skip to primary navigationskip to content

Fundamentally more secure computer systems: the CHERI approach

In collaboration with SRI International (California), members of the Computer Architecture and Security groups in the Cambridge Computer Laboratory have spent over eight year exploring fundamentally more secure ways of building computer systems.  Starting with a conventional microprocessor, we have added augmented the hardware/software interface with new compartmentalisation primitives that allow security critical properties of software to be better represented.  This ensures that the hardware better understands the software that it is running, so is better able to run the code as the programmer intended, not as the attacker tricked it.  Compartmentalisation allows software to exploit the principle of least privilege, a fundamental idea in computer security dating back to the 1960s but is ill supported by prior computers.

Our new microprocessor (CHERI), operating system (CheriBSD based on FreeBSD) and compiler support (based on Clang/LLVM) can run existing software while allowing security enhancements to be added automatically via recompilation of the software, and through the developer adding compartmentalisation.  We have demonstrated automatic exploit mitigation of security vulnerabilities like Heartbleed (that his banking) and WannaCry (that hit the NHS), as well as mitigating common place buffer overflow/underflow and many return-oriented programming (ROP) and jump-oriented programming (JOP) attacks.

This radical approach was made possible through substantial US government funding (tens of millions of dollars) for a large team over eight years.  We have been able to straddle many levels of abstraction that commercially are typically different industries, resulting in market failure.  In particular, the hardware and software industries are separate, limiting their ability to optimise across the hardware/software divide.

We are currently working with large industrial players and government actors to bring the technology to the masses.  We believe that this new technology can make computer systems far more trustworthy than they are today.

 

Prof. Simon Moore
Trust & Technology Initiative; Department of Computer Science and Technology, University of Cambridge

About us

The Trust & Technology Initiative brings together and drives forward interdisciplinary research from Cambridge and beyond to explore the dynamics of trust and distrust in relation to internet technologies, society and power; to better inform trustworthy design and governance of next generation tech at the research and development stage; and to promote informed, critical, and engaging voices supporting individuals, communities and institutions in light of technology’s increasing pervasiveness in societies.

Find out more > 

Mailing list

Sign up to the Trust & Technology mailing list to keep up-to-date with our news, events, and activities

Sign up to our mailing list >