With the Digital Security by Design (DSbD) programme seeking business led demonstrators we propose a project within the automotive sector. We believe this is essential: road vehicles are increasingly software-based and connected. The social and economic impacts of cyber security are obvious as breaches can result in risk to life, serious injury or massive financial penalties. We will demonstrate and review the use of DSbD technologies for cyber critical and safety critical applications in the automotive sector. Specifically, four connected vehicle use cases will be developed and tested. They have been selected as they vary in safety and time criticality and therefore demonstrate the versatility of DSbD. For each, the impact of DSbD technologies on security, safety and performance will be assessed.

    This project has three main goals:

    • Demonstrate CHERI technology for cyber critical and safety critical applications by: developing a TCU based on Morello architecture for each use case, and Measure the security / safety / performance trade-offs and the impact of CHERI
    • Assess go-to-market routes for CHERI based products in automotive
    • Explore how this ties in with the emerging, global vehicle cyber security regulations

    What is the AutoCHERI project?

    The performance-vs-security trade-off manifests differently depending on the workload being processed by the system. A large part of the project is focussed on analysing, threat modelling and implementing four specific use cases.

    • Vehicle diagnostics data - Processing data from CAN, through the TCU and up to the cloud.
    • OTA software update - Pulling software packages from the cloud, cryptographically verifying them, and passing on other vehicle ECUs.
    • V2I traffic advisory - Communicating with roadside infrastructure via cellular-V2X protocols.
    • Teleoperation - This is a use case that is safety critical and requires extremely low-latency, so is more impacted by poor performance.

    What is CHERI?

    CHERI stands for Capability Hardware Enhanced RISC Instructions. CHERI extends conventional hardware Instruction-Set Architectures (ISAs) with new architectural features to enable fine-grained memory protection and highly scalable software compartmentalization.

    • Started in 2010, DARPA (US Defence Advanced Research Projects Agency) funded a joint research project of SRI International and the University of Cambridge.
    • Over the last decade, many organisations have collaborated on CHERI including: Microsoft, Google and many universities.
    • It is a new CPU instruction set architecture that offers two new features: 1) Enforces memory safety of pointers; 2) Introduces compartmentalisation.

    Memory-safe pointers: The CHERI memory-protection features allow historically memory-unsafe programming languages such as C and C++ to be adapted to provide strong, compatible, and efficient protection against many currently widely exploited vulnerabilities.

    Compartmentalization: The CHERI scalable compartmentalization features enable the fine-grained decomposition of operating-system (OS) and application code, to limit the effects of security vulnerabilities in ways that are not supported by current architectures.

    … and Morello?

    Morello is Arm’s implementation of CHERI on Arm v8.2 architecture. It is a development board, compiler & toolchain to allow us to write programs and run them leveraging CHERI

    So for our project, Morello is the platform to prove the efficacy of CHERI in automotive domain.


    Read more at the website


    Applus+ uses first-party and third-party cookies for analytical purposes and to show you personalized advertising based on a profile drawn up based on your browsing habits (eg. visited websites). You can accept all cookies by pressing the "Accept" button or configure or reject their use.. Consult our Cookies Policy for more information.

    Cookie settings panel