�ݺ�ߣshows by User: HeshamALMatary

�ݺ�ߣshows by User: HeshamALMatary / http://www.slideshare.net/images/logo.gif �ݺ�ߣshows by User: HeshamALMatary / Thu, 17 Oct 2024 17:52:52 GMT �ݺ�ߣShare feed for �ݺ�ߣshows by User: HeshamALMatary CHERI-seL4: Enhancing seL4’s C/C++ userspace memory safety using CHERI /slideshow/cheri-sel4-enhancing-sel4-s-c-c-userspace-memory-safety-using-cheri/272505452 20241015-sel4-summit24-cherisel4-241017175253-e1c0d62d
seL4 currently provides, formally verified, memory safety guarantees in the kernel and isolation guarantees between seL4's userspace tasks, but there is no safety within a single seL4 task or protection domain itself (e.g., VMs or single-address-space servers such as rumprun). According to a recent Microsoft study, memory safety vulnerabilities account for 70% of all software vulnerabilities. CHERI is a capability-based hardware-software architecture aiming to address memory-safety and software compartmentalisation issues. The goal of this project is to have a complete memory-safe C/C++ seL4-based software stack using CHERI on Morello, without having to re-write the existing seL4 C/C++ userspace libraries (currently over 250 KLoC, using sloc tool) from scratch or formally verify them. This talk describes the progress of CHERIfying the existing seL4's userspace in order to have complete (spatial) memory and pointer safety.]]>
seL4 currently provides, formally verified, memory safety guarantees in the kernel and isolation guarantees between seL4's userspace tasks, but there is no safety within a single seL4 task or protection domain itself (e.g., VMs or single-address-space servers such as rumprun). According to a recent Microsoft study, memory safety vulnerabilities account for 70% of all software vulnerabilities. CHERI is a capability-based hardware-software architecture aiming to address memory-safety and software compartmentalisation issues. The goal of this project is to have a complete memory-safe C/C++ seL4-based software stack using CHERI on Morello, without having to re-write the existing seL4 C/C++ userspace libraries (currently over 250 KLoC, using sloc tool) from scratch or formally verify them. This talk describes the progress of CHERIfying the existing seL4's userspace in order to have complete (spatial) memory and pointer safety.]]> Thu, 17 Oct 2024 17:52:52 GMT /slideshow/cheri-sel4-enhancing-sel4-s-c-c-userspace-memory-safety-using-cheri/272505452 HeshamALMatary@slideshare.net(HeshamALMatary) CHERI-seL4: Enhancing seL4’s C/C++ userspace memory safety using CHERI HeshamALMatary seL4 currently provides, formally verified, memory safety guarantees in the kernel and isolation guarantees between seL4's userspace tasks, but there is no safety within a single seL4 task or protection domain itself (e.g., VMs or single-address-space servers such as rumprun). According to a recent Microsoft study, memory safety vulnerabilities account for 70% of all software vulnerabilities. CHERI is a capability-based hardware-software architecture aiming to address memory-safety and software compartmentalisation issues. The goal of this project is to have a complete memory-safe C/C++ seL4-based software stack using CHERI on Morello, without having to re-write the existing seL4 C/C++ userspace libraries (currently over 250 KLoC, using sloc tool) from scratch or formally verify them. This talk describes the progress of CHERIfying the existing seL4's userspace in order to have complete (spatial) memory and pointer safety. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/20241015-sel4-summit24-cherisel4-241017175253-e1c0d62d-thumbnail.jpg?width=120&height=120&fit=bounds" /><br> seL4 currently provides, formally verified, memory safety guarantees in the kernel and isolation guarantees between seL4's userspace tasks, but there is no safety within a single seL4 task or protection domain itself (e.g., VMs or single-address-space servers such as rumprun). According to a recent Microsoft study, memory safety vulnerabilities account for 70% of all software vulnerabilities. CHERI is a capability-based hardware-software architecture aiming to address memory-safety and software compartmentalisation issues. The goal of this project is to have a complete memory-safe C/C++ seL4-based software stack using CHERI on Morello, without having to re-write the existing seL4 C/C++ userspace libraries (currently over 250 KLoC, using sloc tool) from scratch or formally verify them. This talk describes the progress of CHERIfying the existing seL4's userspace in order to have complete (spatial) memory and pointer safety.

CHERI-seL4: Enhancing seL4’s C/C++ userspace memory safety using CHERI from Hesham Almatary

]]> 28 0 https://cdn.slidesharecdn.com/ss_thumbnails/20241015-sel4-summit24-cherisel4-241017175253-e1c0d62d-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Software Security OS Porting to CHERI - A Secure By Design Approach /slideshow/software-security-os-porting-to-cheri-a-secure-by-design-approach/270859408 20240807-ntu-cheri-software-systems-240808054008-b79f22a6
CHERI is a hardware-software capability-based security architecture that offers memory safety and scalable software compartmentalisation. This protects against 70% of software vulnerabilities according to a recent study by Microsoft. In this talk, I am describing what CHERI is, the problems it's trying to solve, and my research work on CHERI in the area of embedded systems and industrial applications. This includes applications of CHERI in FreeRTOS, Linux, and seL4.]]>
CHERI is a hardware-software capability-based security architecture that offers memory safety and scalable software compartmentalisation. This protects against 70% of software vulnerabilities according to a recent study by Microsoft. In this talk, I am describing what CHERI is, the problems it's trying to solve, and my research work on CHERI in the area of embedded systems and industrial applications. This includes applications of CHERI in FreeRTOS, Linux, and seL4.]]> Thu, 08 Aug 2024 05:40:08 GMT /slideshow/software-security-os-porting-to-cheri-a-secure-by-design-approach/270859408 HeshamALMatary@slideshare.net(HeshamALMatary) Software Security OS Porting to CHERI - A Secure By Design Approach HeshamALMatary CHERI is a hardware-software capability-based security architecture that offers memory safety and scalable software compartmentalisation. This protects against 70% of software vulnerabilities according to a recent study by Microsoft. In this talk, I am describing what CHERI is, the problems it's trying to solve, and my research work on CHERI in the area of embedded systems and industrial applications. This includes applications of CHERI in FreeRTOS, Linux, and seL4. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/20240807-ntu-cheri-software-systems-240808054008-b79f22a6-thumbnail.jpg?width=120&height=120&fit=bounds" /><br> CHERI is a hardware-software capability-based security architecture that offers memory safety and scalable software compartmentalisation. This protects against 70% of software vulnerabilities according to a recent study by Microsoft. In this talk, I am describing what CHERI is, the problems it's trying to solve, and my research work on CHERI in the area of embedded systems and industrial applications. This includes applications of CHERI in FreeRTOS, Linux, and seL4.

Software Security OS Porting to CHERI - A Secure By Design Approach from Hesham Almatary

]]> 74 0 https://cdn.slidesharecdn.com/ss_thumbnails/20240807-ntu-cheri-software-systems-240808054008-b79f22a6-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 seL4 on RISC-V/lowRISC - ORCONF'15 /slideshow/sel4-on-riscvlowrisc-orconf15/53776835 orconf15sel42-151010191459-lva1-app6891
�ݺ�ߣs on seL4/RISC-V from ORCONF'15]]>
�ݺ�ߣs on seL4/RISC-V from ORCONF'15]]> Sat, 10 Oct 2015 19:14:59 GMT /slideshow/sel4-on-riscvlowrisc-orconf15/53776835 HeshamALMatary@slideshare.net(HeshamALMatary) seL4 on RISC-V/lowRISC - ORCONF'15 HeshamALMatary �ݺ�ߣs on seL4/RISC-V from ORCONF'15 <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/orconf15sel42-151010191459-lva1-app6891-thumbnail.jpg?width=120&height=120&fit=bounds" /><br> �ݺ�ߣs on seL4/RISC-V from ORCONF'15

seL4 on RISC-V/lowRISC - ORCONF'15 from Hesham Almatary

]]> 1510 0 https://cdn.slidesharecdn.com/ss_thumbnails/orconf15sel42-151010191459-lva1-app6891-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 https://cdn.slidesharecdn.com/profile-photo-HeshamALMatary-48x48.jpg?cb=1731947751 http://heshamelmatary.blogspot.com https://cdn.slidesharecdn.com/ss_thumbnails/20241015-sel4-summit24-cherisel4-241017175253-e1c0d62d-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/cheri-sel4-enhancing-sel4-s-c-c-userspace-memory-safety-using-cheri/272505452 CHERI-seL4: Enhancing ... https://cdn.slidesharecdn.com/ss_thumbnails/20240807-ntu-cheri-software-systems-240808054008-b79f22a6-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/software-security-os-porting-to-cheri-a-secure-by-design-approach/270859408 Software Security OS P... https://cdn.slidesharecdn.com/ss_thumbnails/orconf15sel42-151010191459-lva1-app6891-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/sel4-on-riscvlowrisc-orconf15/53776835 seL4 on RISC-V/lowRISC...