With embedded devices becoming more pervasive and entrenched in society, it is
paramount to keep these systems secure. A threat plaguing these systems consists of …

Architecture specifications notionally define the fundamental interface between hardware
and software: the envelope of allowed behaviour for processor implementations, and the …

Use-after-free violations of temporal memory safety continue to plague software systems,
underpinning many high-impact exploits. The CHERI capability system shows great promise …

The Internet of Things (IoT) is an ongoing technological revolution. Embedded processors
are the processing engines of smart IoT devices. For decades, these processors were …

The CHERI architecture allows pointers to be implemented as capabilities (rather than
integer virtual addresses) in a manner that is compatible with, and strengthens, the …

At design time, modern operating systems are locked in a specific safety and isolation
strategy that mixes one or more hardware/software protection mechanisms (eg user/kernel …

Fuzzing has been widely adopted for finding vulnerabilities in programs, especially when
source code is not available. But the effectiveness and efficiency of binary fuzzing are …

Abstract CHERI (Capability Hardware Enhanced RISC Instructions) extends conventional
processor Instruction-Set Architectures (ISAs) with architectural capabilities to enable fine …

The semantics of pointers and memory objects in C has been a vexed question for many
years. C values cannot be treated as either purely abstract or purely concrete entities: the …

The root causes of many security vulnerabilities include a pernicious combination of two
problems, often regarded as inescapable aspects of computing. First, the protection …