The Morello evaluation board designed by Arm is a real-world test platform for the CHERI architecture developed by the University of Cambridge. It is the first hardware implementation of DSbD technology, and could eliminate whole classes of possible exploits, significantly reducing the ability of bad actors to capture user data, take over machines, or shut down critical systems.
Participation in the DSbD TAP gives Dynamic Devices the opportunity to work with the CHERI community – upskilling team members as well as contributing to embedded security.
Dynamic Devices has been engaging with the teams from Arm and Cambridge University on building firmware to support CHERI through CheriBSD and Android operating systems. The company has been working on building and supporting embedded Linux using the Yocto meta-distribution toolchain, so that CHERI support can be brought to the wider embedded Linux ecosystem, as well as designing an operating system image that demonstrates how CHERI protects Linux systems against exploitation by hackers.
The aim is to produce a straightforward procedure that enables a new user to build a CHERI image and examples for a Morello board, or run an image on the standard Yocto QEMU emulator if hardware is unavailable.
Many device vendors are using a form of embedded Linux in their embedded and IoT devices. The Dynamic Devices team recognises that having hardware that can protect against a major set of attack vectors, such as memory overflow exploits, can be hugely beneficial. Playing a part in opening up CHERI support to the wider embedded Linux community will help them to secure the embedded space.
