Dynamic Repair of Mission-Critical Applications with Runtime Snap-Ins

  • J. Peter BradyEmail author
  • Sergey Bratus
  • Sean Smith
Conference paper
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 570)


This chapter proposes a solution that provides reliable, non-disruptive updates to critical systems using a novel design pattern called a “snap-in,” which is able to install replacement routines embedded in shared libraries during system execution. Most system updates are performed in a static or maintenance state. However, dynamically updating software reduces the time required for adding functionality and applying security upgrades. The proposed snap-in solution improves on previous work by adopting the novel approach of using the target’s application binary interface to first load shared libraries that contain replacement routines into a running application, supplanting the original routines with replacement routines without having to modify the existing code. An automated toolkit is provided for scanning application binaries and determining where the replacement routines are to be added.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    P. Anantharaman, M. Locasto, G. Ciocarlie and U. Lindqvist, Building hardened Internet-of-Things clients with language-theoretic security, Proceedings of the IEEE Symposium on Security and Privacy Workshops, pp. 120–126, 2017Google Scholar
  2. 2.
    J. Arnold and M. Kaashoek, Ksplice: Automatic rebootless kernel updates, Proceedings of the Fourth ACM European Conference on Computer Systems, pp. 187–198, 2009Google Scholar
  3. 3.
    H. Arora, Intro to Linux shared libraries (How to create shared libraries), The Geek Stuff Blog (, June 11, 2012
  4. 4.
    H. Chen, J. Yu, R. Chen, B. Zang and P. Yew, POLUS: A powerful live updating system, Proceedings of the Twenty-Ninth International Conference on Software Engineering, pp. 271–281, 2007Google Scholar
  5. 5.
    ERESI Team, The ERESI Reverse Engineering Software Interface (, 2016
  6. 6.
    K. Finley, NASA pulls off 160-million-mile software patch, Wired, August 16, 2012Google Scholar
  7. 7.
    S. Gold, The SCADA challenge: Securing critical infrastructure, Network Security, vol. 2009(8), pp. 18–20, 2009CrossRefGoogle Scholar
  8. 8.
    P. Goodman, Heavy lifting with McSema 2.0, Trail of Bits Blog (, Ja- nuary 23, 2018Google Scholar
  9. 9.
    H. Guzman-Miranda, L. Sterpone, M. Violante, M. Aguirre and M. Gutierrez-Rizo, Coping with the obsolescence of safety- or mission-critical embedded systems using FPGAs, IEEE Transactions on Industrial Electronics, vol. 58(3), pp. 814–821, 2011CrossRefGoogle Scholar
  10. 10.
    C. Hayden, K. Saur, M. Hicks and J. Foster, A study of dynamic software update quiescence for multithreaded programs, Proceedings of the Fourth International Workshop on Hot Topics in Software Upgrades, pp. 6–10, 2012Google Scholar
  11. 11.
    C. Hayden, E. Smith, M. Denchev, M. Hicks and J. Foster, Kitsune: Efficient, general-purpose dynamic software updating for C, Proceedings of the Twenty-Eighth Annual ACM SIGPLAN Conference on Object-Oriented Programming Systems, Languages and Applications, pp. 249–264, 2012CrossRefGoogle Scholar
  12. 12.
    C. Kolias, G. Kambourakis, A. Stavrou and J. Voas, DDoS in the IoT: Mirai and other botnets, IEEE Computer, vol. 50(7), pp. 80–84, 2017CrossRefGoogle Scholar
  13. 13.
    R. Langner, Stuxnet: Dissecting a cyberwarfare weapon, IEEE Security and Privacy, vol. 9(3), pp. 49–51, 2011CrossRefGoogle Scholar
  14. 14.
    J. Levine, Linkers and Loaders, Morgan Kauffmann Publishers, San Francisco, California, 1999Google Scholar
  15. 15.
    J. Leyden, Samsung smart fridge leaves Gmail logins open to attack, The Register, August 24, 2015Google Scholar
  16. 16.
    LLVM Compiler Infrastructure, Getting Started with the LLVM System (, 2019Google Scholar
  17. 17.
    R. Lutz, Analyzing software requirements errors in safety-critical, embedded systems, Proceedings of the IEEE International Symposium on Requirements Engineering, pp. 126–133, 1993Google Scholar
  18. 18.
    D. Palmer, Is ‘admin’ password leaving your IoT device vulnerable to cyberattacks? ZDNet, April 26, 2017Google Scholar
  19. 19.
    M. Pietrek, Everything you need to know to start programming 64-bit Windows systems, Microsoft Developer Network Magazine, May 2006Google Scholar
  20. 20.
    M. Pukall, C. Kastner, W. Cazzola, S. Gotz, A. Grebhahn, R. Schroter and G. Saake, JavAdaptor – Flexible runtime updates of Java applications, Software – Practice and Experience, vol. 43(2), pp. 153–185, 2013Google Scholar
  21. 21.
    A. Ramaswamy, S. Bratus, S. Smith and M. Locasto, Katana: A hot patching framework for ELF executables, Proceedings of the International Conference on Availability, Reliability and Security, pp. 507–512, 2010Google Scholar
  22. 22.
    RTI International, The Economic Impacts of Inadequate Infrastructure for Software Testing, Planning Report 02-03, RTI Project No. 7007.011, Research Triangle Park, North Carolina, 2002Google Scholar
  23. 23.
    S. Ruoti, K. Seamons and D. Zappala, Layering security at global control points to secure unmodified software, Proceedings of the IEEE Secure Development Conference, pp. 42–49, 2017Google Scholar
  24. 24.
    S. Smith, The Internet of Risky Things – Trusting the Devices That Surround Us, O’Reilly Media, Sebastopol, California, 2017Google Scholar
  25. 25.
    S. Smith and J. Marchesini, The Craft of System Security, Pearson Education, Boston, Massachusetts, 2008Google Scholar
  26. 26.
    B. Spengler, PaX: The guaranteed end of arbitrary code execution, presented at G-Con2, 2003Google Scholar
  27. 27.
    K. Stouffer, V. Pillitteri, S. Lightman, M. Abrams and A. Hahn, Guide to Industrial Control Systems (ICS) Security, NIST Special Publication 800-82, Revision 2, National Institute of Standards and Technology, Gaithersburg, Maryland, 2015Google Scholar
  28. 28.
    The Santa Cruz Operation, System V Application Binary Interface, Edition 4.1, Santa Cruz, California, 1997Google Scholar
  29. 29.
    D. Tomaschik, GOT and PLT for pwning, System Overlord Blog (, Mar- ch 19, 2017Google Scholar
  30. 30.
    Trail of Bits, McSema, GitHub (, 2019Google Scholar
  31. 31.
    L. van Put, D. Chanet, B. De Bus, B. De Sutter and K. De Bosschere, DIABLO: A reliable, retargetable and extensible link-time rewriting framework, Proceedings of the Fifth IEEE International Symposium on Signal Processing and Information Technology, pp. 7–12, 2005Google Scholar
  32. 32.
    R. Varshneya, There’s no such thing as a bug-free app, Entrepreneur, October 22, 2015Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2019

Authors and Affiliations

  1. 1.Dartmouth CollegeHanoverUSA

Personalised recommendations