CAMBRIDGE, United Kingdom – The CHERI Alliance CIC (Community Interest Company) has announced its official launch and expansion of its membership, welcoming several global commercial, research, and open-source organizations, as well as prominent universities and government entities from the UK.
The founding members of the CHERI Alliance, which include Capabilities Limited, Codasip, CyNam, the FreeBSD Foundation, lowRISC, OpenHW Group, SCI Semiconductor, Swansea University, and the University of Cambridge, were joined by new members Chevin Technology (UK), Critical Technologies (USA), the Defence Science and Technology Laboratory (DSTL, UK), Google (USA), Light Momentum Technology Corporation (Taiwan), National Cyber Security Centre (NCSC, a part of GCHQ, UK), Parvat Infotech (India), SRI International (USA), TechWorks (UK), Trusted Computer Center of Excellence (USA), the University of Birmingham (UK), and the University of Glasgow (UK).
The CHERI Alliance was founded with the goal of uniting hardware security leaders and system developers to establish CHERI (Capability Hardware Enhanced RISC Instructions) as the new standard for memory safety and scalable software compartmentalization. The technology, developed through a collaboration between the University of Cambridge and SRI International, offers robust protection against memory safety issues such as buffer overflows and heap use-after-free vulnerabilities.
According to Dr. Robert N. M. Watson, Professor at the University of Cambridge, Director of the CHERI Alliance, and Director of Capabilities Limited, the expansion of the CHERI Alliance’s membership signals a growing recognition of CHERI’s transformative potential. “After more than a decade of development, it’s rewarding to see the CHERI community grow as new members bring their innovation and commitment to the Alliance. We are now well-positioned to advance our mission of delivering scalable, hardware-based security solutions that address critical vulnerabilities.”
The CHERI Alliance’s efforts in standardization, technical alignment, and educational outreach to promote CHERI’s adoption as an industry-standard security measure are expected to strengthen with the addition of more companies, open-source organizations, and research institutions.
Feryal Clark, UK Minister for AI and Digital Government, highlighted the importance of digital and online security, stating, “Digital and online security is a fundamental part of our duty as a government to keep the British public, our vital services, and our critical national infrastructure safe. CHERI is a fantastic example of how brilliant British ingenuity is rising to that challenge, focusing on shoring up our defenses in areas which are so often a target for would-be cyber attackers. It’s great to see our national security community and some of the leading lights in tech backing this work – ensuring a joined-up approach which will keep our digital economy and the services we rely on daily safe, secure, and alert to the growing range of online threats that we face.”
The CHERI technology, which is capable of enabling high-performance, scalable compartmentalization, significantly reduces the risk of both known and future unknown vulnerabilities. This capability has caught the attention of Google, with Lead Security Researcher Ben Laurie stating, “Google’s interest in CHERI stems from our unwavering commitment to security and privacy. CHERI offers fine-grained compartmentalisation, which isolates sensitive data into secure compartments, and deterministic memory safety. In security-critical systems that handle sensitive information and personal data, such as those found in generative AI applications, CHERI helps protect against breaches and ensures robust protection against malicious attacks.”
Other new members of the CHERI Alliance also shared their excitement about joining the organization and their commitment to promoting CHERI technology. Stuart W. Card, VP & Chief Scientist of Critical Technologies, said, “Critical Technologies Inc. (CTI) designs to integrate Capability Hardware Enhanced RISC Instructions (CHERI), driven by the CHERI Alliance, into open platforms for trustworthy networked autonomy. With Syracuse University, CTI previously developed the first (and still to our knowledge only) capability based, formally verified, open source, multiboot loader for x86 processors with ‘late launch’ DRTM instructions and TPMs; we will do likewise with CHERI as needed to enable seL4® based virtualization for safe AI/ML.”
Allen Cheng, CEO of LMT, expressed his enthusiasm for joining the CHERI Alliance and contributing to a future of enhanced security and reliability in computing. “Our commitment to providing dependable computing solutions aligns perfectly with CHERI’s vision of a safer digital landscape. We look forward to leveraging CHERI technology to develop innovative and secure IC products and services. As a CHERI ambassador in Taiwan and the APAC region, we will actively promote this cutting-edge technology to industry leaders, agencies, and associations, addressing the growing cybersecurity challenges posed by today’s geopolitical climate.”
Dr.
Derick is an experienced reporter having held multiple senior roles for large publishers across Europe. Specialist subjects include small business and financial emerging markets.