Abstract
In this paper, we present a novel method of safety analysis for runtime code update, i.e., updating a program at runtime without terminating its execution. Runtime code update is an emerging technique especially for increasing availability of the servers which should always be in service and free of any known bugs or security flaws. However, it may cause state inconsistency or unintended behaviors unless it is properly restricted. Although too much restriction enables us to easily ensure safety of updating code at runtime, it prevents us from coping with the realistic updates. To reveal appropriate restriction, we first construct a very precise model of safe runtime code update based on a framework of explicit data/control flow and dependency. Then, a class of analyses which statically estimates the set of safe update points is derived by approximating the model. We restrict only the timing: behaviorally safe runtime code update may occur only at safe update points. Moreover, we can relax the restriction by explicitly specifying non-critical points.
This research was supported by PRESTO research program of Japan Science and Technology Agency.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Toy, L.: Large-Scale Real-Time Program Retrofit Methodology in AT&T 5ESS Switch. In: Reliable computer systems, 3rd edn. design and evaluation, pp. 574–586. A K Peters (1998)
Pescovitz, D.: Monsters in a box. Wired 8(12), 341–347 (2000)
Fabry, R.: How to design A system in which modules can be changed on the fly. In: Proceedings of the Second International Conference on Software Engineering, IEEE, Los Alamitos (1976)
Frieder, O., Segal, M.E.: On Dynamically Updating a Computer Program: From Concept to Prototype. Journal of Systems and Software 14(2), 111–128 (1991)
Stoyle, G., Hicks, M.W., Bierman, G.M., Sewell, P., Neamtiu, I.: Mutatis mutandis: safe and predictable dynamic software updating. In: POPL, pp. 183–194 (2005)
Cousot, P., Cousot, R.: Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Conference Record of the Fourth Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 238–252. ACM Press, New York (1977)
Gupta, D., Jalote, P., Barua, G.: A formal framework for on-line software version change. IEEE Transactions on Software Engineering 22(2), 120–131 (1996)
Tai, K.-C.: The tree-to-tree correction problem. J. ACM 26(3), 422–433 (1979)
Zhang, K., Shasha, D.: Simple fast algorithms for the editing distance between trees and related problems. SIAM J. Comput. 18(6), 1245–1262 (1989)
Tip, F.: A survey of program slicing techniques. Journal of programming languages 3, 121–189 (1995)
Jagannathan, S., Weeks, S.: A unified treatment of flow analysis. In: Conference Record of 22nd Annual Symposium on Principles of Programming Languages, pp. 393–407 (1995)
Shivers, O.: Control-Flow Analysis of Higer-Order Languages. PhD thesis, Carnegie Mellon University (May 1991)
Gilmore, S., Kirli, D., Walon, C.: Dynamic ML without dynamic types. Technical Report ECS-LFCS-97-378, Laboratory for the Foundations of Computer Science, The University of Edinburgh (December 1997)
Bierman, G., Hicks, M., Sewell, P., Stoyle, G.: Formalizing dynamic software updating. In: Proceedings of the Second International Workshop on Unanticipated Software Evolution (USE), April 2003 (2003)
Duggan, D.: Type-based hot swapping of running modules. In: Proc. International Conference on Functional Programming, pp. 62–73 (2001)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hashimoto, M. (2007). A Method of Safety Analysis for Runtime Code Update. In: Okada, M., Satoh, I. (eds) Advances in Computer Science - ASIAN 2006. Secure Software and Related Issues. ASIAN 2006. Lecture Notes in Computer Science, vol 4435. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77505-8_6
Download citation
DOI: https://doi.org/10.1007/978-3-540-77505-8_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77504-1
Online ISBN: 978-3-540-77505-8
eBook Packages: Computer ScienceComputer Science (R0)