Fall school
Workshop
The slides for part 1 and part 2 of the workshop are available.
The CHERI tutorial will be an interactive tutorial requiring participants to download a prepared VM containing a CHERI-RISCV build environment. Whilst the VM will be available in a compact format, please allow a minimum of 20GB hardisk space. It is recommended that virtualisation software for the VM be installed prior to the event such as the latest version of Oracle VirtualBox, which is available for a variety of platforms, or UTM for MACs.
You can now download the VM for VirtualBox (5.8 GB) and UTM (11 GB). If you want to effectively participate in the workshop, it's best to grab them before, as the download on the day may take too much time. The installation instruction are also available.
What's CHERI?
CHERI is about redesigning the underlying computer hardware architecture to provide security by design, with the aim of protecting against common memory vulnerabilities introduced by non memory-safe languages such as C and C++. CHERI stands for Capability Hardware Enhanced RISC Instructions and extends conventional processor Instruction-Set Architectures (ISAs) with capabilities. Capabilities are a powerful and flexible security mechanism for implementing fine-grained memory access control and for compartmentalising untrusted software components. CHERI has been incorporated into MIPS and RISC-V alongside an ongoing development of supporting software and build chain tools, but has gained significant momentum recently with the introduction of ARM's experimental Morello hardware platform.
Agenda: Part 1 (before lunch)
- Introduction to CHERI: What is CHERI and what does it protect against? What is ARM Morello?
- Introduction to CHERI exercises: Understanding the build environment, toolchain, and debugger
-
Guided exercises using the VM:
- Compiling and running RISC-V and CHERI-RISC-V programs
- Disassembling and debugging RISC-V and CHERI-RISC-V binaries
- Understanding CHERI exceptions
Agenda: Part 2 (after lunch)
-
Attacks (and mitigation through CHERI):
- Identifying and fixing a buffer overflow
- Overwriting function pointers
- Attempting arbitrary code execution through a buffer overflow
Program: Monday, November 7 (Fall School)
Room: The Writers' Suite
10:00-11:00
|
Registration & coffee
|
11:00-12:00
|
Welcome and workshop on the CHERI security features and the ARM Morello prototype implementation (part 1)
|
12:00-13:30
|
Lunch
Edgbaston Park Hotel Restaurant
|
13:30-15:30
|
Workshop on CHERI (part 2)
|
15:30-16:00
|
Coffee break
|
16:00-16:45
|
Industry talk: Licel (chair: David Oswald)
|
17:00-17:30
|
Campus tour from venue to Computer Science building
|
17:45-20:00
|
Poster Session and reception with drinks and fingerfood
Location: Atrium, Computer Science building
|
Funding
The organisers are supported by the Engineering and Physical Sciences Research Council (EPSRC) under grants EP/R012598/1, EP/S030867/1, EP/V000454/1. Part of the fall school will cover DsbDtech aka ARM Morello and CHERI.