Unleash of the release – Enabling the Digital Security by Design (DSbD) ecosystem

In an increasingly digitalised world driven by software, hardware has become a commodity that cannot be changed in the way that software runs on it nor has ever been asked to change for several decades. Adding just more software on top to address security weaknesses has no real effect in fixing fundamental problems. It is the result of such ‘bolt-on’ approaches that software is increasingly becoming the source of a whole range of vulnerabilities waiting to be exploited by cyber crime. It has been reported that the cause of around 70% of such vulnerabilities was first identified in software back in the 1970s

Article type: Blog
authorDigital
Catapult
From that perspective, cybersecurity is largely built around managing the insecurity of software running on the computer processor that underpins digital systems. Moving from a traditional ‘patch and pray’ cybersecurity approach to a radically new way of securing digital systems from the roots of the central hardware requires breaking a perennial market failure: software not willing to change unless there is new hardware and new hardware not getting built unless there is software justifying its use. A chicken and egg problem with a history of various unsuccessful attempts.
The Digital Security by Design (DSbD) Programme has a goal to radically update the security foundations of the digital computing infrastructure that underpins the entire economy. DSbD aims to address the previously mentioned market failure working up for the first time to change cybersecurity by fixing the hardware commodity problem from the roots of the central hardware up across the software stack of digital systems.
The DSbD Technology Platform Prototype (known as the Morello board) that is being delivered by the Arm-led consortium will be the first and only hardware instantiation of a DSbD technologies enhanced prototype Arm architecture. Morello will be the underpinning platform to evaluate what a secure future system would look like; to investigate how DSbD technologies and this new approach to security can be adopted in future products and services; and to understand what the benefits of a future adoption would be from a technological but also from a societal perspective. The Morello board is only part of the equation though since DSbD’s goal of changing the norm and perception to cybersecurity calls for a DSbD ecosystem enablement that transcends the Programme’s boundaries.

A major Programme milestone achieved

DSbD celebrates a major Programme milestone of making the prototype Architecture specification and the Morello Platform Model publicly available for broad access. These come together with a whole host of releases from Arm that include an Open Source Software project and tool chains, a support forum and technical reference manuals.

Developers, architects, researchers and innovators have a unique opportunity to experiment with and investigate the use of DSbD technologies for increased software and system security. This cuts across current, anticipated and future scenarios that could benefit from fine-grained memory protection and software compartmentalisation that can enable high granularity requirements.

We encourage everyone who has a role in delivering safe and secure systems to explore the range of possibilities against use cases and associated scenarios and to start thinking how they can make a broader impact to a more secure future through the use of DSbD technologies. As people evolve in their understanding of this new approach to security, we invite everyone to think through the dependencies, requirements and range of complexities for the adoption of DSbD technologies within industrial applications as well as secured-by-design future products and services.

How to get involved in the Programme

The journey has already started. We are building the core capability with the Arm-led consortium to enable people to join our Programme. DSbD’s major milestone with the public releases is the start of your journey and the opportunity for you to experiment, understand and ultimately play a part in fixing a chronic problem that concerns the whole digital infrastructure and systems security. These releases aim to lay a foundation for the enablement of the DSbD ecosystem and to help you build up groundwork with a potential to position strongly when the Morello hardware board becomes available (targeted from early 2022). Funding opportunities will be available across a range of engagement and collaboration initiatives:

  • SME-oriented detailed investigation aligned with the general availability of the Morello Platform Model – Q4 2020
  • Collaborative R&D on software environments, tool chain development, system software and cross stack concepts – Q4 2021
  • Industry-led market demonstrators – Expression of interest and full project proposal in Q1 & Q3 2021
  • Social science driven capacity-building and stakeholder concertation activities – Social Science Hub+ project running throughout DSbD
  • SME outreach engagement aligned with the availability of the Morello hardware board

(Note: the above timings are indicative and may be subject to change)

Author:  Georgios Papadakis – Senior Innovation Lead, Digital Security by Design

More information… (where to find what):

DSbD-funded Arm Morello Program – milestone reached – press release: https://www.arm.com/company/news/2020/10/morello-program-one-year-on

The Morello Platform Model is available to download from Arm’s Ecosystem Platform Model Developer page

Compendium of all current Arm Morello releases – see under ‘Resources’: https://developer.arm.com/morello

DSbD technologies are pioneering across academia and industry, and there is even more of a greater need and opportunity to drive and demonstrate strengthened resilience to address the previous market failures in computer processors.

You can find out more about the Industrial Strategy Challenge Fund here

Sign up to the newsletter

Sign up to the Digital Security by Design newsletter to stay up to date with our events, news, insights and opportunities. Be the first to know about our work and ways to get involved.

UKRI DSbD Councils
Website delivered by Digital Catapult as part of the Technology Access Programme, funded by UKRI through the Digital Security by Design Programme