BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:15 years of the CHERI Research Project: Reflections\, Current Work
 \, and Next Directions - Professor Robert N. M. Watson - Department of Com
 puter Science and Technology\, University of Cambridge
DTSTART:20260204T150500Z
DTEND:20260204T155500Z
UID:TALK242233@talks.cam.ac.uk
CONTACT:Ben Karniely
DESCRIPTION:In 2010\, supported by DARPA\, SRI International and the Unive
 rsity of Cambridge embarked on a 4-year joint project to revisit the found
 ations of computer-system design to transformatively improve computer secu
 rity. 15 years later\, the CHERI Research Project has succeeded in those g
 oals through a long-term hardware-software-verification co-design\, drawin
 g for inspiration on both historic but abandoned ideas about hardware capa
 bility systems and far more recent concepts in microarchitecture\, archite
 cture\, programming languages\, operating systems\, and computer security.
  Our approach throughout has been highly empirical\, employing systems-res
 earch methodology via iterative FPGA-based hardware prototyping co-designi
 ng new Instruction-Set Architecture (ISA) features with changes to compile
 rs\, operating systems\, and applications\, as well as ongoing formal mode
 lling and verification to build confidence in the approach. The goal has b
 een to introduce strong\, fine-grained memory safety and support for scala
 ble software compartmentalisation across all software in a computer system
 \, while also walking a fine line between current software ecosystem adapt
 ability and the disruption necessary to achieve significant impact.\n\nIn 
 2015\, we began what is now a decade-long collaboration with Arm to explor
 e how to transition CHERI into a widely deployed production architecture\,
  and from 2019\, with support from the UK government\, Arm’s Morello pro
 totype architecture and board. Further critical industrial collaborations 
 opened up\, including with Microsoft on the would become the open-source C
 HERIoT microcontroller\, with Google in developing key concepts in the app
 roach as well as exploring a large spread of potential deployment scenario
 s\, with Codasip in productionising a CHERI extension to the RISC-V ISA no
 w known as ‘RVY’ especially targeting application processors\, and wit
 h SCI Semi in bringing CHERIoT to the embedded space. These industrial eff
 orts are coming to fruition with first production CHERI-enabled silicon ex
 pected to come to market from multiple companies this calendar year.\n\nTh
 is talk will review the principles of the CHERI technology as well as our 
 experimental approach to developing them\, discuss how large-scale softwar
 e work on both Morello and RISC-V is improving our understanding of how to
  use CHERI to improve software security\, look at ongoing standardisation 
 efforts within RISC-V International and ETSI\, and review some of the exci
 ting CHERI-based products announced by industry over the last year. We wil
 l also explore how the CHERI ecosystem has expanded to include dozens of c
 ompanies via the CHERI Alliance CIC\, an industry membership organisation\
 , and how the CHERI Research Centre at the University of Cambridge\, reach
 ing its first anniversary\, is contributing to ongoing research and techno
 logy transition. With the 15th birthday party of the CHERI Research Projec
 t due to take place in late March 2026 as part of the 2-day CHERI Blossoms
  2026 conference\, and a month-long CHERI exhibit about to open in the Wil
 liam Gates Building\, join us for an exploration of this exciting research
  project and what the future may hold.\n\nProfessor Robert N. M. Watson is
  Professor of Systems\, Security\, and Architecture at the University of C
 ambridge\, where he is Director of the CHERI Research Centre. With Profess
 or Simon W. Moore (Cambridge) and Dr Peter G. Neumann (SRI)\, Professor Wa
 tson launched the CHERI Research Project in 2010\, leading development of 
 the architecture. His work on CHERI has drawn extensively on past research
  and industrial experience\, including developing the OS kernel access-con
 trol techniques that now enable software sandboxing and compartmentalisati
 on in systems such as the open-source FreeBSD operating system\, Apple’s
  macOS and iOS operating systems\, and Juniper Networks’ Junos operating
  system. He was the winner of the 2021 EuroSys Jochen Liedtke Young Resear
 cher Award for his work on CHERI\, his 2015 paper introducing the principl
 es of CHERI software compartmentalisation won the 2025 Test of Time award 
 from the IEEE Symposium on Security and Privacy\, and his paper on CHERI-b
 ased memory safety won a IEEE Computer Society 2024 Best Paper Award.\n\nL
 ink to join virtually: https://cam-ac-uk.zoom.us/j/89473073451\n\nA record
 ing of this talk is available at the following link: https://www.cl.cam.ac
 .uk/seminars/wednesday/video/\n\nThis talk is being recorded. If you do no
 t wish to be seen in the recording\, please avoid sitting in the front six
  rows of the central section in the lecture theatre. Any questions asked w
 ill also be included in the recording. The recording will be made availabl
 e on the Department’s webpage
LOCATION:Lecture Theatre 1\, Computer Laboratory\, William Gates Building
END:VEVENT
END:VCALENDAR