BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:CHERI - Architectural support for software memory protection and c
 ompartmentalisation - Robert N. M. Watson - University of Cambridge\, Comp
 uter Laboratory
DTSTART:20170222T161500Z
DTEND:20170222T171500Z
UID:TALK69478@talks.cam.ac.uk
CONTACT:David Greaves
DESCRIPTION:Capability Hardware Enhanced RISC Instructions (CHERI) extend 
 a conventional RISC architecture with support for “capabilities” — p
 ointers whose integrity is protected by the hardware\, extended with prote
 ction metadata such as bounds and permissions\, and constrained by securit
 y properties such as monotonicity. This low-level primitive is a foundatio
 n on which a broad range of software protection properties can be built an
 d incrementally deployed: fine-grained\, referential memory protection for
  C/C++-language programs\; protections against control-flow attacks such a
 s ROP and JOP\; granular and efficient in-address-space isolation and soft
 ware compartmentalisation\; and safe interoperation between managed langua
 ges and native-code extensions. Prototyped via hardware-software co-design
 \, and evaluated on FPGA over a six-year period with support from DARPA\, 
 the CHERI processor is able to run adapted versions of the FreeBSD operati
 ng system (CheriBSD) and open-source application stack\, and is targeted b
 y an extended version of the Clang/LLVM compiler. This talk introduces the
  CHERI architecture and potential applications\, and will also describe cu
 rrent research directions.
LOCATION:Lecture Theatre 1\, Computer Laboratory
END:VEVENT
END:VCALENDAR