Digital Security by Design - The Imperative for Change
John Goodacre
Challenge Director - Digital Security by Design, UK Research and Innovation
It would be naive to consider that all software, even when developed to the highest level of today’s assurance, will continuously operate as intended. Whether this takes a cosmic attack, a determined cyberattack or an implementation vulnerability, today’s computer fabrics do little to help High Integrity Software (HIS) architects protect their solutions from a potential perturbed operation.
Such developers have long used formal methods and automated verification tools to reason about the operation of their systems. Unfortunately, hardware models are often approximations and lack semantics to fully understand the physically possible states of process and data manipulation.
In directing the UKRI Digital Security by Design programme, it’s encouraging to see the rapidly increasing interest and impact the Arm Morello technology prototype provides businesses and researchers. More specifically, multiple markets and technology sectors are now using the Morello board to assess the benefits of the embedded CHERI security features. Through the formally specified hardware architecture, instruction and data semantics, researchers of HIS tooling have new ways to reason about software and mechanisms to increase performance and coverage.
This talk will reference back to the 1970s and progress through to the next decade when new technology must fundamentally change how computers run the software and deliver secure products by design that bring new properties that can further increase software assurance.
About John Goodacre
Prof. John Goodacre is the Challenge Director for Digital Security by Design and is responsible for the programme of funded activities and associated research agenda to realise a future generation of digitally secured computers. He also holds a Professorship in Computer Architectures at the University of Manchester having transitioned from been the Director of Technology and Systems in the Research Group at ARM Ltd. His career has delivered the first scalable commodity telephony platform, the first online data and video conferencing tools with Microsoft, the first ARM MPCore multicore processors and associated technologies. His roles today extend across both academic, industrial and government. His research interest includes web-scale servers, exascale efficient systems and secured ubiquitous computing.