Related papers: Enabling Security on the Edge: A CHERI Compartment…
Compartmentalization is a form of defensive software design in which an application is broken down into isolated but communicating components. Retrofitting compartmentalization into existing applications is often thought to be expensive…
Memory corruption attacks have been prevalent in software for a long time. Some mitigation strategies against these attacks do exist, but they are not as far-reaching or as efficient as the CHERI architecture. CHERI uses capabilities to…
Existing high-end embedded systems face frequent security attacks. Software compartmentalization is one technique to limit the attacks' effects to the compromised compartment and not the entire system. Unfortunately, the existing…
Several open-source memory allocators have been ported to CHERI, a hardware capability platform. In this paper we examine the security and performance of these allocators when run under CheriBSD on Arm's experimental Morello platform. We…
There is growing interest in securing the hardware foundations software stacks build upon. However, before making any investment decision, software and hardware supply chain stakeholders require evidence from realistic, multiple long-term…
MMU-less Linux variant lacks security because it does not have protection or isolation mechanisms. It also does not use MPUs as they do not fit with its software model because of the design drawbacks of MPUs (\ie coarse-grained protection…
The advent of distributed computing systems will offer great flexibility for application workloads, while also imposing more attention to security, where the future advent and adoption of quantum technology can introduce new security…
Multi-access Edge Computing (MEC), an enhancement of 5G, processes data closer to its generation point, reducing latency and network load. However, the distributed and edge-based nature of 5G-MEC presents privacy and security challenges,…
Memory-unsafe programming languages such as C and C++ are the preferred languages for systems programming, embedded systems, and performance-critical applications. The widespread use of these languages makes the risk of memory-related…
Cyber Threat Intelligence (CTI) sharing is an important activity to reduce information asymmetries between attackers and defenders. However, this activity presents challenges due to the tension between data sharing and confidentiality, that…
In the context of Multi-access Edge Computing (MEC), the task sharing mechanism among edge servers is an activity of vital importance for speeding up the computing process and thereby improve user experience. The distributed resources in…
CHERI (Capability Hardware Enhanced RISC Instructions) is a novel hardware designed to address memory safety issues. By replacing traditional pointers with hardware capabilities, it enhances security in modern software systems. A Virtual…
Protecting data in memory from attackers continues to be a concern in computing systems. CHERI is a promising approach to achieve such protection, by providing and enforcing fine-grained memory protection directly in the hardware. Creating…
The mass integration and deployment of intelligent technologies within critical commercial, industrial and public environments have a significant impact on business operations and society as a whole. Though integration of these critical…
The edge of the network has the potential to host services for supporting a variety of user applications, ranging in complexity from data preprocessing, image and video rendering, and interactive gaming, to embedded systems in autonomous…
To a large extent, the deployment of edge computing (EC) can reduce the burden of the explosive growth of the Internet of things. As a powerful hub between the Internet of things and cloud servers, edge devices make the transmission of…
Cyber Threat Intelligence (CTI) is the knowledge of cyber and physical threats that help mitigate potential cyber attacks. The rapid evolution of the current threat landscape has seen many organisations share CTI to strengthen their…
As machine learning models become increasingly deployed across the edge of internet of things environments, a partitioned deep learning paradigm in which models are split across multiple computational nodes introduces a new dimension of…
Interconnected embedded devices are increasingly used invarious scenarios, including industrial control, building automation, or emergency communication. As these systems commonly process sensitive information or perform safety critical…
As edge computing and the Internet of Things (IoT) expand, horizontal collaboration (HC) emerges as a distributed data processing solution for resource-constrained devices. In particular, a convolutional neural network (CNN) model can be…