Add link to scisemi.com

Signed-off-by: Alexander Richardson <[email protected]>

charter.adoc

@@ -4,7 +4,7 @@
 
 Memory safety is the biggest security threat to computer systems: Microsoft and Google Chromium identifying 70% of their critical vulnerabilities being in this class. CHERI-based memory safety has arisen from research starting in 2010 to be the focus of the link:https://www.dsbd.tech/[Innovate UK Digital Security by Design Program] (£90m UK government funding and over £200m from industry). Under this program, ARM Ltd has produced the Morello prototype: quad-core CHERI-ARM superscalar processors and GPU on a 7nm TSMC process, demonstrating little performance or area penalty from adding this security technology. Initially 1,000 Morello units have been shipped to partners for evaluation.
 
-Microsoft's Security Response Center's 42-page report link:https://github.com/microsoft/MSRC-Security-Research/blob/master/papers/2020/Security%20analysis%20of%20CHERI%20ISA.pdf[Security Analysis of CHERI ISA] concludes that over ⅔ of all of Microsoft's critical memory-safety vulnerabilities in 2019 would have been deterministically mitigated by CHERI - the closest competing technology, tagged memory extensions, achieved only 13% deterministic mitigation. Tens of millions of lines of C/C++ code have now been ported to CHERI including work by link:https://www.capabilitieslimited.co.uk/_files/ugd/f4d681_e0f23245dace466297f20a0dbd22d371.pdf[Capabilities Limited] who measured just 0.026% lines-of-code change when porting an open-source desktop application stack including X11 and KDE. Microsoft's Azure Silicon team has developed and released link:https://www.microsoft.com/en-us/research/publication/cheriot-rethinking-security-for-low-cost-embedded-systems/[CHERIoT: Rethinking security for low-cost embedded systems] that includes an open-source link:https://github.com/microsoft/CherIoT-ibex[CHERIoT on Ibex] - a CHERI extended embedded RISC-V core. The CHERIoT RTOS demonstrates how CHERI can provide scalable compartmentalisation and memory protection, which is more scalable and uses comparable silicon area to a PMP (physical memory protection as defined in the RISC-V privileged spec). The intergovernmental report link:https://www.cisa.gov/sites/default/files/2023-04/principles_approaches_for_security-by-design-default_508_0.pdf[Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by-Design and -Default] recommends CHERI as the secure hardware foundation for future systems, and also recommends the use of software compartmentalisation that CHERI supports efficiently.
+Microsoft's Security Response Center's 42-page report link:https://github.com/microsoft/MSRC-Security-Research/blob/master/papers/2020/Security%20analysis%20of%20CHERI%20ISA.pdf[Security Analysis of CHERI ISA] concludes that over ⅔ of all of Microsoft's critical memory-safety vulnerabilities in 2019 would have been deterministically mitigated by CHERI - the closest competing technology, tagged memory extensions, achieved only 13% deterministic mitigation. Tens of millions of lines of C/C++ code have now been ported to CHERI including work by link:https://www.capabilitieslimited.co.uk/_files/ugd/f4d681_e0f23245dace466297f20a0dbd22d371.pdf[Capabilities Limited] who measured just 0.026% lines-of-code change when porting an open-source desktop application stack including X11 and KDE. Microsoft's Azure Silicon team has developed and released link:https://www.microsoft.com/en-us/research/publication/cheriot-rethinking-security-for-low-cost-embedded-systems/[CHERIoT: Rethinking security for low-cost embedded systems] that includes an open-source link:https://github.com/microsoft/CherIoT-ibex[CHERIoT on Ibex] - a CHERI extended embedded RISC-V core that link:https://www.scisemi.com/press-release-cheriot-ibex/[will be taped out in the near future]. The CHERIoT RTOS demonstrates how CHERI can provide scalable compartmentalisation and memory protection, which is more scalable and uses comparable silicon area to a PMP (physical memory protection as defined in the RISC-V privileged spec). The intergovernmental report link:https://www.cisa.gov/sites/default/files/2023-04/principles_approaches_for_security-by-design-default_508_0.pdf[Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by-Design and -Default] recommends CHERI as the secure hardware foundation for future systems, and also recommends the use of software compartmentalisation that CHERI supports efficiently.
 
 Given the commercial demonstration of the effectiveness of CHERI, multiple vendors with in-flight hardware implementations, the practicality of porting software, and the regulatory push toward CHERI to fundamentally improve security of computer systems, we aim to produce a standardized CHERI extension to RISC-V for both RV64 and RV32.