Title | Automatically patching errors in deployed software |
Publication Type | Conference Paper |
Year of Publication | 2009 |
Authors | Perkins JH, Kim S, Larsen S, Amarasinghe S, Bachrach J, Carbin M, Pacheco C, Sherwood F, Sidiroglou S, Sullivan G, Wong W-F, Zibin Y, Ernst MD, Rinard M |
Conference Name | SOSP 2009, Proceedings of the 22nd ACM Symposium on Operating Systems Principles |
Pagination | 87–102 |
Date or Month Published | October |
Conference Location | Big Sky, MT, USA |
Abstract | We present ClearView, a system for automatically patching errors in deployed software. ClearView works on stripped Windows x86 binaries without any need for source code, debugging information, or other external information, and without human intervention. \par ClearView (1) observes normal executions to learn invariants that characterize the application's normal behavior, (2) uses error detectors to monitor the execution to detect failures, (3) identifies violations of learned invariants that occur during failed executions, (4) generates candidate repair patches that enforce selected invariants by changing the state or the flow of control to make the invariant true, and (5) observes the continued execution of patched applications to select the most successful patch. \par ClearView is designed to correct errors in software with high availability requirements. Aspects of ClearView that make it particularly appropriate for this context include its ability to generate patches without human intervention, to apply and remove patches in running applications without requiring restarts or otherwise perturbing the execution, and to identify and discard ineffective or damaging patches by evaluating the continued behavior of patched applications. \par In a Red Team exercise, ClearView survived attacks that exploit security vulnerabilities. A hostile external Red Team developed ten code-injection exploits and used these exploits to repeatedly attack an application protected by ClearView. ClearView detected and blocked all of the attacks. For seven of the ten exploits, ClearView automatically generated patches that corrected the error, enabling the application to survive the attacks and successfully process subsequent inputs. The Red Team also attempted to make ClearView apply an undesirable patch, but ClearView's patch evaluation mechanism enabled ClearView to identify and discard both ineffective patches and damaging patches. |
Downloads | https://homes.cs.washington.edu/~mernst/pubs/automatic-patching-sosp2009... PDF
https://homes.cs.washington.edu/~mernst/pubs/automatic-patching-sosp2009... Slides (PDF)
https://homes.cs.washington.edu/~mernst/pubs/automatic-patching-sosp2009... Slides (PowerPoint)
|
Citation Key | PerkinsKLABCPSSSWZEP2009 |