Security is not an afterthought; it is the foundational layer of modern digital systems. Our team specialises in advising, designing, and developing solutions built around the very latest secure by design mechanisms and technologies.

We provide end-to-end security advisory that covers the entire technology stack, including:

• Software Programming Language & Coding Guidelines: Guiding selection based on memory safety and intrinsic security features with languages such as Rust, and how to align to coding guidelines for legacy languages such as C++ MISRA.
• Processor Type Selection: Advising on hardware-based security capabilities and architectures for ASICs, FPGAs, CPUs, GPUs and more.
• Operations & Governance Processes: Establishing policies and controls for sustainable, compliant security management.

Validating Next-Generation Hardware Security (CHERI)

We operate at the leading edge of hardware-based security innovation. Our team has been involved in testing cutting-edge CHERI (Capability Hardware Enhanced RISC Instructions) based memory-secure processors, developed through a collaboration between Cambridge University and ARM.

On the Digital Secure by Design programme, our team members conducted a feasibility study on satellite ground station software. The objective was to test the successful execution of this software on the experimental CHERI processor and document the limitations and caveats involved. This rigorous testing confirmed that, with necessary adjustments, the CHERI architecture could achieve an exceptional 70% reduction in the vulnerability attack surface, validating a paradigm shift in system security and providing confidence in its adoption.

Modernising Government Identity & Access Management (IAM)

Security at the operating system level must be complemented by robust policy and access control. Our team members have been instrumental in advancing Identity and Access Management (IAM) processes for government bodies. This transformation ensures alignment with modern, secure standards such as:

• ABAC (Attribute-Based Access Control): For dynamic, context-aware permissions.
• IAAA (Identity, Authentication, Authorisation, and Auditing): Ensuring comprehensive identity lifecycle management.

Our work in this area is focused on compliance with fundamental security principles: separation of duties, the principle of least privilege, and the Need-to-Know Principle, creating a highly resilient and auditable access framework.

Secure Federated Data Sharing

As organisations shift toward collaborative data environments, secure data sharing models are becoming essential. Our team provides expert advisory services for those looking to adopt federated data sharing models. Offering services to organise and manage pilot studies for a federated data sharing model.

Building Security Into the Core

From the hardware silicon to the highest levels of governance, our expertise ensures your systems are secure by design. We can translate complex innovation and hardware advancements into practical, resilient enterprise solutions.