Digital Security by Design driving investment in the automotive sector and embedded systems
The Digital Security by Design (DSbD) programme from UK Research and Innovation (UKRI) is transforming digital technology and creating a more resilient, and secure foundation for a safer future.
- DSbD announces £1.2m funding for a Thales UK led consortium demonstrator project called RESAuto which is investigating the potential impacts of new technology on safety and privacy.
- A further £993k invested into Cambridge-based organisation, lowRISC to extend the evaluation of new technology into embedded platforms.
- The projects are testing a new technology, CHERI (Capability Hardware Enhanced RISC Instructions), which could reduce the exploitation of around 70% of ongoing vulnerabilities.
In the ever-increasingly digital world, we must have trust in the technology that keeps us and our information safe. Yet, the cost of cyber failures is expected to cost the worldwide economy $10.5trn annually by 2025 (2023 Global Cybersecurity Outlook report), highlighting the fragility of the world to which we inherently place our trust.
Today, Innovate UK has announced a £1.2m investment into a demonstrator project called RESAuto which is led by Thales UK. The automotive sector is fundamentally dependant on a complex supply chain and is subject to international regulatory and legal controls with conflicting through-life objectives of safety, privacy, and access to data. For a CHERI-based solution to fulfil its potential it’s essential to quantify the impacts across this complex environment. RESAuto demonstrates the quantified advantages of CHERI-based solutions in complex interconnected systems with sophisticated supply ecosystems and liability models. RESAuto is using an Automotive Braking System integrated with a real-time monitoring and compliance system as its exemplar for the demonstration.
Peter Davies, Director Security Concepts at Thales UK said: “The RESAuto consortium is delighted to be given this opportunity to examine in the context of a complex global supply ecosystem, where safety is a paramount public expectation, how the characteristics of a CHERI- based solution might benefit the achievability, including economically, of resilient outcomes including in the face of cyber threats. Demonstrating both the economic benefits compared to other potential solutions and the demand lines through the supply ecosystem will be critical if CHERI-based solutions are to become significant in the coming decade “
RESAuto joins the existing DSbD AutoCHERI project led by Beam Connectivity which has integrated CHERI into automotive grade Telematics Control Units (TCUs) and is testing the cyber security enhancements in the real world.
Thomas Sors, Cofounder and CEO of Beam Connectivity said: “All new vehicles will be connected which is driving the need for higher levels of security to support the adoption of features such as over-the-air software updates, Vehicle-to-everything (V2X) applications and remote teleoperations. In the AutoCHERI project we are looking at innovations which will support vehicle manufacturers meet these emerging challenges for improved resilience.”
Innovate UK is also investing in a project led by lowRISC, a not-for-profit based in Cambridge which creates open source tools for communities to promote collaborative engineering. Microsoft has recently extended the popular RISC-V Ibex core, maintained by lowRISC, with prototype CHERI support and released this work to the open source community as CHERIoT. This project will see the LowRISC create two prototypes around the CHERIoT core and the open source OpenTitan® root of trust — which has been developed by lowRISC, in partnership with Google and other major commercial and academic partners.
Dr Gavin Ferris, CEO, lowRISC CIC said: “As a UK non-profit silicon engineering company, lowRISC is very excited to be participating in this innovative — and fully open source — project in partnership with Microsoft. We believe it will help establish the value of the RISC-V CHERIoT embedded platform in the challenging domain of operational technology, where critical security requirements must be achieved within extremely tight power, area and financial budgets.”
Discovering hidden vulnerabilities using CHERI technologies
Across the current DSbD ecosystem, industry and academia are discovering the benefits of porting and refactoring their code to the Morello prototype platform. While researching advances in DSbD software tooling as part of a GE Aerospace-led consortium, AdaCore found a memory-safety bug during the development of a compiler feature that eluded industry standard validation and verification tools within an existing DevOps pipeline. The bug was discovered while adapting the GNAT Ada runtime code to take advantage of CHERI and the subsequent use of a recently devised sanity check test using an emulated Morello target, catching it before being merged into a released product.
Paul Butcher, UK Programme Manager, AdaCore said: “AdaCore provides high-assurance software development tools for safety and security-critical platforms. We’ve been closely following the Morello CHERI work and are now involved in the Digital Security by Design initiative via the GE Aerospace primed Edge Avionics project. This has allowed AdaCore engineering to explore CHERI’s benefits fully.
“Moving forward, we see two clear benefits for CHERI-based ISAs. The first is safeguarding against memory corruption-related vulnerability exploits by ensuring deployed applications fail secure. The second is an advanced vulnerability detection mechanism that pushes the state-of-the art with dynamic analysis testing; we’ve seen examples of where CHERI can find vulnerabilities that Valgrind-related tooling and other runtime tools like AddressSanitizer (ASan) cannot. In addition, we’re also predicting low effort in porting existing Ada code over to CHERI-based architectures. The utilisation of advanced CHERI hardware instruction set architectures ensures security by design and adds an invaluable low-level security layer to platform development.”
The Digital Security by Design Programme (DSbD) is seeking to provide support to developers at the foundational level with a technology enhancement in the central processor, known as CHERI.
CHERI has the potential to prevent around 70% of ongoing vulnerabilities from exploitation while providing new software methods to help maintain the operational resilience and integrity of an application.