Concurrency violations are an important source of bugs in Software-Defined Networks (SDN), often leading to policy or invariant violations. Unfortunately, concurrency violations are also notoriously difficult to avoid, detect and debug.
This paper presents a novel approach and a tool, iRacer, for detecting concurrency violations of SDNs. Our approach is enabled by three key ingredients: (i) a precise happens- before model for SDNs that captures when events can happen concurrently; (ii) a set of sound, domain-specific filters that reduce reported violations by orders of magnitude, and; (iii) a sound and complete dynamic analyzer, based on the above, that can ensure the network is free of harmful errors such as data races and per-packet incoherence.
We evaluated SDNRacer on several real-world OpenFlow controllers, running both reactive and proactive applications in large networks. We show that SDNRacer is practically effective: it quickly pinpoints harmful concurrency violations without overwhelming the user with false positives.
Thu 16 JunDisplayed time zone: Tijuana, Baja California change
13:30 - 15:00 | Software-Defined NetworkingResearch Papers at Grand Ballroom San Rafael Chair(s): Todd Millstein University of California, Los Angeles | ||
13:30 30mTalk | Event-driven Network Programming Research Papers Jedidiah McClurg University of Colorado Boulder, Hossein Hojjat Cornell University, Nate Foster Cornell University, Pavol Cerny University of Colorado Boulder Pre-print Media Attached | ||
14:00 30mTalk | Temporal NetKAT Research Papers Ryan Beckett Princeton University, Michael Greenberg Pomona College, David Walker Princeton University Media Attached | ||
14:30 30mTalk | SDNRacer: Concurrency Analysis for Software-Defined Networks Research Papers Ahmed Elhassany ETH Zürich, Jeremie Miserez ETH Zürich, Pavol Bielik ETH Zurich, Switzerland, Laurent Vanbever ETH Zürich, Martin Vechev ETH Zurich Media Attached | ||