Runtime software patching aims to minimize or eliminate service downtime, user interruptions and potential data losses while deploying a patch. Due to modern software systems' high variance and heterogeneity, no universal solutions are available or proposed to deploy and execute patches at runtime. Existing runtime software patching solutions focus on specific cases, scenarios, programming languages and operating systems. This paper aims to identify, investigate and synthesize state-of-the-art runtime software patching approaches and gives an overview of currently unsolved challenges. It further provides insights on multiple aspects of runtime patching approaches such as patch scales, general strategies and responsibilities. This study identifies seven levels of granularity, two key strategies providing a conceptual model of three responsible entities and four capabilities of runtime patching solutions. Through the analysis of the existing literature, this research also reveals open issues hindering more comprehensive adoption of runtime patching in practice. Finally, it proposes several crucial future directions that require further attention from both researchers and practitioners.

翻译：运行时软件修补旨在最小化或消除应用补丁时的服务中断、用户干扰及潜在数据丢失。由于现代软件系统的高度多样性与异构性，目前尚无或未提出可用于在运行时部署与执行补丁的通用解决方案。现有的运行时软件修补方法主要针对特定场景、用例、编程语言及操作系统。本文旨在识别、调研并综合最新的运行时软件修补方法，概述当前未解决的挑战，并进一步提供关于运行时修补方法的多方面见解，包括补丁规模、通用策略及责任划分。本研究识别出七个粒度层级、两个关键策略，构建了包含三个责任实体及四种修补能力的运行时修补概念模型。通过对现有文献的分析，本研究还揭示了阻碍运行时修补在实际中更广泛采纳的未解决问题。最后，本文提出了若干需研究人员与实践者进一步关注的关键未来方向。