Software Longevity in the Wild: Folklore and Law

Abstract

Software rejuvenation is in vogue. Articles in the news indicate that airlines are already enforcing the frequent rejuvenation of airplane software, and other industries are likely to follow the same trend. At the same time, there is a vast folklore on software longevity, appearing in online forums at websites such as Reddit. The goal of this vision paper is to present a broad perspective contrasting the expected lifetime of so called "epic" machines with very long uptimes against the purposely short uptimes enforced by recent law regulations. Our aim is to illustrate what can be learned both from forums (folklore) and from the regulations (enforced by legal agencies) about the two ends of the spectrum of software longevity, namely, very long uptimes and relatively short ones. In particular, we indicate that long uptimes typically occur at servers and that there are security concerns about such long lived routers that remain unpatched for long periods of time, whereas short uptimes typically occur due to concerns about safety and performance at critical systems wherein patching is costly but the restart of the system is less expensive. Currently, law enforcement occurs reactively after bugs are found. We envision that this paper will bring awareness to the scientific community and practitioners about the relevance of law enforcement for critical-system software rejuvenation more broadly even before the bugs are founds, given their widespread and recurrent prevalence.