中文 English

Capability Hardware Enhanced RISC Instructions (CHERI) For Verification, With Better Memory Safety (Oxford)


A technical paper titled "A Formal CHERI-C Semantics for Verification" was published by researchers at University of Oxford. Abstract: "CHERI-C extends the C programming language by adding hardware capabilities, ensuring a certain degree of memory safety while remaining efficient. Capabilities can also be employed for higher-level security measures, such as software compartmentalization, ... » read more

Memory-Based Cyberattacks Become More Complex, Difficult To Detect


Memories are becoming entry points for cyber attacks, raising concerns about system-level security because memories are nearly ubiquitous in electronics and breaches are difficult to detect. There is no end in sight with hackers taking aim at almost every consumer, industrial, and commercial segment, and a growing number of those devices connected to the internet and to each other. According... » read more

Capabilities In CAP, CHERI, And Morello


At the recent Arm DevSummit, one of the presentations mentioned CHERI and the Arm Morello board in passing. This was in the context of using capabilities (perhaps) in some future Arm processors to increase the amount of memory safety, and to protect against vulnerabilities like Spectre and Meltdown. I'd never heard of either, so I was intrigued and decided to look into the details. But the f... » read more