In the ever-increasingly digital world, we must have trust in the technology that keeps us and our information safe. Yet, the cost of cyber failures is expected to cost the worldwide economy $10.5trn annually by 2025 (2023 Global Cybersecurity Outlook report), highlighting the fragility of the world to which we inherently place our trust.
Innovate UK has announced a £1.2m investment into a demonstrator project called RESAuto which is led by Thales UK. The automotive sector is fundamentally dependant on a complex supply chain and is subject to international regulatory and legal controls with conflicting through-life objectives of safety, privacy, and access to data. For a CHERI-based solution to fulfil its potential it’s essential to quantify the impacts across this complex environment. RESAuto demonstrates the quantified advantages of CHERI-based solutions in complex interconnected systems with sophisticated supply ecosystems and liability models. RESAuto is using an Automotive Braking System integrated with a real-time monitoring and compliance system as its exemplar for the demonstration.
Peter Davies, Director Security Concepts at Thales UK, said: “The RESAuto consortium is delighted to be given this opportunity to examine in the context of a complex global supply ecosystem, where safety is a paramount public expectation, how the characteristics of a CHERI- based solution might benefit the achievability, including economically, of resilient outcomes including in the face of cyber threats. Demonstrating both the economic benefits compared to other potential solutions and the demand lines through the supply ecosystem will be critical if CHERI-based solutions are to become significant in the coming decade “
RESAuto joins the existing DSbD AutoCHERI project led by Beam Connectivity which has integrated CHERI into automotive grade Telematics Control Units (TCUs) and is testing the cyber security enhancements in the real world.
Thomas Sors, Cofounder and CEO of Beam Connectivity, said: “All new vehicles will be connected which is driving the need for higher levels of security to support the adoption of features such as over-the-air software updates, Vehicle-to-everything (V2X) applications and remote teleoperations. In the AutoCHERI project we are looking at innovations which will support vehicle manufacturers meet these emerging challenges for improved resilience.”
Innovate UK is also investing in a project led by lowRISC, a not-for-profit based in Cambridge which creates open source tools for communities to promote collaborative engineering. Microsoft has recently extended the popular RISC-V Ibex core, maintained by lowRISC, with prototype CHERI support and released this work to the open source community as CHERIoT. This project will see the LowRISC create two prototypes around the CHERIoT core and the open source OpenTitan® root of trust — which has been developed by lowRISC, in partnership with Google and other major commercial and academic partners.
Dr Gavin Ferris, CEO, lowRISC CIC, said: “As a UK non-profit silicon engineering company, lowRISC is very excited to be participating in this innovative — and fully open source — project in partnership with Microsoft. We believe it will help establish the value of the RISC-V CHERIoT embedded platform in the challenging domain of operational technology, where critical security requirements must be achieved within extremely tight power, area and financial budgets.”
Across the current DSbD ecosystem, industry and academia are discovering the benefits of porting and refactoring their code to the Morello prototype platform. While researching advances in DSbD software tooling as part of a GE Aerospace-led consortium, AdaCore found a memory-safety bug during the development of a compiler feature that eluded industry standard validation and verification tools within an existing DevOps pipeline. The bug was discovered while adapting the GNAT Ada runtime code to take advantage of CHERI and the subsequent use of a recently devised sanity check test using an emulated Morello target, catching it before being merged into a released product.
Paul Butcher, UK Programme Manager, AdaCore said: “AdaCore provides high-assurance software development tools for safety and security-critical platforms. We’ve been closely following the Morello CHERI work and are now involved in the Digital Security by Design initiative via the GE Aerospace primed Edge Avionics project. This has allowed AdaCore engineering to explore CHERI’s benefits fully.
“Moving forward, we see two clear benefits for CHERI-based ISAs. The first is safeguarding against memory corruption-related vulnerability exploits by ensuring deployed applications fail secure. The second is an advanced vulnerability detection mechanism that pushes the state-of-the art with dynamic analysis testing; we’ve seen examples of where CHERI can find vulnerabilities that Valgrind-related tooling and other runtime tools like AddressSanitizer (ASan) cannot. In addition, we’re also predicting low effort in porting existing Ada code over to CHERI-based architectures. The utilisation of advanced CHERI hardware instruction set architectures ensures security by design and adds an invaluable low-level security layer to platform development.”
The Digital Security by Design Programme (DSbD) is seeking to provide support to developers at the foundational level with a technology enhancement in the central processor, known as CHERI.
CHERI has the potential to prevent around 70% of ongoing vulnerabilities from exploitation while providing new software methods to help maintain the operational resilience and integrity of an application.
