Identifying the semantic and textual differences between two versions of a program
PLDI '90 Proceedings of the ACM SIGPLAN 1990 conference on Programming language design and implementation
On line software version change using state transfer between processes
Software—Practice & Experience
A Formal Framework for On-line Software Version Change
IEEE Transactions on Software Engineering
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Type-based hot swapping of running modules (extended abstract)
Proceedings of the sixth ACM SIGPLAN international conference on Functional programming
Lessons from Giant-Scale Services
IEEE Internet Computing
CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs
CC '02 Proceedings of the 11th International Conference on Compiler Construction
An Analysis of the Slapper Worm
IEEE Security and Privacy
Shield: vulnerability-driven network filters for preventing known vulnerability exploits
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Mutatis mutandis: safe and predictable dynamic software updating
Proceedings of the 32nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Timing the Application of Security Patches for Optimal Uptime
LISA '02 Proceedings of the 16th USENIX conference on System administration
Towards a Self-Managing Software Patching Process Using Black-Box Persistent-State Manifests
ICAC '04 Proceedings of the First International Conference on Autonomic Computing
Microreboot — A technique for cheap recovery
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Detecting format string vulnerabilities with type qualifiers
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Practical dynamic software updating for C
Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation
Live updating operating systems using virtualization
Proceedings of the 2nd international conference on Virtual execution environments
POLUS: A POwerful Live Updating System
ICSE '07 Proceedings of the 29th international conference on Software Engineering
Mutatis Mutandis: Safe and predictable dynamic software updating
ACM Transactions on Programming Languages and Systems (TOPLAS)
BrowserShield: Vulnerability-driven filtering of dynamic HTML
ACM Transactions on the Web (TWEB)
BrowserShield: vulnerability-driven filtering of dynamic HTML
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
HotDep'07 Proceedings of the 3rd workshop on on Hot Topics in System Dependability
Reboots are for hardware: challenges and solutions to updating an operating system on the fly
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
Dynamic rebinding for marshalling and update, via redex-time and destruct-time reduction
Journal of Functional Programming
A language model for dynamic code updating
Proceedings of the 1st International Workshop on Hot Topics in Software Upgrades
Ksplice: automatic rebootless kernel updates
Proceedings of the 4th ACM European conference on Computer systems
Dynamic software updates: a VM-centric approach
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Safe and timely updates to multi-threaded programs
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
Cooperative update: a new model for dependable live update
Proceedings of the 2nd International Workshop on Hot Topics in Software Upgrades
Security impact ratings considered harmful
HotOS'09 Proceedings of the 12th conference on Hot topics in operating systems
Immediate multi-threaded dynamic software updates using stack reconstruction
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
ReCaml: execution state as the cornerstone of reconfigurations
Proceedings of the 15th ACM SIGPLAN international conference on Functional programming
Always up-to-date: scalable offline patching of VM images in a compute cloud
Proceedings of the 26th Annual Computer Security Applications Conference
Bypassing races in live applications with execution filters
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Measuring subversions: security and legal risk in reused software artifacts
Proceedings of the 33rd International Conference on Software Engineering
Virtual machines with sharable operating system
Proceedings of the ACM international conference companion on Object oriented programming systems languages and applications companion
Enhanced operating system security through efficient and fine-grained address space randomization
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Kitsune: efficient, general-purpose dynamic software updating for C
Proceedings of the ACM international conference on Object oriented programming systems languages and applications
Report on the fourth workshop on hot topics in software upgrades (HotSWUp 2012)
ACM SIGOPS Operating Systems Review
Safe and automatic live update for operating systems
Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
PatchDroid: scalable third-party security patches for Android devices
Proceedings of the 29th Annual Computer Security Applications Conference
Back to the future: fault-tolerant live update with time-traveling state transfer
LISA'13 Proceedings of the 27th international conference on Large Installation System Administration
| Hi-index | 0.00 |
We present OPUS, a tool for dynamic software patching capable of applying fixes to a C program at run-time. OPUS's primary goal is to enable application of security patches to interactive applications that are a frequent target of security exploits. By restricting the type of patches admitted by our system, we are able to significantly reduce any additional burden on the programmer beyond what would normally be required in developing and testing a conventional stop-and-restart patch. We hand-tested 26 real CERT [1] vulnerabilities, of which 22 were dynamically patched with our current OPUS prototype, doing so with negligible runtime overhead and no prior knowledge of the tool's existence on the patch programmer's part.