Submitted by Rachel Gardner on Mon, 19/06/2023 - 11:53
Eight more companies have signed up to help test a pioneering new approach to cybersecurity that started life here.
In total, 36 UK firms have joined the Digital Security by Design programme over the last year – a UK government-backed initiative to build a safer digital future.
They are experimenting with the Arm Morello board, the prototype cybersecurity technology designed by Arm and based on the CHERI (Capability Hardware Enhanced RISC Instructions) protection model created by researchers here and at SRI International.
CHERI allows hardware and software to work together to prevent security vulnerabilities being exploited by attackers.
Prof Robert Watson, Department of Computer Science and Technology, University of Cambridge
The Arm Morello board is a groundbreaking prototype cybersecurity technology that is 'secure-by-design' – i.e. built with security features that do not rely on software updates or patches to protect against malicious actors.
The cutting-edge technology is capable of preventing and mitigating memory-related cyber attacks, which currently constitute two thirds of cyber attacks globally. (Watch the video above to learn more about our collaboration with Arm and the development of the Arm Morello board.)
UK companies are being given access to trial this technology via the Digital Security by Design Technology Access Programme, delivered by Digital Catapult on behalf of UK Research and Innovation
We have managed to port a bug-ridden, security-flawed application into a complete secure software suite, using only off-the-shelf Morello Board/CheriBSD functionality. If this does not sound amazing, I would not know what would!
Richard Gonzalez, Director of SensorIT
Industrial testing of the prototype
As part of the programme, companies can receive funding from UK Research and Innovation, along with expert support from Arm and researchers here.
Industrial testing of the prototype technology has been underway since May 2022. At a Demo Day in March this year, early experimentation results shared by participating companies proved that this prototype technology can substantially mitigate cyber threats.
Richard Gonzalez, Director of SensorIT, told attendees: "We have managed to port a bug-ridden, security-flawed application into a complete secure software suite, using only off-the-shelf Morello Board/CheriBSD functionality. If this does not sound amazing, I would not know what would!"
Hear from more Demo Day participants in the video below:
New companies join the testing programme
The latest companies joining the programme include Ultra Cyber, which has a decade of experience offering solutions for critical national infrastructure, Goldilock, which specialises in secure management of connected digital assets, and Configured Things, a consultancy with vast expertise in large scale distributed systems management and security.
Whilst currently in its research phase, once commercially available the technology could offer an extra layer of protection in critical applications such as telecommunications, energy infrastructure management and autonomous or connected vehicles, where safety of systems is paramount.
