Technology Enabling Projects

Technology Platform Prototype

Technology Enabling Projects

The ISCF Digital Security by Design Programme has funded software design company Arm to develop a technology platform prototype which is more resistant to cyber-threats – making it harder to attack technology infrastructure and remotely take control. The project also involves open-source software specialists Linaro and the universities of Cambridge and Edinburgh

Digital Security by Design Hub

The Discribe Hub+

Digital Security by Design Hub

Consortium led by Professor Adam Joinson, in the University of Bath’s School of Management, the Discribe Hub+ aims to reshape the ways in which social sciences and STEM disciplines work together to address the challenges of digital security by design in the 21st Century.

Business Led Demonstrators

100 Percent IT

Business Led Demonstrators

100% IT based in Newbury will develop a demonstrator and supporting framework of development tools to help digital computing infrastructure to become more resistant to attacks, both in the UK and around the world. It will also develop innovative new methods to secure the data being transmitted by applying layered encryption resistant to attack by quantum computers that is thus more resilient to near-term and future cyber-threats - making it harder to attack and infiltrate network infrastructure or endpoints and remotely take control or extract sensitive information.

Beam Connectivity

Business Led Demonstrators

Beam Connectivity, in Cirencester will demonstrate and review the use of DSbD technologies for cyber critical and safety critical applications in the automotive sector.

ICETOPE

Business Led Demonstrators

ICETOPE based in Rotherham will work with industry standard bodies to address the lack of cooperation between Information Technology (IT) and Operational Technology (OT) to help overcome the cyber-security barrier for implementing effective Edge computing by harnessing the new security compartmentalisation features of the Morello platform.

Southern Gas

Business Led Demonstrators

Southern Gas based in Horely seeks to deliver an Internet of Things (IoT) demonstrator in the utility industry, which sees the use of DSbD technologies to deliver an enhanced security solution for applicability within SGN critical national infrastructure.

The Soteria Project

Business Led Demonstrators

A consortium led by global technology platform company, THG Holdings plc (THG), working with The University of Manchester and the University of Oxford.

Collaborative R&D User Projects (EPSRC)

UK Engineering and Physical Sciences Research Council (EPSRC) funded projects. Winning applications were derived from research organisations across the UK.

AppControl

Collaborative R&D User Projects (EPSRC)

AppControl - Enforcing Application Behaviour through Type-Based Constraints is a DSbD funded project led by PI Wim Vanderbauwhede from University of Glasgow in collaboration with the National Centre for Nuclear robotics to review performance/run-time of compilers with the aim to enhance the provision of Digital Security by Design for mission-critical systems-on-chip through capability hardware enabled design-by-specification. The systems-on-chip will have a formal, executable specification and every software component of the system-on-chip will be forced to adhere to this specification.

CapableVMs

Collaborative R&D User Projects (EPSRC)

Dr Laurie Tratt of Kings College London and Dr Jeremy Singer of The University of Glasgow are leveraging the DSbD technologies to question critical performance and they aim to improve the security of high-performance programming language VMs using CHERI hardware enforced capabilities.

CapC

Collaborative R&D User Projects (EPSRC)

The CapC team led by Dr Mark Batty of The University of Kent have shared their vision to use tools to probe the CHERI architecture and propose to develop a new semantic definition of C that provides safety by default, enabling it to be compatible with the DSBD hardware and hence maximising security capabilities.

CAPcelerate

Collaborative R&D User Projects (EPSRC)

CAPcelerate will utilise the DSbD technology to build capability systems for the future. Led by Dr Tim Jones of the University of Cambridge, the project seeks to investigate how capability protection can be applied to systems containing heterogeneous accelerators for applications such as graphics, AI, cryptography and networking.

CAP-TEE

Collaborative R&D User Projects (EPSRC)

Dr David Oswald from the University of Birmingham will focus on protecting safety and security-critical systems with capability architectures and trusted execution.

CHaOS

Collaborative R&D User Projects (EPSRC)

Dr Robert Watson of the University of Cambridge is developing new hypervisor and operating-system software compartmentalisation models able to use the CHERI / Morello architectural primitives to significantly improve compartmentalisation scalability.

CloudCAP

Collaborative R&D User Projects (EPSRC)

Led by Prof Peter Pietzuchof Imperial College London CloudCAP will explore solutions across trusted execution environments. The project will focus to develop capability-based cloud compartments, a new abstraction that can express policies about the confidentiality and integrity of data, both within, and across, the components of a cloud stack and cloud native applications.

HD-Sec

Collaborative R&D User Projects (EPSRC)

Prof Michael Butler of University of Southampton is addressing engineering challenges in establishing and formally verifying the relationship between application-level security requirements and secure software implementations running on capability hardware.

SCorCH

Collaborative R&D User Projects (EPSRC)

SCorCH will explore the verification of C programmes and apply this to DSbD capabilities. Dr Giles Reger of Manchester University, together with Prof Tom Melham of The  University of Oxford propose a new software verification toolchain for capabilities based on state-of-the-art static and dynamic software verification and theorem proving techniques, to verify the Morello platform is being used correctly.

Collaborative R&D User Projects (SME)

SME Software Development Ecosystem projects (now completed)

ANZEN Technology Systems Limited, London

Collaborative R&D User Projects (SME)

A feasibility study of a data security software product adopting Digital Security by Design technology.

Capabilities Limited, Carmarthenshire, Wales

Collaborative R&D User Projects (SME)

Assessing the viability of an open source DSbD desktop software ecosystem.

DRISQ Limited, Worcestershire

Collaborative R&D User Projects (SME)

CHERI standards compliance (CHERI Stone).

IOETEC Limited, Sheffield

Collaborative R&D User Projects (SME)

Multi-compartment computation protocol based on DSbD technology.

Metrarc Limited, Colchester and Canterbury

Collaborative R&D User Projects (SME)

Trusted ring security for Morello Devices.

MindHug LTD, Stowmarket, Suffolk

Collaborative R&D User Projects (SME)

Multi-compartment computation protocol based on DSbD technology.

OXON.Tech Ltd, Oxfordshire

Collaborative R&D User Projects (SME)

Porting edge AI workflows to CHERI/Morello

Pytilia Limited – Belfast, Northern Ireland

Collaborative R&D User Projects (SME)

A data path development kit utilising DSbD technology.

Valid Datum Limited, London

Collaborative R&D User Projects (SME)

Quantum-resistant DSbD security leveraging Micro Tokenisation

Verifoxx, London

Collaborative R&D User Projects (SME)

A research project on a TEE-aware compartmentalisation framework, to elevate their products security while mitigating vulnerabilities posed by existing solutions on the market.

Collaborative Industry and Academia R&D User Projects (SME & EPSRC)

University of Glasgow

Collaborative Industry and Academia R&D User Projects (SME & EPSRC)

Capabilities for coders
The project will develop an online, open-access, interactive textbook called ‘capabilities for coders’ to support developers who are targeting the Morello platform.
This one-stop shop online resource will focus on providing developer-friendly resources in simple and direct writing style.

King’s College London

Collaborative Industry and Academia R&D User Projects (SME & EPSRC)

Chrompartments: hybrid compartmentalisation for web browsers
The project aims to enhance the security of modern web-browsers, focusing on Google Chrome, by developing and evaluating DSbD enabled finer-grained compartmentalisation.

University of Glasgow

Collaborative Industry and Academia R&D User Projects (SME & EPSRC)

Morello-HAT: Morello high-level API and tooling
The project aims to develop and evaluate a common Application Programming Interface (API).
An API that can be used by compiler developers and software programmers of higher-level languages to leverage DSbD’s security features into their language and programs.

Verifoxx Ltd

Collaborative Industry and Academia R&D User Projects (SME & EPSRC)

CHERI WebAssembly Micro Runtime
The project aims to enrich the DSbD software ecosystem by developing a DSbD-aware runtime for WebAssembly (WASM) software modules embeddable into compartmentalised applications to enable and evaluate a double sandboxed model.

The Hut Group Holdings PLC

Collaborative Industry and Academia R&D User Projects (SME & EPSRC)

MOJO: a robust Java virtual machine for Morello
The project will prototype and develop a robust and mature version of the Java virtual machine (JVM).
JVM is critical to many software ecosystems by harnessing the security features of DSbD technologies.

The University of Manchester

Collaborative Industry and Academia R&D User Projects (SME & EPSRC)

FlexCap: exploring hardware capabilities in unikernels and flexible isolation OSes
The project will extend the security features of DSbD technologies in two operating systems: Unikraft, FlexOS. It will evaluate the performance of flexible compartmentalisation on Morello against other platforms and mechanisms.

University of Cambridge

Collaborative Industry and Academia R&D User Projects (SME & EPSRC)

Cloud attestables on Morello boards (CAMB)
The project will expand DSbD technologies by developing secure execution environments called ‘attestables’.
They will be suited to exfiltration sensitive applications without relying on the long-term burden of trust on the hardware manufacturer.

Capabilities Ltd

Collaborative Industry and Academia R&D User Projects (SME & EPSRC)

Developing and evaluating an open-source desktop for Arm Morello
The project will develop a full-scale open-source DSbD-enabled desktop environment suitable for use on the Morello hardware board. It will demonstrate its hardware protection features with a software corpus exceeding 60 million lines of code.

nquiringminds Ltd

Collaborative Industry and Academia R&D User Projects (SME & EPSRC)

Secure networking by design (SNbD)
The project will enrich the evolving DSbD Morello stacks by developing and evaluating new network essential components with improved tool chain support.

University of Kent

Collaborative Industry and Academia R&D User Projects (SME & EPSRC)

Complementing capabilities: introducing pointer-safe programming to DSBD tech
The project will expand DSbD technologies by developing a tool chain for Rust language support and integrating it into an open-source operating system.

Delivered by Digital Catapult, funded by UKRI through the Digital Security by Design programme.