Cybersecurity attacks are becoming more sophisticated, varied and persistent. Compartmentalisation is a defensive software design practice that can tackle many of the cyber threats faced by modern computer systems. However, implementing this practice widely faces obstacles, such as prohibitive engineering and performance costs and the difficulty to retrofit existing software. In this article, Dr Pierre Olivier, Dr Hugo Lefeuvre and John Kressel encourage the development and use of relevant standards and calls for increased collaborations between academia and industry.

• Most software still relies on insecure foundations, making systems, infrastructure, and data increasingly exposed to cybersecurity threats and supply-chain attacks.
• Researchers at The University of Manchester are advancing software compartmentalisation by breaking applications into isolated components to contain attacks.
• Governments and industry should promote compartmentalisation through updated cybersecurity frameworks and training programs to help move security from reactive fixes to proactive, design-based solutions.

Today many aspects of our lives rely on computer systems, and recent breaches show that the level of cyber resilience is not where it needs to be. Strengthening cybersecurity is essential to protect economies and critical infrastructures, as well as personal and business data from evolving threats. In 2025, supply-chain attacks represent one of the fastest-growing cybersecurity threats: they proliferate because software is increasingly composed of diverse components with varying levels of security and trustworthiness. The widespread use of memory-unsafe programming languages is another prominent issue, resulting in a range of well-known and common coding errors that malicious actors routinely exploit. According to cybersecurity agencies from the UK, US, Canada, Australia and New Zealand, 70%+ of software still relies on memory-unsafe languages. Addressing these threats requires changes in common software engineering practices.

What is software compartmentalisation?

Software compartmentalisation is a defensive programming practice in which an application is broken down into isolated pieces (compartments) communicating through well-defined and secured channels. This differs from other protections by assuming that vulnerabilities are always a possibility: an attacker taking over part of the application through a vulnerability will be confined to the containing compartment, limiting the damage they can cause to the rest of the application. Compartmentalisation has proven its efficiency at containing many forms of attacks and is more relevant than ever in the context of increasing concerns about software supply chains attacks and memory safety. Although this practice has been known for over twenty years, it is currently only deployed in a handful of specific production software examples.

If it works, why hasn’t compartmentalisation reached the mainstream?

Research at The University of Manchester has found that the engineering costs required to implement or retrofit software compartmentalisation are too high. These costs, as well as the security benefits of compartmentalising, are also hard to predict and measure, discouraging prospective developers. Also, current approaches to compartmentalisation lack flexibility, due to the highly diverse security and performance requirements of modern hardware and software. Finally, significant challenges lie in retrofitting compartmentalisation into the billions of lines of existing software code, something that requires a high degree of automation.

Our research has made progress tackling certain parts of these challenges. We proposed FlexOS, which is an operating system designed with flexible compartmentalisation in mind, composed of components that can be isolated at configurable granularities (adjustable levels of detail and scope), via a range of hardware protection mechanisms, with various data sharing strategies and further optional software protections.

On testing, we found that adapting FlexOS – with a further microprocessor designed to enhance the security benefits of compartmentalisation – reduced the performance and engineering costs.

We also studied the problem of securing cross-compartment interfaces when compartmentalisation is retrofitted in legacy software – an issue vastly overlooked by past compartmentalisation research. Our research has also shown there is no agreed definition of the field of software compartmentalisation among academic and professional communities, resulting in research output falling short of what compartmentalisation really needs to be reach the mainstream. To tackle this, we have characterised and classified more than 200 research works into an organised knowledge base – a paper that evaluates, systematises, and contextualises existing knowledge – on the topic of compartmentalisation. The outcome is a unified model providing a framework for defining, understanding, and implementing this practice.

A future for compartmentalisation?

Compartmentalisation can play a key role in the much-needed shift from reactive to proactive software security, and aligns well with the recent recommendations made by the National Semiconductor Strategy regarding security by design, computer systems memory safety, supply chain security, among others. There is a role for policymakers to play to help bring compartmentalisation to the mainstream and unlock its safety benefits for a broader range of applications.

Much of the expertise in the field lies in academia, however the security problems compartmentalisation can address occur in the industrial and public sectors. That gap can only be bridged by strong collaborations between academic, industry and public actors, and lessons for future collaborations can be learnt from the Digital Security by Design programme, that successfully integrated several years of compartmentalisation research within industry products. Our software compartmentalisation framework should be integrated into an updated Cyber Assessment Framework – a collection of cyber security guidance for organisations that play a vital role in the day-to-day life of the UK. This would help increase awareness outside of academia about compartmentalisation, and the security issues it addresses.

Training in compartmentalisation needs to be developed, presenting concretely what this practice involves, how to apply it, and what its costs and benefits are. These materials should target different actors with variable degrees of expertise, for example developers, system administrators, and government (for example intelligence agencies such as GCHQ). This training can be implemented by developing professional development certifications and government-backed learning resources to encourage its use.

An interesting starting point would be to explore how compartmentalisation can be related to emerging methods used to consider the safety of integrated software components, for example the Software Bill Of Materials. This is an often-cited tool which lists the component parts and software dependencies of a software package and is designed to help vendors and developers better understand the open source and third-party components it may contain.

The development of standard methods to report identified vulnerabilities should also be encouraged, along with a classification of high-level compartmentalisation vulnerabilities categories. In line with the research objectives listed above, we also need the development and use of standard metrics to assess, compare, and estimate the costs/benefits of compartmentalisation.

The use of compartmentalisation can be encouraged further by pushing for minimum requirements based on these standard metrics for software used in various settings, and should be introduced in government departments, starting with teams working with particularly sensitive data.

Software compartmentalisation has shown itself to be highly efficient in the fight against modern cyber threats, yet this practice remains little known and underused. This needs to change, urgently.