1 files changed, 62 insertions, 2 deletions
diff --git a/chap/abs.tex b/chap/abs.tex
index 8dc8efc..81b1b10 100644
--- a/chap/abs.tex
+++ b/chap/abs.tex
@@ -2,11 +2,71 @@
 % Public domain.
 
 \begin{cabstract}
-	%\pkuthssffaq % 中文测试文字。
+  现代微处理器设计主要需要考虑性能和功耗。但随着软硬件系统越来越复杂，
+  安全性在处理器设计中越来越重要。熔断（Meltdown）和幽灵（Spectre）攻
+  击的发现，表明处理器微体系结构的优化，虽然不影响程序的正确运行，但是
+  可能带来安全性的问题。其中 Spectre 攻击利用处理器的推测式执行，通过
+  暂态指令的执行构造隐蔽信道，将程序中的秘密信息泄露给攻击者，破坏了程
+  序的安全保证和系统的隔离性。由于推测式执行是微处理器设计中提升性能的
+  重要手段，在防御 Spectre攻击的同时，减少防御手段带来的性能下降，是一
+  个重要的问题。
+
+  本文基于模拟平台，针对推测式执行侧信道攻击设计实现了一种防御结构。主
+  要工作内容如下：
+  \begin{enumerate}
+  \item 调研 Meltdown 和 Spectre 攻击，分析其技术原理。
+  \item 调研现有的 Meltdown 和 Spectre 防御方案，分析这些方案的设计思
+    想、实现方法、安全性和性能开销。
+  \item 设计一种针对 Spectre 攻击的防御结构，并在模拟平台中实现。该结
+    构动态追踪信息流，检测推测式执行的指令与推测的内存读取之间的依赖关
+    系，标记存在数据泄露风险的指令。进一步地，针对有风险的内存读取指令，
+    采用安全的数据装载方案，避免在高速缓存状态中留下暂态执行的痕迹。
+  \item 基于模拟平台对该防御结构进行评估。利用构造的攻击程序进行测试，
+    表明该防御结构可以防御测试中的攻击，满足安全性要求。利用 SPEC
+    CPU2006 进行性能评测，平均性能开销为 8.5\%，需要安全执行的推测式数
+    据读取显著减少，降低了防御的性能开销。
+  \end{enumerate}
 \end{cabstract}
 
 \begin{eabstract}
-	%Test of the English abstract.
+  Performance and power consumption are the main factors of modern
+  processor design. As software and hardware systems become more and
+  more complex, security is becoming important in microprocessor
+  design. The disclosure of Meltdown and Spectre shows that
+  microarchitecture optimizations can bring security issues, although
+  the programs still run correctly. Spectre exploits speculative
+  execution, constructing covert channel with transient instructions,
+  and leak secret information to the attacker, breaking the security
+  guarentee of the program and system isolation. Since speculative
+  execution is an important method to optimize the performance in
+  microprocessor design, it's important to defend against Spectre
+  attack, while minimize the performance loss of the defense.
+
+  This thesis designs a microarchitecture to defend against
+  speculation side channels based on the a simulation platform. The
+  contribution of this thesis is as follows:
+  \begin{enumerate}
+  \item Investigate on Meltdown and Spectre attacks, and analyze how
+    these attacks work.
+  \item Investigate on current defenses of Meltdown and Spectre
+    attacks, analyze their idea, implementation, security and
+    performance overhead.
+  \item Design a microarchitecture to defend against spectre attack
+    and implement it on a simulation platform. This microarchitecture
+    tracks the information flow, detecting the dependency of a
+    speculated instruction and a speculated data load from memory, and
+    tags the instruction which may leak data. For memory reads which
+    is likely unsafe, a safe loading mechanism is used, avoiding
+    leaving transient execution side effects in the cache.
+  \item Evaluate the microarchitecture on the simulation
+    platform. Tested with a constructed proof of concept code, this
+    microarchitecture design can defend the tested attacks, meeting
+    the security requirement. Evaluated with SPEC CPU2006, this
+    microarchitecture has an average performance overhead of 8.5\%,
+    and the number of speculated loads that need to be safely executed
+    is significantly decreased, thus the performance overhead of the
+    defence is smaller.
+  \end{enumerate}
 \end{eabstract}
 
 % vim:ts=4:sw=4