The investment came from NPIF II – Mercia Equity Finance, which is managed by Mercia as part of the Northern Powerhouse Investment Fund II (NPIF II), and angel investors from the UK and Silicon Valley.
With the funding, the company said that it, “now plans to set up a base in Sheffield and recruit a further 20 engineers.” This is on top of its existing team of 20, funded by over £1m in UK government technology development grants.
CHERI, which stands for ‘capability hardware enhanced RISC instructions’, aims to protect against cyber-attacks that use software memory misallocation, buffer overflows and other memory hacks.
“Memory safe chips have been shown to prevent 70% of all attacks and would enable organisations to continue using existing software,” claimed SCI CEO Haydn Povey.
The technology moves hardware away from the concept of simple memory address pointers.
Instead, a CHERI-enabled processor expects every address pointer to be accompanied by meta-data that includes permissions, and sandbox upper and lower bounds for the calling function.
SCI is basing its core, called Iceni, on Microsoft’s RV32E CHERIoT-Ibex processor – itself based on a 32bit RISC-V core and the Cambridge research. 32bit addresses in this processor need always to be accompanied by 32bit of meta-data. As it can also run straight RISC-V code, the 64bits of enhanced address are also accompanied by a ‘hidden’ bit.
The first Iceni IC is due to appear this year, said SCI, adding that Google Research has already signed up as a customer.
“The Iceni family have been design for 32-bit embedded applications, with an architecture that supports efficient fine-grained hardware enforced compartmentalisation with safe object-granularity sharing. This delivers complete spatial and temporal memory-safety guarantees that the hardware enforces,” according to SCI. “This combination enables code reuse by restraining the blast radium of attacks, even in third-party code and without requiring complete rewrites. This also ensures that regulations, such as EU product liability directives, become easier to comply with – when most of the reused code can be removed from the end product’s attack surface.”
