Kitsune: Efficient, General-purpose Dynamic Software Updating for C

Michael Hicks, University of Maryland

Dynamic software updating (DSU) systems allow programs to be updated while running, thereby permitting developers to add features and fix bugs without downtime. This paper introduces Kitsune, a new DSU system for C whose design has three notable features. First, Kitsune’s updating mechanism updates the whole program, not individual functions. This mechanism is more flexible than most prior approaches and places no restrictions on data representations or allowed compiler optimizations. Second, Kitsune makes the important aspects of updating explicit in the program text, making the program’s semantics easy to understand while minimizing programmer effort. Finally, the programmer can write simple specifications to direct Kitsune to generate code that traverses and transforms old-version state for use by new code; such state ransformation is often necessary, and is significantly more difficult in prior DSU systems. We have used Kitsune to update five popular, open-source, single- and multi-threaded programs, and find that few program changes are required to use Kitsune, and that it incurs essentially no performance overhead.

Speaker Biography

Michael W. Hicks is an associate professor in the Computer Science department and UMIACS at the University of Maryland, College Park, and is the Director of the Maryland Cybersecurity Center (MC2). His research focuses on using programming languages and analyses to improve the security, reliability, and availability of software. Noteworthy among his research accomplishments is the development of analysis and compilation tools for enabling software to be safely updated while it runs. He has explored the design of new programming languages and analysis tools for automatically discovering or remediating software flaws and security vulnerabilities. He has recently been exploring new approaches to privacy preserving computation and maintains an interest in distributed systems design and evaluation, particularly when adaptivity and security are system goals.