Computer Laboratory


CTSRD – Project news

April 2017

We have now posted our ASPLOS 2017 paper, CHERI-JNI: Sinking the Java security model into the C, which explores how CHERI capabilities can be used to support sandboxing with safe and efficient memory sharing between Java Native Interface (JNI) code and the Java Virtual Machine.

June, 2016

We have now posted the CHERI ISAv5 specification, which improves the maturity of 128-bit capabilities, code generation efficiency, and more detailed descriptions of the protection model.

We have now posted our PLDI 2016 paper, Into to the depths of C: elaborating the de facto standards, which develops a formal model for the C language -- and explores its implications for CHERI. This paper won a PLDI 2016 distinguished paper award.

May, 2016

We have now posted slides from the first CHERI microkernel workshop, which took place in Cambridge, UK in April 2016.

April, 2016

The first CHERI microkernel workshop took place in Cambridge, UK on 23 April 2016, drawing attendees from SRI International, the University of Cambridge, T U Dresden, ETH Zurich, George Washington University, ARM, Broadcom, Google, and Hewlett Packard Labs, and Oracle.

February, 2016

We have posted Qemu-CHERI, an ISA-level simulation of CHERI MIPS, to complement our HDL prototypes. Qemu-CHERI runs CheriBSD, providing an accessible CHERI experimentation environment.

November, 2015

Two new technical reports on CHERI are now available: CHERI ISAv4, and the CHERI Programmer's Guide.

October, 2015

Khilan Gudka has presented our paper on SOAAP, a tool to explore and evaluate compartmentalised software at ACM CCS 2015.

August, 2015

Our paper on SOAAP, an analysis tool to explore and evaluate compartmentalised software, has been accepted to ACM CCS 2015.

May, 2015

Our third full paper on CHERI, CHERI: A Hybrid Capability-System Architecture for Scalable Software Compartmentalization, was presented at the IEEE Symposium on Security and Privacy (Oakland) in May 2015. This paper discusses the hardware-software object-capability model used for software compartmentalisation on CHERI.

We have made a new release of the BERI/CHERI source code, which has been updated for our most recent architectural changes described in our ASPLOS and Oakland papers, and includes everything necessary to synthesise BERI on an Altera FPGA.

April, 2015

Our second full paper on CHERI, Beyond the PDP-11: Processor support for a memory-safe C abstract machine was presented at ASPLOS in March and received the Audience choice: Best presentation award. This paper discusses convergence of ideas about fat pointers and capabilities needed to support widely used C-language code idioms when compiling for CHERI.

December, 2014

The New York Times has published a Special section on security with a quote from Peter G. Neumann in the lead article and an article on the CRASH program mentioning our work on CHERI.

June, 2014

We have now open sourced the BERI processor and its software stack, making available a high-quality RISC processor implementation and associated operating-system, compiler, and application stacks suitable for hardware-software teaching and research. This release includes full support for the CHERI ISA, which supports fine-grained memory protection and scalable software compartmentalization. This release coincides with presentation of our paper on the CHERI memory model at ISCA 2014.

April, 2014

Our first full paper on CHERI, The CHERI capability model: Revisiting RISC in an age of risk, will be presented at the International Symposium on Computer Architecture (ISCA) in June 2014.

We have now posted our paper on TESLA, presented at EuroSys 2014 in Amsterdam, The Netherlands. TESLA is a Clang/LLVM-based dynamic temporal assertion system that we have used to validate complex security properties, such as check-before-use, in operating systems, applications, and also security test suites.

February, 2014
The University of Cambridge Computer Laboratory has posted a job ad for multiple research assistants and post-doctoral researchers to work in the areas of operating-system, compiler, and CPU security. These roles will contribute to our CHERI, TESLA, and SOAAP projects, as well as support an open-source hardware-software research community we hope to develop around the CHERI processor.
December, 2013

Robert Watson has written a Light Blue Touchpaper blog post, 2013 Capsicum year in review, describing research and deployment progress for Capsicum in 2013.

October, 2013

We have now created a BERI open-source downloads web page that includes links to the hardware specs and build instructions for our Terasic DE4-based tablet, FreeBSD OS support, test suite, and shortly, open-source Bluespec designs.

Google has announced Capsicum for Linux, an adaptation of the Linux kernel to support Capsicum capability mode, capabilities, and process descriptors. This follows on the heels of ports of Capsicum to DragonFlyBSD, and news that FreeBSD 10.0 will ship with Capsicum enabled by default – along with several key applications sandboxed with Capsicum "out of the box".

August, 2013
We have open sourced Smten, a programming and SMT orchestration tool intended to support computer-aided verification of hardware designs, such as the CHERI processor, presented at CAV 2013.
June, 2013
We have open sourced the hardware specs and build instructions for our Terasic DE4-based tablet design. We use this tablet platform to host our BERI and CHERI processors.
April, 2013
The University of Cambridge Computer Laboratory has posted two job ads for the CTSRD project: research assistant and post-doctoral research associate positions in processor, operating system, and compiler security. Please see the job ads or recent blog post for further details.
December 2012
IEEE Spectrum has posted a Techwise Conversations podcast with Robert Watson discussing the clean-slate argument for computer security in operating systems and computer architecture.
October 2012

The New York Times has posted an article on Peter G. Neumann and our work on clean-slate host and network security as part of their Science section.

ACM Queue has posted a video interview with Robert Watson, CTSRD project lead at Cambridge on the topic of research into the hardware-software interface, as well as the CHERI processor.

An early prototype of our SOAAP toolchain is now available for download.

September 2012
We have now posted a workshop paper describing the Security-Oriented Analysis of Application Programs (SOAAP) at the Workshop on Adaptive Host and Network Security (AHANS 2012) in Lyon, France.
August 2012
BERI support for the FreeBSD operating system has been committed to the FreeBSD Subversion repository, and will be included in FreeBSD 10.0.
March 2012
We have now posted a workshop paper describing our goals in the CHERI project. This paper was presented at RESoLVE 2012 in London.
February 2012
Communications of the ACM Research Highlights carries two articles on Capsicum, a hybrid capability system model developed in collaboration between the University of Cambridge and Google Research. Capsicum introduces new operating system primitives in support of application compartmentalisation, the fine-grained decomposition of software applications into independently sandboxed components in order to mitigate security vulnerabilities.
January 2012
FreeBSD 9.0 ships with experimental support for Capsicum! Learn more about Capsicum below.