top of page
Abstract Shape

CVA6-CHERI

CVA6-CHERI: An open-source CHERI application core

CHERI is revolutionising CPU design by building security directly into hardware. Hardware capabilities enforce strong spatial and temporal memory safety, deterministically mitigating roughly 70% of software vulnerabilities through software recompilation. CHERI enables scalable software compartmentalisation to minimise privilege and contain compromise. CHERI CVA6 is an open-source RISC-V application core that runs CheriBSD, CHERI seL4, and (soon) CHERI Linux stacks.

​

website_edited.png

A pipeline diagram of CVA6, showing the parts of the pipeline extended for CHERI highlighted in red.

Why now?

RISC-V International aims to ratify the CHERI "Y" extension in early 2026: CHERI CVA6 will be the open-source application core reference design. CHERI CVA6 takes lessons from the CHERI research ecosystem – Arm’s Morello, Cambridge’s CHERI Toooba, and Microsoft’s CHERIoT – for a mature, future-proof implementation.

 

The path to CVA6-CHERI

The CVA6-CHERI project will remove the biggest barrier to adoption by delivering a high-quality, permissively licensed SystemVerilog reference design, ready for commercial use. CVA6, from the Open Hardware Foundation, is a robust superscalar RISC-V core, with extensive community engagement, multiple tape-outs, and application OS support.

​

We are excited to be working with lowRISC and the University of Oxford under the COSMIC project funded by Innovate UK and DSIT to bring CVA6-CHERI to application-class secure enclaves. As part of this work, we will be adding required enclave features, honing microarchitectural efficiency, and pushing verification towards silicon-ready standards. See the lowRISC press release.

 

Based on an initial prototype CVA6-CHERI implementation by Zero Day Labs (see above), we have already modified the core by:

  • Supporting the standard features and (provisional) instruction encodings, providing a reference implementation for the pending RV64Y standard;

  • Using formal and directed-random tools to improve assurance;

  • Optimising to hone down towards essential area and performance overheads;

  • Improving the memory subsystem support for tagged memory;

  • Ensuring support for a range of pure capability operating systems.

 

How can I use it?

See our CHERI CVA6 repository for a standards-compliant (version 0.9.4) CHERI-enabled CVA6 design, supporting CHERI-enabled OSes on Genesys2 FPGA boards and tested against the Sail golden model. This will lay the groundwork for industry-standard verification and further PPA optimisation. We are continuously improving quality and verification: do reach out to us if you want to use CHERI CVA6 so we can advise you on the status.

 

How can I get involved?

Looking to integrate memory-safe processing into your SoC? Whether you want a ready-to-go CPU, reusable components, or a custom solution, Capabilities Limited is ready to help.

 

Repositories/Helpful links.

The RISC-V CHERI specification repository: https://github.com/riscv/riscv-cheri/

Our work in progress CVA6 fork, supporting the proposed RISC-V standard: https://github.com/Capabilities-Limited/cheri-cva6/tree/zcheri

 

CHERI Blossoms Talk

Talk page, including links to slide and video: https://cheri-alliance.org/events/speakers/jonathan-woodruff/

In collaboration with: Zero-Day Labs

Zero-Day Labs added initial support of the CHERI instructions (Cambridge ISAv9) to the CVA6 core. They have also added support for the hypervisor extensions (now upstream) and are working to support the Bao hypervisor.


See the Zero Day Labs repository for their version of the CHERI CVA6 core, which was the starting point of our version.

​

This project is in collaboration with other Open Hardware Foundation members.

cherilogo.png
openhw.png
bottom of page