- ARC-V Processor IP
- ARC-V RHX-105 dual-issue, 32-bit multi-core RISC-V processor for real-time applications
- ARC-V RMX-500 power efficient 32-bit RISC-V processor for embedded applications
- E2 Series - Power & area optimized: 2-3-stage, single-issue pipeline, as small as 13.5k gates
- E3 Series - High performance 32-bit RISC-V Processor
- E7 Series - Ultra High Performance 32-bit RISC-V Embedded Processor
- More Products...
|
IP-SOC DAYS 2025 IP-SOC DAYS 2024 IP-SOC DAYS 2023 IP-SOC DAYS 2022 IP-SOC DAYS 2021 IP-SOC 2024 IP-SOC 2023 IP-SOC 2022 IP-SOC 2021
|
|||||||
|
|
||||||
CHERI Protects Memory at the Hardware Level
- Perforce Partners with Siemens for Software-Defined, AI-Powered, Silicon-Enabled Design (May. 16, 2025)
- Semidynamics: From RISC-V with AI to AI with RISC-V (May. 16, 2025)
- TSMC Board of Directors Meeting Resolutions (May. 16, 2025)
- Arm Evolves Compute Platform Naming for the AI Era (May. 16, 2025)
- Secafy Licenses Menta's eFPGA IP to Power Chiplet-Based Secure Semiconductor Designs (May. 15, 2025)
- See Latest News>>
Jamie Broome, chief product officer for automotive business and product management at Codasip, explained the role and importance of the CHERI Alliance and described Codasip's new L730 processor focused on security and customization.
www.eetimes.eu, Feb. 04, 2025 –
Software-based security solutions have improved system protection but remain fundamentally vulnerable, often imposing performance tradeoffs due to their reliance on continuous monitoring and computational overhead. As cyberthreats become more sophisticated, attackers find new ways to exploit software-layer weaknesses. This has driven a shift toward hardware-based security, which offers more resilient protection by integrating security mechanisms directly into the foundational computing infrastructure.
Unlike software, hardware security tackles vulnerabilities at their root, creating a barrier that is both difficult to penetrate and effective in terms of performance. The Capability Hardware Enhanced RISC Instructions (CHERI) technology, developed by the University of Cambridge and adopted by a group of organizations and governments through the CHERI Alliance, follows this approach.
In an interview with EE Times Europe, Jamie Broome, chief product officer for automotive business and product management at Codasip, explained the role and importance of the CHERI Alliance and described Codasip's new L730 processor focused on security and customization.
"CHERI focuses on memory protection by ensuring that data cannot be accessed outside the bounds of what is permitted, preventing memory overflow and unauthorized reading of sensitive information, which is achieved through a containerized framework at the hardware level," Broome said. "Software-based solutions like Rust require extensive code rewrites and can negatively impact performance, making them less practical for many use cases."
How does CHERI work?
CHERI's realization–and now commercialization–began with researchers at the University of Cambridge who recognized the propensity of commonly introduced software bugs in the code to jeopardize a device's memory. Given that most architectures protect memory quite poorly, these bugs open the floodgates to cyberattacks. Moreover, languages such as C/C++/Assembly do not automatically constrain access to certain parts of a device's memory. CHERI attempts to organize this aspect.
Based on capability-based addressing, CHERI works by assigning a "capability" to a particular part of the memory. A capability can be thought of as a label in the device's memory, containing not only the address but also the access rights and bindings on that part of the memory. It helps tag the degree of access available to any code, or even whether a code can be written in a particular part.
As an extension, CHERI can compartmentalize sensitive aspects of memory and "lock them in a box." This compartmentalization inherently occurs at the hardware level (with the help of software). As its design shows (Figure 1), using CHERI in a device introduces drastic reforms at the processor level.
Back
Contact Us
Partnership Offers