Arm and University of Cambridge CHERI-pick ultra secure technology


Cambridge superchip architect Arm, the University of Cambridge and industry leaders have hit a major milestone by creating hardware ready for testing under their Morello research program – designed to produce the most secure software of its type ever seen.

The prototype architecture is genuinely ‘Arm-our’ plated. An Arm-based SoC and demonstrator board specially produced by the partners will now be put through its paces by world-class software developers and security specialists – including wizards from Google and Microsoft.

Securing the world’s data will be one of the greatest technology challenges over the next decade of compute. This is why Arm has been collaborating with the University of Cambridge for several years on its CHERI architecture, which defines hardware capabilities that would provide a fundamentally more secure building block for software.

The Morello program, a five-year research initiative, involving a consortium led by Arm, was the result of this collaboration and aims to design a new, inherently more secure, Arm-based computing platform for the future. 

As a major part of this comprehensive research project, Arm has designed and built a system on a chip (SoC) and demonstrator board which contains the first example of the Morello prototype architecture. 

The boards are now being released, on schedule, and are ready for software developers and security specialists to start using the Morello architecture to demonstrate the enhanced security that can be achieved with hardware capabilities. 

The limited edition boards are based on the Morello prototype architecture embedded into an Armv8.2-A processor (an adaptation of the Arm Neoverse N1 processor). The boards are being distributed to major stakeholders such as Google and Microsoft as well as to interested partners across the industry and academia via the UKRI Digital Security by Design (DSbD) initiative. 

Richard Grisenthwaite, SVP, chief architect and Fellow at Arm, says: “These partners represent a broad ecosystem of specialists to test the hypothesis of Morello and discover if this is a viable security architecture that could benefit both businesses and consumers in the future. 

“For any research project, this phase is both exciting and critical. There has never been a silicon implementation of this hardware capability technology in a high-performance CPU. The Morello prototype board opens up many new opportunities for researchers to evaluate and test security benefits in real-world scenarios. 

“Arm is working with established partners and software ecosystems to use these prototype systems to develop enhanced security solutions that we hope will ultimately impact a vast range of applications.”

Microsoft and Google are excited at the future prospects for the product in a global security sphere.

Ben Laurie, principal engineer for security at Google Research, says: “Computers are incredibly useful but the price we pay for that utility is more and more exposure to security and privacy issues. 

“CHERI can allow for better, more cost-effective protection without reduced performance and Arm’s Morello prototype can help mitigate security issues showing the way to a better future for all computer users – in other words, pretty much everyone.” 

And David Weston, director of Enterprise and OS Security for Microsoft, added: “Memory safety exploits are one of the longest standing and most challenging problems in all of software security. Using core silicon architecture to eliminate whole classes of security issues with minimal performance impact has the opportunity to be transformative with massive positive impact; I am incredibly excited about the Morello project.” 

The DSbD initiative has allowed Arm to invest significant resources into developing this promising technology. 

Grisenthwaite said: “If we are to rethink a foundational architecture that has been around for years, we must work with the wider ecosystem as collaboration continues to be a key driving force for security.

“The next two years will see the ecosystem testing, writing code and collaboratively providing critical feedback to determine whether any features will be used in future versions of the Arm architecture.

“If the Morello prototype architecture performs as expected, it will be fundamental in future processor designs – protecting businesses, individuals and the devices of tomorrow.”