AdaCore Blog

CYBERUK proves an excellent showcase for AdaCore and Secure Avionics by Design

CYBERUK proves an excellent showcase for AdaCore and Secure Avionics by Design

by Paul Butcher

At this year's CYBERUK, AdaCore had the privilege of being part of the UKRI Digital Security by Design (DSbD) stand, demonstrating its part of Secure Avionics by Design (SAbD): CHERI Software Architecture on the Arm Prototype Morello Board.

The event allowed us to display our software-oriented demonstration to a global government and industry leaders audience.


The Edge Avionics Programme

AdaCore's SAbD technology has emerged from phase 1 of the collaborative and ongoing Edge Avionics programme. Edge Avionics aims to research state-of-the-art systems security by building a real-world demonstrator avionics defense platform (hardware and software) that showcases cyber and battlefield resilience. The Edge Avionics programme is funded by the Rapid Capabilities Office (RCO) of the UK Royal Air Force (UK RAF). Edge Avionics is a consortium led on behalf of the RCO by the Defence Science and Technology Laboratory (Dstl, an executive agency of the UK Ministry of Defence (MOD)) and delivered by GE Aerospace (the prime), Wind River, and AdaCore.

Edge Avionics' primary mission is to evaluate security claims made by the Digital Security by Design (DSbD) initiative within a large-scale defense application.

Evaluating the benefits of CHERI

DSbD involves a significant collaboration between academia, industry, and government with an essential emphasis on evaluating the security benefits of Capability Hardware Enhanced RISC Instructions (CHERI). In partnership with The University of Cambridge and Arm, the initial CHERI initiative has also received large amounts of funding from the US government through SRI International via the Defense Advanced Research Projects Agency (DARPA, the central research and development organization of the Department of Defense (DOD)).



CHERI promises to revolutionize the design of CPU architectures by providing dedicated registers and instructions for enforcing the safe usage of memory allocation, reads, and writes. CHERI aims to provide a framework for building and executing software applications that trap non-safe memory instruction calls directly at the hardware level, thus eliminating many memory-related vulnerabilities by making them non-exploitable.

Our CYBERUK

Paul Butcher was delighted with how CYBERUK proved to be a superb opportunity for AdaCore to cement our credibility,

"Being part of the UKRI / Innovate UK / DSbD booth gave us two busy days. The footfall was constant, and people were highly interested in the DSbD demonstrations, including our Ada bare metal secure avionics CHERI software running on the Arm Morello platform. CYBERUK provided a fantastic opportunity for the industry to focus on a large part of the root cause of cyber attacks: memory vulnerabilities. Furthermore, CYBERUK was the perfect stage to present the latest state-of-the-art solutions from the DSbD initiative, which is now reaching commercial-grade viability. The CHERI-related cyber security on display comprised the complete system solution from hardware to software and demonstrated practical application across critical national infrastructure. In addition, our contributions to cyber-secure Aerospace and Defence are equally applicable to other high-integrity sectors. CHERI provides an unparalleled opportunity to bring cyber-security to the masses, and AdaCore sees strong growth in this sector and, as such, is committed to developing CHERI toolchains for high-integrity operating systems on Morello and other emerging CPU architectures."


Posted in #CYBERUK   

About Paul Butcher

Paul Butcher

Paul is the UK Programme Manager, Head of Dynamic Analysis for AdaCore, and the Lead Engineer for GNATfuzz. He has over 25 years of experience in developing and verifying embedded safety-critical real-time systems. Before joining AdaCore, Paul was a consultant engineer, working for UK aerospace companies such as Leonardo Helicopters, BAE Systems, Thales UK, and QinetiQ. Before becoming a consultant, Paul worked as a Software Developer and Safety Engineer for the Typhoon platform, safety-critical automated train driving software, military UAVs, the Tactical Processor for the Wildcat platform, and mission planning systems for Typoon, EH101, and Wildcat. Paul graduated from the University of Portsmouth with a Bachelor’s Degree with Honours in Computing and a Higher National Diploma in Software Engineering.