| Supervisor | Niklas Gollenstede | 
| Project | |
| IBR Group | VSS (Prof. Dietrich) | 
| Type | Master Thesis | 
| Status | open | 
| CHERI is an experimental hardware ISA extension that thrives to solve classes of memory safety issues in legacy software. It does so by replacing pointers with "capabilities", which encode and enforce a valid range and access mode for each pointer value. A key point of CHERI is that valid capabilities can not be created ("forged"), but only be derived as a subset of another capability. When used along with a POSIX process model, capabilities are enforced on the level of virtual addresses. A given address from one process (address space) usually translates to different physical memory, and may have completely different semantical meaning, in a different address space. In general, processes therefore have to be prevented from obtaining capabilities from other processes. Current implementations of CheriBSD and Cheri Linux therefore categorically disallow reading or writing capabilities to/from shared memory. We see some open issues, though: 
 Preliminary work on this (verifying and defining the scope of the issue) has been doe in a previous bachelor thesis. The open issues can be addressed in one or more master theses. | |
 Vacancies of TU Braunschweig 
 Career Service' Job Exchange  
 Merchandising 
Term Dates
Courses
Degree Programmes
 Information for Freshman
 TUCard
Technische Universität Braunschweig
 Universitätsplatz 2
 38106 Braunschweig
P. O. Box: 38092 Braunschweig
 GERMANY
Phone: +49 (0) 531 391-0