EDACafe Industry Predictions for 2025 – CODASIP

By Mike Eftimakis, VP Strategy and Ecosystem, Codasip

Mike Eftimakis

In 2025, CHERI (Capability Hardware Enhanced RISC Instructions) is set to make waves in the tech industry. Its integration into the RISC-V standard is already underway, with ratification expected within the year. This development will cement CHERI’s role in advancing hardware-enforced memory safety, a critical step in combating modern cybersecurity threats. Governments are also poised to mandate memory safety standards across the electronics and high-tech industries, driving a shift toward more secure hardware. As CHERI-enabled chips are expected to hit the market, 2025 could mark a turning point in building a safer, more resilient digital future for everyone.

This is not a day too soon, the need for robust cybersecurity has never been more pressing. In fact, the cost of cybercrime globally is comparable to being the third biggest economy in the world. As businesses and individuals rely more on digital platforms, the risks associated with cyberattacks keep escalating dramatically. The rapid adoption of AI also brings new threats that will escalate this even further, unless governments and industry swiftly adopt effective countermeasures.

Building on over a decade of pioneering research by the University of Cambridge and SRI International, CHERI technology has matured and reached a tipping point where general use becomes possible. CHERI provides the robustness needed to address unexpected software defects and memory vulnerabilities, which would otherwise enable cyberattacks that target memory misuse. These are the most common attacks, which each year represent around 70% of newly detected software vulnerabilities.

Some memory access errors are caused by the software designers themselves by not observing or understanding the pitfalls built into C/C++ programming languages. Let’s look at an example. A commonly used technique among attackers is to utilize “buffer overflows”, where a memory access is performed outside of the normal bounds of a data structure. This is impossible with CHERI because the data buffer’s boundaries are strictly enforced by the hardware. By checking the bounds of all memory accesses, both known and future attacks can be mitigated.

CHERI brings major security benefits while having a minimal cost. This makes it the technology that can provide the reassurance end customers and sensitive applications require across a wide range of industries, from automotive to IoT and defense. As long as software is running in a system, CHERI can protect it.

2024 saw the birth of the CHERI Alliance: a non-profit, neutral and international organization based in Cambridge, UK, dedicated to ensuring CHERI technology is widely adopted to secure digital products and systems. Founding members include organizations across industry, academia and government, such as Google, the University of Cambridge, the UKs National Cyber Security Centre (NCSC) and Codasip. More organizations will join in 2025 and add to the community driving and promoting CHERI as an efficient security standard.

At Codasip, we have added built-in, fine-grained memory protection to our RISC-V processors by extending the RISC-V ISA with CHERI-based custom instructions. This was made possible thanks to our Custom Compute design methodology, which allows us to make fine-tuned customizations to the processor in a straightforward way.

About Author:

Mike Eftimakis has an extensive background in the electronics industry with 30 years in senior technical and business roles. He has been innovating with companies like VLSI Technology, NewLogic, Arm and Codasip. In parallel to his role as a VP Strategy and Ecosystem at Codasip, he is a Founding Director of the CHERI Alliance, a non-profit organization dedicated to accelerating the adoption of the CHERI security technology.

Mike Eftimakis can be contacted at: mike.eftimakis@codasip.com

Tags: buffer overflows, CHERI Alliance, CHERI technology, cybersecurity threats, memory safety, RISC-V standard

This entry was posted on Monday, December 30th, 2024 at 8:03 am. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.