News, news analysis, and commentary on the latest trends in cybersecurity technology.
Codasip Donates Tools to Develop Memory-Safe Chips
The software development kit will simplify building and testing of CHERI-enabled RISC-V applications.
German processor design company Codasip has donated its latest RISC-V software development kit to chip security consortium CHERI Alliance to help developers add memory safety to chips.
RISC-V is an instruction set architecture (ISA) that allows developers and manufacturers to personalize silicon chips with capabilities to meet their needs, such as for use in smartphones, space technologies, industrial applications, and automotive technologies, to name a few. RISV-V is open and free to license, so anyone can design, manufacture, and sell RISC-V chips and software.
CHERI (Capability Hardware Enhanced RISC Instructions) extends ISA to manage memory access control to prevent common vulnerabilities, such as buffer overflows and memory corruption. The method involves isolating the hardware and software so that adversaries cannot inject attack code into memory. The CHERI Alliance is an industry consortium focused on promoting the development and adoption of security technologies that protect data stored in hardware memory.
Developers need access to tools and packages that are available for CHERI — this is what the SDK that Codasip built and donated to the CHERI Alliance offers. The compiler is capable of generating the modified instructions. Anyone implementing CHERI on RISC-V chips can access the SDK, which is freely available on GitHub.
The SDK includes:
C/C++ compiler and toolchain based on LLVM17
CHERI-RISC-V Sail model
QEMU open source emulator
OpenSBI implementation of the RISC-V Supervisor Binary Interface
Das U-Boot bootloader
Linux kernel 6.10
FreeRTOS
GNU Debugger
Yocto build system for Linux
Basic user space environment based on Busybox
"As more organizations and governments discover the potential of the CHERI technology to protect us, we need to speed up the pace of making the technology available in real systems," Codasip CEO Ron Black said in a statement. "We have made a massive effort to implement a full Linux-capable SDK that we are now opening for everyone to use."
About the Author
You May Also Like
Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024