It would be naive to consider that all software, even when developed to the highest level of today’s assurance, will continuously operate as intended. Whether this takes a cosmic attack, a determined cyberattack or an implementation vulnerability, today’s computer fabrics do little to help High Integrity Software (HIS) architects protect their solutions from a potential perturbed operation.

Such developers have long used formal methods and automated verification tools to reason about the operation of their systems. Unfortunately, hardware models are often approximations and lack semantics to fully understand the physically possible states of process and data manipulation.

In directing the UKRI Digital Security by Design programme, it’s encouraging to see the rapidly increasing interest and impact the Arm Morello technology prototype provides businesses and researchers. More specifically, multiple markets and technology sectors are now using the Morello board to assess the benefits of the embedded CHERI security features. Through the formally specified hardware architecture, instruction and data semantics, researchers of HIS tooling have new ways to reason about software and mechanisms to increase performance and coverage.

This talk will reference back to the 1970s and progress through to the next decade when new technology must fundamentally change how computers run the software and deliver secure products by design that bring new properties that can further increase software assurance.