A new era for digital security by design

Article type: TAP News
companyDigital
Catapult

In today’s connected world, where technology increasingly powers everything from medical devices to autonomous vehicles, embedding security at the core of system development is essential. Traditional approaches to cybersecurity, which often address vulnerabilities only after they’re exploited, leave organisations exposed to potentially devastating attacks. Security by design, in contrast, ensures that systems are built from the ground up with robust protections in place, reducing risks before they arise.

With a view to accelerating the practical application of deep tech within key sectors of the UK economy, Digital Catapult is working with a new cohort of pioneers to trial cybersecurity solutions underpinned by the principles of security by design. This latest group of innovators will work to develop new solutions to address the imbalance between the supply and demand of cybersecurity solutions, including those that leverage the internet of things (IoT).  

The latest cohort marks a new chapter for our Technology Access Programme, introducing lowRISC’s open source Sonata board alongside the established Arm’s Morello board. The implementation of CHERI in hardware will equip participating companies with the capabilities of CHERIoT OS (CHERI for IoT), providing an expanded toolkit to address critical security challenges. This development underscores the programme’s commitment to building a more resilient foundation for a safer digital future in the UK, and will enable participating deep tech companies to scale their solutions faster. 

In the automotive space, CAN-PHANTOM and Beam Connectivity will work to secure vehicle networks and telematics control units (TCUs) with CHERI-enabled protections. This will reduce the risks of hackers taking malicious control of vehicles in an increasingly connected landscape, as the wider Digital Security by Design (DSbD) led by Innovate UK addresses the increasingly complex ways illicit actors are attempting to target security infrastructure in various settings. 

Meanwhile, IoT-focused companies including Configured Things and Sensor IT will leverage Sonata and CHERIoT to secure complex infrastructures and distributed systems. This approach will enable remote configuration management of security networks, and allow real-time industrial monitoring of security operations, drawing on Digital Catapult’s expertise in network technologies such as Open RAN and 5G. The solutions developed during the programme will play an important role in maintaining the global competitiveness of the UK’s deep tech sector, and will have applications across multiple sectors including manufacturing, logistics and construction. 

TTP, which has over 35 years of industry expertise in healthcare, has also joined the programme, demonstrating the strategic value of convening capabilities and facilitating cross-sector collaboration. By providing access to lowRISC’s Sonata™ board alongside innovation and technology consultancy from Digital Catapult , TTP will explore CHERI’s potential for regulated medical devices and work to ensure that Sonata’s advanced security features, along with CHERIoT’s memory-safety guarantees, align with strict industry standards like IEC 62304. With software playing an ever-greater role in medical devices and life sciences, TTP’s work aims to secure these systems for safer healthcare applications, aligning with the UK Government’s ambition to build an NHS fit for the future.

With a strong lineup, the new cohort is well-prepared to address some of today’s most pressing security challenges. By integrating leading-edge hardware technologies, these companies are shaping a safer, more resilient digital ecosystem. 

Stay informed on participant progress by subscribing to the DSbD newsletter 

Participants:

3Bian Limited: 3bian designs secure hardware and software solutions by integrating advanced security features at both the architectural and software levels. The company builds its systems on open standards to promote transparency and foster collaboration across the industry. 

Beam Connectivity: Beam Connectivity is the pioneer in better connected vehicles. Based in the UK, they reduce costs and time-to-market for vehicle manufacturers with their solution’s class-leading responsiveness, cellular data usage and cybersecurity resilience. 

CAN-PHANTOM Limited: Can Phantom Limited is a UK based developer and manufacturer of electronic immobilisers used to overcome the huge problem of keyless entry vehicle thefts, supplying product to the UK and worldwide market.

Configured Things: Configured Things specialises in cross domain configuration management. They build technologies which enable systems to span trust boundaries.

Quantum Dice Ltd: Quantum Dice is working to solve one of the longest-standing problems in computing: generating trusted and reliable randomness. The company is developing the world’s first scalable source-device independent continuously assuring quantum random number generator (QRNG), with applications in cybersecurity and stochastic computing.

Sensor IT: Sensor IT is a London-based research and development company devoted to the advance of highly-portable, sensor-based solutions. The company pays special attention to safety, security, health and transport-related applications.

TTP: TTP is an independent product and technology consultancy, working at the intersection of science and engineering across healthcare, life sciences, cleantech, and advanced manufacturing to develop innovative, market-leading solutions for global clients.

Sign up to the newsletter

Sign up to the Digital Security by Design newsletter to stay up to date with our events, news, insights and opportunities. Be the first to know about our work and ways to get involved.

UKRI DSbD Councils
Website delivered by Digital Catapult as part of the Technology Access Programme, funded by UKRI through the Digital Security by Design Programme