Skip to Content

No Reboot Required

Ksplice uses new technology to build security updates for Linux that can be installed without restarting.

“Restart required.” The words are guaranteed to bring a groan from computer users. And for busy system administrators, they are even more annoying: applying critical system updates to protect a machine against attack must be balanced with the demands of hundreds or even thousands of users. Software from a new company called Ksplice addresses this dilemma with updates that do not require a restart.

In order to install an update while a computer continues running, a software patch must be carefully structured so that it doesn’t interfere with the operating system’s current operations. This is a difficult and delicate process, and Ksplice addresses it by working at a different level of computer architecture. Most update technologies use the same programming language as the operating system itself. The computer has to translate these instructions into a lower-level language. Ksplice’s software sidesteps this process, analyzing the changes that an update would make at a low level and implementing them using the lower level language.

The technology was developed by cofounder Jeff Arnold while he was a graduate student at MIT, and last week, it won the grand prize at the Institute’s $100K Entrepreneurship Competition.

Waseem Daher, cofounder and chief operating officer, explains that the approach adopted by Ksplice saves it from restructuring instructions in a higher-level programming language on the fly. So far, Ksplice has developed its new update technology for the Linux operating system–which is commonly used to control server machines–although Daher says that the technology could work on other operating systems too.

Ksplice is intended to work for all security patches. “If you don’t have a complete solution, it’s basically useless,” Daher says.

In tests conducted from May 2005 to May 2008, Ksplice was able to install 88 percent of Linux security updates automatically and without a reboot. The remaining updates could be installed without rebooting when a human programmer added a few lines of code.

Ksplice hopes to license its technology directly to software vendors, and then provide the human expertise needed to keep the system working. While Ksplice searches for deals with vendors, Daher says that the company will offer a subscription service to convert patches for clients so that they do not require a reboot.

Up to date: Ksplice software can be used to install updates on a Linux computer without a reboot. The green lights indicate updates that have already been installed.

Since February 2008, MIT has used the technology to update two critical servers, one of which gets more than 37 million hits each month. Greg Price, who is on the executive committee of the MIT Student Information Processing Board, which maintains the servers, says, “Before Ksplice, everyone assumed that rebooting for updates–choosing between being secure and staying up–was just a technical necessity that nobody would overcome.”

Michael Hicks, an associate professor of computer science at the University of Maryland, says that a reliable system for updating without restarting could have a major impact. However, Hicks adds that doing the job safely is a major challenge. “The whole point of live updating is to keep the system running correctly,” he says. “If applying the patch causes the system to crash or makes it run incorrectly, then we’re no better, and potentially worse, than we would be otherwise.”

While Hicks is impressed by how much Ksplice can do automatically, he says that more research is needed to make the technology useful for a broader range of patches. He is researching this himself through a project called Ginseng.

Iulian Neamtiu, an assistant professor of computer science at the University of California, Riverside, who has also worked on Ginseng, says that Ksplice is aimed at a market that sorely needs it: Internet services running on Linux, such as e-mail and Web servers. It’s of paramount importance for these services to apply security updates as soon as possible without sacrificing availability to clients, Neamtiu says. But he hopes to see similar technologies used in other contexts. “I would love to be able to update the operating system or the applications I use on my laptop, desktop, or cell phone without having to reboot,” he says.

Keep Reading

Most Popular

open sourcing language models concept
open sourcing language models concept

Meta has built a massive new language AI—and it’s giving it away for free

Facebook’s parent company is inviting researchers to pore over and pick apart the flaws in its version of GPT-3

transplant surgery
transplant surgery

The gene-edited pig heart given to a dying patient was infected with a pig virus

The first transplant of a genetically-modified pig heart into a human may have ended prematurely because of a well-known—and avoidable—risk.

Muhammad bin Salman funds anti-aging research
Muhammad bin Salman funds anti-aging research

Saudi Arabia plans to spend $1 billion a year discovering treatments to slow aging

The oil kingdom fears that its population is aging at an accelerated rate and hopes to test drugs to reverse the problem. First up might be the diabetes drug metformin.

Yann LeCun
Yann LeCun

Yann LeCun has a bold new vision for the future of AI

One of the godfathers of deep learning pulls together old ideas to sketch out a fresh path for AI, but raises as many questions as he answers.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.