Announcing My Role as CHERI Alliance Ambassador

I’m joining CHERI Alliance as an ambassador, working to transform cybersecurity at its foundation.

Memory safety bugs cause 70% of cyber vulnerabilities, leading to disasters like OpenSSL Heartbleed1 and the 2024 CrowdStrike outage ($5.4 billion in losses)2. CHERI technology3, developed over 15 years by Cambridge University and SRI International, prevents these attacks through hardware-enforced memory protection rather than endless software patches.

The momentum is extraordinary. The UK government invested £80 million alongside £200 million from industry4, with backing from DSIT, NCSC/GCHQ, DSTL, and DARPA. Industry giants Google, Microsoft, and Arm have joined alongside BT Group and Siemens, recognizing that hardware-level security is no longer optional.

I’m particularly excited about our working groups porting critical operating systems to CHERI. FreeBSD, FreeRTOS, Zephyr, and seL4 have all been ported to run on CHERI hardware, with teams actively developing and maintaining these implementations. This ecosystem work ensures CHERI can protect everything from embedded IoT devices to enterprise servers, making memory safety accessible across the entire computing stack.

Microsoft found CHERI would have prevented two-thirds of their 2019 vulnerabilities5. The technology is practical too – existing software often needs less than 0.03% code changes to become memory-safe6. As we deploy AI and connect critical infrastructure, we can’t afford to keep patching symptoms. CHERI addresses the root cause.

While I originally launched this Substack to chronicle computer architecture and university life, my passion for operating systems has taken the wheel. Going forward, you’ll find articles, updates, and announcements covering operating systems and CPU architectures—particularly FreeBSD, Linux, CHERI, and RISC-V.

If your company takes cybersecurity seriously, consider joining the CHERI Alliance. We’re building secure-by-design systems and welcome everyone who shares this vision. It’s time to stop playing defense against memory vulnerabilities and solve the problem at its root.