Morello

By creating a prototype Morello evaluation board, Arm is committing to the extensive engineering and research that is required to enable an industrial-scale trial of the candidate technologies. The trial is the first trial of this scale in the UK.

The Morello prototype board will be available to appropriate software companies, tools developers, and leading academic institutions. Arm will publish its key findings widely, to lead and enable industry change.

Note: Morello technology is at an early stage of research and testing. Arm has no roadmap or plan to include Morello technology in any current or future Arm products or architectures.

• The hardware capability technology that is used in CHERI and in the Arm prototype architecture combines references to memory locations, that is, pointers, with limits on how the references can be used. These limits relate to:
  • The address ranges that the references can be used to access, and
  • The functionality that the references can be used to access.


• This combined information, which is called a capability, is constructed so that it cannot be forged by software.


• Replacing pointers with capabilities in a program vastly improves memory safety, which is a key step for security. Recent research by Matt Miller of Microsoft has shown that ~70% of the vulnerabilities addressed through a security update each year continue to be memory safety issues.


• The benefit of hardware capability technology goes beyond memory safety. This is because the capabilities can be used as a building block for more fine-grained compartmentalization of software. Software that is constructed with fine-grained compartmentalization could result in inherently more robust software that is resistant to attack.


• A powerful feature of compartmentalization is that, even if one compartment is compromised by an attacker, the attacker cannot break out of the compartment to access any other information, or to take overall control of the computing system.

In addition to changes to hardware, this new approach to security will require re-architecting how code is created. Code will be written and compiled in a different way, to take advantage of the novel hardware features, to achieve a more secure result.

• The purpose of the demonstrator Morello board is to provide a realistic, highly capable Arm-based platform that software developers can use. Developers will be able to experiment and test the Morello board to investigate the best way to use fine-grained compartmentalization for improving security.


• The capability approach to hardware will require a new programming methodology, to take advantage of new features, like compartmentalization, that are available in the hardware.


• The world class programming abilities of companies like Microsoft and Google will be vital in constructing software that is genuinely more robust against security attacks, while retaining high performance.


• Programmers will use the Morello prototype board to test approaches that can work for the real, highly complex, software workloads that we see deployed in computing systems today.


• An open source software platform will allow multiple contributors to participate in this project. You can find out more about the development plans for models, toolchain, and software support in the Linaro Tech Days presentation, linked through the Linaro logo below.