Are you aware that the entire digital economy and infrastructure are balanced on architectures that are fundamentally vulnerable to the exploitation of any mistakes in software implementation or design?

Today’s cybersecurity is focused on configuration management, best practices, monitoring and patching of software. Major software manufacturers write more software to enable more secure services and applications by default. But still, hardware and related components need to protect against software vulnerabilities by design. 

Digital Security by Design (DSbD) is a UK government supported initiative to help catalyse the transformation of digital technology creating a more resilient and secure foundation for a safer digital future. 

The DSbD programme was set up in 2019, to unlock research and enable industry with the objective to fix the foundations of computing and realise technical developments, the size of which computing has not seen for 50 years or more. 

With collaboration between academia, industry and government delivering more secure semiconductor devices pave the way for business and people to safely use and maintain trust in technology. 

While some of the fundamental market failures have been overcome, it is still imperative that UK government, industry, academia and international partners continue to work together to maintain and develop this ecosystem further by driving forwards adoption of this ground-breaking approach to protecting the digital world. 

DSbD is promoting a mindset change for cybersecurity, giving the freedom to learn, trade, play, automate and collaborate safely through cyber best-practices, reducing the attack surface by default, and protecting operational integrity by design.

The DSbD Challenge – which funds business and researchers to create a new, more secure hardware and software ecosystem – is testing the use of purpose-built microprocessors designed to prevent and mitigate memory safety issues. 

DSbD is working to enable a more trustworthy digital environment, in which only expected access to data and operations are permitted, while limiting the impact of any remaining vulnerabilities. 

With this new design, research suggests it is possible around 70 per cent of ongoing memory safety vulnerabilities should be blocked from exploitation, with other features enabling developers to further extend the resilience and integrity of software.

The Morello Board is a technology platform prototype built by Arm Ltd. This high performance computer implemented the new hardware capability technology (CHERI) from the University of Cambridge. An open-source RISC-V microcontroller platform has also now become available through lowRISC and Microsoft. 

These prototype boards and software platforms allow us to explore and demonstrate this new technology and measure its impact on the security and performance of software. 

Through the various funded collaborative projects and industry-led demonstrators, we can evidence that fixing the foundations of technology will benefit us all.

Potential benefits already emerging from the funded projects include a reduction in the number and severity of zero-day vulnerabilities and hence increased software integrity and resilience. 

There is also evidence of a reduction in the need for and number of software patches and hence lower costs to maintain cybersecurity systems for organisations. 

DSbD technology can protect against vulnerabilities in third-party libraries, hence enabling more scalable, secure products and services

The DSbD Challenge has also helped to develop cyber skills and jobs in the UK because embedding secure-by-design and secure-by-default principles in the cyber curriculum can greatly enhance the skill set of future cybersecurity professionals. 

By teaching students to prioritise security from the outset of system development, they learn to identify and mitigate vulnerabilities at the design stage, rather than attempting to patch them later. 

This proactive approach not only fosters a deeper understanding of cybersecurity principles but also instils a mindset of continuous improvement and adaptation to evolving threats. 

Ultimately, integrating these principles into the curriculum helps cultivate a workforce capable of building and maintaining secure, resilient digital infrastructures, thus contributing to a safer and more secure future in the face of escalating cyber threats.

DSbD technology prototypes, Arm Morello Boards and Sonata RISC-V Development Boards, are available through for organisations and academics to explore the technology and find what benefit this revolutionary technology could have.

By understanding what this technology could do for you, you can be a part of a new more secure future. 

Partner Content with Innovate UK/UKRI