SlideShare a Scribd company logo
Alliance
Alliance
CHERI technology
overview
A Q U I C K I N T R O D U C T I O N
Alliance
Data breaches are very costly
6X ~$10T
>$500M
Cost of addressing
Heartbleed buffer overflow
vulnerability
Worldwide cost estimate of
cyberattacks per year
(and growing fast)
Increase in firmware
attacks reported by NIST
between 2017 and 2024
P U B L I C 2
Alliance
Vulnerabilities are causing increasing pain
0
5000
10000
15000
20000
25000
30000
35000
40000
2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024
P U B L I C 3
Number
of
reported
CVEs
Source: Mitre
Alliance
Memory safety is necessary
P U B L I C 4
• Memory abuse (e.g. buffer overflows) is the main attack vector
• Constant ratio of over the past 20 years
• … even with all the work done on software to avoid this!
CHERI
solves
this!
Alliance
Impossible to re-write software to fix the problem
Application
code
In-house
libraries
3rd-party
binary code
3rd
-party
source
libraries
Open-
source
libraries
Developed in-house Developed by other companies Open-source
RTOS /
Linux
Runtime
image
Huge amount of legacy
C/C++ code at risk
P U B L I C 5
Alliance
Possible solutions for memory safety
• Use “memory safe” languages like Rust or .Net
• Requires rewriting trillions of lines of C/C++ code
• Possible for new code, but no compartmentalisation
• Use “coarse-grained” techniques like stack “canaries” to detect issues
• Helpful, but they statistically leave too many holes
• Hacking techniques already developed
• Use “fine-grained” techniques like CHERI
• Best option, but needs new hardware
Alliance
Memory safety becomes a key topic
P U B L I C 7
Highlights
CHERI as
a solution
Alliance
Introducing CHERI
technology
C apability
H ardware
E nhanced
R ISC
I nstructions
P U B L I C 8
Alliance
CHERI
Fine-grained memory protection
Revisits fundamental design choices in hardware and software to
dramatically improve system security
Extend conventional hardware ISAs
• Memory protection
• Scalable compartmentalization
P U B L I C 9
Alliance
What makes CHERI different?
Previous solutions Problem CHERI
Security
control
Statistical
• “likely” to detect a problem
Targeted attacks bypass protection
Some problems detected too late
Systematic
• 100% coverage
Enforcement
Some complex, disparate hardware features, no
coherency across architectures
Rely on “trusted” software and/or explicit checks
Additional complexity
Software can be hacked (and has
been…)
Hardware-enforced
• Simple, holistic protection
• No way to bypass by software
(unforgeable tags)
Software
impact
High impact on software
• A lot of additional code needed to protect and
isolate
• Need best security experts to review all
software stack
• Often need to rewrite code
Difficult to catch all issues
Reduce performance and increase
code size
Experts are scarce
Extremely low software impact
• Need recompilation
• Adapt some very low-level code
Type of
solution
Reactive
• Fix problem if vulnerability discovered
Proactive solution possible (but uneconomical)
Huge exploitable attack surface,
susceptible to 0-day attacks
Most systems are not upgraded
immediately / regularly
Preventive
• Protects against existing and to-
be-designed attacks on memory
P U B L I C 1 0
Alliance
Main memory issues with C/C++
• Possible to access memory out of expected buffers
• Access confidential data
• Modify / delete critical data or code
• Inject malware code
• Spy on communications
• Erase traces of attack
• Functions cannot protect their data from each other
• Only works when the software can be trusted
• Enable privilege escalation
P U B L I C 1 1
Need memory safety
Need compartmentalization
Alliance
Spatial memory safety
• Replacing pointers by capabilities – with hardware control
Data buffer
Other data…
Pointer
Pointer + offset
Out of bounds
access = danger!
Capability
Bounded
box
Out of bounds access
impossible
Data buffer
Other data…
Without CHERI With CHERI
P U B L I C 1 2
Alliance
Bounded
box
Compartmentalization
• Capabilities belong to an identified function / execution context
App 1 App 2 App 3
Middleware …
OS
HAL / Security
Compartmentalization – CHERI can sandbox
critical functions to avoid attacks
Data belongs to
the function
Software stack
P U B L I C 1 3
Alliance
CHERI relies on hardware protection
• CHERI requires adapted processor
• Can be applied to many types of core
• Hardware-enforced security
• Impossible to bypass by software
• Formally proven
• Reuse existing code
• Just recompile application
• Choose which part to protect
• Benefit from CHERI
• Rejects dangerous code
• Create CHERI compartments for critical code
Processor
CHERI HW
support
Existing
C code CHERI-
enabled
compiler
P U B L I C 1 4
Alliance
CHERI has a positive impact
• Limited costs
• Area impact
• Processor only 4% larger*
• Similar power consumption
• Similar performance**
• Memory impact
• Small area for tag storage
• Double size for pointers (mostly impacts stack)
• No change on data storage requirements
• Software development
• Need adapted tools (open-source available)
• Less than 0.5% application code*** to adapt
• Need recompilation
• OS / low-level drivers need work (but done once)
• Huge gains
• Memory safety!
• Save in patching costs
• Compiler detects mistakes in existing code
• Performance gains****
• Remove or simplify software-based mechanisms
(TEE, compartmentalization, security modes, …)
• Eliminate context switching in hypervisor
• Reduce code, improve execution speed
• Fast, low-risk integration of unsafe code
• Save security experts’ time
• Not wasting it on bug hunting…
P U B L I C 1 5
* Real data from Codasip – Comparing the same commercial processor with/without CHERI
** Slight degradation for chips with low-bandwidth internal bus (i.e. less than 128bit)
*** Real data from application porting
**** Requires OS / security mechanisms adaptation (done once, usually by the ecosystem)
CHERI Alliance will help by stimulating the
ecosystem to adapt OS / software / tools
Alliance
CHERI has already got strong supporters
P U B L I C 1 6
Alliance
CHERI projects
• A number of prototypes / proof of concept have been released
• Proof of concept
• Open-source / prototype
• Commercial
• Some OS have been ported to CHERI (Free RTOS, FreeBSD…)
P U B L I C 1 7
Alliance
Quotes
“The CHERI architecture's support for fine-
grain memory protection and scalable
compartmentalization promises to
revolutionise our ability to protect personal
data and provide strong defences against
malware on mobile devices and in the
cloud.”
Ben Laurie, Director of Security at Google Research
P U B L I C 1 8
Alliance
Alliance
Web: www.cheri-alliance.net
P U B L I C 1 9

More Related Content

Similar to Introduction to CHERI technology - Cybersecurity

chap-1 : Vulnerabilities in Information Systems
chap-1 : Vulnerabilities in Information Systemschap-1 : Vulnerabilities in Information Systems
chap-1 : Vulnerabilities in Information Systems
KashfUlHuda1
 
Brief Tour about Android Security
Brief Tour about Android SecurityBrief Tour about Android Security
Brief Tour about Android Security
National Cheng Kung University
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Qualcomm Developer Network
 
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Denim Group
 
IBM i Security Best Practices
IBM i Security Best PracticesIBM i Security Best Practices
IBM i Security Best Practices
Precisely
 
Zephyr-Overview-20230124.pdf
Zephyr-Overview-20230124.pdfZephyr-Overview-20230124.pdf
Zephyr-Overview-20230124.pdf
ibramax
 
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
Priyanka Aash
 
Overcoming software development challenges by using an integrated software fr...
Overcoming software development challenges by using an integrated software fr...Overcoming software development challenges by using an integrated software fr...
Overcoming software development challenges by using an integrated software fr...
Design World
 
LCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solutionLCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solution
Linaro
 
ch4-Software is Everywhere
ch4-Software is Everywherech4-Software is Everywhere
ch4-Software is Everywhere
ssuser06ea42
 
The How and Why of Container Vulnerability Management
The How and Why of Container Vulnerability ManagementThe How and Why of Container Vulnerability Management
The How and Why of Container Vulnerability Management
Tim Mackey
 
The How and Why of Container Vulnerability Management
The How and Why of Container Vulnerability ManagementThe How and Why of Container Vulnerability Management
The How and Why of Container Vulnerability Management
Black Duck by Synopsys
 
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Sean Whalen
 
E.s unit 6
E.s unit 6E.s unit 6
E.s unit 6
Sneha Chopra
 
Remote security with Red Hat Enterprise Linux
Remote security with Red Hat Enterprise LinuxRemote security with Red Hat Enterprise Linux
Remote security with Red Hat Enterprise Linux
Giuseppe Paterno'
 
Secure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous DeliverySecure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous Delivery
Tim Mackey
 
Secure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous DeliverySecure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous Delivery
Black Duck by Synopsys
 
Building your macOS Baseline Requirements MacadUK 2018
Building your macOS Baseline Requirements MacadUK 2018Building your macOS Baseline Requirements MacadUK 2018
Building your macOS Baseline Requirements MacadUK 2018
Henry Stamerjohann
 
Trusted Computing _plate form_ model.ppt
Trusted Computing _plate form_ model.pptTrusted Computing _plate form_ model.ppt
Trusted Computing _plate form_ model.ppt
naghamallella
 
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
team-WIBU
 

Similar to Introduction to CHERI technology - Cybersecurity (20)

chap-1 : Vulnerabilities in Information Systems
chap-1 : Vulnerabilities in Information Systemschap-1 : Vulnerabilities in Information Systems
chap-1 : Vulnerabilities in Information Systems
 
Brief Tour about Android Security
Brief Tour about Android SecurityBrief Tour about Android Security
Brief Tour about Android Security
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
 
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
 
IBM i Security Best Practices
IBM i Security Best PracticesIBM i Security Best Practices
IBM i Security Best Practices
 
Zephyr-Overview-20230124.pdf
Zephyr-Overview-20230124.pdfZephyr-Overview-20230124.pdf
Zephyr-Overview-20230124.pdf
 
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...
 
Overcoming software development challenges by using an integrated software fr...
Overcoming software development challenges by using an integrated software fr...Overcoming software development challenges by using an integrated software fr...
Overcoming software development challenges by using an integrated software fr...
 
LCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solutionLCA14: LCA14-502: The way to a generic TrustZone® solution
LCA14: LCA14-502: The way to a generic TrustZone® solution
 
ch4-Software is Everywhere
ch4-Software is Everywherech4-Software is Everywhere
ch4-Software is Everywhere
 
The How and Why of Container Vulnerability Management
The How and Why of Container Vulnerability ManagementThe How and Why of Container Vulnerability Management
The How and Why of Container Vulnerability Management
 
The How and Why of Container Vulnerability Management
The How and Why of Container Vulnerability ManagementThe How and Why of Container Vulnerability Management
The How and Why of Container Vulnerability Management
 
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
Open Secrets of the Defense Industry: Building Your Own Intelligence Program ...
 
E.s unit 6
E.s unit 6E.s unit 6
E.s unit 6
 
Remote security with Red Hat Enterprise Linux
Remote security with Red Hat Enterprise LinuxRemote security with Red Hat Enterprise Linux
Remote security with Red Hat Enterprise Linux
 
Secure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous DeliverySecure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous Delivery
 
Secure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous DeliverySecure Application Development in the Age of Continuous Delivery
Secure Application Development in the Age of Continuous Delivery
 
Building your macOS Baseline Requirements MacadUK 2018
Building your macOS Baseline Requirements MacadUK 2018Building your macOS Baseline Requirements MacadUK 2018
Building your macOS Baseline Requirements MacadUK 2018
 
Trusted Computing _plate form_ model.ppt
Trusted Computing _plate form_ model.pptTrusted Computing _plate form_ model.ppt
Trusted Computing _plate form_ model.ppt
 
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
 

Recently uploaded

The Path to General-Purpose Robots - Coatue
The Path to General-Purpose Robots - CoatueThe Path to General-Purpose Robots - Coatue
The Path to General-Purpose Robots - Coatue
Razin Mustafiz
 
Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17
Bhajan Mehta
 
Sonkoloniya documentation - ONEprojukti.pdf
Sonkoloniya documentation - ONEprojukti.pdfSonkoloniya documentation - ONEprojukti.pdf
Sonkoloniya documentation - ONEprojukti.pdf
SubhamMandal40
 
Finetuning GenAI For Hacking and Defending
Finetuning GenAI For Hacking and DefendingFinetuning GenAI For Hacking and Defending
Finetuning GenAI For Hacking and Defending
Priyanka Aash
 
The History of Embeddings & Multimodal Embeddings
The History of Embeddings & Multimodal EmbeddingsThe History of Embeddings & Multimodal Embeddings
The History of Embeddings & Multimodal Embeddings
Zilliz
 
UX Webinar Series: Drive Revenue and Decrease Costs with Passkeys for Consume...
UX Webinar Series: Drive Revenue and Decrease Costs with Passkeys for Consume...UX Webinar Series: Drive Revenue and Decrease Costs with Passkeys for Consume...
UX Webinar Series: Drive Revenue and Decrease Costs with Passkeys for Consume...
FIDO Alliance
 
COVID-19 and the Level of Cloud Computing Adoption: A Study of Sri Lankan Inf...
COVID-19 and the Level of Cloud Computing Adoption: A Study of Sri Lankan Inf...COVID-19 and the Level of Cloud Computing Adoption: A Study of Sri Lankan Inf...
COVID-19 and the Level of Cloud Computing Adoption: A Study of Sri Lankan Inf...
AimanAthambawa1
 
UX Webinar Series: Essentials for Adopting Passkeys as the Foundation of your...
UX Webinar Series: Essentials for Adopting Passkeys as the Foundation of your...UX Webinar Series: Essentials for Adopting Passkeys as the Foundation of your...
UX Webinar Series: Essentials for Adopting Passkeys as the Foundation of your...
FIDO Alliance
 
Required Documents for ISO 17021 Certification.PPT
Required Documents for ISO 17021 Certification.PPTRequired Documents for ISO 17021 Certification.PPT
Required Documents for ISO 17021 Certification.PPT
mithun772
 
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and DisadvantagesBLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
SAI KAILASH R
 
LeadMagnet IQ Review: Unlock the Secret to Effortless Traffic and Leads.pdf
LeadMagnet IQ Review:  Unlock the Secret to Effortless Traffic and Leads.pdfLeadMagnet IQ Review:  Unlock the Secret to Effortless Traffic and Leads.pdf
LeadMagnet IQ Review: Unlock the Secret to Effortless Traffic and Leads.pdf
SelfMade bd
 
What's New in Teams Calling, Meetings, Devices June 2024
What's New in Teams Calling, Meetings, Devices June 2024What's New in Teams Calling, Meetings, Devices June 2024
What's New in Teams Calling, Meetings, Devices June 2024
Stephanie Beckett
 
Keynote : Presentation on SASE Technology
Keynote : Presentation on SASE TechnologyKeynote : Presentation on SASE Technology
Keynote : Presentation on SASE Technology
Priyanka Aash
 
It's your unstructured data: How to get your GenAI app to production (and spe...
It's your unstructured data: How to get your GenAI app to production (and spe...It's your unstructured data: How to get your GenAI app to production (and spe...
It's your unstructured data: How to get your GenAI app to production (and spe...
Zilliz
 
Perth MuleSoft Meetup July 2024
Perth MuleSoft Meetup July 2024Perth MuleSoft Meetup July 2024
Perth MuleSoft Meetup July 2024
Michael Price
 
Garbage In, Garbage Out: Why poor data curation is killing your AI models (an...
Garbage In, Garbage Out: Why poor data curation is killing your AI models (an...Garbage In, Garbage Out: Why poor data curation is killing your AI models (an...
Garbage In, Garbage Out: Why poor data curation is killing your AI models (an...
Zilliz
 
Keynote : AI & Future Of Offensive Security
Keynote : AI & Future Of Offensive SecurityKeynote : AI & Future Of Offensive Security
Keynote : AI & Future Of Offensive Security
Priyanka Aash
 
Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...
Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...
Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...
bellared2
 
Intel Unveils Core Ultra 200V Lunar chip .pdf
Intel Unveils Core Ultra 200V Lunar chip .pdfIntel Unveils Core Ultra 200V Lunar chip .pdf
Intel Unveils Core Ultra 200V Lunar chip .pdf
Tech Guru
 
Choosing the Best Outlook OST to PST Converter: Key Features and Considerations
Choosing the Best Outlook OST to PST Converter: Key Features and ConsiderationsChoosing the Best Outlook OST to PST Converter: Key Features and Considerations
Choosing the Best Outlook OST to PST Converter: Key Features and Considerations
webbyacad software
 

Recently uploaded (20)

The Path to General-Purpose Robots - Coatue
The Path to General-Purpose Robots - CoatueThe Path to General-Purpose Robots - Coatue
The Path to General-Purpose Robots - Coatue
 
Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17Mule Experience Hub and Release Channel with Java 17
Mule Experience Hub and Release Channel with Java 17
 
Sonkoloniya documentation - ONEprojukti.pdf
Sonkoloniya documentation - ONEprojukti.pdfSonkoloniya documentation - ONEprojukti.pdf
Sonkoloniya documentation - ONEprojukti.pdf
 
Finetuning GenAI For Hacking and Defending
Finetuning GenAI For Hacking and DefendingFinetuning GenAI For Hacking and Defending
Finetuning GenAI For Hacking and Defending
 
The History of Embeddings & Multimodal Embeddings
The History of Embeddings & Multimodal EmbeddingsThe History of Embeddings & Multimodal Embeddings
The History of Embeddings & Multimodal Embeddings
 
UX Webinar Series: Drive Revenue and Decrease Costs with Passkeys for Consume...
UX Webinar Series: Drive Revenue and Decrease Costs with Passkeys for Consume...UX Webinar Series: Drive Revenue and Decrease Costs with Passkeys for Consume...
UX Webinar Series: Drive Revenue and Decrease Costs with Passkeys for Consume...
 
COVID-19 and the Level of Cloud Computing Adoption: A Study of Sri Lankan Inf...
COVID-19 and the Level of Cloud Computing Adoption: A Study of Sri Lankan Inf...COVID-19 and the Level of Cloud Computing Adoption: A Study of Sri Lankan Inf...
COVID-19 and the Level of Cloud Computing Adoption: A Study of Sri Lankan Inf...
 
UX Webinar Series: Essentials for Adopting Passkeys as the Foundation of your...
UX Webinar Series: Essentials for Adopting Passkeys as the Foundation of your...UX Webinar Series: Essentials for Adopting Passkeys as the Foundation of your...
UX Webinar Series: Essentials for Adopting Passkeys as the Foundation of your...
 
Required Documents for ISO 17021 Certification.PPT
Required Documents for ISO 17021 Certification.PPTRequired Documents for ISO 17021 Certification.PPT
Required Documents for ISO 17021 Certification.PPT
 
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and DisadvantagesBLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
BLOCKCHAIN TECHNOLOGY - Advantages and Disadvantages
 
LeadMagnet IQ Review: Unlock the Secret to Effortless Traffic and Leads.pdf
LeadMagnet IQ Review:  Unlock the Secret to Effortless Traffic and Leads.pdfLeadMagnet IQ Review:  Unlock the Secret to Effortless Traffic and Leads.pdf
LeadMagnet IQ Review: Unlock the Secret to Effortless Traffic and Leads.pdf
 
What's New in Teams Calling, Meetings, Devices June 2024
What's New in Teams Calling, Meetings, Devices June 2024What's New in Teams Calling, Meetings, Devices June 2024
What's New in Teams Calling, Meetings, Devices June 2024
 
Keynote : Presentation on SASE Technology
Keynote : Presentation on SASE TechnologyKeynote : Presentation on SASE Technology
Keynote : Presentation on SASE Technology
 
It's your unstructured data: How to get your GenAI app to production (and spe...
It's your unstructured data: How to get your GenAI app to production (and spe...It's your unstructured data: How to get your GenAI app to production (and spe...
It's your unstructured data: How to get your GenAI app to production (and spe...
 
Perth MuleSoft Meetup July 2024
Perth MuleSoft Meetup July 2024Perth MuleSoft Meetup July 2024
Perth MuleSoft Meetup July 2024
 
Garbage In, Garbage Out: Why poor data curation is killing your AI models (an...
Garbage In, Garbage Out: Why poor data curation is killing your AI models (an...Garbage In, Garbage Out: Why poor data curation is killing your AI models (an...
Garbage In, Garbage Out: Why poor data curation is killing your AI models (an...
 
Keynote : AI & Future Of Offensive Security
Keynote : AI & Future Of Offensive SecurityKeynote : AI & Future Of Offensive Security
Keynote : AI & Future Of Offensive Security
 
Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...
Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...
Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...
 
Intel Unveils Core Ultra 200V Lunar chip .pdf
Intel Unveils Core Ultra 200V Lunar chip .pdfIntel Unveils Core Ultra 200V Lunar chip .pdf
Intel Unveils Core Ultra 200V Lunar chip .pdf
 
Choosing the Best Outlook OST to PST Converter: Key Features and Considerations
Choosing the Best Outlook OST to PST Converter: Key Features and ConsiderationsChoosing the Best Outlook OST to PST Converter: Key Features and Considerations
Choosing the Best Outlook OST to PST Converter: Key Features and Considerations
 

Introduction to CHERI technology - Cybersecurity

  • 1. Alliance Alliance CHERI technology overview A Q U I C K I N T R O D U C T I O N
  • 2. Alliance Data breaches are very costly 6X ~$10T >$500M Cost of addressing Heartbleed buffer overflow vulnerability Worldwide cost estimate of cyberattacks per year (and growing fast) Increase in firmware attacks reported by NIST between 2017 and 2024 P U B L I C 2
  • 3. Alliance Vulnerabilities are causing increasing pain 0 5000 10000 15000 20000 25000 30000 35000 40000 2014 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 P U B L I C 3 Number of reported CVEs Source: Mitre
  • 4. Alliance Memory safety is necessary P U B L I C 4 • Memory abuse (e.g. buffer overflows) is the main attack vector • Constant ratio of over the past 20 years • … even with all the work done on software to avoid this! CHERI solves this!
  • 5. Alliance Impossible to re-write software to fix the problem Application code In-house libraries 3rd-party binary code 3rd -party source libraries Open- source libraries Developed in-house Developed by other companies Open-source RTOS / Linux Runtime image Huge amount of legacy C/C++ code at risk P U B L I C 5
  • 6. Alliance Possible solutions for memory safety • Use “memory safe” languages like Rust or .Net • Requires rewriting trillions of lines of C/C++ code • Possible for new code, but no compartmentalisation • Use “coarse-grained” techniques like stack “canaries” to detect issues • Helpful, but they statistically leave too many holes • Hacking techniques already developed • Use “fine-grained” techniques like CHERI • Best option, but needs new hardware
  • 7. Alliance Memory safety becomes a key topic P U B L I C 7 Highlights CHERI as a solution
  • 8. Alliance Introducing CHERI technology C apability H ardware E nhanced R ISC I nstructions P U B L I C 8
  • 9. Alliance CHERI Fine-grained memory protection Revisits fundamental design choices in hardware and software to dramatically improve system security Extend conventional hardware ISAs • Memory protection • Scalable compartmentalization P U B L I C 9
  • 10. Alliance What makes CHERI different? Previous solutions Problem CHERI Security control Statistical • “likely” to detect a problem Targeted attacks bypass protection Some problems detected too late Systematic • 100% coverage Enforcement Some complex, disparate hardware features, no coherency across architectures Rely on “trusted” software and/or explicit checks Additional complexity Software can be hacked (and has been…) Hardware-enforced • Simple, holistic protection • No way to bypass by software (unforgeable tags) Software impact High impact on software • A lot of additional code needed to protect and isolate • Need best security experts to review all software stack • Often need to rewrite code Difficult to catch all issues Reduce performance and increase code size Experts are scarce Extremely low software impact • Need recompilation • Adapt some very low-level code Type of solution Reactive • Fix problem if vulnerability discovered Proactive solution possible (but uneconomical) Huge exploitable attack surface, susceptible to 0-day attacks Most systems are not upgraded immediately / regularly Preventive • Protects against existing and to- be-designed attacks on memory P U B L I C 1 0
  • 11. Alliance Main memory issues with C/C++ • Possible to access memory out of expected buffers • Access confidential data • Modify / delete critical data or code • Inject malware code • Spy on communications • Erase traces of attack • Functions cannot protect their data from each other • Only works when the software can be trusted • Enable privilege escalation P U B L I C 1 1 Need memory safety Need compartmentalization
  • 12. Alliance Spatial memory safety • Replacing pointers by capabilities – with hardware control Data buffer Other data… Pointer Pointer + offset Out of bounds access = danger! Capability Bounded box Out of bounds access impossible Data buffer Other data… Without CHERI With CHERI P U B L I C 1 2
  • 13. Alliance Bounded box Compartmentalization • Capabilities belong to an identified function / execution context App 1 App 2 App 3 Middleware … OS HAL / Security Compartmentalization – CHERI can sandbox critical functions to avoid attacks Data belongs to the function Software stack P U B L I C 1 3
  • 14. Alliance CHERI relies on hardware protection • CHERI requires adapted processor • Can be applied to many types of core • Hardware-enforced security • Impossible to bypass by software • Formally proven • Reuse existing code • Just recompile application • Choose which part to protect • Benefit from CHERI • Rejects dangerous code • Create CHERI compartments for critical code Processor CHERI HW support Existing C code CHERI- enabled compiler P U B L I C 1 4
  • 15. Alliance CHERI has a positive impact • Limited costs • Area impact • Processor only 4% larger* • Similar power consumption • Similar performance** • Memory impact • Small area for tag storage • Double size for pointers (mostly impacts stack) • No change on data storage requirements • Software development • Need adapted tools (open-source available) • Less than 0.5% application code*** to adapt • Need recompilation • OS / low-level drivers need work (but done once) • Huge gains • Memory safety! • Save in patching costs • Compiler detects mistakes in existing code • Performance gains**** • Remove or simplify software-based mechanisms (TEE, compartmentalization, security modes, …) • Eliminate context switching in hypervisor • Reduce code, improve execution speed • Fast, low-risk integration of unsafe code • Save security experts’ time • Not wasting it on bug hunting… P U B L I C 1 5 * Real data from Codasip – Comparing the same commercial processor with/without CHERI ** Slight degradation for chips with low-bandwidth internal bus (i.e. less than 128bit) *** Real data from application porting **** Requires OS / security mechanisms adaptation (done once, usually by the ecosystem) CHERI Alliance will help by stimulating the ecosystem to adapt OS / software / tools
  • 16. Alliance CHERI has already got strong supporters P U B L I C 1 6
  • 17. Alliance CHERI projects • A number of prototypes / proof of concept have been released • Proof of concept • Open-source / prototype • Commercial • Some OS have been ported to CHERI (Free RTOS, FreeBSD…) P U B L I C 1 7
  • 18. Alliance Quotes “The CHERI architecture's support for fine- grain memory protection and scalable compartmentalization promises to revolutionise our ability to protect personal data and provide strong defences against malware on mobile devices and in the cloud.” Ben Laurie, Director of Security at Google Research P U B L I C 1 8