Arm Morello Program
Morello is a research program with the potential to radically change the way we design and program processors in the future to improve built-in security. Funded by the UK government’s Industrial Strategy Challenge Fund (ISCF) Digital Security by Design (DSbD) program and led by Arm, Morello has a transformative goal to radically update the security foundations of the digital computing infrastructure that underpins the entire global economy. The main anticipated output of DSbD is a technology platform prototype, designed and produced by Arm: The Morello evaluation board.
Morello focuses on new ways of designing CPU architecture that can make processors more robust and deter certain key security breaches. As part of an additional 5-year research program funded by UK Research and Innovation (UKRI), Morello will be used to produce and test a prototype technology that, if successful, could be implemented in future hardware.
Arm is collaborating with the University of Cambridge and SRI International on its Capability Hardware Enhanced RISC Instructions (CHERI) architecture. Arm has developed a prototype architecture that adapts the hardware concepts of CHERI.
This new approach to cybersecurity requires extensive exploration work and involves a significant change in how the architecture of the hardware is designed and how software running on devices is programed to take advantage of the new features.
Using this new technology, Arm has designed a prototype system-on-chip (SoC) and a development board, called the Morello board. This will enable industry and academic partners to test the new prototype architecture in real-world use cases.
Timescale
The Morello program started in October 2019, and will span a 5-year period. Arm has since announced the release of the Morello demonstrator board on schedule in January 2022. Over 2022, hundreds of Morello boards will be shipped to companies, universities, and government labs for experimentation and evaluation. The remainder of the project time will be available for testing and feedback by the industry ecosystem.
Technical Resources
Access the following resources for Morello, including architecture specifications, platform models, the Morello forum, technical guides and more:
Morello Prototype Architecture Specification
The Morello architecture aims to improve the robustness and security of systems.
Work With Open Source Software for the Morello Platform
See the Linaro landing page for Morello Linux open source software.
Morello Platform Model
Download the open access Fixed Virtual Platform (FVP) on developer.
Morello Technical Reference Manual (TRM)
Find out more about the Morello System Development Platform (SDP).
Morello Development Tools
Get specialized tools for software prototyping and architecture exploration.
Memory Model Tools Support for Morello
Access support for the Morello architecture on github.
Morello Theory
- The hardware capability technology that is used in CHERI and in the Arm prototype architecture confines references to memory locations. These act as pointers, with limits on how the references can be used. These limits relate to the address ranges and functionality that the references can be used to access.
- This combined information, which is called a capability, is constructed so that it cannot be forged by software.
- Replacing pointers with capabilities in a program vastly improves memory safety, which is a key step for security. Recent research by Matt Miller of Microsoft has shown that ~70% of the vulnerabilities addressed through a security update each year continue to be memory safety issues.
- The benefit of hardware capability technology goes beyond memory safety. This is because the capabilities can be used as a building block for more fine-grained compartmentalization of software. Software that is constructed with fine-grained compartmentalization could result in inherently more robust software that is resistant to attack.
- A powerful feature of compartmentalization is that, even if one compartment is compromised by an attacker, the attacker cannot break out of the compartment to access any other information, or to take overall control of the computing system.
In addition to changes to hardware, this new approach to security will require re-architecting how code is created. Code will be written and compiled in a different way, to take advantage of the novel hardware features and to achieve a more secure result.
Prototype Morello Evaluation Board
By creating a prototype Morello evaluation board, Arm is committing to the extensive engineering and research that enables an industrial-scale trial of candidate technologies. This is the first trial of this scale in the UK.
The Morello prototype board will be available to appropriate software companies, tools developers, and leading academic institutions. Arm will publish its key findings widely to lead and enable industry change.
The Morello prototype board is subject to these terms and conditions.
Note: Morello technology is at an early stage of research and testing. Arm has no roadmap or plan to include Morello technology in any current or future Arm products or architectures.
Morello Research Partners
To learn more about the Morello research partners, click the following logos:
Morello Resources
- Blog: Creating the Morello Technology Demonstrator
- Blog: Software Enablement and the Morello Technology Demonstrator
- Blog: Morello Program One Year On: A Step Closer to Securing Our Digital Future
- Performance paper: Early performance results from the prototype Morello microarchitecture (cam.ac.uk)
- Security goals paper: Arm Morello Programme: Architectural security goals and known limitations (cam.ac.uk)