Evaluating Dynamic Software Update Safety Using Systematic Testing
Evaluating Dynamic Software Update Safety Using Systematic Testing
No Thumbnail Available
Files
Publication or External Link
Date
2011-09-22
Authors
Hayden, Christopher M.
Smith, Edward K.
Hardisty, Eric A.
Hicks, Michael
Foster, Jeffrey S.
Advisor
Citation
DRUM DOI
Abstract
Dynamic software updating (DSU) systems patch programs on the fly
without incurring downtime. To avoid failures due to the updating
process itself, many DSU systems employ timing restrictions. However,
timing restrictions are theoretically imperfect, and their practical
effectiveness is an open question.
This paper presents the first significant empirical evaluation of three
popular timing restrictions: activeness safety (AS), which prevents
updates to active functions; confreeness safety (CFS), which only allows
modifications to active functions when doing so is provably type-safe;
and manual identification of the event-handling loops during which an
update may occur.
We evaluated these timing restrictions using a series of DSU patches to
three programs: OpenSSH, vsftpd, and ngIRCd.We systematically applied
updates at each distinct update point reached during execution of a
suite of system tests for these programs to determine which updates pass
and which fail. We found that all three timing restrictions prevented
most failures, but only manual identification allowed none. Further,
although CFS and AS allowed many more update points, manual
identification still supported updates with minimal delay. Finally, we
found that manual identification required the least developer effort.
Overall, we conclude that manual identification is most effective.