Sensor IT, a UK-based internet of things technology provider and manufacturer, is one of the companies involved in the Digital Security by Design (DSbD) initiative.
As part of the DSbD Technology Access Programme, the team at Sensor IT has been involved in extensive real-world testing and experimentation with new Morello/CHERI cyber security technology.
The Morello evaluation board designed by Arm is a real-world test platform for the CHERI architecture developed by the University of Cambridge. It is the first hardware implementation of DSbD technology, and could eliminate whole classes of possible exploits, significantly reducing the ability of bad actors to capture user data, take over machines, or shut down critical systems.
A blueprint for future microprocessor design
Sensor IT’s project scope was straightforward: to address simple buffer overflow warnings – yet the Morello Board/CheriBSD did much more than that.
The Sensor IT team ported an entire email server as part of their participation in the DSbD programme. The application, a complete SMTP+POP3+IMAP4 package, symbolises the most critical layer of systems exposed to potential hacking attempts, as it is constantly accessed by third parties. The Sensor IT team was aware of existing vulnerabilities in the package, and intended to use the new hardware/software platform to validate its security capabilities.
“We have managed to port a bug-ridden, security-flawed application into a complete secure software suite, using only off-the-shelf Morello Board/CheriBSD functionality,” said Sensor IT’s Director, Richard Gonzalez. “If this does not sound amazing, I would not know what would!”
During the porting exercise, the suite was subjected to external attacks and exploit packages that demonstrated the new technology’s cyber security credentials. By using the Morello board/CheriBSD, vulnerabilities that initially existed in the software suite were patched up, and no root access was allowed by exploiting memory overflows – the server data remained secure.
Richard sees the technology as a complete winner when it comes to memory management, whether involving security risks or not, and believes that the board could prove to be a great blueprint for future microprocessor design.
Significant potential for increasing business security
The Sensor IT team found the capabilities of the platform to be enormous, including other functionality that they have not tested, such as memory compartmentalisation. Even straight out of the box, they found that the system can increase the data security of standard critical applications by several orders of magnitude, just by porting existing code to the new platform without any significant changes.
“Not only did the Morello board/CheriBSD provide functionality we did not expect, we also got to keep the board, which allows us to keep experimenting with it.
I don’t think many people realise how innovative this new hardware/software is: we truly believe that new processors might, in some shape or form, implement some of the security functionality that the Morello board provides.”
– Richard Gonzalez, Director, Sensor IT
About Sensor IT
Sensor IT is a technology provider within the Internet of Things (IoT) sphere that develops prototypes and technologies applicable to different sectors including Smart Cities, Smart Industry, Smart Agriculture, Smart Mobility and Smart Healthcare, to name a few. Sensor IT designs and develops all their products from the ground up, from the electronic schematics through to the final product enclosure, which allows them to retain full ownership of the Intellectual Property they create.