If SHA-2 is so secure then why have National Institute of Standards and Technology (NIST) announced an open competition for a new SHA-3 function to replace the older SHA-1 and SHA-2 after 2012?
You think they should wait until SHA-2 is broken to start looking for a replacement? Think about that for a second.
Is SHA-2 algorithm hard coded in the bitcoin protocol or not? Is it possible to upgraded it to SHA-3 after 2012?
It's possible, yes, but it's going to be a mess and require lots of cooperation.