Translate 
Abstract
This paper explores the software security potential of ARM’s Morello experimental hardware platform, an embodiment of the Capability Hardware Enhanced RISC Instructions (CHERI) model. We navigate the intricacies of Morello adoption, uncovering both the promise and the challenges it presents for bolstering software security assurance. Employing the Juliet Test Suite, we conduct a rigorous security assessment of Morello’s operational modes — Purecap and Hybrid — shedding light on the ramifications for the software development lifecycle and assurance processes. Our findings affirm the robust spatial safety Morello confers, especially in its Purecap mode, while also underscoring the persisting temporal vulnerabilities in the CheriBSD version used in our experiments. We discuss the novel challenges associated with Morello adoption, including the management of CHERI violation exceptions, the imperative of software-hardware co-validation, and the specialized training requisites for development and assurance teams. We draw attention to potential risks, like crashes from CHERI violations potentially metamorphosing into Denial of Service (DoS) attacks. Transitioning to the Morello model could necessitate substantial alterations in software design principles, development methodologies, and security assurance protocols.
Published Version
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
