A CHERI on Top: A Better Way to Build Embedded Secure SoCs

By Ian Lankshear

March 3, 2026

Hardware-enforced memory safety strengthens security, simplifies functional safety and even reduces firmware size.

Building safe and secure embedded systems is getting harder as firmware grows in scale, complexity, and connectivity. Even with sophisticated safeguards, such as microprocessor (MPU) regioning, real-time operating system (RTOS) isolation, static analysis tools, and strict coding standards (including MISRA C), application-specific IC (ASIC) and system-on-chip (SoC) developers still encounter the same architectural weakness: memory-safety violations. Buffer overruns, out-of-bounds accesses, and pointer corruption are consistently the leading sources of unpredictable system behavior and real-world security exploits.

CHERI began as a joint research effort between the University of Cambridge and SRI International, funded by DARPA, to prevent memory-safety vulnerabilities at the architectural level. Early MIPS prototypes proved that capabilities, pointers with hardware-enforced bounds and permissions, could be added without breaking C/C++ compatibility. The work later moved to RISC-V, demonstrating portability and modest hardware cost.

Arm’s 2021 Morello program brought CHERI into a commercial-grade central processing unit (CPU) and SoC, enabling wider scale industry evaluation. Today, CHERI is regarded as a major advance in secure architecture, and CHERI extensions are now progressing through the RISC-V International standardization process, with multiple working groups defining how capabilities become an optional but interoperable part of future RISC-V profiles.

To read the full article, click here