skip to main content
10.1145/3457913.3457942acmotherconferencesArticle/Chapter ViewAbstractPublication PagesinternetwareConference Proceedingsconference-collections
research-article
Open access

Testing for Dynamic Software Update: An Object-State-Oriented Approach

Published: 21 July 2021 Publication History

Abstract

Dynamic software update (DSU) can patch programs without stopping them. The updating process includes replacing changed code, transforming stale objects with object transformers, and resuming the execution of the updated program. However, flawed object transformers currently hinder DSU from the wide application, since they may introduce the inconsistencies between the transformed objects with expected new ones, that are created by the new program executing from scratch with the same inputs. To detect such inconsistencies, our approach first utilizes fuzzing testing to explore test inputs, then executes them over the old and new versions of a program within our specially designed parallel executor. Any inconsistency and the corresponding test will be issued. The evaluation over default transformer in 50 updates (14 of them have the inconsistency problem) showed that our approach discovered inconsistency in 16 updates, with 5 false positives and 3 false negatives. We also optimized the seed selection strategy in fuzzing process and improved the efficiency by 25.0%.

References

[1]
[] 1998. Differential Testing for Software.Differential Testing for Software.(1998).
[2]
2003. Apache Tomcat. http://tomcat.apache.org/. Accessed: 2020-07-20.
[3]
2014. Optimizing seed selection for fuzzing. In Proceedings of the 23rd USENIX Security Symposium.
[4]
2020. Hydiff: Hybrid differential software analysis. https://doi.org/10.1145/3377811.3380363
[5]
Marcel Bohme, Van Thuan Pham, and Abhik Roychoudhury. 2019. Coverage-Based Greybox Fuzzing as Markov Chain. IEEE Transactions on Software Engineering(2019). https://doi.org/10.1109/TSE.2017.2785841
[6]
Haipeng Cai, Siyuan Jiang, Raul Santelices, Ying Jie Zhang, and Yiji Zhang. 2014. SENSA: Sensitivity analysis for quantitative change-impact prediction. In Proceedings - 2014 14th IEEE International Working Conference on Source Code Analysis and Manipulation, SCAM 2014. https://doi.org/10.1109/SCAM.2014.25
[7]
Haipeng Cai and Raul Santelices. 2015. A comprehensive study of the predictive accuracy of dynamic change-impact analysis. In Journal of Systems and Software. https://doi.org/10.1016/j.jss.2015.02.018
[8]
Yuting Chen, Ting Su, Chengnian Sun, Zhendong Su, and Jianjun Zhao. 2016. Coverage-Directed differential testing of JVM implementations. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI). https://doi.org/10.1145/2908080.2908095
[9]
Shigeru Chiba. 1998. Javassist—A Reflection-based Programming Wizard for Java. Proceedings of OOPSLA’98 Workshop on Reflective Programming in C++ and Java (1998).
[10]
Tianxiao Gu, Chun Cao, Chang Xu, Xiaoxing Ma, Linghao Zhang, and Jian Lu. 2012. Javelus: A Low Disruptive Approach to Dynamic Software Updates. In Proceedings of 19th the Asia-Pacific Software Engineering Conference. 527–536.
[11]
Tianxiao Gu, Xiaoxing Ma, Chang Xu, Yanyan Jiang, Chun Cao, and Jian Lu. 2018. Automating Object Transformations for Dynamic Software Updating via Online Execution Synthesis. In European Conference on Object-Oriented Programming.
[12]
Jianmin Guo, Yu Jiang, Yue Zhao, Quan Chen, and Jiaguang Sun. 2018. DLFuzz: Differential fuzzing testing of deep learning systems. In ESEC/FSE 2018 - Proceedings of the 2018 26th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering. https://doi.org/10.1145/3236024.3264835 arXiv:1808.09413
[13]
Christopher M. Hayden, Edward K. Smith, Eric A. Hardisty, Michael Hicks, and Jeffrey S. Foster. 2012. Evaluating dynamic software update safety using systematic testing. IEEE Transactions on Software Engineering(2012). https://doi.org/10.1109/TSE.2011.101
[14]
Roya Hosseini and Peter Brusilovsky. 2013. JavaParser: A fine-grain concept indexing tool for java problems. In CEUR Workshop Proceedings.
[15]
Xiao Liu, Xiaoting Li, Rupesh Prajapati, and Dinghao Wu. 2019. DeepFuzz: Automatic generation of syntax valid C programs for fuzz testing. In 33rd AAAI Conference on Artificial Intelligence, AAAI 2019, 31st Innovative Applications of Artificial Intelligence Conference, IAAI 2019 and the 9th AAAI Symposium on Educational Advances in Artificial Intelligence, EAAI 2019. https://doi.org/10.1609/aaai.v33i01.33011044
[16]
Xiaoxing Ma, Luciano Baresi, Carlo Ghezzi, Valerio Panzica La Manna, and Jian Lu. 2011. Version-consistent dynamic reconfiguration of component-based distributed systems. https://doi.org/10.1145/2025113.2025148
[17]
Stephen Magill, Michael Hicks, Suriya Subramanian, and Kathryn S. McKinley. 2012. Automating Object Transformations for Dynamic Software Updating. In Proceedings of the ACM International Conference on Object Oriented Programming Systems Languages and Applications. 265–280.
[18]
Rohan Padhye, Caroline Lemieux, and Koushik Sen. 2019. JQF: Coverage-guided property-based testing in Java. In ISSTA 2019 - Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis. https://doi.org/10.1145/3293882.3339002
[19]
Rohan Padhye, Caroline Lemieux, Koushik Sen, Mike Papadakis, and Yves Le Traon. 2019. Semantic fuzzing with ZEST. In ISSTA 2019 - Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis. https://doi.org/10.1145/3293882.3330576 arxiv:1812.00078
[20]
Luis Pina and Michael Hicks. 2016. Tedsuto: A General Framework for Testing Dynamic Software Updates. In Proceedings - 2016 IEEE International Conference on Software Testing, Verification and Validation, ICST 2016. https://doi.org/10.1109/ICST.2016.27
[21]
Xiaoxia Ren, Fenil Shah, Frank Tip, Barbara G Ryder, and Ophelia Chesley. 2004. Chianti: A Tool for Change Impact Analysis of Java Programs. Proceeding OOPSLA ’04 Proceedings of the 19th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications (2004). https://doi.org/10.1145/1035292.1029012
[22]
Suriya Subramanian, Michael Hicks, and Kathryn S. McKinley. 2009. Dynamic software updates: A VM-centric approach. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation. 1–12.
[23]
Suriya Subramanian, Michael Hicks, and Kathryn S. McKinley. 2009. Dynamic software updates: A VM-centric approach. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI). https://doi.org/10.1145/1542476.1542478
[24]
William N. Sumner and Xiangyu Zhang. 2013. Comparative causality: Explaining the differences between executions. In Proceedings - International Conference on Software Engineering. https://doi.org/10.1109/ICSE.2013.6606573
[25]
Chenxin Wang and Shunyao Kang. 2018. ADFL: An improved algorithm for american fuzzy lop in fuzz testing. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). https://doi.org/10.1007/978-3-030-00018-9_3
[26]
Thomas Würthinger, Christian Wimmer, and Lukas Stadler. 2010. Dynamic code evolution for Java. In Proceedings of the 8th International Conference on the Principles and Practice of Programming in Java, PPPJ 2010. https://doi.org/10.1145/1852761.1852764

Cited By

View all

Index Terms

  1. Testing for Dynamic Software Update: An Object-State-Oriented Approach
      Index terms have been assigned to the content through auto-classification.

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Other conferences
      Internetware '20: Proceedings of the 12th Asia-Pacific Symposium on Internetware
      November 2020
      264 pages
      ISBN:9781450388191
      DOI:10.1145/3457913
      This work is licensed under a Creative Commons Attribution International 4.0 License.

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 21 July 2021

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. dynamic software update
      2. fuzzing testing
      3. object state transformer

      Qualifiers

      • Research-article
      • Research
      • Refereed limited

      Conference

      Internetware'20
      Internetware'20: 12th Asia-Pacific Symposium on Internetware
      November 1 - 3, 2020
      Singapore, Singapore

      Acceptance Rates

      Overall Acceptance Rate 55 of 111 submissions, 50%

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)168
      • Downloads (Last 6 weeks)39
      Reflects downloads up to 06 Nov 2024

      Other Metrics

      Citations

      Cited By

      View all

      View Options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      HTML Format

      View this article in HTML Format.

      HTML Format

      Get Access

      Login options

      Media

      Figures

      Other

      Tables

      Share

      Share

      Share this Publication link

      Share on social media