This Small Business Innovation Research (SBIR) Phase II project aims to bring improvements to OS update technology. These improvements would allow system administrators to apply OS patches faster than current practice, which would significantly hinder botnets and other attackers by reducing the window of vulnerability during which systems are running software with known problems. The current state-of-the-art requires that computers reboot to apply kernel updates. Since rebooting is disruptive, many system administrators delay performing security updates. Security would improve if administrators could apply updates immediately, as hot updates, without the need for reboots or disruption. Although programmers have long been capable of making ad hoc modifications to running programs, hot update technology has not seen widespread use because of key technical problems. In particular, constructing hot updates has always required extensive programming effort, which is expensive and risky.
If successful, this project will impact the state-of-the-art of software updates. Most directly, this research has the potential to deliver a change that the IT industry wants - a way to apply security updates without rebooting. More generally, this research aims to improve the field's technical understanding of how to automatically apply traditional source code patches to a running program, such as the kernel. This problem has broad applications in debugging, profiling, instrumentation, and education. This research can lead to the creation of a hot update service, provided to companies on a per-machine, per-month basis, for a subscription charge. Companies who subscribe machines to this service would, without any ongoing effort, be able to transparently receive hot updates that solve software problems, without reboots or other disruption. This distribution of hot updates would improve security and reliability while decreasing machine maintenance costs. This offering has the potential for wide appeal across the IT industry.
