Runtime Software Patching: Taxonomy, Survey and Future Directions

TL;DR

This paper provides a comprehensive overview of runtime software patching, categorizing existing approaches, identifying challenges, and proposing future research directions to improve deployment and effectiveness.

Contribution

It offers a taxonomy, synthesizes current methods, and highlights open issues and future directions in runtime software patching research.

Findings

Identified seven levels of patch granularity

Developed a conceptual model with three responsible entities

Highlighted four key capabilities of runtime patching solutions

Abstract

Runtime software patching aims to minimize or eliminate service downtime, user interruptions and potential data losses while deploying a patch. Due to modern software systems' high variance and heterogeneity, no universal solutions are available or proposed to deploy and execute patches at runtime. Existing runtime software patching solutions focus on specific cases, scenarios, programming languages and operating systems. This paper aims to identify, investigate and synthesize state-of-the-art runtime software patching approaches and gives an overview of currently unsolved challenges. It further provides insights on multiple aspects of runtime patching approaches such as patch scales, general strategies and responsibilities. This study identifies seven levels of granularity, two key strategies providing a conceptual model of three responsible entities and four capabilities of runtime patching solutions. Through the analysis of the existing literature, this research also reveals open issues hindering more comprehensive adoption of runtime patching in practice. Finally, it proposes several crucial future directions that require further attention from both researchers and practitioners.