Timed Consistent Network Updates

Network updates such as policy and routing changes occur frequently in Software Defined Networks (SDN). Updates should be performed consistently, preventing temporary disruptions, and should require as little overhead as possible. Scalability is increasingly becoming an essential requirement in SDN. In this paper we propose to use time-triggered network updates to achieve consistent updates. Our proposed solution requires lower overhead than existing update approaches, without compromising the consistency during the update. We demonstrate that accurate time enables far more scalable consistent updates in SDN than previously available. In addition, it provides the SDN programmer with fine-grained control over the tradeoff between consistency and scalability.Comment: This technical report is an extended version of the paper "Timed Consistent Network Updates", which was accepted to the ACM SIGCOMM Symposium on SDN Research (SOSR) '15, Santa Clara, CA, US, June 201

GCP: Gossip-based Code Propagation for Large-scale Mobile Wireless Sensor Networks

Wireless sensor networks (WSN) have recently received an increasing interest. They are now expected to be deployed for long periods of time, thus requiring software updates. Updating the software code automatically on a huge number of sensors is a tremendous task, as ''by hand'' updates can obviously not be considered, especially when all participating sensors are embedded on mobile entities. In this paper, we investigate an approach to automatically update software in mobile sensor-based application when no localization mechanism is available. We leverage the peer-to-peer cooperation paradigm to achieve a good trade-off between reliability and scalability of code propagation. More specifically, we present the design and evaluation of GCP ({\emph Gossip-based Code Propagation}), a distributed software update algorithm for mobile wireless sensor networks. GCP relies on two different mechanisms (piggy-backing and forwarding control) to improve significantly the load balance without sacrificing on the propagation speed. We compare GCP against traditional dissemination approaches. Simulation results based on both synthetic and realistic workloads show that GCP achieves a good convergence speed while balancing the load evenly between sensors

Influence of Software Updates on Hedonic Software Users

Lately, a more and more frequently used method to enhance and maintain software is through software updates. These updates are distributed over the Internet in order to fix bugs, improve base-software, or add new functionalities. This research paper extends theory in the IS topic of post-adoption and examines the effect of software updates on the individual hedonic software user. We develop a digital game and use it in a web-based experiment with 225 participants who are randomly assigned to three distinct groups. We adapt the IS continuance model and assess the effects of a functional software update and a placebo update notification through inter group comparisons. Our study unveils that while a functional software update leads to an increase in perceived enjoyment, satisfaction, continuance intention, and disconfirmation, albeit the placebo update notification does not. Finally, implications for research and practice are discussed

Over-The-Vacuum Update – Starlink’s Approach for Reliably Upgrading Software on Thousands of Satellites

Starlink operates the world\u27s largest constellation of over 4000 satellites, all of which receive regular software updates to deliver new capabilities, improve reliability and performance, and maintain security. Updating the software across the constellation requires solving two core challenges: safely updating an individual satellite in the harsh environment of space, and orchestrating thousands of updates without impacting users of the system. Variations on these problems have been addressed for large scale terrestrial compute systems by the broader software industry, and we have leveraged practices of that state of the art to develop a novel spacecraft software update system that delivers updates to the entire fleet of spacecraft on a rapid cadence. We developed a fault tolerant update system that is resilient to a breadth of failure classes, ensures consistency across a satellite composed of many independent computers, and is autonomous and self-correcting across a variety of traditionally challenging space operations scenarios. We leverage that system to adopt software industry standard practices like canary testing and progressive rollout. We have used this software update system to make over 200 updates to continuously deliver new functionality and improve performance of the fleet with no satellites lost due to failed software update

Decentralized Coordination of Dynamic Software Updates in the Internet of Things

Large scale IoT service deployments run on a high number of distributed, interconnected computing nodes comprising sensors, actuators, gateways and cloud infrastructure. Since IoT is a fast growing, dynamic domain, the implementation of software components are subject to frequent changes addressing bug fixes, quality insurance or changed requirements. To ensure the continuous monitoring and control of processes, software updates have to be conducted while the nodes are operating without losing any sensed data or actuator instructions. Current IoT solutions usually support the centralized management and automated deployment of updates but are restricted to broadcasting the updates and local update processes at all nodes. In this paper we propose an update mechanism for IoT deployments that considers dependencies between services across multiple nodes involved in a common service and supports a coordinated update of component instances on distributed nodes. We rely on LyRT on all IoT nodes as the runtime supporting local disruption-minimal software updates. Our proposed middleware layer coordinates updates on a set of distributed nodes. We evaluated our approach using a demand response scenario from the smart grid domain

IoT Application Provisioning Service

Constant development of software requires updating our Internet of Things (IoT) devices regularly. Some services such as transportation, health care, surveillance and electronic payments require high availability, even during a software update. IoT updates in urban scenarios require connectivity based on the Internet Protocol (IP) and long range connection with adequate speed. Normally, these requirements are provided by cellular network (i.e., using a SIM card) to connect to the Internet. This option presents several disadvantages: it is very expensive and it exposes IoT devices to security threats due to the permanent connection to the Internet. These challenges could be addressed by leveraging long-range broadcast communication (e.g., FM broadcast). IoT devices periodically listen for and receive updates through such a communication infrastructure, without actually being connected to the Internet. This thesis presents a system to provide software updates for IoT devices through long-range broadcast communication technologies. A prototype has been developed based on the concept of “seamless updates”. This allows performing software updates in the background, hence ensuring the availability of a device during the installation time of an update. This seamless update process was implemented on an embedded device (i.e., a Raspberry Pi 3) with a Linux-based operating system. Furthermore, a web-based backend has been implemented. Such a backend allows IoT developers to upload their updates targeting a specific class of devices and schedule when the update will be sent. The security goals of integrity and authentication are accomplished by signing the updates in the backend and verifying it at the IoT device. Moreover, a performance evaluation is performed for the system upgrade service with different parameters to sign the updates

Gains and Losses in Functionality – An Experimental Investigation of the Effect of Software Updates on Users’ Continuance Intentions

Although software updates are ubiquitous in professional and private IS usage, their impact on user behaviors has received little attention in post-adoption research. Based on expectation-confirmation-theory and the IS continuance model, we investigate the effects of gaining and loosing features through updates on expert and novice users’ continuance intentions (CI). In a vignette based experiment, we find that updates which add features to software after its release increase novices’ CI above and beyond a level generated by a monolithic software package that contains the entire feature set from the beginning. With diminished CI, experts show a contrary reaction to the same update. Losing features through an update, on the other hand, severely diminishes CI for experts and novices alike. Mediation analysis reveals positive disconfirmation of previous expectations as psychological mechanism behind novices’ counter-intuitive and somewhat non-rational responses to gaining features through an update. Implications for research and practice are derived

UniSUF: a unified software update framework for vehicles utilizing isolation techniques and trusted execution environments

Today’s vehicles depend more and more on software, and can contain over 100M lines of code controlling many safety-critical functions, such as steering and brakes. Increased complexity in software inherently increases the number of bugs affecting vehicle safety-critical functions. Consequently, software updates need to be applied regularly. Current research around vehicle software update solutions is lacking necessary details for a versatile, unified and secure approach that covers various update scenarios, e.g., over-the-air, with a workshop computer, at factory production or using a diagnostic update tool. We propose UniSUF, a Unified Software Update Framework for Vehicles, well aligned with automotive industry stakeholders. All data needed for a complete software update is securely encapsulated into one single file. This vehicle unique file can be processed in multitudes of update scenarios and executed without any external connectivity since all data is inherently secured. To the best of our knowledge, this comprehensive, versatile and unified approach cannot be found in previous research and is a contribution to an essential requirement within the industry for handling the increasing complexity related to vehicle software updates