Content deleted Content added
Guy Harris (talk | contribs) Use a citation template. |
Guy Harris (talk | contribs) →History: Add a link. |
||
Line 43:
In 2010 DARPA launched the Clean-slate design of Resilient, Adaptive, Secure Hosts (CRASH) programme,<ref>{{cite web |year=2010 |title=CRASH: Clean-slate design of Resilient, Adaptive, Secure Hosts |url=https://www.darpa.mil/research/programs/clean-slate-design-of-resilient-adaptive-secure-hosts |access-date=18 January 2025 |publisher=DARPA}}</ref><ref>{{cite web |date=21 December 2012 |title=DARPA's CRASH Program Reinvents The Computer For Better Security |url=https://breakingdefense.com/2012/12/darpa-crash-program-seeks-to-reinvent-computers-for-better-secur/ |access-date=18 January 2025 |publisher=Breaking Defence}}</ref> which tasked participants with redesigning computer systems to improve security. [[SRI International]] and [[University of Cambridge]] team revisited capability architectures, seeking to address memory safety challenges inherent in conventional designs.
By 2012 early CHERI prototypes were presented,<ref>{{cite conference |author1=Robert N.M. Watson |author2=Peter G. Neumann |author3=Jonathan Woodruff |author4=Jonathan Anderson |author5=Ross Anderson |author6=Nirav Dave |author7=Ben Laurie |author8=Simon W. Moore |author9=Steven J. Murdoch |author10=Philip Paeps |author11=Michael Roe |author12=Hassen Saidi |title=CHERI: a research platform deconflating hardware virtualization and protection. Workshop on Runtime Environments, Systems, Layering and Virtualized Environments (RESoLVE 2012) |date=March 2, 2012 |url=https://www.cl.cam.ac.uk/~rnw24/papers/201203-resolve-cheri.pdf}}</ref> These prototypes ran a microkernel with hand-written assembly for manipulating capabilities. CHERI was designed to be easy to implement on modern superscalar pipelined architectures. Unlike earlier capability systems, CHERI eliminated the need for indirection tables,<ref name="isca">{{cite conference |author1=Jonathan Woodruff |author2=Robert N. M. Watson |author3=David Chisnall |author4=Simon W. Moore |author5=Jonathan Anderson |author6=Brooks Davis |author7=Ben Laurie |author8=Peter G. Neumann |author9=Robert Norton |author10=Michael Roe |title=The CHERI capability model: Revisiting RISC in an age of risk |conference=2014 ACM/IEEE 41st International Symposium on Computer Architecture (ISCA) |___location=Minneapolis, MN, USA |date=2014 |pages=457-468 |doi=10.1109/ISCA.2014.6853201}}</ref> avoiding the associated performance issues and proving that modern capability architectures could be efficiently implemented.
In 2014 CHERI hardware demonstrated its ability to run a full UNIX-like operating system, [[FreeBSD]]. This demonstration showed that CHERI’s capability model can integrate with existing software ecosystems. CHERI was originally prototyped as an extension to [[MIPS architecture|MIPS-64]].<ref name="isca" /> The implementation used 256-bit capabilities, containing fields for a 64-bit base, length, object type, and permissions, with some bits reserved for experimental purposes.
| |||