Varan and Mx: Safe Software Updates via Multi-version Execution

Abstract

Software systems are constantly evolving, with new versions and patches being released on a continuous basis. Unfortunately, software updates present a high risk, with many releases introducing new bugs. We propose tackling this problem using a simple but effective multi-version execution approach. Whenever a new update becomes available, instead of upgrading the software to the new version, we run the new version in parallel with the old one, potentially running several different versions concurrently. By carefully coordinating their execution, we create a more dependable multi-version application.

In this talk, I present two instances of this idea: Varan, a high-performance multi-version execution system that allows transparent failover when one of the versions crashes, and Mx, a multi-version execution system that can handle certain types of crashes occurring at different times across versions. Time remaining, I will present other applications of multi-version execution, such as record-replay and live sanitization.

Talk given at the HKUST Seminar Series.