A Comparative Analysis of Dynamic Software Update Methods in regard to Safety-critical Systems

Sammanfattning: Software is an ever evolving product that is updated to extend the functionality and to reduce bugs within a system. Many systems are required to maintain a high availability to provide their services. Dynamic software update is a mechanism which allows the software to be updated during run-time. As a result, applying this technique to systems increases their overall availability. Systems that could benefit from this technique e.g. air-control systems, banking systems and other safety-critical systems, require minimal downtime. In this study, we compared two dynamic software update methods in regards to safety and efficiency in performing an update. The two methods were code relinking and reference indirection. This was done through model checking using the model checking tool UPPAAL as well as model simulation using the UPPAAL SMC extension.We started with a literature review to understand the fundamentals of the mechanism, before creating our models and conducting the experiment. The experiment simulated 2000 executions of each model. The experiment showed that using the method of code relinking is both faster and more consistent in terms of updatetime. Reference indirection, due to its need to update a shared indirection table, requires a safer overall system-state in order to successfully perform an update, thereby increasing both the update-time itself, as well as the inconsistency of it. Although inferior in the experiment, reference indirection is still a suitable method for safety critical-systems. As long as the system does not need to push an update within a certain amount of time, the two methods are more or less equally fitted to work in a safety-critical environment. The mechanism that causes the slowness and inconsistency off reference indirection is the method’s need to require a safer state before performing an update, which could positively benefit the safety of the system. This study is the first study to compare code relinking and reference indirection via model checking.