Arm has made prototypes available for testing Morello Architecture designed to bring functionality into the design of the CPU to provide greater robustness and make it resistant to certain attack vectors. If it works as expected, it will likely become a fundamental part of future processor designs.
The Morello plan involves Arm working with the University of Cambridge and other tech companies to develop a processor architecture designed to be fundamentally more secure. Morello prototyping boards are now being released for developers and security experts to test on a prototype system-on-chip (SoC) built by Arm.
Arm says the limited-edition evaluation board is based on the Morello prototype architecture embedded with an Armv8.2-A processor. This is an adaptation of the architecture in the Arm Neoverse N1 design for data center workloads.
Arm revealed that these boards are being submitted through the UK Research and Innovation Digital Security by Design (DSbD) programme to key stakeholders in the programme, such as Google and Microsoft, as well as other interested partners from industry and academia.
The security features in the Morello architecture are concentrated in what Arm calls Capability Hardware Enhanced RISC Instructions, or CHERI. These seem to change the way CPU pointers operate, limiting the range of addresses they can use to access memory locations, and limiting how those pointers can be used.
According to Arm, using these functions to replace some or all memory accesses can improve the spatial memory safety of software, especially software written in C or C++ code. Some security threats involve the use of pointers to access memory locations used by other applications, but poorly written code can also corrupt data in memory in the same way.
Arm claims these features can be used to enhance memory safety by partitioning code into separate walled regions, potentially with a much lower overhead than current partitioning methods. Code running in one compartment cannot access any other area, which means that even if an attacker compromises a piece of code or data, they cannot access other areas.
Arm claims that there has never been a silicon implementation of this hardware capability in a high-performance CPU, so the Morello prototype board enables researchers to evaluate and test the security benefits of this architecture in real-world scenarios.
According to David Weston, director of enterprise and operating system security at Microsoft, memory security vulnerabilities are one of the longest-standing and most challenging problems in software security.
“Using core silicon architecture to eliminate all types of security issues with minimal performance impact has the opportunity to have a huge positive impact. I’m very excited about the Morello project,” he said in a statement.
Morello plan is 2019 starts Hosted by the UK Centre for Research and Innovation, the programme runs for five years. Arm said this latest milestone allows participants including security experts, software companies and academic institutions to test, write code and provide critical feedback over two and a half years to determine whether Morello is a viable security architecture for the future.
Innovate UK has announced that it will host a series of information and start-up camps around Morello’s development, starting with Start a webinar It will be held on January 25th. ®
