@techreport{amar2023cheriot,
author = {Amar, Saar and Chen, Tony and Chisnall, David and Domke, Felix and Filardo, Nathaniel and Liu, Kunyan and Norton-Wright, Robert and Tao, Yucong and N. M. Watson, Robert and Xia, Hongyan},
title = {CHERIoT: Rethinking security for low-cost embedded systems},
institution = {Microsoft},
year = {2023},
month = {February},
abstract = {Small embedded cores have little area to spare for security features and yet must often run code written in unsafe languages and, increasingly, are exposed to the hostile Internet. CHERIoT  (Capability Hardware Extension to RISC-V for Internet of Things) builds on top of CHERI and RISC-V to provide an ISA and software model that lets software depend on object-granularity spatial memory safety, deterministic use-after-free protection, and lightweight compartmentalization exposed directly to the C/C++ language model. This can run existing embedded software components on a clean-slate RTOS that scales up to large numbers of isolated (yet securely communicating) compartments, even on systems with under 256 KiB of SRAM.

 

This technical report is accompanied by three open source releases:},
url = {http://approjects.co.za/?big=en-us/research/publication/cheriot-rethinking-security-for-low-cost-embedded-systems/},
number = {MSR-TR-2023-6},
}