Uploaded bymikeeftimakis1
75 views

Introduction to CHERI technology - Cybersecurity

The document discusses the increasing costs and risks associated with cybersecurity vulnerabilities, highlighting the limitations of current memory protection strategies. It introduces CHERI technology as a solution that utilizes hardware-enforced fine-grained memory protection to drastically improve system security. CHERI enables safe compartmentalization, requiring minimal software changes while preventing attacks and ensuring high performance.

Embed presentation

Download to read offline
Alliance Alliance CHERI technology overview A Q U I C K I N T R O D U C T I O N
Alliance Data breaches are very costly 6X ~$10T >$500M Cost of addressing Heartbleed buffer overflow vulnerability Worldwide cost estimate of cyberattacks per year (and growing fast) Increase in firmware attacks reported by NIST between 2017 and 2024 P U B L I C 2
Alliance Vulnerabilities are causing increasing pain 0 5000 10000 15000 20000 25000 30000 35000 40000 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 P U B L I C 3 Number of reported CVEs Source: Mitre
Alliance Memory safety is necessary P U B L I C 4 • Memory abuse (e.g. buffer overflows) is the main attack vector • Constant ratio of over the past 20 years • … even with all the work done on software to avoid this! CHERI solves this!
Alliance Impossible to re-write software to fix the problem Application code In-house libraries 3rd-party binary code 3rd -party source libraries Open- source libraries Developed in-house Developed by other companies Open-source RTOS / Linux Runtime image Huge amount of legacy C/C++ code at risk P U B L I C 5
Alliance Possible solutions for memory safety • Use “memory safe” languages like Rust or .Net • Requires rewriting trillions of lines of C/C++ code • Possible for new code, but no compartmentalisation • Use “coarse-grained” techniques like stack “canaries” to detect issues • Helpful, but they statistically leave too many holes • Hacking techniques already developed • Use “fine-grained” techniques like CHERI • Best option, but needs new hardware
Alliance Memory safety becomes a key topic P U B L I C 7 Highlights CHERI as a solution
Alliance Introducing CHERI technology C apability H ardware E nhanced R ISC I nstructions P U B L I C 8
Alliance CHERI Fine-grained memory protection Revisits fundamental design choices in hardware and software to dramatically improve system security Extend conventional hardware ISAs • Memory protection • Scalable compartmentalization P U B L I C 9
Alliance What makes CHERI different? Previous solutions Problem CHERI Security control Statistical • “likely” to detect a problem Targeted attacks bypass protection Some problems detected too late Systematic • 100% coverage Enforcement Some complex, disparate hardware features, no coherency across architectures Rely on “trusted” software and/or explicit checks Additional complexity Software can be hacked (and has been…) Hardware-enforced • Simple, holistic protection • No way to bypass by software (unforgeable tags) Software impact High impact on software • A lot of additional code needed to protect and isolate • Need best security experts to review all software stack • Often need to rewrite code Difficult to catch all issues Reduce performance and increase code size Experts are scarce Extremely low software impact • Need recompilation • Adapt some very low-level code Type of solution Reactive • Fix problem if vulnerability discovered Proactive solution possible (but uneconomical) Huge exploitable attack surface, susceptible to 0-day attacks Most systems are not upgraded immediately / regularly Preventive • Protects against existing and to- be-designed attacks on memory P U B L I C 1 0
Alliance Main memory issues with C/C++ • Possible to access memory out of expected buffers • Access confidential data • Modify / delete critical data or code • Inject malware code • Spy on communications • Erase traces of attack • Functions cannot protect their data from each other • Only works when the software can be trusted • Enable privilege escalation P U B L I C 1 1 Need memory safety Need compartmentalization
Alliance Spatial memory safety • Replacing pointers by capabilities – with hardware control Data buffer Other data… Pointer Pointer + offset Out of bounds access = danger! Capability Bounded box Out of bounds access impossible Data buffer Other data… Without CHERI With CHERI P U B L I C 1 2
Alliance Bounded box Compartmentalization • Capabilities belong to an identified function / execution context App 1 App 2 App 3 Middleware … OS HAL / Security Compartmentalization – CHERI can sandbox critical functions to avoid attacks Data belongs to the function Software stack P U B L I C 1 3
Alliance CHERI relies on hardware protection • CHERI requires adapted processor • Can be applied to many types of core • Hardware-enforced security • Impossible to bypass by software • Formally proven • Reuse existing code • Just recompile application • Choose which part to protect • Benefit from CHERI • Rejects dangerous code • Create CHERI compartments for critical code Processor CHERI HW support Existing C code CHERI- enabled compiler P U B L I C 1 4
Alliance CHERI has a positive impact • Limited costs • Area impact • Processor only 4% larger* • Similar power consumption • Similar performance** • Memory impact • Small area for tag storage • Double size for pointers (mostly impacts stack) • No change on data storage requirements • Software development • Need adapted tools (open-source available) • Less than 0.5% application code*** to adapt • Need recompilation • OS / low-level drivers need work (but done once) • Huge gains • Memory safety! • Save in patching costs • Compiler detects mistakes in existing code • Performance gains**** • Remove or simplify software-based mechanisms (TEE, compartmentalization, security modes, …) • Eliminate context switching in hypervisor • Reduce code, improve execution speed • Fast, low-risk integration of unsafe code • Save security experts’ time • Not wasting it on bug hunting… P U B L I C 1 5 * Real data from Codasip – Comparing the same commercial processor with/without CHERI ** Slight degradation for chips with low-bandwidth internal bus (i.e. less than 128bit) *** Real data from application porting **** Requires OS / security mechanisms adaptation (done once, usually by the ecosystem) CHERI Alliance will help by stimulating the ecosystem to adapt OS / software / tools
Alliance CHERI has already got strong supporters P U B L I C 1 6
Alliance CHERI projects • A number of prototypes / proof of concept have been released • Proof of concept • Open-source / prototype • Commercial • Some OS have been ported to CHERI (Free RTOS, FreeBSD…) P U B L I C 1 7
Alliance Quotes “The CHERI architecture's support for fine- grain memory protection and scalable compartmentalization promises to revolutionise our ability to protect personal data and provide strong defences against malware on mobile devices and in the cloud.” Ben Laurie, Director of Security at Google Research P U B L I C 1 8
Alliance Alliance Web: www.cheri-alliance.net P U B L I C 1 9

More Related Content

PPTX
CHERI-seL4: Enhancing seL4’s C/C++ userspace memory safety using CHERI
byHesham Almatary
 
PPTX
Software Security OS Porting to CHERI - A Secure By Design Approach
byHesham Almatary
 
PDF
Digital Security by Design: How software works on CHERI - Robert Watson, Uni...
byKTN
 
PDF
CHERI Capability Hardware Enhanced RISC Instructions - Architecture and Softw...
byKTN
 
PDF
Digital Security by Design: CHERI-RISC-V - Simon Moore, University of Cambridge
byKTN
 
PDF
Digital Security by Design: Security and Legacy at Microsoft - Matthew Parkin...
byKTN
 
PDF
Digital Security by Design: Background to Capabilities - Robert Watson, Unive...
byKTN
 
PDF
Towards using Capability Machines for Secure Compilation - CHERI
byAkram El-Korashy
 
CHERI-seL4: Enhancing seL4’s C/C++ userspace memory safety using CHERI
byHesham Almatary
 
Software Security OS Porting to CHERI - A Secure By Design Approach
byHesham Almatary
 
Digital Security by Design: How software works on CHERI - Robert Watson, Uni...
byKTN
 
CHERI Capability Hardware Enhanced RISC Instructions - Architecture and Softw...
byKTN
 
Digital Security by Design: CHERI-RISC-V - Simon Moore, University of Cambridge
byKTN
 
Digital Security by Design: Security and Legacy at Microsoft - Matthew Parkin...
byKTN
 
Digital Security by Design: Background to Capabilities - Robert Watson, Unive...
byKTN
 
Towards using Capability Machines for Secure Compilation - CHERI
byAkram El-Korashy
 

Similar to Introduction to CHERI technology - Cybersecurity

PPT
6.Resource Exhaustion
byphanleson
 
PDF
Embedded Systems Security: Building a More Secure Device
byPriyanka Aash
 
PPT
Software security
byRoman Oliynykov
 
PPTX
Computer Organization and Design
byRa'Fat Al-Msie'deen
 
PPT
Mano PPT for introduction Computer Architecture .ppt
bysudhansh5
 
PPT
basics of computer architecture and introduction.ppt
byPramodKumar446197
 
PDF
Object Capability Model for Tee: A Cheri Based Compartmentalization Approach
byClaraZara1
 
PDF
OBJECT CAPABILITY MODEL FOR TEE: A CHERI BASED COMPARTMENTALIZATION APPROACH
byijsptm
 
PDF
ISY102 lecture 3.pdfssadsadsadsadsadsadsadasd
bycagalitankylezy
 
PPT
lectionaboutpcarchitectureand desighn.ppt
byManukHaykazyan1
 
PPTX
Computer architecture
byAbash shah
 
PDF
Embedded Systems Security: Building a More Secure Device
byPriyanka Aash
 
PPTX
Ice Age melting down: Intel features considered usefull!
byPeter Hlavaty
 
PPTX
Digital Security by Design: ISCF Digital Security by Design Research Projects...
byKTN
 
PDF
Object Capability Model for Tee: A Cheri Based Compartmentalization Approach
byClaraZara1
 
DOCX
SECURITY SOFTWARE RESOLIUTIONS (SSR) .docx
bybagotjesusa
 
PPTX
BlueHat v17 || Raising the Bar: New Hardware Primitives for Exploit Mitigations
byBlueHat Security Conference
 
PPT
lec01_intr architecture com computeo.ppt
bycompengwaelalahmar
 
PDF
Kernel Recipes 2018 - Zinc: minimal lightweight crypto API - Jason Donenfeld
byAnne Nicolas
 
PDF
Digital Security by Design: Formal modelling of, and reasoning about, CHERI -...
byKTN
 
6.Resource Exhaustion
byphanleson
 
Embedded Systems Security: Building a More Secure Device
byPriyanka Aash
 
Software security
byRoman Oliynykov
 
Computer Organization and Design
byRa'Fat Al-Msie'deen
 
Mano PPT for introduction Computer Architecture .ppt
bysudhansh5
 
basics of computer architecture and introduction.ppt
byPramodKumar446197
 
Object Capability Model for Tee: A Cheri Based Compartmentalization Approach
byClaraZara1
 
OBJECT CAPABILITY MODEL FOR TEE: A CHERI BASED COMPARTMENTALIZATION APPROACH
byijsptm
 
ISY102 lecture 3.pdfssadsadsadsadsadsadsadasd
bycagalitankylezy
 
lectionaboutpcarchitectureand desighn.ppt
byManukHaykazyan1
 
Computer architecture
byAbash shah
 
Embedded Systems Security: Building a More Secure Device
byPriyanka Aash
 
Ice Age melting down: Intel features considered usefull!
byPeter Hlavaty
 
Digital Security by Design: ISCF Digital Security by Design Research Projects...
byKTN
 
Object Capability Model for Tee: A Cheri Based Compartmentalization Approach
byClaraZara1
 
SECURITY SOFTWARE RESOLIUTIONS (SSR) .docx
bybagotjesusa
 
BlueHat v17 || Raising the Bar: New Hardware Primitives for Exploit Mitigations
byBlueHat Security Conference
 
lec01_intr architecture com computeo.ppt
bycompengwaelalahmar
 
Kernel Recipes 2018 - Zinc: minimal lightweight crypto API - Jason Donenfeld
byAnne Nicolas
 
Digital Security by Design: Formal modelling of, and reasoning about, CHERI -...
byKTN
 

Recently uploaded

PPT
software-security-intro in information security.ppt
byismaeelsahib032
 
PDF
December Patch Tuesday
byIvanti
 
PPTX
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
PDF
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
PDF
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
PDF
Cybersecurity: Safeguarding Digital Assets
byYasir Naveed Riaz
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
DOCX
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
PPTX
Cloud-and-AI-Platform-FY26-Partner-Playbook.pptx
byiuiuiuiu1
 
PDF
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
PPTX
Protecting Data in an AI Driven World - Cybersecurity in 2026
byYasir Naveed Riaz
 
PDF
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
PPTX
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
PPTX
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
PDF
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
PDF
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
PPTX
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
PPTX
Data Privacy and Protection: Safeguarding Information in a Connected World
byYasir Naveed Riaz
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PPTX
Cybercrime in the Digital Age: Risks, Impact & Protection
byYasir Naveed Riaz
 
software-security-intro in information security.ppt
byismaeelsahib032
 
December Patch Tuesday
byIvanti
 
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
Cybersecurity: Safeguarding Digital Assets
byYasir Naveed Riaz
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
Cloud-and-AI-Platform-FY26-Partner-Playbook.pptx
byiuiuiuiu1
 
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
Protecting Data in an AI Driven World - Cybersecurity in 2026
byYasir Naveed Riaz
 
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
Data Privacy and Protection: Safeguarding Information in a Connected World
byYasir Naveed Riaz
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
Cybercrime in the Digital Age: Risks, Impact & Protection
byYasir Naveed Riaz
 

Introduction to CHERI technology - Cybersecurity

  • 1.
    Alliance Alliance CHERI technology overview A QU I C K I N T R O D U C T I O N
  • 2.
    Alliance Data breaches arevery costly 6X ~$10T >$500M Cost of addressing Heartbleed buffer overflow vulnerability Worldwide cost estimate of cyberattacks per year (and growing fast) Increase in firmware attacks reported by NIST between 2017 and 2024 P U B L I C 2
  • 3.
    Alliance Vulnerabilities are causingincreasing pain 0 5000 10000 15000 20000 25000 30000 35000 40000 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 P U B L I C 3 Number of reported CVEs Source: Mitre
  • 4.
    Alliance Memory safety isnecessary P U B L I C 4 • Memory abuse (e.g. buffer overflows) is the main attack vector • Constant ratio of over the past 20 years • … even with all the work done on software to avoid this! CHERI solves this!
  • 5.
    Alliance Impossible to re-writesoftware to fix the problem Application code In-house libraries 3rd-party binary code 3rd -party source libraries Open- source libraries Developed in-house Developed by other companies Open-source RTOS / Linux Runtime image Huge amount of legacy C/C++ code at risk P U B L I C 5
  • 6.
    Alliance Possible solutions formemory safety • Use “memory safe” languages like Rust or .Net • Requires rewriting trillions of lines of C/C++ code • Possible for new code, but no compartmentalisation • Use “coarse-grained” techniques like stack “canaries” to detect issues • Helpful, but they statistically leave too many holes • Hacking techniques already developed • Use “fine-grained” techniques like CHERI • Best option, but needs new hardware
  • 7.
    Alliance Memory safety becomesa key topic P U B L I C 7 Highlights CHERI as a solution
  • 8.
    Alliance Introducing CHERI technology C apability Hardware E nhanced R ISC I nstructions P U B L I C 8
  • 9.
    Alliance CHERI Fine-grained memory protection Revisitsfundamental design choices in hardware and software to dramatically improve system security Extend conventional hardware ISAs • Memory protection • Scalable compartmentalization P U B L I C 9
  • 10.
    Alliance What makes CHERIdifferent? Previous solutions Problem CHERI Security control Statistical • “likely” to detect a problem Targeted attacks bypass protection Some problems detected too late Systematic • 100% coverage Enforcement Some complex, disparate hardware features, no coherency across architectures Rely on “trusted” software and/or explicit checks Additional complexity Software can be hacked (and has been…) Hardware-enforced • Simple, holistic protection • No way to bypass by software (unforgeable tags) Software impact High impact on software • A lot of additional code needed to protect and isolate • Need best security experts to review all software stack • Often need to rewrite code Difficult to catch all issues Reduce performance and increase code size Experts are scarce Extremely low software impact • Need recompilation • Adapt some very low-level code Type of solution Reactive • Fix problem if vulnerability discovered Proactive solution possible (but uneconomical) Huge exploitable attack surface, susceptible to 0-day attacks Most systems are not upgraded immediately / regularly Preventive • Protects against existing and to- be-designed attacks on memory P U B L I C 1 0
  • 11.
    Alliance Main memory issueswith C/C++ • Possible to access memory out of expected buffers • Access confidential data • Modify / delete critical data or code • Inject malware code • Spy on communications • Erase traces of attack • Functions cannot protect their data from each other • Only works when the software can be trusted • Enable privilege escalation P U B L I C 1 1 Need memory safety Need compartmentalization
  • 12.
    Alliance Spatial memory safety •Replacing pointers by capabilities – with hardware control Data buffer Other data… Pointer Pointer + offset Out of bounds access = danger! Capability Bounded box Out of bounds access impossible Data buffer Other data… Without CHERI With CHERI P U B L I C 1 2
  • 13.
    Alliance Bounded box Compartmentalization • Capabilities belongto an identified function / execution context App 1 App 2 App 3 Middleware … OS HAL / Security Compartmentalization – CHERI can sandbox critical functions to avoid attacks Data belongs to the function Software stack P U B L I C 1 3
  • 14.
    Alliance CHERI relies onhardware protection • CHERI requires adapted processor • Can be applied to many types of core • Hardware-enforced security • Impossible to bypass by software • Formally proven • Reuse existing code • Just recompile application • Choose which part to protect • Benefit from CHERI • Rejects dangerous code • Create CHERI compartments for critical code Processor CHERI HW support Existing C code CHERI- enabled compiler P U B L I C 1 4
  • 15.
    Alliance CHERI has apositive impact • Limited costs • Area impact • Processor only 4% larger* • Similar power consumption • Similar performance** • Memory impact • Small area for tag storage • Double size for pointers (mostly impacts stack) • No change on data storage requirements • Software development • Need adapted tools (open-source available) • Less than 0.5% application code*** to adapt • Need recompilation • OS / low-level drivers need work (but done once) • Huge gains • Memory safety! • Save in patching costs • Compiler detects mistakes in existing code • Performance gains**** • Remove or simplify software-based mechanisms (TEE, compartmentalization, security modes, …) • Eliminate context switching in hypervisor • Reduce code, improve execution speed • Fast, low-risk integration of unsafe code • Save security experts’ time • Not wasting it on bug hunting… P U B L I C 1 5 * Real data from Codasip – Comparing the same commercial processor with/without CHERI ** Slight degradation for chips with low-bandwidth internal bus (i.e. less than 128bit) *** Real data from application porting **** Requires OS / security mechanisms adaptation (done once, usually by the ecosystem) CHERI Alliance will help by stimulating the ecosystem to adapt OS / software / tools
  • 16.
    Alliance CHERI has alreadygot strong supporters P U B L I C 1 6
  • 17.
    Alliance CHERI projects • Anumber of prototypes / proof of concept have been released • Proof of concept • Open-source / prototype • Commercial • Some OS have been ported to CHERI (Free RTOS, FreeBSD…) P U B L I C 1 7
  • 18.
    Alliance Quotes “The CHERI architecture'ssupport for fine- grain memory protection and scalable compartmentalization promises to revolutionise our ability to protect personal data and provide strong defences against malware on mobile devices and in the cloud.” Ben Laurie, Director of Security at Google Research P U B L I C 1 8
  • 19.