UTCS Colloquium-Michael Hicks/University of Maryland: "Dynamic Software Update Validation: An Empirical Study," ACES 2.302, Thursday, April 15, 2010, 11:00 a.m.

Contact Name: 
Jenna Whitney
Apr 15, 2010 11:00am - 12:00pm

There is a sign-up schedule for this event th

at can be found at http://www.cs.utexas.edu/dep


Type of Talk: UTCS Colloquium


Affiliation:Michael Hicks/University of Maryland

Date/Time: Thursday, April 15, 2010, 11:00 a.m.

Location: ACES 2.302

Host:Kathryn McKin


Talk Title: Dynamic Software Update Validat

ion: An Empirical Study

Talk Abstract:

Dynamic software updating (DSU) systems, which allow p

rograms to be
patched on the fly, been researched extensively over th

e last 30+
years. Much of this research has focused on how to impleme

nt DSU
systems in a manner that is flexible and efficient. Comparably
research has considered how to establish that a program, once u

on the fly, will behave correctly. For example, most existin

g systems
employ one or more automatic safety checks intended to preve

nt updates
that could incur incorrect behavior; but these checks are

known to be
incomplete, and their practical effectiveness has never b

empirically evaluated. Strategies for thoroughly testing a dybami

update have also escaped careful study, calling into question thepractical utility of DSU---without means to reliably ensure that a
dynamic update will work as expected, practioners will be hesitant to
employ DSU technology.

In this talk, I will present recent wo

rk that aims to address these
problems. First, I will discuss a nove

l approach we developed to
systematically test dynamic updates. Our a

pproach works by running a
program''s existing system tests, and cons

idering the effect of
updating the program at any point during the exe

cution of each test.
To mitigate the increase in the number of tests,
we developed an
algorithm for test suite minimization that dramatical

ly reduces the
number of update points we must consider while retainin

g full
coverage. Second, I will discuss how we used this testing str

ategy to
study the effectiveness of the two most commonly-implemented

checks in DSU systems, the activeness safety (AS) check and th

con-freeness safety (CFS) check. We measure how often such checksprevent failures that might otherwise occur, and how often they

revent successful test runs. Our study considered a series of
patches to OpenSSH, vsftpd and ngIRCd, three open-source
server pro

grams. We found that our test minimization algorithm was
quite effect

ive, often eliminating more than 95% of the tests we would

have to run. From the tests we found that AS and CFS
prevented most,
but not all, dynamic update failures; CFS allowed more
failures tha

n AS, but AS was more restrictive, disallowing many more

updates. The reasons for the allowed failures are
interesting, and s

hed light on how to effectively use a DSU system.
Our work represents

an important step, and important insights, toward
developing safe,

easy-to-use DSU systems.

Speaker Bio:

Michael Hicks is an associate professor in the Computer

Science Department
and UMIACS, and an affiliate associate professor i

n the Electrical and
Computer Engineering Department, at the Universi

ty of Maryland, College
Park. His primary research interest is to dev

elop and evaluate techniques to
improve software reliability and secur

ity. With Bill Pugh and Jeff Foster,
he directs PLUM, the lab for Pr

ogramming Languages research at the
University of Maryland.

Michael received his Ph.D. in Computer and Information Science from the
University of Pennsylvania in August 2001, and he spent one year as apost-doctoral associate affiliated with the Information Assurance Insti

of the Computer Science Department at Cornell University. During

2008 - 2009, Michael was on sabbatical in Cambridge, Englan

d. From September
to November, he was at Microsoft Research and from

December to August 2009,
he was at the University of Cambridge Comput

er Laboratory.