IT/OT Edge Cloud Infrastructure

Morello Hardware Development Platform

“We worked in partnership with the team at The Good Penguin on a long standing Digital Security by Design project between 2022 and 2025. They provided crucial Embedded Linux and Yocto support for the final system. Their knowledge, technical expertise & professionalism helped provide a successful conclusion to the project and we couldn’t have done it without them. I want to thank Andy, Marc, Pawel, Harry and Michael for their contributions.”

– Craig Ellis, Head of Electronics & Software, Trust Pilot Review

CHERI and Arm Morello

Our world increasingly relies on software that is more complex and more connected than ever before. As a result, the consequences of poor cybersecurity have never been greater. Research shows that over 70% of vulnerabilities stem from memory safety issues, i.e. software bugs caused by incorrect memory access such as buffer overflows. One way to reduce such risks is to migrate to memory safe languages like Rust and Go. Google recently demonstrated this and were able to reduce memory safety vulnerabilities in Android from 76% to 24% over 6 years. However, migrating code bases may be challenging and in any case even safe languages such as Rust allow explicitly unsafe code. Furthermore some low-level software is inherently memory unsafe.

An alternative approach is CHERI (Capability Hardware Enhanced RISC Instructions), a hardware technology developed by SRI International and the University of Cambridge. CHERI extends a processor’s Instruction Set Architecture (ISA) with new security primitives. Instead of using raw pointers, memory references become capabilities – combining the address with bounds and permissions. This allows hardware, rather than software, to enforce memory safety – and do so in a formally verifiable way. CHERI architectures can prevent memory safety bugs in languages like C and C++ from being exploited while offering additional guarantees for memory-safe languages.

In 2019, a five-year research programme was launched to develop a CHERI-based prototype system-on-chip (SoC) and development board called Morello. Funded by the UK government’s Industrial Strategy Challenge Fund (ISCF) as part of the Digital Security by Design (DSbD) programme and led by Arm, Morello is based on the Neoverse N1 platform and extends the ARMv8.2 ISA with CHERI features. The programme aims are to allow industry and academic partners to test the prototype in real-world use cases.

You can find out more about CHERI and Arm Morello in our previous blog post.

Morello at the Edge (MoatE)

Edge computing is increasingly valuable when data must be processed quickly, securely, or close to where it’s generated – especially in bandwidth-constrained or high-volume scenarios. By handling data locally, Edge systems reduce latency, lower costs, and improve reliability.

Traditional data centres separate Information Technology (IT) – systems like servers and networking – from Operational Technology (OT), which manages infrastructure such as power and cooling. These systems typically run on isolated networks to reduce cybersecurity risks. But at the Edge, this separation creates inefficiencies. Without shared data or control, it’s harder to predict faults, optimise energy use, or reduce overheads.

Recognising the opportunity to improve efficiency, Iceotope led the Morello at the Edge (MoatE) project as part of the UK’s Digital Security by Design (DSbD) programme. The project brings together IT and OT into a single device known as a Secure Edge Facility Orchestrator (SEFO) which is built on the CHERI-enabled Morello platform.

The SEFO provides a unified, software-defined control layer that enables fault prediction, energy optimisation, foreign asset detection, and real-time security monitoring – while maintaining strong isolation between systems. MoatE demonstrates how Morello can support secure, efficient Edge infrastructure and contribute to lower CO₂ emissions.

Our Work with Iceotope

We were approached by Iceotope to support them with the MoatE project by providing low-level, system software and open-source expertise.

Software enablement for a new CPU architecture is a significant task. Whilst the Morello SoC is a superset of the ARMv8.2 ISA and can run existing ARM software, a substantial amount of work is required to update open-source projects to leverage CHERI features. This effort, essential for enabling and validating CHERI-based platforms, includes support across the kernel, C libraries, toolchains, system and application software and full software distributions. It was carried out by organisations including Arm, Linaro, Microsoft Research and The Good Penguin.

To build the Secure Edge Facility Orchestrator (SEFO), we needed a suitable Linux distribution. At the start of the project, the most mature distribution available with support for CHERI features was CheriBSD, a fork of FreeBSD – however, the MoatE project required Linux. At the time, only a minimal CHERI-capable userspace existed that was manually constructed using scripts, rather than a build system such as Yocto or Buildroot. We therefore began work on a Yocto-based distribution tailored for Morello and the MoatE project. This was developed in the open to encourage collaboration and reuse.

Linux Yocto layer for the ARM Morello board

To support SEFO functionality, we needed to include existing open-source software packages. In order to make use of CHERI functionality, it is necessary to re-compile existing software with CHERI enabled tooling that makes use the CPU’s new instructions. The software must also link against CHERI enabled libraries and be compatible with the Linux kernel’s pure-capability ABI (PCuABI). Software adapted in this was is typically referred to as ‘cherified’ or ‘pure-cap’ software. We designed our distribution to support a hybrid userspace, allowing both pure-cap and non-purecap (legacy) software to coexist. As the project progressed, we adapted open-source packages to support purecap, we achieved this by porting software from the CheriBSD project (which had already been cherified but needed to be adapted for Yocto/Linux). Where required packages weren’t available in CheriBSD project, we adapted them directly for pure-cap environment. We created an additional Yocto layer to serve as a shared repository for pure-cap Yocto packages, enabling reuse by others in the future.

As the project progressed we moved our attention to designing and implementing the SEFO software architecture. This involved developing containerised applications, using network namespaces, and delivering core application functionality.

Throughout the project, we provided ongoing support to Iceotope and other partners, helping them get up to speed with CHERI, Yocto, and upstream software development practices.

We were keen to share our knowledge throughout the project and wrote a series of blog posts which can be found here.

Services Provided
  • Hardware Enablement & Bring-up: Arm Morello (CHERI)
  • Distribution Development: Yocto for CHERI purecap, Containerised Applications
  • Application Development: SEFO
  • Open Source: Maintainers of Arm’s official Yocto distribution for Morello. Upstream submissions.

A Successful Outcome

Our contributions were well received by both Iceotope and the project funders. We met all our objectives and delivered our work on time.

The Yocto distribution we developed became the officially supported distribution for the Morello project. It was hosted by Arm and maintained by The Good Penguin. Throughout the project we closely collaborated with engineers at Arm to ensure the the work we were doing met the needs of the wider ecosystem.

We were also pleased to contribute directly to upstream open-source projects, including the Linux kernel throughout the project.

“Since I first stated to work with Andrew and his team at The Good Penguin, I have found their technical capability to be very good due to the results that they have delivered and are able to communicate to less technical people like me in a way that I can understand. This is a rare combination.

The team are always ready to help and provide a pragmatic view of what they are researching and / or a realistic view of what they are delivering.

I am using their services and anticipate that I will do so in the future.”

– Paul Coates, Consultant, Trust Pilot Review

Find out More

Iceotope

For more than a decade, Iceotope has been at the forefront of innovation in liquid cooling technology. Their R&D background has enabled them to collaborate with some of the world’s biggest brands – from hyperscalers to automobile manufacturers to global supercomputing centers – tackling their most critical cooling challenges. ​​Their groundbreaking technology is found in Liquid Cooled servers being deployed worldwide with leading partners like Dell, HPE, and Gigabyte. 

The Good Penguin

Reach out to us to find out how we can assist you.
Contact Us

Trustpilot

About Us

The Good Penguin is a provider of software solutions with focus on embedded devices and low level software.

Contact Us

Reach out to us to find out how we can assist you.
Contact Us

ISO 9001:2015 Certified

Copyright © 2020 - 2024 The Good Penguin Ltd. All rights reserved and all trademarks acknowledged. Registered in England and Wales with company number 12374667 and VAT number 341687879 (EORI: GB341687879000) Registered office: The Good Penguin Ltd, Merlin House, Priory Drive, Langstone, Newport, Wales, NP18 2HJ, UK. All trademarks, logos and brand names are the property of their respective owners.
Vulnerability Disclosure PolicySoftware Company | Developed By Rara Theme. Powered by WordPress.