2026-06-09 –, Poster Island A
CHERI extends conventional ISAs with hardware-enforced capabilities to provide fine-grained memory protection and its integration in RISC-V is gaining momentum with RVY. As adoption grows, implementations must be evaluated to ensure working CHERI protection mechanisms. We show that existing memory-corruption exploit implementations do not directly carry over to CHERI-enabled architectures, and that observed exploit failures (i.e., unsuccessful exploits) do not necessarily imply effective protection. To resolve this ambiguity, we propose a methodology that temporarily disables CHERI enforcement within a RISC-V VP. Comparing exploit behavior with and without CHERI enforcement under otherwise identical conditions makes it possible to distinguish exploit failure from effective CHERI protection.
Manfred Schlägl is a PhD student at the Institute for Complex Systems, JKU Linz, under Prof. Daniel Große. For 15 years, he worked in industry, focusing mainly on low-level firmware and operating systems for industrial embedded systems. In 2021, he left the industry to resume his studies, completed his Master's degree in Computer Science in 2023, and started his PhD immediately afterward. His main research interests are hardware/software co-simulation using virtual prototypes and hardware verification. He is also deeply interested in operating systems, hardware platforms, and computer architectures, especially RISC-V.