posted on 2022-05-01, 00:00authored byDavid Woloch
Multi-version execution (MVE) is a framework that uses software diversification for the purposes of increasing security, reliability, and availability. The goal of MVE is to generate the same observable behavior between two or more similar, but different processes e.g. different releases of the same program. Generally, MVE systems must provide a way to intercept the sources of nondeterministic input into the application to ensure the same observable states. MVE systems have limitations which prevent deployment on practical applications and on managed languages. We have developed a framework, JavaMVX, which intercepts sources of nondeterminism at the Java language level through an automatic program transformation at the bytecode level. We have built a prototype implementation and applied our approach to a set of realistic Java programs in the DaCapo benchmark suite to validate the feasibility of our framework.