Safe software updates via multi-version execution

Proceedings - International Conference on Software Engineering

Volumn , Issue , 2013, Pages 612-621

  Hosek, Petr ^a   Cadar, Cristian ^a  

^a IMPERIAL COLLEGE LONDON   (United Kingdom)

Author keywords

multi version execution; software updates; surviving software crashes

Indexed keywords

MULTI-CORE PROCESSOR; MULTI-VERSION; REAL APPLICATIONS; SECURITY VULNERABILITIES; SOFTWARE SYSTEMS; SOFTWARE UPDATES; SURVIVING SOFTWARE CRASHES; WEB SERVERS;

COMPUTER OPERATING SYSTEMS; PROGRAM DEBUGGING; SOFTWARE ENGINEERING; WEBSITES;

APPLICATION PROGRAMS;

EID: 84886426204     PISSN: 02705257     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ICSE.2013.6606607     Document Type: Conference Paper

References (32)

1. A. V. Aho, M. S. Lam, R. Sethi, and J. D. Ullman, Compilers: Principles, Techniques, and Tools, 2nd ed. Addison Wesley, 2006.
2. L. A. Barroso and U. Ḧolzle, "The case for energy-proportional computing," Computer, vol. 40, pp. 33-37, 2007.
3. S. Beattie, S. Arnold, C. Cowan, P. Wagle, and C. Wright, "Timing the application of security patches for optimal uptime," in LISA'02.
4. E. D. Berger and B. G. Zorn, "Diehard: probabilistic memory safety for unsafe languages," in PLDI'06.
5. C. Cadar and P. Hosek, "Multi-version software updates," in HotSWUp'12.
6. C. Cadar, P. Pietzuch, and A. L. Wolf, "Multiplicity computing: A vision of software engineering for next-generation computing platform applications," in FoSER'10.
7. S. Card, T. Moran, and A. Newell, "The model human processor: an engineering model for human performance," Handbook of Perception and Human Performance, vol. 2, pp. 1-35, 1986.
8. L. Chen and A. Avizienis, "N-version programming: A fault-tolerance approach to reliability of software operation," in FTCS'78.
9. J. E. Cook and J. A. Dage, "Highly reliable upgrading of components," in ICSE'99.
10. J. Corbet, "Cross memory attach," http://lwn.net/Articles/ 405346/, 2010.
11. B. Cox, D. Evans, A. Filipi, J. Rowanhill, W. Hu, J. Davidson, J. Knight, A. Nguyen-Tuong, and J. Hiser, "N-variant systems: a secretless framework for security through diversity," in USENIX Security'06.
12. A. Cozzie, F. Stratton, H. Xue, and S. T. King, "Digging for data structures," in OSDI'08.
13. O. Crameri, N. Knezevic, D. Kostic, R. Bianchini, and W. Zwaenepoel, "Staged deployment in Mirage, an integrated software upgrade testing and distribution system," in SOSP'07.
14. M. d'Amorim, S. Lauterburg, and D. Marinov, "Delta execution for efficient state-space exploration of object-oriented programs," in ISSTA'07.
15. M. Harman, W. Langdon, Y. Jia, D. White, A. Arcuri, and J. Clark, "The GISMOE challenge: constructing the pareto program surface using genetic programming to find better programs," in ASE'12.
16. C. M. Hayden, E. K. Smith, M. Denchev, M. Hicks, and J. S. Foster, "Kitsune: Efficient, general-purpose dynamic software updating for C," in OOPSLA'12.
17. C. H. P. Kim, S. Khurshid, and D. Batory, "Shared execution for efficiently testing product lines," in ISSRE'12.
18. T. Liu, C. Curtsinger, and E. D. Berger, "DTHREADS: Efficient deterministic multithreading," in SOSP'11.
19. K. Makris and R. A. Bazi, "Immediate multi-threaded dynamic software updates using stack reconstruction," in USENIX ATC'09.
20. M. Maurer and D. Brumley, "TACHYON: Tandem execution for efficient live patch testing," in USENIX Security'12.
21. I. Neamtiu, M. Hicks, G. Stoyle, and M. Oriol, "Practical dynamic software updating for C," in PLDI'06.
22. F. Qin, J. Tucek, J. Sundaresan, and Y. Zhou, "Rx: treating bugs as allergies-a safe method to survive software failures," in SOSP'05.
23. M. Rinard, C. Cadar, D. Dumitran, D. M. Roy, T. Leu, and J. William S. Beebee, "Enhancing server availability and security through failureoblivious computing," in OSDI'04.
24. B. Salamat, T. Jackson, A. Gal, and M. Franz, "Orchestra: intrusion detection using parallel execution and monitoring of program variants in user-space," in EuroSys'09.
25. S. Sidiroglou, S. Ioannidis, and A. D. Keromytis, "Band-aid patching," in HotDep'07.
26. S. Sidiroglou and A. D. Keromytis, "Execution transactions for defending against software failures: Use and evaluation," IJIS, vol. 5, no. 2, pp. 77-91, 2006.
27. S. M. Srinivasan, S. Kandula, C. R. Andrews, and Y. Zhou, "Flashback: A lightweight extension for rollback and deterministic replay for software debugging," in USENIX ATC'04.
28. J. Tucek, W. Xiong, and Y. Zhou, "Efficient online validation with delta execution," in ASPLOS'09.
29. K. Veeraraghavan, P. M. Chen, J. Flinn, and S. Narayanasamy, "Detecting and surviving data races using complementary schedules," in SOSP'11.
30. M. A. Vouk, "Back-to-back testing," IST, vol. 32, pp. 34-45, Jan.-Feb. 1990.
31. H. Xue, N. Dautenhahn, and S. T. King, "Using replicated execution for a more secure and reliable web browser," in NDSS'12.
32. Z. Yin, D. Yuan, Y. Zhou, S. Pasupathy, and L. Bairavasundaram, "How do fixes become bugs?" in ESEC/FSE'11.