Most organizations are aware of cybercrime attempts such as phishing, installing malware from dodgy websites or ransomware attacks and undertake countermeasures. However, relatively little attention has been given to memory safety vulnerabilities such as buffer overflows or over-reads. For decades, the industry has created billions of lines of C & C++ code but addressing the resulting memory safety risks has been a tough challenge.
Each year, Microsoft lists vulnerabilities (CVE*) reported after analyzing cyberattacks. It appears that ~70% of them are caused by memory safety issues. At Codasip we are convinced that the way CHERI technology revisits fundamental design choices in hardware and software will prevent this problem, and significantly improve system security. Building on our Custom Compute approach, we are implementing CHERI technology into our RISC-V cores to provide our customers with safe and secure solutions. This webinar will take a closer look into how we implement this technology across our product line.
Capability Hardware Enhanced RISC Instructions. As defined by the University of Cambridge, CHERI extends conventional hardware Instruction-Set Architectures (ISAs) with new architectural features to enable fine-grained memory protection and highly scalable software compartmentalization.
CHERI is implemented through our EDA tool, Codasip Studio. Using Codasip Studio, we have added built-in, fine-grained memory protection by extending the RISC-V ISA with CHERI-based custom instructions. This allows for 100% coverage in checking for memory errors using fine-grained memory protection against software attacks and programming errors. CHERI technology provides built-in CPU logic to check read/write permissions and unalterable hardware capabilities protect against known and future vulnerabilities. All of this at just a small increase in area and a low impact on performance. Our solution also allows for just critical areas of code to be recompiled.
Codasip’s CHERI technology recently won the award in the Safety & Security category at the embedded world Exhibition&Conference.
With the rise of cybersecurity threats, the susceptibility of software coded in memory unsafe languages is a significant worry. CHERI, a deterministic hardware-based security method, tackles two crucial areas: a) ensuring memory safety, and b) enabling scalable compartmentalization. Studies suggest that these areas cover approximately 74% of severe CVEs in Linux. Notably, devastating vulnerabilities like Heartbleed could have been averted with CHERI.
Having undergone over a decade of research, CHERI stands as a mature technology. At Codasip we have taken the initiative to develop the first commercially licensed processor IP core featuring CHERI. Leveraging RISC-V serves as an excellent foundation for integrating CHERI instructions into the ISA.
Codasip is a processor solutions company which uniquely helps developers to differentiate their products. We are Europe’s leading RISC-V company with a global presence. Billions of chips already use our technology.
We deliver custom compute through the combination of the open RISC-V ISA, Codasip Studio processor design automation and high-quality processor IP. Our innovative approach lets you easily customize and differentiate your designs. You can develop high-performing, and game-changing products that are truly transformational.
Also Read:
How Codasip Unleashed CHERI and Created a Paradigm Shift for Secured Innovation
RISC-V Summit Buzz – Ron Black Unveils Codasip’s Paradigm Shift for Secured Innovation
Extending RISC-V for accelerating FIR and median filters
Share this post via:
Comments
There are no comments yet.
You must register or log in to view/post comments.