S├ębastien Martinez

Welcome to Martinez.Science!

Science & Technologies

What is Dynamic Software Updating?

Published on the 6th of February, 2018

For my first article in this blog, I would like to give a general presentation of my main research interest.

Dynamic Software Updating (DSU) is a field of technology adressing the modification of software during its execution. Its original intent is to apply updates with no or little service disruption. When updating their operating systems, computers and smartphones need to be rebooted and are unusable. When updating an online service, business is not handled (which can cost tremendous amounts in specific cases). This is because updating an application requires stopping it, changing its code and starting it again. As a consequence, the application is unusable for some time, which is unacceptable for critical systems (e.g. industrial control systems). Ways of managing these issues (e.g. applying updates at night, progressively updating servers while maintaining minimal services) are used but they have their own downsides. DSU addresses directly the issue of software updating by applying patches without needing to stop applications.

Many DSU platforms, enabling dynamic updates for all sorts of applications, can be found in academic literature, many of them being usable for real-life software. For example, Ksplice and Kgraft provide DSU for the Linux kernel. Javelus uses native DSU features of the Java virtual machine to dynamically update Java applications. Each platform uses a different set of techniques to apply updates but all follow the same principle : transparently apply patches to running application and require as little developer intervention as possible. And to make this possible, platforms often enforce strong restrictions on updates. Semantic changes to applications are prohibited (i.e. the general behavior of the application cannot be changed) and some patches may be complicated to apply and require more human intervention. This is not a problem when the main purpose of DSU platform is the application of security patches and bug fixes.

Removing the restrictions on updates requires that developers design dynamic updates by selecting the DSU techniques best suited to the application and to the update. Following this approach allows for more flexibility and enables new usages of DSU. Applications can be modified in order to adapt their behavior to a specific context. For example, an online service could be modified to accept only requests from trusted users when undergoing Denial Of Service (DOS) attacks. In the long run, applications would evolve while continuing their execution, provide new functionalities and answer to needs as they apear. Because it is no longer needed to reboot applications, updating many applications at a same time is easier. With the proper tools, it would be possible to apply global updates on complex systems, composed of several applications. Updates are no longer bothersome issues to be dealt with. They are tools that can be used to make software more adaptable and more flexible. In my opinion, this is where lies the future of software.