Thursday, April 11, 2019 - 2:00pm to 3:00pm
Location:Panther Hollow Conference Room 4101 Robert Mehrabian Collaborative Innovation Center
Speaker:NATHANIEL 'WES' FILARDO, Postdoctoral Research Associate https://www.ietfng.org/nwf/nwf.html
CHERI: A Modern Capability Micro-Architecture
CHERI (Capability Hardware Enhanced RISC Instructions) is a capability-based hardware/software research platform being built by Cambridge University in partnership with SRI. At present, CHERI is implemented as an extension to the MIPS64 ISA and realized in FPGA form. Capability-aware forks of the FreeBSD kernel and C runtime libraries, the LLVM tool chain, PostgreSQL, and QT WebKit are under active development. CHERI’s architecture is formally specified and key properties are proven.
Using CHERI's mechanisms, software can efficiently implement fine-grained, reliable, spatial and temporal memory protection and scalable compartmentalization. Though common wisdom holds that hardware capability systems are impractical, CHERI achieves its goals with low overheads while retaining compatibility with C, including modern features such as dynamic linking and thread-local storage. ARM is investigating CHERI features for future ISA releases.
This presentation will be more interactive and allow more opportunity for questions than our upcoming presentation at ASPLOS.
Dr. Nathaniel "Wes" Filardo is a post-doctoral research associate in the security group of the University of Cambridge Computer Laboratory, where he leads a team building temporal memory safety enforcement atop CHERI. He received a Ph.D. in Computer Science from Johns Hopkins under the supervision of Jason Eisner. Wes graduated from CMU in 2006 and 2007 with B.S. degrees in Physics and Computer Science, and served as a 15-410 teaching assistant for three semesters. He is on the academic job market for positions beginning Fall 2020.