Formal CHERI: rigorous engineering and design-time proof of full-scale architecture security properties

In this blog post, we describe how we used rigorous engineering methods to provide high assurance of key security properties of CHERI architectures, with machine-checked mathematical proof, as well as to complement and support traditional design and development workflows, e.g. by automatically generating test suites. This shows that, by judicious use of rigorous semantics at design time, we can do much better than test-and-debug development.

academic papers architecture cheri design engineering programming-languages scale security security engineering