Enhanced Security with CHERI, ESD March issue: Embedded Week Insights
Summary
This week's roundup highlights key advancements in embedded systems, including a new SOM for Edge AI vision systems, an AI-enabled UWB radar platform, and a partnership between Renesas and GF to enhance automotive chip production.
Key Insights
What is CHERI?
CHERI, or Capability Hardware Enhanced RISC Instructions, is a hybrid capability architecture that extends conventional hardware Instruction-Set Architectures (ISAs) like RISC-V, Arm, and MIPS with features for fine-grained memory protection and scalable software compartmentalization, replacing traditional pointers with capabilities to prevent memory vulnerabilities such as buffer overflows.
Sources:
[1]
How does CHERI enhance security in embedded systems?
In embedded systems, CHERI provides hardware-enforced memory bounds and permissions, enabling memory safety by design, least-privilege execution, and simplified functional safety compliance (e.g., ISO 26262), while reducing firmware size, eliminating manual bounds checks, and protecting against attacks like stack smashing through capability-based protection.
Sources:
[1]