Codasip implements CHERI for first commercial fine-grained memory
The first commercial implementation of Capability Hardware Enhanced RISC Instructions (CHERI) technology is available for the first time in a commercial offering, said Codasip. It has used Codasip Studio to add built-in fine-grained memory protection to its recently launched 700 processor family by extending the RISC-V ISA with CHERI-based custom instructions. This provides processor security to actively prevent the most common cyberattacks, said the company.
Codasip’s commercial implementation will enable companies to take preventive security measures without having to wait for their vendors’ delivered patches.
To enable the use of these instructions, Codasip is also delivering the software environment to take advantage of CHERI technology, bringing a full software development flow to add memory protection
CHERI technology can be applied selectively to critical functions. It is therefore possible to enhance the security of existing products with a small effort, often through a simple code recompilation, said Codasip.
Professor Robert N. M. Watson, the University of Cambridge, said: “CHERI extends conventional hardware instruction set architectures (ISAs) with new architectural features to enable fine-grained memory protection and highly scalable software compartmentalisation. The CHERI memory-protection features allow historically memory-unsafe programming languages such as C and C++ to be adapted to provide strong, compatible, and efficient protection against many currently widely exploited vulnerabilities.”
Cyberattacks pose an ever-growing threat and approximately 70 per cent of OS and browser vulnerabilities documented in the Common Vulnerabilities and Exposures (CVE) programme in the last two decades are attributed to software memory errors. Advanced memory protection has only been achievable through advanced hardware modification or expensive and impactful software modifications but to be viable in real products, any suggested solution must have minimal impact on power, performance, and area.
Ron Black, chief executive officer, Codasip, said: “Unsafe and insecure products risk causing privacy violations, reputational damage and financial loss that are unacceptable, be it cars, routers, medical devices, or any other consumer product. Using statistical protection mechanisms, such as stack canaries, to detect memory corruption has proven not secure enough”.
Codasip will be participating at the RISC-V Summit in Santa Clara, California, on 07 and 08 November, presenting a keynote and several technical topics.
Codasip is a processor technology company enabling system-on-chip developers to differentiate their products for competitive advantage. Customers leverage the transformational potential of the open RISC-V ISA through Codasip’s Custom Compute offering: Codasip Studio design automation tools and a fully open architecture licensing model combine with a range of processor IP that can be easily customised. The European company serves a global market, where billions of devices are already enabled by Codasip technology.