Digital security by design

The digital security by design (DSbD) challenge funds business and researchers to update the foundation of insecure digital computing infrastructure by creating a new, more secure hardware and software ecosystem.

Budget:

£70 million

Duration:

From 2020 to 2025

Partners involved:

Innovate UK, Engineering and Physical Sciences Research Council (EPSRC)

Funding Details

The scope of what is being done

The DSbD challenge is investing in projects that help the UK digital computing infrastructure to become more secure.

The scope of this challenge includes:

  • the creation of an updated hardware architecture in a physical prototype board
  • developing the software and system development tools that will run on it
  • demonstration in industry sectors, including automotive, e-commerce, defence, telecoms and operational technologies

The challenge covers three areas of activity:

  • technology platform prototype, Morello Board
  • collaborative research and development (software development, enabling use)
  • five business-led demonstrators
Why it's being done

Cybersecurity is a major UK government strategic priority. The World Economic Forum risks report 2018 lists data fraud or theft and cyber-attacks as a key global risk. Through collaboration between academia, industry and government, these new capabilities will pave the way that business and people can use and trust technology.

DSbD will enable a more trustworthy digital environment, in which only expected access to data and operations are permitted while limiting the impact of vulnerabilities. DSbD will promote a mindset change around cyber security, giving the freedom to learn, trade, play, automate and collaborate safely.

The Opportunities, support and resources available

Technology Access Programme

Delivered by Digital Catapult, this programme has been designed for developers and organisations to experiment with DSbD technologies to block cyber vulnerabilities. This includes Arm’s Morello Board and the University of Cambridge’s secure computer architecture, capability hardware enhanced RISC instructions.

The programme are giving participating organisations an opportunity to access this early-stage software and prototype hardware technology. This will allow them to investigate in their own research and development teams and validate the core capabilities and benefits.

Find out more on the DSbD portal.

Past projects, outcomes and impact

Funded and announced projects

Technology platform prototype

The Morello Board, developed by Arm and based on the University of Cambridge’s secure computer architecture, capability hardware enhanced RISC instructions (CHERI), will introduce a new approach to block security vulnerabilities in modern computer systems. This will make it harder to attack technology infrastructure and remotely take control.

The project also involves open-source software specialists Linaro and the University of Edinburgh.

Read more about Arm’s technology platform prototype.

Demonstrator projects

£13 million funding for five collaborative projects which will demonstrate the impact of new technologies. These projects will use the DSbD technology platform prototype, the Morello Board.

THG

THG will test the benefits of DSbD technology to improve the security of e-commerce and enable the increased productivity and development of future world-leading services and products.

CyberHive

CyberHive will develop a demonstrator and supporting framework of development tools to help digital computing infrastructure to become more resistant to attacks, both in the UK and around the world.

It will also develop innovative new methods to secure the data being transmitted by applying layered encryption resistant to attack by quantum computers that is thus more resilient to near-term and future cyber-threats.

This will make it harder to attack and infiltrate network infrastructure or endpoints and remotely take control or extract sensitive information.

Beam Connectivity

Beam Connectivity will demonstrate and review the use of DSbD technologies for cyber critical and safety critical applications in the automotive sector.

Southern Gas

Southern Gas seeks to deliver an internet of things demonstrator in the utility industry. This sees the use of DSbD technologies to deliver an enhanced security solution for applicability within SGN critical national infrastructure.

ICETOPE

ICETOPE will work with industry standard bodies to address the lack of cooperation between information technology and operational technology. The aim is to help overcome the cybersecurity barrier for implementing effective Edge computing by harnessing the new security compartmentalisation features of the Morello platform.

Discribe: DSbD Social Science Hub+

A social science-led research programme bringing together social scientists, economists, computer scientists, and arts and humanities professionals for research, networking and engagement with the wider community.

Read more about the Discribe project.

EPSRC research projects

These EPSRC-led research projects will leverage the DSbD technology hardware prototype (Morello Board) to work on a focused area within a selected and specified software stack or operating system or developer toolchain used by a digital system.

AppControl

Developing a formal, executable specification that every component of a mission-critical system-on-chip has to follow.

Read more about the AppControl project.

Capability Architectures in Trusted Execution (CAP-TEE)

Focusing on capability architectures and trusted execution to protect safety and security-critical systems.

Read more about the CAP-TEE project.

Capabilities for Heterogeneous Accelerators (CAPcelerate)

Investigating how capability protection can be applied to systems containing heterogeneous accelerators for applications such as graphics, artificial intelligence, cryptography and networking.

Read more about the CAPcelerate project.

Capability-based Isolation for Cloud Native Applications (CloudCAP)

Developing capability-based cloud compartments that can express policies about the confidentiality and integrity of data, within and across components of a cloud stack and cloud native applications.

Read more about the CloudCap project.

CHERI for Hypervisors and Operating Systems (CHaOS)

Developing new hypervisor and operating-system software compartmentalisation models able to use the CHERI or Morello architectural primitives to improve compartmentalisation scalability.

Read more about the ChaOS project.

CapableVMs

Improving the security of high-performance programming language virtual machines (VMs) using CHERI hardware enforced capabilities.

Read more about the CapableVMs project.

Capability C (CapC)

Developing a new semantic definition of C that provides safety by default, enabling it to be compatible with the DSbD hardware and maximising security.

Read more about the CapC project.

Secure Code for Capability Hardware (SCorCH)

Developing a new software verification toolchain for capabilities to verify the Morello platform is used correctly, based on state-of-the-art static and dynamic software verification and theorem-proving techniques.

Read more about the SCorCH project.

Holistic Design of Secure Systems on Capability Hardware (HD-Sec)

Exploring engineering challenges in establishing and formally verifying the relationship between application-level security requirements and secure software implementations running on capability hardware.

Read more about the HD-Sec project.