Safe Software Updates via Multi-version Execution

Software systems are constantly evolving, with new versions and patches being released on a continuous basis. Unfortunately, software updates present a high risk, with many releases introducing new bugs and security vulnerabilities.

We tackle this problem using a simple but effective multi-version based approach. Whenever a new update becomes available, instead of upgrading the software to the new version, we run the new version in parallel with the old one; by carefully coordinating their executions and selecting the behaviour of the more reliable version when they diverge, we create a more secure and dependable multi-version application.

We implemented this technique in Mx, a system targeting Linux applications running on multi-core processors, and show that it can be applied successfully to several real applications such as GNU Coreutils, a set of user-level UNIX applications; Lighttpd, a popular web server used by several high-traffic websites such as Wikipedia and YouTube; and Redis, an advanced key-value data structure server used by many well-known services such as GitHub and Flickr.

Petr‘s research interests include software engineering, security and reliability, with a focus on exploring ways to improve the software update process. He has an MSc and a BSc in Computer Science from Charles University in Prague, where he specialised in software engineering and dependable systems. Petr worked for five years as a software engineer in a small Prague-based software company, where he designed several custom information systems for major clients in the oil industry.