We ported #Microvium to #CHERIoT several years ago, but never got around to writing up the details. For anyone interested in how CHERIoT can help you extend safe-language guarantees across an FFI boundary.

One of the reasons I'm still using GitHub for a lot of stuff is the free CI, but I hadn't really realised how little that actually costs. For #CHERIoT #LLVM, we're using Cirrus-CI with a 'bring your own cloud subscription' thing. We set up ccache backed by a cloud storage thing, so incremental builds are fast. The bill for last month? £0.31.

We'll probably pay more as we hire more developers, but I doubt it will cost more than £10/month even with an active team and external contributors. Each CI run costs almost a rounding-error amount, and that's doing a clean (+ ccache) build of LLVM and running the test suite. We're using Google's Arm instances, which have amazingly good price:performance (much better than the x86 ones) for all CI, and just building the x86-64 releases on x86-64 hardware (we do x86-64 and AArch64 builds to pull into our dev container).

For personal stuff, I doubt the CI that I use costs more than £0.10/month at this kind of price. There's a real market for a cloud provider that focuses on scaling down more than on scaling up and made it easy to deploy this kind of thing (we spent far more money on the developer time to figure out the nightmare GCE web interface than we've spent on the compute. It's almost as bad as Azure and seems to be designed by the same set of creatures who have never actually met a human).

Tor Jeremiassen (Google) has written up a post on how the MPACT simulator for #CHERIoT works.

This is the fastest simulator that we currently ship, it manages around 20 MIPS on my laptop (compared to around 400 KIPS from the one generated from the formal model of the ISA). This model is designed to plug into larger system simulations, so expect to see full SoC emulators based on it!

@CHERIoT Great to see folks adopting #CHERIoT and learning to think about writing secure software as a side effect.

I learned a new acronym this week: SOUP (software of unknown provenance). Unlike mushroom-identification AI, #CHERIoT makes your SOUP safe to consume.

The recent news about an alleged backdoor in #ESP32 chips is largely overhyped, but it’s a good opportunity to explain how we designed #CHERIoT to make this kind of attack almost impossible by construction.

SCI and the CHERI Alliance will both be at Embedded World next week. Come and talk to us about CHERIoT and how you can adopt it with SCI’s ICENI chips in your next products.

Sealing remains one of my favourite features of #CHERI, and is a core part of any compartmentalisation model that's usable by programmers. In the #CHERIoT compiler, we've improved it by surfacing sealing in the C/C++ type system.

EDIT: After lots of helpful feedback in this thread, the article is now accepted. Thanks everyone who helped!

Any #Wikipedia editors around who can help? We are trying to get the article on #CHERI added. It's so far been rejected three times:

First, it did not have enough independent citations. We added a lot to news articles about CHERI.

Second, it was insufficiently detailed and lacking context. We added a timeline of development, a load of cross references, and a simple introduction.

It was then rejected again because it lacks an explanation that a 15-year-old could understand. This is true of 90% of science-related articles on Wikipedia, so I'm not sure how we fix it. An explanation at that level is something I can write (I have done for the #CHERIoT book!) but it would then make the page 3-4 times as long and not suitable for an encyclopaedia (I've previously seen pages rejected because Wikipedia is not the right place for tutorials).

I don't understand the standards for Wikipedia and I really need some guidance for how to resolve and progress this.

Some #CHERI philosophy for the weekend. Deconflating identifiers and capabilities has enormous security value in any setting and is an approach that #CHERIoT applies at all levels of the system, from memory access up to network connections.

EDIT: The typeset draft is online which has the acknowledgements in the Preface.

I've now got a hopefully-final version of the draft cover for the #CHERIoT Programmers' Guide.

Please can the folks who contributed cats check that I have the acknowledgement (and cat names) right? Here is the draft text:

The cats on the cover represent safe, secure, compartmentalisation (what is safer or more secure than a cat in a box?).
Each cat is in a separate, isolated, compartment, in the model for which
CHERIoT was designed.

The cat photos were contributed by some wonderful people from the Fediverse.
Starting at the top left, numbered left to right then top to bottom, the photo
credits are:

1, 3, 5, 10:
Photographer: James (@chongliss), Cats: Jiji (1), Luna (3, 5), and
Felix (10).

2, 11:
Photographer: Cassian Lodge (@cassolotl), Cat: Rosa

4:
Photographer: marinbenc (marinbenc@sigmoid.social)

6:
Photographer: Asta Halkjær From (@ahfrom), Cat: Betty Rambo.

7:
Photographer: vitaut (@vitaut)

8:
Photographer: Michael McWilliams (@MichaelMcWilliams)

9:
Photographer: jarkman (@jarkman)

12:
Photographer: Isaac Freund (@ifreund), Cat: Marzipan

I wrote a little producer-consumer example for the #CHERIoT book. It's smaller and simpler than the one in the RTOS repo.

I ran it and the output was surprising. I realised that we're yielding in futex_wake more often than we strictly needed to.

One scheduler patch later, my example runs 35% faster and the test suite 2% faster. The network stack should also be faster, since the core structure for communication between its threads is not far off my toy example.

The things I do to avoid writing...

There are a lot of recent improvements to the #CHERIoT compiler from folks at SCI Semiconductor and Google, along with community contributors. We are working towards tracking upstream LLVM and starting to upstream changes, as well as improving the developer experience. Owen Anderson has written a blog post describing some of the new improvements.

Starting the #CHERIoT new year with a post from Phil Day, in which he learns that respecting the principles of least privilege and intentional use don't just improve security, they also make it easier to understand what third-party code is doing.

I recently posted that we weren't currently hiring, but actually we are on the hardware side. We're still looking to hire some DV folks for our hardware team (full remote, UK easy, elsewhere a bit harder but may be possible).

Anyone interested in working on CHERI hardware, please ping me. Please boost if you have hardware folks in your network!

Looks as if contracts are going to make it into #CPlusPlus. The #CHERIoT programming guides will need updating to ensure that they are never used in our codebase, since (at least as currently specified) they are incompatible with modern software engineering practices.

My first books were all published by a US publisher and so were written in American. The #CHERIoT Programmers' Guide is currently written in English but I'm pondering translating it to American before publication. What language should it be written in?