Codasip®, a leader in RISC-V Custom Compute, has announced the donation of its newly developed Software Development Kit (SDK) for CHERI to the CHERI Alliance. This donation marks a significant milestone in the company’s commitment to advancing system security. By making the SDK available for free download on GitHub, Codasip aims to encourage collaboration and innovation within the security technology community.
What is CHERI?
CHERI (Capability Hardware Enhanced RISC Instructions) is a cutting-edge security technology developed by the University of Cambridge in collaboration with SRI International. The research project, which began in 2010, was funded by key agencies, including DARPA (Defense Advanced Research Projects Agency) and UKRI (UK Research and Innovation). The primary goal of CHERI is to revisit fundamental hardware and software design choices to significantly improve system security. In 2023, Codasip made the technology commercially available with a licensable processor, making it accessible to the broader tech industry.
How CHERI Enhances Security
CHERI enhances the traditional Instruction Set Architecture (ISA) by introducing fine-grained memory access control. This additional layer of security prevents vulnerabilities such as buffer overflows, memory corruption, and other memory safety errors that are commonly exploited in cyberattacks. Despite its potential, for developers to fully leverage CHERI’s capabilities, they need appropriate software tools and packages that support the new instructions introduced by the modified ISA and hardware core.
Codasip’s Contribution to the CHERI Ecosystem
Codasip has worked tirelessly to build the necessary tools for integrating CHERI on RISC-V platforms. The company has created a comprehensive Linux-capable SDK, based on existing open-source projects, and made it available through the CHERI Alliance. By doing so, Codasip is empowering developers to implement CHERI technology on RISC-V systems, thus accelerating the adoption of advanced security features across a wide range of applications.
Opening Up for Global Use
As more organizations and governments realize the potential of CHERI technology to protect systems from evolving threats, we must fast-track its availability for real-world applications, said Ron Black, CEO of Codasip. We have invested considerable effort in creating a fully Linux-compatible SDK, and we are excited to offer it for free to the community. This will serve as a vital tool for both the CHERI and RISC-V communities, allowing them to implement cutting-edge security features more efficiently.
Michael Halsall, Director of the CHERI Alliance, also praised Codasip’s donation, emphasizing the importance of collaboration in ensuring the widespread adoption of CHERI technology. “The availability of Codasip’s SDK through the CHERI Alliance supports our mission to standardize CHERI security for RISC-V,” said Halsall. “By working together across academia, industry, and government, we can create a more secure and resilient future for the electronics industry.”
What the CHERI RISC-V SDK Includes
The CHERI RISC-V SDK, now available for public use, includes the following tools and resources:
- C/C++ compiler and toolchain based on LLVM17
- CHERI-RISC-V Sail model
- QEMU open-source emulator
- OpenSBI implementation of the RISC-V Supervisor Binary Interface
- Das U-Boot bootloader
- Linux kernel 6.10
- FreeRTOS
- The GNU Debugger
- Yocto build system for Linux
- Basic user space environment based on Busybox
These tools are designed to help developers fully integrate CHERI security features into RISC-V systems and enable them to leverage its advanced memory protection capabilities.
Conclusion
Codasip’s donation of the CHERI RISC-V SDK to the CHERI Alliance represents a key step in the effort to advance hardware-based security technologies. By making this SDK freely available, Codasip is playing a crucial role in supporting the broader adoption of CHERI and RISC-V technologies. This open-source initiative will help accelerate the development of more secure computing systems, benefiting industries that require robust security measures, including government, healthcare, and finance.
