Cybersecurity is no longer a niche concern for IT departments. It’s a global crisis impacting every facet of our lives, from banking to healthcare to national security. McKinsey & Co. estimates the cost of cyberattacks on the global economy at a staggering $10.5 trillion annually. The harsh reality is that our current cybersecurity methods are failing to keep pace with sophisticated attacks. The very foundation of our digital world – the computer architecture itself – is inherently permissive, leaving it vulnerable to a wide range of exploits.
A new report, “Global Marketing Strategy Report for SNbD-CHERI based Router and Connected Device Infrastructure,” tackles this challenge head-on, shining a light on a revolutionary solution: hardware-enforced memory safety.
The report focuses on Secure Networking by Design (SNbD), a project leveraging CHERI (Capability Hardware Enhanced RISC Instructions) technology. CHERI fundamentally changes how software interacts with memory, offering a robust solution to the vulnerabilities that have plagued us for decades.
Here are some key takeaways from the report:
- The Importance of Memory Safety: The report underscores that memory safety issues are the root cause of over 70% of known vulnerabilities.
“As has been highlighted many times since the 1970s, computers are designed to be permissive systems, and this leads to a wide set of challenges, including memory overflows that overwrite code with attacks, and pointer escalation attacks where the frameworks used to move around code are misappropriated, leading to malevolent attacks.”
- CHERI: A Game-Changer: CHERI offers a hardware-based solution that enforces memory safety, effectively preventing a wide array of attacks.
“The solution, as identified by many academic and governmental organisations, is a new hardware enforcement technology, namely CHERI…The ability to develop memory-safe and compartmentalized applications that are inherently self-sealing and immune from such a wide variety of modern attacks represents a major milestone in the industry.”
- Benefits Beyond Security: CHERI’s compartmentalization capabilities offer significant advantages in terms of code reuse, maintenance, and system stability.
“CHERI at its heart is designed to not shy away from the limitations of open-source and third-party code, but instead acknowledge the challenges and provide a prophylactic interface, where if malevolent code is present, it cannot infect the system. It is intended to enable ferocious code reuse and take significant limitations out of the development process.”
- Secure Networking by Design: The report explores how CHERI can be used to build inherently secure routers and network devices, addressing a critical vulnerability in our interconnected world.
“As exposed yet again by Salt Typhoon, existing cyber-security methodologies are failing to keep pace with this malevolent problem, and the harsh reality is that the global industry must step up and take significant responsibility for this…Leveraging the Arm Morello test chip – an early implementation of the CHERI technology available as an Arm Neoverse high-performance processor – the SNbD project has clearly demonstrated the potential impact of CHERI, providing a framework for future projects and products.”
- The Need for a Collective Effort: The report stresses the need for government support, industry collaboration, and a focus on real-world applications to drive the adoption of CHERI-based solutions.
“To avoid future pervasive nation-state attacks the industry must be incentivized to adopt the new fundamental components of CHERI-enabled silicon, compartmentalized and memory-safe operating systems, and updated tools including CHERI-aware compilers and memory-safe languages such as Rust…we should complete our transition to a secure-by-design future.”
Download the report today and delve deeper into the world of memory safety and secure networking. This is more than just a technical challenge – it’s about building a more resilient and trustworthy digital future for everyone.
John Moor
COO, TechWorks &
Managing Director, IoT Security Foundation
