CHERI Alliance Looks to Compliment Memory Safety with Scalable Software Compartmentalization
June 17, 2024
News
Cambridge, United Kingdom. The CHERI Alliance CIC (Community Interest Company) today announced it will be advancing the industry-wide adoption of the security technology CHERI (Capability Hardware Enhanced RISC Instructions). The CHERI Alliance aims to lead the industry in adopting enhanced security measures and ensuring adherence to commonly defined standards.
Professor Simon Moore, University of Cambridge said, “As noted by the White House in a recent report on a path toward secure and measurable software, hardware support is critical to robust and efficient memory safety. Compiling software to run on CHERI enhanced processors guarantees very strong memory safety that an attacker cannot bypass.”
The initial founding members of the CHERI Alliance include Capabilities Limited, Codasip, the FreeBSD Foundation, lowRISC, SCI Semiconductor, and the University of Cambridge. With representatives from industry and academia. The Alliance governing board will work to unite industry leaders, system developers, users, and security experts, driving the promotion of CHERI as an effective security standard.
CHERI is a well-established hardware-based technology designed by the University of Cambridge and the research institute SRI International. It prevents memory issues, safeguarding consumers and averting trillions of dollars in potential damages. It can be applied selectively to critical functions with minimal software modifications, enhancing the security of existing products with little effort. The vast array of existing C/C++ software can continue to be used to create a more secure system.
CHERI enables high-performance scalable compartmentalization. This restricts attackers from using unknown vulnerabilities to escalate their attacks on the system. This feature offers protection against both known and future exploitations reducing the risk and impact of supply chain attacks.
“The software community has been trying to solve memory-related issues for 75 years,” said Ron Black, CEO of Codasip. “Progress has been limited, and security breaches are surging. It’s time to complement the software efforts with robust hardware to prevent buffer overflows, over-reads, and other memory-related vulnerabilities. With CHERI, the hardware community can now give software the tools to fight this.
For more information, visit cheri-alliance.net.