CHERI is a new processor technology that fundamentally improves software security. CHERI's strong memory safety and scalable software compartmentalization directly prevent, or limit, the impact of a significant majority of software vulnerabilities. Founded with support from the UK government in 2025, the CHERI Research Centre† is based at the University of Cambridge. We perform research into CHERI hardware and software, develop standards enabling CHERI use, create open-source hardware and software reference designs, and collaborate with industry to enable adotion.
Video introductions
Background
Background video prepared for the Royal Academy of Engineering.
Technical overview
Introduction to CHERI talk presented at the CHERI Blossoms conference in 2025
Publications
Introduction to CHERI presents a high-level summary of our work on CHERI architecture, microarchitecture, formal modeling, and software. As CHERI has evolved significantly over time, this report provides the best introduction to, and overview of, our approach. Individual papers address narrower focuses, such as C-language support or capability bounds compression, and address specific snapshots of our design during the research and development life cycle.
To find out more about the CHERI processor architecture, please read CHERI ISAv9. This includes details of CHERI for RISC-V processors (replacing our prior work on MIPS).
The CHERI C/C++ Programming Guide reflects knowledge gained from porting millions of lines of application code and operating systems to pure CHERI code.
A comprehensive list of our CHERI publications since 2010 is available from the CHERI Research Publications page, which includes a list of PhDs awarded to team members. We are also delighted that many other researchers have published their own work building on CHERI, some of which have been presented at CHERI Tech and CHERI Blossoms conferences.
People
Research at the CHERI Research Centre is led by Robert Watson (architecture, operating systems and applications), Simon Moore (CHERI hardware), and by Peter Sewell (formal verification). The amazing team of researchers and engineers has enabled this grand project to progress so far. Many past and present team members have gained Ph.D.s undertaking research on CHERI - see Publications.
Industry
As part of the Innovate UK Digital Security by Design initiative, ARM produced Morello. These ARM Morello desktop systems were provided to many industrial and educational institutions for evaluation.
More recently commercial systems have been produced - see the CHERI Alliance list of products.
Research
Hardware-software co-design has been at the heart of CHERI research for over fifteen years. The Centre continues to perform both fundamental research around the CHERI model itself, its representation in the ISA (e.g., relating to virtualisation), its integration into diverse microarchitectures (e.g., accelerators), and new uses in software (e.g., in improving language-runtime robustness). We produce many full-functional prototypes including this website that is running on an ARM Morello (prototype CHERI-on-ARM) computer running our CheriBSD operating system and a pure capability protected compartmentalised version of the NGINX web server.
Hardware research
Current hardware research on CHERI is focused on CHERI for RISC-V. See the CHERI research hardware page for details, and the Industrial implementations section above. For software bring-up, CHERI-RISC-V is available in the QEMU simulator as well as on FPGA.
Software
Extensive software support is available for CHERI including CHERI Clang/LLVM/LLD compiler suite and linker, CheriBSD operating system, and QEmu simulator. More recent work includes bring-up of CHERI-Linux in partnership with Codasip, Linaro and others. Ongoing research includes work around temporal safety, protection within higher-level language runtimes, new approaches to software compartmentalisation, large-scale deployment case studies, and adversarial evaluation. For more details see The CHERI Software Stack page.
Standards
Standardisation plays an essential role in the work of the Centre, both from the perspective of enabling portable CHERI-enabled software stacks across a range of architectures and microarchitectures, and also with respect to use cases and supply chains that will need to document requirements met by secure hardware and language platforms. We are playing significant roles in two such efforts currently:
RISC-V International standardisation of the CHERI 'Y' extension to the 32-bit and 64-bit variants of the RISC-V instruction set. This will enable the creation of portable CHERI-enabled software across multiple RISC-V hardware vendors.
ETSI standardisation of definitions and assurance levels for memory safety. This is a first critical step in enabling consumers of CHERI-enabled hardware, as well as of other strong memory-safety technologies, to clearly define requirements for the purposes of procurement, regulation, compliance, engineering, and so on.
News
- February 2026 - Youtuber LaurieWired (Laurie Kirk from Google Research) talks about CHERI in her predictions for 2026: YouTube Link
- November 2025 - UKRI announces £21 million backing for technology to stop cyber attackers (UKRI page). This is to support transition activities of our CHERI technology. Cyber Security Minister Liz Lloyd said: CHERI changes the game for cyber security, enabling us to build defences directly into device hardware...
- October 2025 - New ASPLOS paper on CHERIoT RTOS - DIO link to ACM
- August 2025 - New Ph.D. thesis by Franz Fuchs Toward transient-execution attack mitigations on CHERI (PDF)
- August 2025 - IEEE Security and Privacy Best Paper Prize 2024 (announced August 2025) for our paper CHERI: Hardware-Enabled C/C++ Memory Protection at Scale
- June 2025 - CHERI supported in the UK Industrial Strategy - See the Digital Sector Plan (PDF)
- May 2025 - Test of Time award from IEEE Security and Privacy for our paper CHERI: A Hybrid Capability-System Architecture for Scalable Software Compartmentalization. Plaque
- January 2025 - CACM publish our thought piece: It Is Time to Standardize Principles and Practices for Software Memory Safety
For more historical items, see the CHERI project news page.
Upcoming events
The CHERI Blossoms 2026 event will be in Cambridge 26-27 March 2026. See the CHERI Alliance Events page for further details including registration.