Autonomous vehicles#
Modern cars and drones carry dozens of connected controllers. That connectivity brings convenience and attack surface. CHERI-enforced isolation means that even if an attacker gains network access, they cannot hijack safety-critical functions:
- Faults injected into braking or steering stacks are caught by hardware capability checks.
- Compartmentalisation stops lateral movement between perception, control, and infotainment domains.
- Safe failure modes keep passengers protected while the system contains and reports the exploit attempt.
In the UK RESAuto pilot, a braking system ported to Morello silicon detected simulated attacks instantly, containing the exploit and failing safely instead of endangering passengers.
Industrial robots and controllers#
Manufacturing and critical infrastructure rely on deterministic, resilient control. A single software defect can halt production or cause unsafe behaviour. Safety-Native design with CHERI:
- Sandboxes control modules in hardware-backed compartments, so a fault in one unit does not crash the entire line.
- Blocks malware that would otherwise hijack motion or safety interlocks.
- Enables graceful degradation, allowing equipment to continue operating safely or shut down predictably.
Early adopters in IoT and manufacturing are already exploring CHERI-secured controllers to protect factories and logistics networks.
Medical systems#
From robotic surgery to infusion pumps, medical devices demand deterministic safety. On CHERI-enabled processors:
- Out-of-bounds access and pointer misuse are stopped by capability checks before they can affect patients.
- Compartmentalisation keeps critical dosing and monitoring code isolated from less-trusted components.
- Behaviour aligns with stringent standards such as IEC 62304 for medical software.
UK researchers, including teams at TTP plc, are trialling CHERI boards to meet these safety and regulatory targets today.