Software systems are imperfect, so software updates are a fact of
life. While typical software updates require stopping and restarting
the program in question, many systems cannot afford to halt service,
or would prefer not to. Dynamic
software updating (DSU) addresses this difficulty by permitting
programs to be updated while they run. DSU is appealing compared
to other approaches for on-line upgrades because it is quite general
and requires no redundant hardware. The challenge is in making
DSU flexible, and yet safe and easy to use. In this project we
are exploring this tension through theoretical programming language
development, and practical implementation experience.
We have a
DSU implementation for C programs called Ginseng that we have used to dynamically
update well-known open-source programs:
the vsftpd FTP server, the sshd
in the OpenSSH suite,
and the zebra routing daemon from the GNU Zebra routing software package.
This implementation uses a novel static analysis to determine good
times during a program's execution to perform updates (first proposed
in our POPL paper).
We are currently exploring approaches to supporting DSU in multi-threaded
programs, toward supporting DSU in operating systems.
We have also begun to explore means for adding DSU capabilities to
object-oriented languages through explicit versioning.
Software
Ginseng, our DSU implementation for C programs, runs on Linux; it requires gcc 3.3+ and ocaml 3.08+. It should compile on BSD and MacOS, so you're able to see how the safety analyses and source-to-source transformations work, but to actually perform dynamic updates you need to have dynamic linking working, and we haven't tested that on platforms other than Linux. You can find an user's guide in the tarball, under ginseng/doc/UsersGuide/guide.pdf. Contact Iulian Neamtiu for Ginseng-related issues.
Practical Dynamic Software Updating for C. Iulian
Neamtiu, Michael Hicks, Gareth Stoyle, and Manuel Oriol. In
Proceedings of the ACM Conference on Programming Language Design and
Implementation (PLDI), June 2006. A slightly extended version
appears as Maryland Technical Report
CS-TR-4790 (March 2006).
Formalizing
Dynamic Software Updating. Gavin Bierman, Michael Hicks,
Peter Sewell, and Gareth Stoyle. In Proceedings of the Second International
Workshop on Unanticipated Software Evolution (USE), April
2003.
Dynamic Software Updating.
Michael Hicks and Scott M. Nettles. ACM Transactions on
Programming Languages and Systems (TOPLAS), 27(6), November
2005.
This is a shorter version of Hicks' dissertation
(which won the ACM SIGPLAN 2002 Doctoral Dissertation Award),
superseding a paper that appeared at PLDI 2001.
Posters, Presentations
Dynamic Software Updating for the Linux Kernel.
Iulian Neamtiu and Michael Hicks.
Work-in-progress session at The 7th USENIX Symposium on Operating Systems Des
ign and Implementation (OSDI), November 2006.
Ginseng: A System for Dynamic Software Updating.
Iulian Neamtiu, Michael Hicks, Gareth Stoyle, and Manuel Oriol.
Poster presentation at ACM Conference on Programming Language Design and Impl
ementation (PLDI), June 2006.
Funding
This material is based upon work supported in part by the National
Science Foundation under Grant No. CCF-0346989, CAREER: Programming
Languages for Reliable and Secure Low-level Systems. Any opinions,
findings and conclusions or recome ndations expressed in this material
are those of the author(s) and do not necessarily reflect the views
of the National Science Foundation (NSF).
