The Multiple Facets of Software Diversity: Recent Developments in Year 2000 and Beyond
It offers an inclusive overview for researchers and practitioners in software diversity who lack a unified perspective, but it is incremental as a survey paper.
This paper provides a comprehensive survey of software diversity, tackling the problem of fragmented understanding across various subfields by assembling recent developments from 2000 onward, with a focus on fault tolerance, security, and software engineering.
Early experiments with software diversity in the mid 1970's investigated N-version programming and recovery blocks to increase the reliability of embedded systems. Four decades later, the literature about software diversity has expanded in multiple directions: goals (fault-tolerance, security, software engineering); means (managed or automated diversity) and analytical studies (quantification of diversity and its impact). Our paper contributes to the field of software diversity as the first paper that adopts an inclusive vision of the area, with an emphasis on the most recent advances in the field. This survey includes classical work about design and data diversity for fault tolerance, as well as the cybersecurity literature that investigates randomization at different system levels. It broadens this standard scope of diversity, to include the study and exploitation of natural diversity and the management of diverse software products. Our survey includes the most recent works, with an emphasis from 2000 to present. The targeted audience is researchers and practitioners in one of the surveyed fields, who miss the big picture of software diversity. Assembling the multiple facets of this fascinating topic sheds a new light on the field.