Someone else will undoubtedly say it much better than I will here but one of us has to break the very sad news: Ross Anderson died yesterday.

His enthusiasm, his wide-spectrum intellectual curiosity and his engaging prose were unmatched. He stood up vigorously for the causes he believed in. He formed communities around the new topics he engaged with, from information hiding to fast software encryption, security economics, security and human behaviour and more. He served as an inspiring mentor for generations of graduate students at Cambridge—I know first hand, as I was fortunate enough to be admitted as his PhD student when he was still a freshly minted lecturer and had not graduated any students yet. I learnt my trade as a Cambridge Professor from him and will be forever grateful, as will dozens of my “academic brothers” who were also supervised by him, several of whom post regularly on this blog.

Ross, thank you so much for your lively, insightful and stimulating contributions to every subfield of security. You leave a big void that no one will be able to fill. I will miss you.

RIP

For a bit over a decade, SRI International and the University of Cambridge have been working to develop CHERI (Capability Hardware Enhanced RISC Instructions), a set of processor-architecture security extensions targeting vulnerability mitigation through memory safety and software compartmentalisation. In 2019, the UK’s Industrial Strategy Challenge Fund announced the £187M Digital Security by Design (DSbD) programme, which is supporting the creation Arm’s experimental CHERI-based Morello processor, System-on-Chip (SoC), and board shipping in early 2022, as well as dozens of industrial and academic projects to explore and develop CHERI-based software security. This week, UKRI will be launching an £8M funding call via EPSRC and InnovateUK to support UK-based academic and industrial CHERI/Morello software ecosystem development work. They are particularly interested in supporting work in the areas of OS and developer toolchain, libraries and packages, language runtimes, frameworks and middleware, and platform services on open-source operating systems — all key areas to expand the breadth and maturity of CHERI-enabled software. There is a virtual briefing event taking place on 5 October 2021, with proposals due on 8 December 2021.

We are pleased to announce two new research and/or software-development posts contributing to the CHERI project and Arm’s forthcoming Morello prototype processor, SoC, and development board. Learn more about CHERI and Morello on our project web site.

Fixed-term: The funds for this post are available for up to 2 years, with the possibility of extension as grant funds permit.

Research Assistant: £26,715 – £30,942 or Research Associate: £32,816 – £40,322

http://www.jobs.cam.ac.uk/job/26834/

We are seeking one or more Research Assistants (without PhD) or Research Associates (holding or shortly to obtain a PhD) with a strong background in compilers and/or operating systems to contribute to the CHERI Project and our joint work with Arm on their prototype Morello board, which incorporates CHERI into a high-end superscalar ARMv8-A processor. CHERI is a highly successful collaboration between the University of Cambridge, SRI International, and ARM Research to develop new architectural security primitives. The CHERI protection model extends off-the-shelf processor Instruction-Set Architectures (ISAs) and processors with new capability-based security primitives supporting fine-grained C/C++-language memory protection and scalable software compartmentalization.