AutoCHERIšŸ’

Welcome! We are still at the start of the project, so this site will be updated as we progress…

What is the AutoCHERIšŸ’ project?

This project has three main goals:

  1. Demonstrate CHERI technology for cyber critical and safety critical applications by: developing a TCU based on Morello architecture for each use case, and Measure the security / safety / performance trade-offs and the impact of CHERI
  2. Assess go-to-market routes for CHERI based products in automotive
  3. Explore how this ties in with the emerging, global vehicle cyber security regulations

The performance-vs-security trade-off manifests differently depending on the workload being processed by the system. A large part of the project is focussed on analysing, threat modelling and implementing four specific use cases.

  1. Vehicle diagnostics data - Processing data from CAN, through the TCU and up to the cloud.
  2. OTA software update - Pulling software packages from the cloud, cryptographically verifying them, and passing on other vehicle ECUs.
  3. V2I traffic advisory - Communicating with roadside infrastructure via cellular-V2X protocols.
  4. Teleoperation - This is a use case that is safety critical and requires extremely low-latency, so is more impacted by poor performance.

Consortium Partners

This project is made possible by the cross-sector collaboration of the consortium members:

Beam-Connectivity Applus-IDIADA Beam-Connectivity Beam-Connectivity Beam-Connectivity

DSbD Technologies

What is CHERI?

CHERI stands for Capability Hardware Enhanced RISC Instructions. CHERI extends conventional hardware Instruction-Set Architectures (ISAs) with new architectural features to enable fine-grained memory protection and highly scalable software compartmentalization.

Memory-safe pointers: The CHERI memory-protection features allow historically memory-unsafe programming languages such as C and C++ to be adapted to provide strong, compatible, and efficient protection against many currently widely exploited vulnerabilities.

Compartmentalization: The CHERI scalable compartmentalization features enable the fine-grained decomposition of operating-system (OS) and application code, to limit the effects of security vulnerabilities in ways that are not supported by current architectures.

Read more about CHERI from University of Cambridge

… and Morello?

Morello is Arm’s implementation of CHERI on Arm v8.2 architecture. It is a development board, compiler & toolchain to allow us to write programs and run them leveraging CHERI

So for our project, Morello is the platform to prove the efficacy of CHERI in automotive domain.

Read more about Arm’s Morello Program

Find out more

Presentations