IT-SECURITY Morello research program hits major milestone with hardware now available for testing
Securing the world’s data will be one of the greatest technology challenges over the next decade of compute. This is why Arm has been collaborating with the University of Cambridge for several years on its CHERI architecture, which defines hardware capabilities that would provide a fundamentally more secure building block for software.
The Morello program, a five-year research initiative, involving a consortium led by Arm, was the result of this collaboration and aims to design a new, inherently more secure, Arm-based computing platform for the future. As a major part of this comprehensive research project, Arm has designed and built a system on a chip (SoC) and demonstrator board which contains the first example of the Morello prototype architecture. The Morello prototype boards are now being released, on schedule, and are ready for software developers and security specialists to start using the Morello architecture to demonstrate the enhanced security that can be achieved with hardware capabilities.
A closer look at the new Morello prototype board
The limited-edition boards are based on the Morello prototype architecture embedded into an Armv8.2-A processor (an adaptation of the Arm Neoverse N1 processor). The boards are being distributed to major stakeholders such as Google and Microsoft as well as to interested partners across the industry and academia via the UKRI Digital Security by Design (DSbD) initiative. These partners represent a broad ecosystem of specialists to test the hypothesis of Morello and discover if this is a viable security architecture that could benefit both businesses and consumers in the future.
For any research project, this phase is both exciting and critical. There has never been a silicon implementation of this hardware capability technology in a high-performance CPU. The Morello prototype board opens up many new opportunities for researchers to evaluate and test security benefits in real-world scenarios. Arm is working with established partners and software ecosystems to use these prototype systems to develop enhanced security solutions that we hope will ultimately impact a vast range of applications.
“Computers are incredibly useful but the price we pay for that utility is more and more exposure to security and privacy issues,” said Ben Laurie, Principal Engineer, Security, Google Research. “CHERI can allow for better, more cost-effective protection without reduced performance and Arm's Morello prototype can help mitigate security issues showing the way to a better future for all computer users - in other words, pretty much everyone.”
“Memory safety exploits are one of the longest standing and most challenging problems in all of software security,” said David Weston, Director of Enterprise and OS Security, Microsoft. “Using core silicon architecture to eliminate whole classes of security issues with minimal performance impact has the opportunity to be transformative with massive positive impact, I am incredibly excited about the Morello project.”
The DSbD initiative has allowed Arm to invest significant resources into developing this promising technology. If we are to rethink a foundational architecture that has been around for years, we must work with the wider ecosystem as collaboration continues to be a key driving force for security. The next two years will see the ecosystem testing, writing code and collaboratively providing critical feedback to determine whether any features will be used in future versions of the Arm architecture. If the Morello prototype architecture performs as expected, it will be fundamental in future processor designs, protecting businesses, individuals and the devices of tomorrow.