EdgeSec
PureCapped memory hardened smart router. Provably resilient to (approx.) 70% memory vulnerabilities. Evidenced. Open Sourced
Benefit: evidence simplicity of CHERI porting. Base platform for future development.
https://github.com/nqminds/edgesec
UNIBOM
Universal SBOM generation and analysis tool.
Creates SBOMs from source, binary or docker. Analyses memory vulnerabilities by component (recursively). Estimates impact after CHERI intervention. Evidenced with mass router firmware analysis
Benefit: Surfaces per project need and impact of CHERI. Business case generation
https://github.com/nqminds/SBOM-GAP
TrustNetZ
Novel device and network management protocols. Published as NIST standard. Creates a memory vulnerable aware network ecosystem. Full lifecycle: selectivity procuring and onboarding devices that are provably memory secure
Benefit: commercial driver – emphasises the commercial benefit of memory secure devices embedded operational differentiation
https://github.com/nqminds/trustnetz
Publications
How Memory-Safe is IoT? Assessing the Impact of Memory-Protection Solutions for Securing Wireless Gateways. Vadim Safronov, Ionut Bostan, Nicholas Allott, Andrew Martin
https://arxiv.org/abs/2411.01377
But is it exploitable? Exploring how Router Vendors Manage and Patch Security Vulnerabilities in Consumer-Grade Routers. George Chalhoub, Andrew Martin
