摘要
中央处理器(CPU,central processing unit)作为计算机系统的运算和控制核心,是信息处理、程序运行的最终执行单元,其安全问题对国家网络、关键基础设施及重要行业的信息安全有着深刻的影响。CPU自产生以来,在逻辑结构、运行效率以及功能外延上取得了巨大发展,但也面临许多安全问题。对x86架构的中央处理器安全问题进行综合论述:首先介绍CPU的发展脉络并总结其安全模型,在此基础上分别从指令集架构(ISA,Instruction Set Architecture)设计、安全模型以及后门3个角度分析目前出现的CPU安全问题;然后按照漏洞发现、漏洞机理剖析以及漏洞成因分析3个层次对CPU漏洞进行详细阐述;最后分析了CPU现有的安全防御机制,并探讨了可能的安全解决方案及发展趋势。
As the computing and controlling core of computer system,CPU is the final execute unit of information processing and program running,and consequently its security problems have a great impact on information securities of the national network,key infrastructures and vital industries.Since CPU was designed,great progress has been made in its logic structure,operational efficiency and functional extension,but it also faces many security problems.A comprehensive overview of security problems in x86CPU was given.Firstly,the security model of CPU was analyzed from the perspective of its development process,and on this basis,current security issues related to CPU were classified into three categories.Secondly,the CPU vulnerabilities were explained in the following three aspects:vulnerability discovery,vulnerability mechanism analysis,and reason analysis.Finally,typical security defense mechanism of CPU was analyzed,and the possible security solutions and development trends were discussed.
作者
魏强
李锡星
武泽慧
曹琰
WEI Qiang;LI Xixing;WU Zehui;CAO Yan(State Key Laboratory of Mathematics Engineering & Advanced Computing, Information Engineering University, Zhengzhou 45002, China)
出处
《通信学报》
EI
CSCD
北大核心
2018年第A02期151-163,共13页
Journal on Communications
基金
国家重点研究发展计划基金资助项目(No.2017YFB0802901)
