Department of Computer Science and Technology


CTSRD – Rethinking the hardware-software interface for security

CHERI tablet photo
June 2019: Learn about the CHERI architecture! We have now posted CHERI ISAv7. This new version of the ISA elaborates CHERI-RISC-V, adopts the CHERI Concentrate compression model, adds support for side-channel resistance, and makes a variety of other changes to improve performance and functionality. This is the first version of our specification that directly incorporates formal description of the ISA.
April 2019: We are pleased to announce that our ASPLOS 2019 paper on CHERI and OS design, CheriABI: Enforcing Valid Pointer Provenance and Minimizing Pointer Privilege in the POSIX C Run-time Environment, on the general-purpose OS design implications of CHERI when used for ubiquitous memory safety, has won an ASPLOS Best Paper award.
August 2018: The New Scientist has published an article, Uncrackable computer chips stop malicious bugs attacking your computer, covering CHERI and other projects relating to security-focused computer architectures.

Clean Slate Trustworthy Secure Research and Development (CTSRD - pronounced "custard") is a joint research project between SRI International's Computer Science Laboratory and the University of Cambridge Computer Laboratory, supported by DARPA (part of the DARPA CRASH programme) and Google. The project is revisiting the hardware-software security interface for general-purpose CPUs to fundamentally improve security; to this end, we are integrating a hybrid capability model and continuous hardware-assisted validation of security design principles with a commodity CPU ISA and open source operating systems. We are pursuing several new software/hardware features as part of this research:

There is a strong interest, throughout, in judiciously applying formal methodology and bringing formally grounded techniques to mainstream hardware and software development. This work has motivated the creation of the Bluespec extensible RISC implementation – an open-source platform for research into the hardware-software interface, with a BSD-licensed operating system and toolchain based on FreeBSD and Clang/LLVM. We are using open source, wherever possible, to transition new technologies into mainstream use.

CTSRD builds on long past experience at both institutions in security and systems research, including Multics, PSOS, the Newcastle DSS, separation kernels, the DARPA CHATS programme, PVS/SAL/YICES, LynuxWorks, the CAP computer, the MAC Framework, multi-threaded CPU design, Xen, Capsicum, and MirageOS.

News media