CHERI C Converter
Lead Participant:
PROTECTBOX LTD
Abstract
70% of operating system vulnerabilities are due to memory safety issues _(Microsoft_ _2019)_ because the popular 50-year old programming languages C/C++ offer low-level memory access. Plus features such as pointers, increase risk of mistakes causing bugs/vulnerabilities, resulting in cyberattack (_Google Blog_ _2021)._ Half of memory safety issues are _use-after-free_ bugs (_Google's_ _Chromium,2022)._ Legacy of code reuse means that many major operating systems/applications are in these languages.
By introducing _memory protection_ and _compartmentalisation_ Digital Security by Design (DSbD) technologies address the above challenges _(US National Security Agency (NSA), 2022)_
Comparison website and marketplace ProtectBox quickly and smartly (using AI) assesses a buyer's cybersecurity risk position online then lets the buyer improve it, using personalised, discounted bundles of solutions risk-fitted to their office/home. Along with sustainability ratings and offsetting/removing carbon impact of security purchased that go beyond just treeplanting. Voice recognition, compatibility with Braille, hearing aids, Alexa etc being added in next (Inclusive Innovation) Grant starting in April 2023.Presenting an opportunity to adapt ProtectBox's decision-making AI/ML (a Knowledge Representation & Reasoning (KRR) system built around neural networks) to convert legacy C code to CHERI C with little to no manual modifications directly to the code by the developer. Catching Morello-specific exceptions a normal C-compiler wouldn't be able to get, making our AI/ML more trustworthy.
Societal impacts include carbon savings (by halving 3.7% of global GHG emissions, saving 1% of UK GDP/year _(Accenture/Microsoft)_); route to NetZero for software providers, achieving government targets (UK government's National AI Strategy & Government Innovation Strategy (Pillar 4); COVID Recovery Strategy and Ten Point Plan for a Green Industrial Revolution; EU Horizon challenges; UK's Industrial Strategy Challenge Fund (ISCF) challenges and 5 UN Sustainable Development Goals (SDGs)) and increased (88% _(Impact Reporting 2021)_) business opportunities/revenues for clients.
Winner of 12 Awards, incl SmallBiz100 2022; CogX 2020's Best AI in Cybersecurity; 2022-2018's Most Influential Women in UK Technology longlists & 2017 Wired Security's Start-Up showcase.
Finalist in 40+ other Awards including a nomination for the prestigious Earthshot Prize (launched by the Prince and Princess of Wales) and picked as a UK government \#TogetherForOurPlanet Business Climate Leader and members of The Climate Pledge/UN's Race to Zero, TechZero taskforce and UK government's SME Climate Commitment. Showcased as Northern Ireland case study for the Department for International Trade's CPTPP and UK-India Free Trade Agreement (FTA) negotiations.
By introducing _memory protection_ and _compartmentalisation_ Digital Security by Design (DSbD) technologies address the above challenges _(US National Security Agency (NSA), 2022)_
Comparison website and marketplace ProtectBox quickly and smartly (using AI) assesses a buyer's cybersecurity risk position online then lets the buyer improve it, using personalised, discounted bundles of solutions risk-fitted to their office/home. Along with sustainability ratings and offsetting/removing carbon impact of security purchased that go beyond just treeplanting. Voice recognition, compatibility with Braille, hearing aids, Alexa etc being added in next (Inclusive Innovation) Grant starting in April 2023.Presenting an opportunity to adapt ProtectBox's decision-making AI/ML (a Knowledge Representation & Reasoning (KRR) system built around neural networks) to convert legacy C code to CHERI C with little to no manual modifications directly to the code by the developer. Catching Morello-specific exceptions a normal C-compiler wouldn't be able to get, making our AI/ML more trustworthy.
Societal impacts include carbon savings (by halving 3.7% of global GHG emissions, saving 1% of UK GDP/year _(Accenture/Microsoft)_); route to NetZero for software providers, achieving government targets (UK government's National AI Strategy & Government Innovation Strategy (Pillar 4); COVID Recovery Strategy and Ten Point Plan for a Green Industrial Revolution; EU Horizon challenges; UK's Industrial Strategy Challenge Fund (ISCF) challenges and 5 UN Sustainable Development Goals (SDGs)) and increased (88% _(Impact Reporting 2021)_) business opportunities/revenues for clients.
Winner of 12 Awards, incl SmallBiz100 2022; CogX 2020's Best AI in Cybersecurity; 2022-2018's Most Influential Women in UK Technology longlists & 2017 Wired Security's Start-Up showcase.
Finalist in 40+ other Awards including a nomination for the prestigious Earthshot Prize (launched by the Prince and Princess of Wales) and picked as a UK government \#TogetherForOurPlanet Business Climate Leader and members of The Climate Pledge/UN's Race to Zero, TechZero taskforce and UK government's SME Climate Commitment. Showcased as Northern Ireland case study for the Department for International Trade's CPTPP and UK-India Free Trade Agreement (FTA) negotiations.
Lead Participant | Project Cost | Grant Offer |
|---|---|---|
| PROTECTBOX LTD | £50,000 | £ 50,000 |
People |
ORCID iD |
| Kiran Bhagotra (Project Manager) |