Karla Saur

PhD Completed Sept 2015/Graduated Dec 2015

Update:

Overview:

    In my Ph.D., I worked on dynamic software updating (DSU) for systems that require high availability, such as in-memory database systems and software-defined networks. The goal of DSU is to safely and efficiently update code while it is running, without downtime.

Projects:

  • Dynamic Software Updating in Software-Defined Networks
    This project focused on correctly upgrading software-defined network controller applications online with minimal disruption to existing operations. We presented the design and implementation of a new controller platform that uses explicit state transfer to implement dynamic updates. Our work enables programmers to directly initialize the upgraded controller's state as a function of its existing state.
    [pdf]
  • Evolving NoSQL Databases Without Downtime
    Building off of our previous work of dynamically updating NoSQL database programs (Redis and Memcached), this current work focuses on dynamically updating the actual data stored in these databases. Applications that use these databases evolve over time, sometimes necessitating a change to the format of the data. We are working towards a solution to support the evolution of high-availability applications and their NoSQL data on-line, without excessive delays or interruptions to the connected users. We do this by transforming the data lazily, as applications interact with the database, thus avoiding long pause times.
    [pdf] [code] [slides]
  • C-strider
    C-strider is a framework for writing C heap traversals and transformations. Writing a basic C-strider service requires implementing only four callbacks; C-strider then generates a program-specific traversal that invokes the callbacks as each heap location is visited. We used C-strider to implement heap serialization, dynamic software updating, heap checking, and profiling, and then applied the resulting traversals to several programs. We found C-strider requires little programmer effort, and the resulting services are efficient and effective.
    [pdf] [code]
  • Dynamic Software Updating on a Large Scale with Snort
    Snort is a widely used, open-source network intrusion detection and prevention system that works by inspecting and possibly blocking packets as they enter a network. It is the largest program we've updated with Kitsune (our dynamic software updating system for C), at ~215K lines of C code. Snort was challenging to dynamically update for two reasons. First, it makes extensive use of dynamically loaded shared objects (a.k.a., plugins), which are used for extended protocol analysis (such as POP, SSH, and DNP3), output formatting, and more. Plugins make heavy use of void *'s to simplify the type structure, which makes updating based on type ambiguous. The second challenge with Snort was that it contains a large amount of global state, and the highly nested nature of the structures made debugging our update code tricky.
    [pdf - see Section 3.2 and Section 5.2.6] [slides]


  • Dynamic Software Update (DSU) Quiescence for Multithreaded Programs
    In performing DSU using update points on multithreaded programs, achieving full thread quiescence may be delayed or thwarted by blocking calls such as condition variables or I/O. We created a library to assist with rapid multithreaded quiescence and integrated our library into Kitsune. This work demonstrates empirically that many multithreaded programs can be updated with minimal delay using only a small number of manually annotated update points. Our study of the time taken for all of the threads in six real-world, event-driven programs to reach their update points ranged from 0.155 to 107.558 ms, and most were below 1 ms.
    [pdf] [slides]


  • Locating x86 Paging Structures in Memory Images to Assist with Process Detection
    A memory image consists of data and processes that were running on the system at the time the image was created. Previously running processes are one of the key items in memory images to identify, including potentially hidden processes. Each process has its own paging structures that define its address space, so locating the paging structures can potentially lead to finding all of the processes that were running. In this paper, we describe an algorithm to locate paging structures in a memory image of an x86 platform.
    [pdf] [slides]