Multi-version Execution Techniques for Increasing the Reliability and Security of Evolving Software

用于提高不断发展的软件的可靠性和安全性的多版本执行技术

• 批准号: EP/L002795/1
• 负责人: Cristian Cadar
• 金额: $ 124.68万
• 依托单位: Imperial College London
• 依托单位国家: 英国
• 项目类别: Fellowship
• 财政年份: 2014
• 资助国家: 英国
• 起止时间: 2014 至 无数据
• 项目状态: 已结题
• 来源: https://gtr.ukri.org/projects?ref=EP%2FL002795%2F1
• 关键词: Multi; version; Execution; Techniques; Increasing

One of the distinguishing characteristics of software systems is that they evolve: new patches are committed to software repositories and new versions are released to users on a continuous basis. Unfortunately, many of these changes bring unexpected failures that break the stability of the system or affect its security, and users face the uncomfortable choice between using an old stable version which misses recent features and bug fixes, and upgrading to a new version which improves the software in certain ways, only to introduce other bugs and security vulnerabilities.In this fellowship, I plan to investigate novel techniques for improving the reliability and security of evolving software, based on the idea of combining the execution of multiple software versions in such a way as to increase the reliability and security of the "multi-version" application and eliminate a large number of common bugs introduced by software updates.This is an ambitious proposal, which presents several challenges spanning the areas of software engineering, computer systems, and security: understanding how software evolves, and particularly the effects of incorrect updates on software evolution; addressing the technical challenges of multi-version execution such as creating an application-level sandboxing environment and devising lightweight record and replay techniques; designing error recovery strategies that effectively combine different software versions; and determining the applicability of multi-version execution to the different types of applications and code changes encountered in practice.

软件系统的显著特征之一是它们不断发展：新的补丁被提交到软件存储库，新的版本被连续地发布给用户。不幸的是，这些更改中的许多都会带来意想不到的故障，破坏系统的稳定性或影响其安全性，用户面临着不舒服的选择，要么使用旧的稳定版本，错过最近的功能和错误修复，要么升级到新版本，以某些方式改进软件，只会引入其他错误和安全漏洞。我计划研究新的技术，以提高不断发展的软件的可靠性和安全性，基于以增加“多版本”的可靠性和安全性的方式组合多个软件版本的执行的思想，这是一个雄心勃勃的建议，它提出了跨越软件工程，计算机系统和安全领域的几个挑战：了解软件如何演变，特别是不正确的更新对软件演变的影响;解决多版本执行的技术挑战，如创建应用程序级沙箱环境和设计轻量级记录和重放技术;设计有效地组合联合收割机不同软件版本的错误恢复策略;以及确定多版本执行对实践中遇到的不同类型的应用程序和代码更改的适用性。

项目成果

SaBRe: load-time selective binary rewriting

SaBRe：加载时选择性二进制重写

• DOI: 10.1007/s10009-021-00644-w
• 发表时间: 2022
• 期刊: International Journal on Software Tools for Technology Transfer
• 影响因子: 1.5
• 作者: Arras P

A segmented memory model for symbolic execution

用于符号执行的分段内存模型

• DOI: 10.1145/3338906.3338936
• 发表时间: 2019
• 作者: Kapus T

VARAN the Unbelievable An Efficient N-version Execution Framework

VARAN 令人难以置信的高效 N 版本执行框架

• DOI: 10.1145/2775054.2694390
• 发表时间: 2015
• 期刊: ACM SIGPLAN Notices
• 作者: Hosek P

PARTI: a multi-interval theory solver for symbolic execution

PARTI：用于符号执行的多区间理论求解器

• DOI: 10.1145/3238147.3238179
• 发表时间: 2018
• 作者: Dustmann O

Automatic testing of symbolic execution engines via program generation and differential testing

• DOI: 10.1109/ase.2017.8115669
• 发表时间: 2017-10
• 期刊: 2017 32nd IEEE/ACM International Conference on Automated Software Engineering (ASE)
• 作者: Timotej Kapus;Cristian Cadar