This article is more than 1 year old
How does £36m sound, mon CHERI? UK.gov pumps cash into Arm security research
That's 'Capability Hardware Enhanced RISC Instructions'
University of Cambridge researchers and UK industry bods have been tossed £36m from the UK government to support their work with Arm to strengthen security by improving memory protection.
As part of the "Digital Security by Design" scheme, part of the funding will be funnelled into the research team's Morello project to create a prototype platform to demonstrate how Capability Hardware Enhanced RISC Instructions (CHERI) can work.
Business secretary Andrea Leadsom said that while doing the basics – strong passwords and keeping software updated – remained important, businesses can also benefit from innovations in defence technology to deal with future threats.
Minister for Digital and Broadband Matt Warman said: "The government wants the UK to be the safest place to be online and the best place to start and grow a digital business. As these investments show, we are determined to create the right environment to foster our thriving digital economy while giving people renewed confidence and trust in online services."
CHERI aims to improve security by strengthening memory protection to provide systems with better protection from unknown vulnerabilities and attempted exploits.
CHERI is the result of a 10-year DARPA-funded research project, led by Robert N M Watson, Simon Moore and Peter Sewell at the University of Cambridge's Department of Computer Science and Technology, and by Peter G Neumann at SRI International (once known as the Stanford Research Institute).
The next step is to check that the proposed design for Morello will provide the promised security benefits. The team claims this will be the first time that formal proof has been applied to the security of a mainstream computing architecture.
There's more on the project from the University of Cambridge here.
As part of the funding, there is also a call for teams of social scientists to apply for £3m to research the behavioural and adoption challenges of making systems secure. But interested boffins better be quick – expressions of interest must be in by 15 November. ®