Introduction to Project CHERIoT
(Room 303C)
06 Nov 25
9:25 AM
-
9:50 AM
Tracks:
Embedded Security - CHERI
The CHERIoT project was open sourced by Microsoft in 2023 and is now maintained by a group of companies. CHERIoT began as a research project to see how much co-designing a microcontroller’s hardware and software could deliver strong security without adding (and by removing) features that drive up the power and area costs of the system. CHERIoT provides spatial and temporal memory safety, which turns every buffer overflow or use-after-free vulnerabilities in existing C/C++ code from things that lead to an attacker gaining arbitrary-code execution into faults that software can gracefully recover from. These foundational guarantees apply even to assembly code and are used to build higher-level security abstractions.
The CHERIoT ISA is designed to support a software stack featuring fine-grained compartmentalisation, which allows microcontrollers to support complex use cases such as multitenancy in well under 1 MiB of total code and data memory.
This talk will give an overview of the CHERIoT Platform and describe some of the techniques used in Microsoft’s CHERIoT Ibex (open source) microcontroller core, which is now being incorporated into commercial devices. It will also cover the plans for aligning CHERIoT with the draft RISC-V RV32Y base for CHERI systems.