HomeIndices AnalysisCHERI Alliance receives CHERI RISC-V SDK donation from Codasip, enhancing Linux security

CHERI Alliance receives CHERI RISC-V SDK donation from Codasip, enhancing Linux security

Munich, Germany – Codasip®, a leading provider of RISC-V Custom Compute solutions, has announced the donation of its newly developed Software Development Kit (SDK) for CHERI to the community-interest organization CHERI Alliance. The SDK, which is now freely available for download on GitHub, will provide open access to a complete SDK with Linux kernel, simplifying the building and testing of CHERI-enabled RISC-V applications.

CHERI (Capability Hardware Enhanced RISC Instructions) is an advanced security technology developed by the University of Cambridge and SRI International in a joint research project that began in 2010. Funded by organizations such as DARPA (Defense Advanced Research Projects Agency) and UKRI (UK Research and Innovation), the research aimed to improve system security by revisiting fundamental design choices in hardware and software. In 2023, the technology became commercially available in a licensable processor by Codasip.

The CHERI technology extends the Instruction Set Architecture (ISA) to enforce fine-grained memory access control, effectively preventing common vulnerabilities such as buffer overflows and memory corruption. However, in order to utilize the technology, developers must have access to software tools and packages adapted for CHERI. This includes a compiler capable of generating applications that take advantage of the new instructions introduced by the modified ISA and hardware core. In collaboration with other members of the CHERI Alliance, Codasip has developed these tools using existing open-source projects and is now donating them to the Alliance for unrestricted use by anyone implementing CHERI on RISC-V.

Ron Black, CEO of Codasip, explains, “As more organizations and governments discover the potential of CHERI technology to protect us, we need to speed up the pace of making it available in real systems. We have made a massive effort to implement a full Linux-capable SDK that we are now opening for everyone to use. I am confident this will be a great asset for the CHERI and RISC-V communities.”

Michael Halsall, Director of the CHERI Alliance, adds, “The CHERI Alliance strongly focuses on collaboration and openness to ensure the integration of CHERI security into all high-tech products. The fact that Codasip is making their SDK openly available through the Alliance supports the standardization effort of CHERI for RISC-V. CHERI has the potential to deliver a more secure future for electronics, and we must come together to make that happen, between academia, industry, and government.”

The CHERI RISC-V SDK includes a C/C++ compiler and toolchain based on LLVM17, a CHERI-RISC-V Sail model, an open-source QEMU emulator, an OpenSBI implementation of the RISC-V Supervisor Binary Interface, a U-Boot bootloader, Linux kernel 6.10, FreeRTOS, the GNU Debugger, a Yocto build system for Linux, and a basic user space environment based on Busybox. The SDK can be accessed from the CHERI Alliance’s GitHub page.

About CodasipCodasip is a processor technology company that enables system-on-chip developers to differentiate their products for competitive advantage. The company’s Custom Compute offering combines Codasip Studio design automation tools and a fully open architecture licensing model with a range of processor IP that can be easily customized. Proudly European, Codasip serves a global market where billions of devices are already enabled by its technology. To learn more, visit www.codasip.com.

About CHERI AllianceCHERI Alliance is a community interest organization that promotes the global adoption of the Capability Hardware Enhanced RISC Instructions (CHERI) security technology across the computing industry. Developed by the University of Cambridge and SRI International over a decade of pioneering research, CHERI introduces a revolutionary architecture designed to enhance system security through fine-grained memory protection and software compartmentalization. The Alliance actively engages with industry, academia, and the public sector to standardize and implement CHERI across a diverse range of computing platforms. To learn more, visit www.cheri-alliance.org.

###

No comments

leave a comment