Come to the ACM's Krasnopoler Memorial Lecture:

Monday, May 8, 2017 at 10:30 am (refreshments at 10:00 am) at Hackerman B-17

Robert Watson: CHERI - Reinventing Computer Architecture for Security

Over the last seven years, the CTSRD Project at SRI International and the University of Cambridge has been performing intensive hardware-software co-design to redesign core computer architecture around improved security. This talk will introduce Capability Hardware Enhanced RISC Instructions (CHERI), which extend a conventional RISC processor architecture with support for capabilities -- a long-discussed but rarely deployed security approach focused on efficiently implementing the Principle of Least Privilege. CHERI is a hybrid capability architecture, in that it blends these historic ideas with contemporary hardware and software design, yielding vastly improved security with strong software compatibility yet acceptable performance overhead for fine-grained memory protection and mitigation -- and orders-of-magnitude performance improvement for compartmentalised software designs. These techniques directly support vulnerability mitigation for the C and C++ programming languages, interfering with exploit techniques from buffer overflows to ROP and JOP, as well as protecting against future unknown attack techniques via scalable application-level privilege reduction. Prototyped via hardware-software co-design, and evaluated on FPGA with support from DARPA, the CHERI processor prototype is able to run adapted versions of the FreeBSD operating system (CheriBSD) and open-source application stack, and is targeted by an extended version of the Clang/LLVM compiler. This talk introduces the CHERI architecture and potential applications, and will also describe current research directions.


The Johns Hopkins Association for Computing Machinery is a student organization of the Johns Hopkins University dedicated to furthering the knowledge and advancement of computers and information technology through the free exchange of ideas and information. As a chapter of the oldest computing society in the world, the JHU ACM is a place for diverse backgrounds and interests, and serves the JHU community as a whole.

