Home

This is the home for AppControl and Morello-HAT, two closely related projects which aim to enhance the security of mission-critical Systems-on-Chip (SoC) through the integration of capability hardware and behavioural types. They are a collaboration between the University of Glasgow, the University of Essex and the University of Oxford and are funded by the UKRI Digital Security by Design (DSbD) programme.

The Vision

The idea behind the AppControl project is to use behavioural type systems to formally describe the interfaces and interaction of software components in Systems-on-Chip (SoC) and enforce these specifications at run time through the hardware capabilities provided by the CHERI architecture.

The Morello-HAT project is a companion to AppControl which further narrows down the focus to the development of common APIs that leverage the hardware capabilities implemented by the Morello architecture alongside behavioural types. The primary goal is to support compiler developers and programmers of higher-level languages in obtaining better memory and object type safety properties in their respective languages and programs.

The Morello software stack primarily supports programming through the C and C++ languages. The capability API for these languages is based on a low-level representation of capability pointers which leaves plenty of room for improvement. In contrast, there are many promising modern languages with fast-growing popularity (e.g. Go, Rust, Dart,) that are not pointer-based and support more advanced type systems and memory management strategies. It is therefore important for the success of the Morello platform that it supports such languages. There is a wide gap between the current low-level, C-focused capability API and the needs of higher-level languages, and that is the gap which this project aims to fill.

What can AppControl and Morello-HAT do for you?

In practical terms, AppControl allows a SoC's system architect to create a formal, executable specification that describes the expected behaviour of each software component. Enforcing this specification at run time ensures brings several benefits:

  • Security: By enforcing the expected behaviour of software components, we can prevent malicious or unintended actions that could compromise the system's integrity.
  • Reliability: Ensuring that software components adhere to their specifications reduces the risk of unexpected behaviour and system failures.
  • Maintainability: A formal specification provides a clear contract for each software component, making it easier to understand and maintain the system as a whole.
  • Interoperability: By defining clear interfaces and interactions, we can ensure that different software components can work together seamlessly, even if they are developed by different teams or organizations.

Recent Posts

morello-hat

Towards a better memory management API - Part 2

May 18, 2024

Continue reading
news,website

AppControl Project Poster March 2024

March 13, 2024

Continue reading
news,website

AppControl Project Poster November 2023

November 8, 2023

Continue reading
morello-hat

Towards a better memory management API - Part 1

November 6, 2023

Continue reading
morello-hat

Launch of Project Website

September 28, 2023

Continue reading
news,website

AppControl Project Poster May 2023

May 27, 2023

Continue reading
news,website

AppControl Project Poster October 2022

October 12, 2022

Continue reading
news,website

AppControl Project Poster April 2022

April 6, 2022

Continue reading
news,website

AppControl Project Poster 2021

May 4, 2021

Continue reading
news,website

Launch of Project Website

November 17, 2020

Continue reading