Twitter
Facebook
LinkedIn
Google+
YouTubeusenix conference policies
OPUS: Online Patches and Updates for Security
Website Maintenance Alert
Due to scheduled maintenance, the USENIX website may not be available on Monday, March 17, from 10:00 am–6:00 pm Pacific Daylight Time (UTC -7). We apologize for the inconvenience and thank you for your patience.
If you would like to register for NSDI '25, SREcon25 Americas, or PEPR '25, please complete your registration before or after this time period.
We present OPUS, a tool for dynamic software patching capable of applying fixes to a C program at runtime. OPUS's primary goal is to enable application of security patches to interactive applications that are a frequent target of security exploits. By restricting the type of patches admitted by our system, we are able to significantly reduce any additional burden on the programmer beyond what would normally be required in developing and testing a conventional stop-and-restart patch. We hand-tested 26 real CERT vulnerabilities, of which 22 were dynamically patched with our current OPUS prototype, doing so with negligible runtime overhead and no prior knowledge of the tool's existence on the patch programmer's part.
author = {Gautam Altekar and Ilya Bagrak and Paul Burstein and Andrew Schultz},
title = {{OPUS}: Online Patches and Updates for Security},
booktitle = {14th USENIX Security Symposium (USENIX Security 05)},
year = {2005},
address = {Baltimore, MD},
url = {https://www.usenix.org/conference/14th-usenix-security-symposium/opus-online-patches-and-updates-security},
publisher = {USENIX Association},
month = jul
}
connect with us