Abstract

In 2010, supported by DARPA , SRI International and the University of Cambridge embarked on a 4-year joint project to revisit the foundations of computer-system design to transformatively improve computer security. 15 years later, the CHERI Research Project has succeeded in those goals through a long-term hardware-software-verification co-design, drawing for inspiration on both historic but abandoned ideas about hardware capability systems and far more recent concepts in microarchitecture, architecture, programming languages, operating systems, and computer security. Our approach throughout has been highly empirical, employing systems-research methodology via iterative FPGA -based hardware prototyping co-designing new Instruction-Set Architecture (ISA) features with changes to compilers, operating systems, and applications, as well as ongoing formal modelling and verification to build confidence in the approach. The goal has been to introduce strong, fine-grained memory safety and support for scalable software compartmentalisation across all software in a computer system, while also walking a fine line between current software ecosystem adaptability and the disruption necessary to achieve significant impact.

In 2015, we began what is now a decade-long collaboration with Arm to explore how to transition CHERI into a widely deployed production architecture, and from 2019, with support from the UK government, Arm’s Morello prototype architecture and board. Further critical industrial collaborations opened up, including with Microsoft on the would become the open-source CHER IoT microcontroller, with Google in developing key concepts in the approach as well as exploring a large spread of potential deployment scenarios, with Codasip in productionising a CHERI extension to the RISC -V ISA now known as ‘RVY’ especially targeting application processors, and with SCI Semi in bringing CHER IoT to the embedded space. These industrial efforts are coming to fruition with first production CHERI -enabled silicon expected to come to market from multiple companies this calendar year.

This talk will review the principles of the CHERI technology as well as our experimental approach to developing them, discuss how large-scale software work on both Morello and RISC -V is improving our understanding of how to use CHERI to improve software security, look at ongoing standardisation efforts within RISC -V International and ETSI , and review some of the exciting CHERI -based products announced by industry over the last year. We will also explore how the CHERI ecosystem has expanded to include dozens of companies via the CHERI Alliance CIC , an industry membership organisation, and how the CHERI Research Centre at the University of Cambridge, reaching its first anniversary, is contributing to ongoing research and technology transition. With the 15th birthday party of the CHERI Research Project due to take place in late March 2026 as part of the 2-day CHERI Blossoms 2026 conference, and a month-long CHERI exhibit about to open in the William Gates Building, join us for an exploration of this exciting research project and what the future may hold.

Professor Robert N. M. Watson is Professor of Systems, Security, and Architecture at the University of Cambridge, where he is Director of the CHERI Research Centre. With Professor Simon W. Moore (Cambridge) and Dr Peter G. Neumann (SRI), Professor Watson launched the CHERI Research Project in 2010, leading development of the architecture. His work on CHERI has drawn extensively on past research and industrial experience, including developing the OS kernel access-control techniques that now enable software sandboxing and compartmentalisation in systems such as the open-source FreeBSD operating system, Apple’s macOS and iOS operating systems, and Juniper Networks’ Junos operating system. He was the winner of the 2021 EuroSys Jochen Liedtke Young Researcher Award for his work on CHERI , his 2015 paper introducing the principles of CHERI software compartmentalisation won the 2025 Test of Time award from the IEEE Symposium on Security and Privacy, and his paper on CHERI -based memory safety won a IEEE Computer Society 2024 Best Paper Award.

Link to join virtually: https://cam-ac-uk.zoom.us/j/89473073451

A recording of this talk is available at the following link: https://www.cl.cam.ac.uk/seminars/wednesday/video/

This talk is being recorded. If you do not wish to be seen in the recording, please avoid sitting in the front six rows of the central section in the lecture theatre. Any questions asked will also be included in the recording. The recording will be made available on the Department’s webpage