The Cambridge semiconductor giant Arm has secured £36m of government funding to develop new chip technology which is less vulnerable to cyber attacks.
The five-year project will see Arm partner with software and tools developers, as well as researchers at Edinburgh and Cambridge universities, to test new designs.
News of the initiative comes around 18 months after the Spectre and Meltdown hardware exploits emerged. The vulnerabilities left CPUs exposed to viruses that could harvest sensitive data, such as passwords.
Funds for the Arm partnership have been administered by UK Research and Innovation through the government’s Industrial Strategy Challenge Fund. It’s part of a broader push in government to accelerate the development of hardware which is “secure by design”.
The Department for Business, Energy and Industrial Strategy remained tight-lipped about how the technology will ultimately be deployed, saying only that it would be “critical to defend advanced technology and our defence systems”.
Business secretary Andrea Leadsom announced the funding on Friday (18 October). In a prepared statement she said: “It’s critical that we are ahead of the game and developing new technologies and methods to confront future threats, supporting our businesses and giving them peace of mind to deliver their products and services safely.
“Investing in our world-leading researchers and businesses to develop better defence systems makes good business and security sense.”
Arm’s chief architect, Richard Grisenthawite, said the company’s first step would be to “create prototype hardware, the Morello Board, as a real-world test platform for prototype architecture developed by Arm that uses the University of Cambridge’s CHERI protection model.” He added: “It will enable industry and academic partners to assess the security benefits of foundational new technologies we’re making significant investments in.”
The reaction from industry was broadly positive. Fujitsu security chief Rob Norris said partnerships of this type “form an important part of reducing cyber attack exposure for many SMEs and larger organisations most at threat”. Securonix’s Robert Ramsden Board described it as an “important step in ensuring British businesses and the public are protected against cyber attacks”.