Understanding RESAuto and Its Role in Cybersecurity

The RESAuto project is a groundbreaking initiative to assess the economic implications of adopting CHERI (Capability Hardware Enhanced RISC Instructions) in engineering and regulated industries, according to Davies and Thales, (2024). Spearheaded by Thales-UK, a global leader in cybersecurity and critical infrastructure solutions, RESAuto seeks to integrate “Digitally Secure by Design” principles into complex, interconnected systems. With ever-evolving regulatory frameworks and conflicting through-life objectives such as safety, privacy, and data access, the project evaluates how CHERI-based hardware can enhance security while ensuring compliance with legal and commercial constraints.

The Cost of Memory Security and Its Implications

Davies and Thales, (2024) mentioned that Implementing secure and resilient systems comes with financial considerations. RESAuto emphasizes the necessity of a risk- based approach, balancing the costs of security protections against potential losses from cyber incidents. The economic impact of security failures includes lost production, reputational damage, legal repercussions, and regulatory fines. In contrast, proactive investments in cybersecurity—such as secure hardware, robust supply chains, and software integrity measures—help mitigate these risks. The project’s analysis highlights that while CHERI-based security mechanisms introduce additional costs, they offer long-term benefits by reducing vulnerability to costly cyber threats.

Figure 1 below illustrates the key cost drivers in hardware security, categorizing expenses related to silicon, tooling, testing, and design evidence. It highlights the financial components of developing secure chips, including IP costs, safety engineering, and security engineering. Understanding these cost layers helps make informed decisions about effectively implementing memory security measures.


Figure 1: Cost Drivers In Hardware Security

CHERI: A Revolutionary Approach to Memory Safety

CHERI, developed by Cambridge University, enhances memory safety and system security by integrating fine-grained memory protection at the hardware level, as highlighted by Davies and Thales, (2024). CHERI mitigates vulnerabilities such as buffer overflows and use-after-free errors by replacing traditional memory pointers with capability-based security. This approach strengthens isolation between software components and enables more efficient containerized application execution. Unlike conventional security methods, CHERI allows a gradual transition, as it is compatible with existing programming languages like C and C++, making adoption feasible without a complete software overhaul.

Challenges of CHERI Adoption in Safety-Critical Systems

While CHERI offers significant advantages in security, its adoption in safety-critical industries such as automotive and aerospace presents challenges, as mentioned by Davies and Thales, (2024). Current safety standards, such as ISO 26262 for automotive security, demand highly deterministic system behavior. CHERI’s enhanced security measures could lead to increased system resets and non-deterministic error

handling, which might conflict with safety requirements. Additionally, the absence of proven, in-use CHERI implementations for safety-critical systems necessitates extensive research, testing, and regulatory alignment before mainstream adoption. This highlights the significant investment needed to develop CHERI-compliant hardware that meets safety certification requirements.

Exploring the SONATA Development Board

One of the key implementations of CHERI security enhancements is the SONATA development board, a low-cost FPGA platform designed for security research and experimentation, as emphasized by Davies and Thales, (2024). Developed by lowRISC, this board is built around the chariot-ibex hardware design and distributed to research institutions worldwide to evaluate its capabilities in real-world applications. As CHERI adoption expands, tools like SONATA are crucial in bridging the gap between research and practical implementation in cybersecurity-driven hardware solutions.


Figure 2: SONATA Development Board

Figure 2 showcases the SONATA board, a purpose-built FPGA system that facilitates CHERI-based security enhancements. Its accessibility and affordability make it an ideal platform for testing memory safety improvements and refining secure hardware methodologies.

The Future of Secure Hardware: Balancing Innovation and Risk

As cybersecurity threats evolve, adopting secure-by-design methodologies like CHERI is essential to protecting modern hardware ecosystems, as noted by Davies and Thales, (2024). However, the transition comes with economic, technical, and regulatory challenges. RESAuto’s research underscores the importance of strategic investments in secure hardware solutions while ensuring they align with industry standards and risk management frameworks. The project also raises key questions about performance trade-offs, supply chain security, and cost-benefit dynamics, paving the way for a future where cybersecurity is deeply embedded in hardware design rather than treated as an afterthought.

References

Davies, P. & Thales. (2024, October 21). RESAuto and the Economics of Hardware Cyber Security. FPGA Frontrunners.

Author

  • Mike Bartley

    Dr Mike Bartley has over 30 years of experience in software testing and hardware verification. He has built and managed state-of-the-art test and verification teams inside several companies (including STMicroelectronics, Infineon, Panasonic, and the start-up ClearSpeed) and also advised several companies on organisational verification strategies (ARM, NXP, and multiple start-ups). Mike successfully founded and grew a software test and hardware verification services company to 450+ engineers globally, delivering services and solutions to over 50+ clients in various technologies and industries. The company was acquired by Tessolve Semiconductors, a global company with 3000+ employees supporting clients in VLSI, silicon test and qualification, PCB, and embedded product development in multiple vertical industries. Mike is currently a Senior VP at Tessolve supporting VLSI globally, focusing on helping companies incorporate the latest verification techniques and strategies into their verification flows and building verification teams to support these companies in implementing them on IP and SoC projects. He is also responsible for the Tessolve Centres of Excellence running all R&D projects with Tessolve, including building a new AI capability across all Tessolve products and services. Mike has a PhD in Mathematics (Bristol University), and 9 MSc in various subjects including management (MBA), software engineering, computer security robotics and AI, corporate finance, and blockchain and digital currency. He is currently studying part-time for an MSc in quantum computing at the University of Sussex and the use of technology in healthcare at the University of Glasgow.