Dapeng Gao 高大鵬

  • Scholarship in 2022 at University of Cambridge

About Dapeng Gao’s work

Dapeng Gao’s computer systems research is focused on compartmentalising software for Capability Hardware Enhanced RISC Instructions (CHERI), which aims to extend existing Instruction Set Architectures (ISAs) such as ARMv8-A and RISC-V to support hardware-based capabilities. Capabilities not only offer fine-grained memory safety but can also enable efficient software compartmentalisation, which is the technique of separating an application into several isolated yet communicating compartments.

Compartmentalisation is useful when there are certain modules within an application that are deemed particularly vulnerable to attacks and it becomes desirable to isolate them from the others so as to mitigate the consequences of an exploit. These typically include code that handles potentially malicious input, such as parsers and decoders. Current MMU-based compartmentalisation mechanisms such as process-level isolation can be difficult to use and inefficient. Moreover, they often do not grant privileges at a sufficient level of granularity and thus fail to minimise the privileges that compartments have.

CHERI-based compartmentalisation can avoid the shortcomings of existing solutions thanks to the rich features and strong security properties offered by CHERI-extended ISAs and CHERI-enabled hardware. This opens the door for deeper research on how to implement CHERI-based compartmentalisation for real-world software.


Dapeng Gao is a PhD student in the department of Computer Science and Technology at the University of Cambridge. He earned an MCompPhil at University of Oxford. He has previously been awarded the Hoare Prize, and the Hertford Computer Science and Philosophy Prize.