A framework for live software upgrade

The demand for continuous service in mission- and safety-critical software applications is increasing. For these applications, it is unacceptable to shutdown and restart the system during software upgrade. This paper examines issues relating to on-line upgrades for mission- and safety-critical software applications. We believe that a dynamic architecture and communication model provides an excellent foundation for runtime software evolution. To solve the problems mentioned above, we designed and implemented a framework, which addresses four main areas: dynamic architecture and communication model, reconfiguration management, the upgrade protocol, and the upgrade technique. The framework can be used for online upgrading of multi-task software applications, which provide multiple mission-critical services. In the framework discussed in the paper, the ability to make runtime modifications is considered at the software architecture-level. The dynamic architecture and communication model makes it possible for software applications to add, remove, and hot swap modules on the fly. The transition scenario is specified by the upgrade protocol. The framework also provides the mechanism for maintaining state consistency. In order to ensure a reliable upgrade, a two-phase commit protocol is utilized to implement the atomic upgrade transactions. In addition, a command line interface facilitates the reconfiguration management. A simulation study of the proposed framework was carried out for live software upgrade of several practical applications. The results of the simulation are also presented.