Cargando…
Towards Model Checking Real-World Software-Defined Networks
In software-defined networks (SDN), a controller program is in charge of deploying diverse network functionality across a large number of switches, but this comes at a great risk: deploying buggy controller code could result in network and service disruption and security loopholes. The automatic det...
| Autores principales: | , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
2020
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7363310/ http://dx.doi.org/10.1007/978-3-030-53291-8_8 |
| _version_ | 1783559642300809216 |
|---|---|
| author | Klimis, Vasileios Parisis, George Reus, Bernhard |
| author_facet | Klimis, Vasileios Parisis, George Reus, Bernhard |
| author_sort | Klimis, Vasileios |
| collection | PubMed |
| description | In software-defined networks (SDN), a controller program is in charge of deploying diverse network functionality across a large number of switches, but this comes at a great risk: deploying buggy controller code could result in network and service disruption and security loopholes. The automatic detection of bugs or, even better, verification of their absence is thus most desirable, yet the size of the network and the complexity of the controller makes this a challenging undertaking. In this paper, we propose MOCS, a highly expressive, optimised SDN model that allows capturing subtle real-world bugs, in a reasonable amount of time. This is achieved by (1) analysing the model for possible partial order reductions, (2) statically pre-computing packet equivalence classes and (3) indexing packets and rules that exist in the model. We demonstrate its superiority compared to the state of the art in terms of expressivity, by providing examples of realistic bugs that a prototype implementation of MOCS in Uppaal caught, and performance/scalability, by running examples on various sizes of network topologies, highlighting the importance of our abstractions and optimisations. |
| format | Online Article Text |
| id | pubmed-7363310 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2020 |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-73633102020-07-16 Towards Model Checking Real-World Software-Defined Networks Klimis, Vasileios Parisis, George Reus, Bernhard Computer Aided Verification Article In software-defined networks (SDN), a controller program is in charge of deploying diverse network functionality across a large number of switches, but this comes at a great risk: deploying buggy controller code could result in network and service disruption and security loopholes. The automatic detection of bugs or, even better, verification of their absence is thus most desirable, yet the size of the network and the complexity of the controller makes this a challenging undertaking. In this paper, we propose MOCS, a highly expressive, optimised SDN model that allows capturing subtle real-world bugs, in a reasonable amount of time. This is achieved by (1) analysing the model for possible partial order reductions, (2) statically pre-computing packet equivalence classes and (3) indexing packets and rules that exist in the model. We demonstrate its superiority compared to the state of the art in terms of expressivity, by providing examples of realistic bugs that a prototype implementation of MOCS in Uppaal caught, and performance/scalability, by running examples on various sizes of network topologies, highlighting the importance of our abstractions and optimisations. 2020-06-16 /pmc/articles/PMC7363310/ http://dx.doi.org/10.1007/978-3-030-53291-8_8 Text en © The Author(s) 2020 Open Access This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made. The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. |
| spellingShingle | Article Klimis, Vasileios Parisis, George Reus, Bernhard Towards Model Checking Real-World Software-Defined Networks |
| title | Towards Model Checking Real-World Software-Defined Networks |
| title_full | Towards Model Checking Real-World Software-Defined Networks |
| title_fullStr | Towards Model Checking Real-World Software-Defined Networks |
| title_full_unstemmed | Towards Model Checking Real-World Software-Defined Networks |
| title_short | Towards Model Checking Real-World Software-Defined Networks |
| title_sort | towards model checking real-world software-defined networks |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7363310/ http://dx.doi.org/10.1007/978-3-030-53291-8_8 |
| work_keys_str_mv | AT klimisvasileios towardsmodelcheckingrealworldsoftwaredefinednetworks AT parisisgeorge towardsmodelcheckingrealworldsoftwaredefinednetworks AT reusbernhard towardsmodelcheckingrealworldsoftwaredefinednetworks |