Software is crammed full of bugs. This 'exciting' project could banish most of them

Chip designer Arm has released a prototype of its Morello development board for researchers at Google, Microsoft and industry to test its goal for a CPU design that wipes out a chunk of memory-related security flaws in code.

The Morello board is the product of a collaboration between Arm, Cambridge University, Microsoft and others based on the Capability Hardware Enhanced RISC Instructions (CHERI) architecture. Microsoft says the board and system on chip (SoC) is the first high-performance implementation of CHERI, which provides “fine-grained spatial memory safety at a hardware level”. If it proves successful after testing with legacy software, it could pave the way for future CPU designs.

CHERI architectural extensions are designed to mitigate memory safety vulnerabilities. CHERI augments pointers – the variables in computer code that reference where data is stored in memory – with limits as to how those references can be used, the address ranges that they can use to access, and which functionality they can use. “Once baked into silicon, they cannot be forged in software,” Arm explained. CHERI was developed by the University of Cambridge and SRI International after it received funding from DARPA’s Clean-slate design of Resilient, Adaptive, Secure Hosts (CRASH) program.


Read More: