polytechnic University
Qisheng Jiang, Duke University
Yibo Jin, The Hong Kong University of Science and Technology
Ehsanul Kabir, The Pennsylvania State University
Kelechi Kalu, Purdue University
Pratik M. Kamble, Binghamton University
Rahul Kande, Advanced Micro Devices (AMD)
Ameer Kashani, DENSO
Mugdha Khedkar, Heinz Nixdorf Institute, Paderborn University
Joseph Khoury, Louisiana State University
Dongwook Kim, Yonsei University
Jiwon Kim, Purdue University
Juhee Kim, Seoul National University
Sungwoo Kim, Purdue University
Robin Kirchner, Technische Universität Braunschweig
Maynard Koch, Technische Universität Dresden
Zsolt Kucsvan, University of Twente
Ashish Kumar, The Pennsylvania State University
Deepak Kumar, University of California, San Diego
Seoyoung Kweon, University of California, San Diego
Verena Lachner, University of Innsbruck
Guilhem Lacombe, Verimag and Université Grenoble-Alpes
Felix Lange, Paderborn University
Jinseo Lee, Korea Advanced Institute of Science and Technology (KAIST)
Seungju Lee, Princeton University
Ahmed Lekssays, Qatar Computing Research Institute
Jiate Li, University of Southern California
Kunlin Li, The Hong Kong University of Science and Technology (Guangzhou)
Kunyang Li, University of Wisconsin—Madison
Peiyang Li, Ant Group and Tsinghua University
Xiang Li, George Mason University
Ying Li, University of California, Los Angeles
Youpeng Li, The University of Texas at Dallas
Junkai Liang, Peking University
Kyungchan Lim, University of Maryland, College Park
Elizabeth Lin, North Carolina State University
Zhengyao Lin, Carnegie Mellon University
Zilong Lin, University of Missouri-Kansas City
Changming Liu, Google
Junming Liu, Max Planck Institute for Security and Privacy 
Junrui Liu, University of California, Santa Barbara
Mengling Liu, The Hong Kong Polytechnic University
Mingyi Liu, Georgia Institute of Technology
Puzhuo Liu, Ant Group and Tsinghua University
Side Liu, Tulane University
Xuanming Liu, Zhejiang University
Yichen Liu, University of Illinois Urbana–Champaign
Yupei Liu, The Pennsylvania State University
Minjun (Elena) Long, University of Virginia
Feng Luo, The Hong Kong Polytechnic University
Kaixuan Luo, The Chinese University of Hong Kong
Muxi Lyu, University of California, Berkeley
Xingyu Lyu, University of Massachusetts Lowell
Binhao Ma, University of Missouri-Kansas City
Jie Ma, Beihang University
Kai Ma, Huazhong University of Science and Technology
Xiaoyue Ma, George Mason University
Zuchao Ma, The Hong Kong Polytechnic University
Marcel Maehren, Ruhr University Bochum
Noah Mauthe, CISPA Helmholtz Center for Information Security
Federico Mazzone, University of Twente
Yassine Mekdad, Florida International University
Sepehr Mirzaei, Saarland University
Atefeh Mohseni-Ejiyeh, University of California, Santa Barbara, and Harness
Hamza Mouhcine, Qatar Computing Research Institute
Jonas Mücke, Technische Universität Dresden
Antonio Muñoz, University of Malaga
Nima Naderloui, University of Connecticut
Hocheol Nam, Korea Advanced Institute of Science and Technology (KAIST)
Kevin Nam, Seoul National University
Tushar Nayan, Florida International University
Nurlan Nazaraliyev, University of California, Riverside
Ravan Nazaraliyev, University of California, Riverside
Niklas Niere, Paderborn University
Jean-Charles Noirot Ferrand, University of Wisconsin—Madison
Paul Olivier, LAAS-CNRS
Fariba Osali, Max Planck Institute for Informatics
Yumingzhi Pan, Southeast University
David Pape, CISPA Helmholtz Center for Information Security
Giuseppe Parrella, University of Salerno
Huiyun Peng, Purdue University
Zifan Peng, The Hong Kong University of Science and Technology (Guangzhou)
Daniel Pöllmann, ETH Zurich and Lucerne University of Applied Sciences and Arts
Juefei Pu, University of California, Riverside
Siliang Qin, Institute of Information Engineering, Chinese Academy of Sciences
Vaishnavi Raghavajosyula, Max Planck Institute for Informatics
Shoupeng Ren, Zhejiang University
Arman Riasi, Virginia Tech
Mohamadreza Rostami, Technische Universität Darmstadt
Florian Roudot, University of Rennes
Bonan Ruan, National University of Singapore
Amit Samanta, University of Utah
Sambhav Satija, University of Wisconsin—Madison
Shayan Shabihi, University of Maryland, College Park
Leming Shen, The Hong Kong Polytechnic University
Zewei Shi, The University of Melbourne and CSIRO's Data61
Ye Shu, University of California, San Diego
Sachin Shukla, Microsoft
Sachin Kumar Singh, University of Utah
Amit Singha, Purdue University
Devansh Srivastav, CISPA Helmholtz Center for Information Security
Tim Leonhard Storm, Paderborn University
Tong Sun, Zhejiang University
Guofeng Tang, Singapore Management University
Fabian Thomas, CISPA Helmholtz Center for Information Security
Yunpeng Tian, The Hong Kong Polytechnic University
Dominic Troppmann, CISPA Helmholtz Center for Information Security
Yu-Jye Tung, The Pennsylvania State University
Mughees Ur Rehman, Virginia Tech
Corban Villa, University of California, Berkeley
Arturo Villacañas, Independent Researcher
Guruprasad Viswanathan Ramesh, University of Wisconsin—Madison
Ryan Vrecenar, Sandia National Laboratories
Chenkai Wang, University of Illinois Urbana–Champaign
Chenyi Wang, University of Arizona
Lihua Wang, University of New South Wales
Longxiang Wang, City University of Hong Kong
Yaofei Wang, Hefei University of Technology
Zihan Wang, The University of Queensland and CSIRO's Data61
Thom Wiggers, PQShield
Annika Wilde, Ruhr University Bochum
Luca Wilke, Microsoft Research
Christian Wressnegger, Karlsruhe Institute of Technology (KIT)
Stanley Wu, University of Chicago
Yuwei Xiao, Linkedin
Zhikang Xie, The University of Hong Kong
Peiran Xu, University of California, Los Angeles
Tianshi Xu, Peking University
Ziqing Yang, CISPA Helmholtz Center for Information Security
Shenglong Yao, Georgia Institute of Technology
Taeung Yoon, University of Illinois Urbana–Champaign
Zi-Quan You, Institute for Network Sciences and Cyberspace, BNRist, Tsinghua University
Jiahao Yu, Northwestern University
Jiangrui Yu, Peking University
Jiongchi Yu, Singapore Management University
Jiping Yu, Tsinghua University
Mehtab Zafar, National University of Singapore
Mingming Zha, Indiana University Bloomington
Xiao Zhan, Universitat Politècnica de València and University of Cambridge
Bo Zhang, Northwestern Polytechnical University
Bosi Zhang, Huazhong University of Science and Technology
Junqi Zhang, University of Science and Technology of China
Shenyi Zhang, Wuhan University
Tingwei Zhang, Cornell Tech
Xiang Zhang, Tianjin University
Xiaohan Zhang, Fudan University
Xin Zhang, Peking University
Zhiyu Zhang, Institute of Information Engineering, Chinese Academy of Sciences
Zhou Zhang, Beihang University
Kunsong Zhao, The Hong Kong Polytechnic University
Yao Zhao, Victoria University
Xia Zhou, Zhejiang University
Yi Zhou, Amazon Web Serivce
Jinhao Zhu, University of California, Berkeley
Zeyang Zhuang, The Chinese University of Hong Kong
Haodi Zou, University of California, San Diego
Yunkai Zou, Nankai University