eprintid: 1470067 rev_number: 35 eprint_status: archive userid: 608 dir: disk0/01/47/00/67 datestamp: 2017-05-26 16:33:59 lastmod: 2021-09-19 23:31:59 status_changed: 2017-05-26 16:33:59 type: proceedings_section metadata_visibility: show creators_name: Watson, RNM creators_name: Woodruff, J creators_name: Neumann, PG creators_name: Moore, SW creators_name: Anderson, J creators_name: Chisnall, D creators_name: Dave, N creators_name: Davis, B creators_name: Gudka, K creators_name: Laurie, B creators_name: Murdoch, SJ creators_name: Norton, R creators_name: Roe, M creators_name: Son, S creators_name: Vadera, M title: CHERI: A Hybrid Capability-System Architecture for Scalable Software Compartmentalization ispublished: pub divisions: UCL divisions: B04 divisions: C05 divisions: F48 keywords: Science & technology, technology, computer science, theory & methods, engineering, electrical & electronic, computer science, engineering, protection. note: This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions. © 2015, Robert N.M. Watson. Under license to IEEE. abstract: CHERI extends a conventional RISC Instruction-Set Architecture, compiler, and operating system to support fine-grained, capability-based memory protection to mitigate memory-related vulnerabilities in C-language TCBs. We describe how CHERI capabilities can also underpin a hardware-software object-capability model for application compartmentalization that can mitigate broader classes of attack. Prototyped as an extension to the open-source 64-bit BERI RISC FPGA soft-core processor, Free BSD operating system, and LLVM compiler, we demonstrate multiple orders-of-magnitude improvement in scalability, simplified programmability, and resulting tangible security benefits as compared to compartmentalization based on pure Memory-Management Unit (MMU) designs. We evaluate incrementally deployable CHERI-based compartmentalization using several real-world UNIX libraries and applications. date: 2015-05-20 publisher: IEEE official_url: http://dx.doi.org/10.1109/SP.2015.9 vfaculties: VENG vfaculties: VENG oa_status: green full_text_type: other language: eng primo: open primo_central: open_green verified: verified_manual elements_id: 1043739 doi: 10.1109/SP.2015.9 isbn_13: 9781467369497 lyricists_name: Murdoch, Steven lyricists_id: SMURD10 actors_name: Murdoch, Steven actors_id: SMURD10 actors_role: owner full_text_status: public series: IEEE Symposium on Security and Privacy publication: 2015 IEEE SYMPOSIUM ON SECURITY AND PRIVACY SP 2015 volume: 2015 place_of_pub: San Jose, CA, USA pagerange: 20-37 pages: 18 event_title: IEEE Symposium on Security and Privacy SP, 18-20 May 2015 San Jose, California, USA event_location: San Jose, CA event_dates: 18 May 2015 - 20 May 2015 institution: IEEE Symposium on Security and Privacy issn: 1081-6011 book_title: Proceedings of 2015 IEEE Symposium on Security and Privacy editors_name: Peisert, S editors_name: Bauer, L editors_name: Shmatikov, V citation: Watson, RNM; Woodruff, J; Neumann, PG; Moore, SW; Anderson, J; Chisnall, D; Dave, N; ... Vadera, M; + view all <#> Watson, RNM; Woodruff, J; Neumann, PG; Moore, SW; Anderson, J; Chisnall, D; Dave, N; Davis, B; Gudka, K; Laurie, B; Murdoch, SJ; Norton, R; Roe, M; Son, S; Vadera, M; - view fewer <#> (2015) CHERI: A Hybrid Capability-System Architecture for Scalable Software Compartmentalization. In: Peisert, S and Bauer, L and Shmatikov, V, (eds.) Proceedings of 2015 IEEE Symposium on Security and Privacy. (pp. pp. 20-37). IEEE: San Jose, CA, USA. Green open access document_url: https://discovery.ucl.ac.uk/id/eprint/1470067/1/oakland15cheri.pdf