Memory protection for the Internet of Things
Lead Research Organisation:
University of Cambridge
Department Name: Computer Science and Technology
Abstract
Leading from our success with the CHERI processor in providing fine grained memory protection for large application-class (ARM A-class) processors, we hypothesise that this fundamental technique might be applicable to smaller (ARM M-class) processors used for Internet of Things (IoT) devices and sensors.
There are a number of challenges:
1. Could the 128-bit capability pointer format used for A-class processors be reduced to a 64-bit format to protect 32-bit addresses? The obvious
encodings/compressed formats could be detrimental to the memory protection properties desired, so this needs careful thought and evaluation.
2. For A-class processors we continue to exploit page-based virtual memory together with capabilities, but for M-class processors we wish to have a pure
capability system with no virtual memory to simplify the processor, reduce power and improve real-time response. This raises a number of fundamental research questions, and for this project we intend to focus on:
a) What would a microkernel with only capability-based memory protection look like?
b) Can IoT applications exploit capabilities to ensure robustness in the face of buggy or malicious code?
There are a number of challenges:
1. Could the 128-bit capability pointer format used for A-class processors be reduced to a 64-bit format to protect 32-bit addresses? The obvious
encodings/compressed formats could be detrimental to the memory protection properties desired, so this needs careful thought and evaluation.
2. For A-class processors we continue to exploit page-based virtual memory together with capabilities, but for M-class processors we wish to have a pure
capability system with no virtual memory to simplify the processor, reduce power and improve real-time response. This raises a number of fundamental research questions, and for this project we intend to focus on:
a) What would a microkernel with only capability-based memory protection look like?
b) Can IoT applications exploit capabilities to ensure robustness in the face of buggy or malicious code?
People |
ORCID iD |
Simon Moore (Primary Supervisor) | |
Robert Kovacsics (Student) |
Publications
Joannou A
(2017)
Efficient Tagged Memory
Xia H
(2018)
CheriRTOS: A Capability Model for Embedded Devices
Studentship Projects
Project Reference | Relationship | Related To | Start | End | Student Name |
---|---|---|---|---|---|
EP/P510440/1 | 01/10/2016 | 30/09/2022 | |||
1778326 | Studentship | EP/P510440/1 | 01/10/2016 | 31/03/2020 | Robert Kovacsics |
Description | Collaboration on the Efficient Tagged Memory paper. Award objectives met through collaboration on the CheriRTOS paper. Further research carried out into tagged memory and processor cache optimizations resulting in an MSc. |
Exploitation Route | Investigation into the commercial viability of the CheriRTOS paper. Further investigation into the cache optimizations covered in the MSc. |
Sectors | Digital/Communication/Information Technologies (including Software) |