In 2010, the University of Cambridge’s Department of Computer Science and Technology (then the Computer Laboratory) began looking at the question of how to make computers fundamentally more secure. Backed by funding from the United States’ Defense Advanced Research Projects Agency (DARPA), it developed a system called CHERI, which makes the concept of compartmentalization vastly more efficient and scalable. In 2015, the team joined forces with Arm to create Morello, a prototype platform that maps CHERI into Arm architecture – and hopefully one day into products. Here Robert Watson and Simon Moore, the Principal Investigators of the Cambridge team, talk us through the collaboration…
Simon Moore: “In 2010, DARPA funded the University of Cambridge, in collaboration with SRI International, to run a project that would rethink security from the ground up. That meant looking at software models, the OS, the run-time system, the applications and how the hardware-software interface and processor microarchitecture could be overhauled to meet the demands of the future. What we are trying to do is fairly radical, the type of change that requires a long-term view. It is also the type of change that the industry’s not so good at.”
Robert Watson: “As a university, we can be this meeting point for diverse companies interested in long-term R&D, providing the space to really understand the potential directions of technology. We can have really exciting conversations about how the technologies we are working on might link to the problems many of them have.
The two chief challenges in terms of software security right now lie in low-level memory-safety vulnerabilities that allow total control of a device through a piece of software, and higher-level application logic vulnerabilities, when someone programs something and it behaves in an insecure way.
CHERI aims to address both using the same mechanism, with two philosophically different, but potentially disruptive, approaches. The first minimizes the performance overhead of low-level memory safety. We need to make that performance overhead as small as possible, while analyzing and explaining the costs and trade-offs. On the software compartmentalization side, part of the design goal was to respond to industry-wide problems, as current computer architecture simply cannot meet the needs of industry’s software compartmentalization ambitions. There, the argument for CHERI is an orders-of-magnitude performance win – but at a potentially greater software disruption cost than the memory safety. So, these are two dueling angles.
If there is no way I can imagine a given area of research making it into industrial use, I do not want to do it. Arm is interested in experimentation, but ultimately would like it to result in product technology that its customers are interested in.
SM: “As a means of encouraging that pull, we got together with Arm and decided to pitch to Innovate UK that computer security is fundamentally important to the future of the UK and that we have a technology that may help. The UKRI Digital Security by Design Initiative started towards the end of 2019. Through that, funding was awarded to design and build Arm’s Morello prototype platform, that runs high-end 64bit processors and incorporates ideas from our work on CHERI into a version of the Arm architecture. The idea is that at the end of 2021, Arm ships prototype Morello boards to academic and industrial partners, to evaluate the tech more thoroughly.
The process from IP concept to hardware and to an end product can take many years, sometimes decades, depending on the use case, and software developers need hardware to program on. Occasionally, new concepts come with appreciable benefits that can only be realized with significant impact to the software running on top of the hardware system. It is important that the software cost is well understood and the proposed benefits demonstrated. However, software developers need actual hardware to program on. Software developers are often only looking a couple of years ahead, but here we are talking about technology that is still five to ten years out. Getting the funding for Morello means that we can break this cycle by shipping a prototype computer system that software developers can experiment on and play with so that it is made real for them, which lets us answer some of the remaining fundamental questions.
RW: “Working side by side with Arm’s engineers has been really exciting. In some sense, we have had to recreate the CHERI technology now we are transitioning it. We already had the initial research problems, but in the collaboration, we soon became aware of industrial requirements that we do not usually have access to. We began to deal with notions of power and energy use in very different ways, as that seemed to be the critical obstacle to adoption for some of Arm’s customers. Most of the work we have done on Morello is focused on Arm's A-Profile architecture, which is designed for applications processors. But we are also interested in M-Profile architecture, which is used in IoT and embedded systems, and we are doing new fundamental research there, responding to concerns we would never otherwise have thought to do. That has been brilliant.”
SM: “Early on in the project we said if the tech was going to succeed, if it was to be sufficiently disruptive, we would need the software to run on every platform from any vendor. A sponsor like DARPA does not want to be precluded from using the technology. We would need the tech to be available everywhere, and Arm agreed to keep it open and freely available. Here is something very central to its whole business model, but Arm is prepared not to patent everything that has been created.
RW: “That openness is especially important with security technology. If any of the major companies decides to go with it, it has sufficient market force to have a real impact. But we do not know which company it is going to be, so we have to collaborate with all of them to help them understand the technology and see if it is appropriate. With that openness, we can walk into a company and say ‘let us show you a demo: you can look at our source code on the net and see how our processors work. You do not have to sign an NDA, and you are not impeded from adopting this.’ Arm has been incredibly willing to go along with that. We are very pleased.
It is a significant investment of attention too. This is a major effort. Arm has over 200 colleagues doing this adventurous work on the Morello design. That team would otherwise be working on something that was maybe more immediately implemented. That is a nice level of commitment, particularly for such a new approach. A lot of engineers do not often get the opportunity to develop a crazily experimental chip. From our perspective that is enormously exciting, because we have no idea where it is going next. And it is something we could never explore in isolation from a company like Arm.”
SM: “After a year that saw a real explosion of collaboration, Arm has released the prototype architecture specifications for Morello, along with the software simulator (Morello Platform Model) and our software stack that runs on top of it. The next four years see a rush of R&D. This summer, the UK government awarded 11 grants to fund UK university research using Morello/CHERI. Two of those grants landed here at Cambridge. We are very pleased, because there is lots of fundamental research still to do, especially on the software side. And while it is great we put CHERI into the general-purpose architecture, what about GPUs, and other accelerators in machine learning? I am looking forward to collaborating with Arm there too.”
RW: “GPUs and machine learning (ML) accelerators are a major focus in the industry at the moment. If our benefits stop with the general-purpose processor and ignore the GPUs and all these ML accelerators, we may miss some avenues through which people perform attacks. We may miss opportunities to improve performance. Take the web browser, for example. We could make it vastly, observably more secure, which would totally change the incidence of security vulnerability.”
Microsoft, one of our large collaborators, ran a study of their critical memory-safety vulnerabilities going back several years: over 70% of them were eliminated by relatively non-disruptive parts of CHERI. That is a huge change. I'd like to think we could dig into the remaining 30% in this Morello collaboration. We are pushing into those things as long-term research and will perhaps be able to put those ideas and technologies into the products that are developed based on Morello.
Our focus for the next year is to have everything ready for when the evaluation board hardware ships. The software has only just been designed, yet we have to have mature software running in a year. That is an incredibly short space of time. We need demonstration software stacks and tooling that just works. So when people sit down with this board, on the first day, they are immediately struck that all the software they expect it to run does run. They can then focus on their problems and see how it plays out for their particular applications. I think we will all be very busy.”
SM: “The final thing to mention is that this technology provides an incredibly exciting opportunity for the students here. At least a third of our people working on CHERI and Morello are PhD students. They contribute a substantial part of the intellectual effort. As well as forming a key part of their education, the work leads them to do internships at places like Arm. We have also had at least three post-docs go to Microsoft Research over the last two years, where they are now working on things related to CHERI. It is all creating opportunities: our students are the experts in these technologies as they get industrial deployment.
I hope CHERI is enormously successful. If it is, everyone who is contributed over the last 10 years, from Cambridge and Arm alike, should take enormous pride in it.”
Learn more about Arm Research collaborations
Simon Moore is Professor of Computer Engineering at the University of Cambridge, Department of Computer Science and Technology.
Robert Watson is Reader (Professor) of Systems, Security, and Architecture at the University of Cambridge, Department of Computer Science and Technology.