June 20, 2024 at 09:18AM
The CHERI Alliance, launching in September, aims to enhance chip security by isolating hardware and software to safeguard against cyberattacks, addressing memory vulnerabilities particularly prevalent in ARM processors. The consortium, involving entities like University of Cambridge and SRI International, focuses on fine-grained memory protection for ARM, MIPS, and RISC-V architectures.
Key takeaways from the meeting notes:
– The CHERI Alliance is focused on protecting data stored in hardware memory from cyber attackers by isolating hardware and software to prevent code injection and data theft.
– Memory issues represent approximately 70% of the routes taken by cyber attackers, and the alliance aims to address this with fine-grained memory protection without major overhead.
– The alliance focuses on securing memory in ARM, MIPS, and RISC-V architectures, and backing entities include University of Cambridge, the FreeBSD Foundation, Capabilities Limited, lowRISC, and SCI Semiconductor. ARM is not currently part of the consortium.
– ARM-based processors have been vulnerable to memory-bound vulnerabilities, including those related to Meltdown and Spectre.
– The CHERI program, originally started in 2010 as a research program, has developed CHERI-based hardware with memory protection features and provides toolkits for C and C++ programmers to add memory protection while coding.
Let me know if you need more information or if there’s anything else I can assist you with!