More companies across the UK join Digital Security by Design to test and learn from prototype cybersecurity technology

Published
05/12/2022

Digital Catapult has welcomed a further four companies to its Digital Security by Design (DSbD) Technology Access Programme (TAP).

● Digital Catapult onboards a further four companies onto its Technology Access Programme to experiment with ground breaking cybersecurity technology

● Since January, 28 UK companies are now part of UKRI’s Digital Security by Design programme – a government-backed initiative to build a safer digital future

● Companies from various industries will showcase their projects and findings in March 2023

Digital Catapult has welcomed a further four companies to its Digital Security by Design (DSbD) Technology Access Programme (TAP). They joined the 24 companies already experimenting with a prototype cybersecurity technology that has the potential to block up to two thirds of all memory related cyber attacks.

The programme involves the use of a prototype system on a chip (SoC) and evaluation board, the Morello board, designed by Arm and based on CHERI (Capability Hardware Enhanced RISC Instructions). CHERI is a novel instruction set architecture developed by University of Cambridge and SRI International at Stanford designed to prevent cyber attacks that exploit conventional hardware and software memory vulnerabilities, which currently constitute the vast majority of cyber attacks globally.

Participating companies are supported by a wide network of professionals from Arm and the University of Cambridge as well as access to a wealth of information through the technical resources available on the dedicated DSbD programme site. For companies with less than 250 employees, a £15,000 grant is also available.

Amongst the latest companies joining the programme is JET Connectivity, which specialises in delivering 5G data transmission in challenging environments such as at sea and is seeking to investigate whether the in-built capabilities of CHERI and Morello could better protect its 5G stack against unsafe data, and secure cloud storage solutions provider Prizsm, which is planning to experiment with CheriBSD as a development environment for its software to mitigate known memory-bound exploits, in order to enhance its applications’ cyber resilience.

Companies already involved in the programme include IT consultancies specialising in Industrial Internet of Things (IIoT), cybersecurity and cloud based services as well as designers of embedded systems and manufacturers of electronic equipment serving industries as diverse as utilities, telecoms, automotive and healthcare.

The next opportunity to apply to Digital Security by Design through the Technology Access Programme is in January 2023 with applications opening on 11 January. Successful companies will be onboarded to the programme by Digital Catapult in Spring 2023.

Prof. John Goodacre, Challenge Director, Digital Security by Design, UK Research and Innovation, said:

“It’s encouraging to see the continued interest in the Morello prototype board. The breadth of companies taking part in this programme is key to enabling this fundamental step-change in computing and provides businesses the early visibility to differentiate and deliver security-first products across industry and society.”

Jessica Rushworth, Chief Strategy and Policy Officer, Digital Catapult said:

“As we approach the end of the year it’s great to see so many companies from a variety of industries including telecoms, utilities and automotive, right across the UK taking part in the DSbD programme since its launch in January. The level of participation and enthusiasm from the industry really highlights how relevant DSbD technology is to cybersecurity”.

“In the past eleven months the Digital Catapult team had the opportunity to learn more about the challenges facing the companies involved as well as the wider ecosystem and we look forward to working with more innovative companies next year”.

Adrian Fern, Founder of participating company Prizsm Technology commented:

“We are delighted to have been selected for the Technology Access Programme. Prizsm Technologies is porting its codebase to the Morello-CHERI instruction-set architecture. This is helping to protect against the accumulation of technical debt and is instilling memory-safety best practices into our ongoing product development activities.

Our multi-cloud data storage solution codebase has been written entirely using C with Classes (C++) which in the past 50 years allowed programmers to introduce certain types of computer memory related bugs. Morello and CHERI’s rigorous engineering techniques increase assurance and prevent these memory safety issues from happening. We believe that building the knowledge and skills required to create Digital Security by Design Capability products now, will provide a huge advantage for Prizsm in the future”.

Find out more here