CHERI and Arm Morello: mitigating the terrible legacy of memory-safety security issues, in practice at scale
Talk by Peter Sewell (he/him) ⚠️
Friday from 5:30 PM - 6:00 PM in Stage C
This talk has the following content notes:
Discussions of C/C++ memory unsafety should be terrifying - but I'll try to make this accessible to all, whether you write code or not.
Computing is riddled with security vulnerabilities, many of which arise from memory safety issues. Conventional hardware architectures and the C/C++ codebase are chronically prone to exploitable errors - a 75-year-old problem at the heart of computing. This talk will introduce CHERI, showing how (finally?!) we can do better. The CHERI research project has developed a new architecture+software approach, using unforgeable hardware capabilities to implement pointers. Morello is an Arm experimental platform for evaluation of CHERI to explore its potential for mass-market adoption, part-funded by the UKRI Digital Security by Design programme, and other groups are developing CHERI-enabled RISC-V processors, including Microsoft, Google, lowRISC, SCI Semiconductor, Codasip, and RISC-V International. This talk will introduce the problem, and CHERI and Morello, for a broad audience: the hardware extensions, their potential for fine-grained memory safety and software compartmentalisation, the CHERI software stack, and machine-checked mathematical proof that the architecture design provides the intended security. CHERI complements alternative high-level-language approaches, that would need code to be rewritten from scratch, and we'll talk about the often-low cost of porting code to CHERI. I'll demo how CHERI prevents exploitable memory safety errors on a Morello box, running Arm CHERI hardware and a complete CHERI software stack. This is joint work by the CHERI and Morello teams at the University of Cambridge, Arm, SRI International, and the University of Edinburgh.
If you would like to mark this as a favourite please log in.