Concurrency violations are an important source of bugs in Software-Defined Networks (SDN), often leading to policy or invariant violations. Unfortunately, concurrency violations are also notoriously difficult to avoid, detect and debug.
This paper presents a novel approach and a tool, iRacer, for detecting concurrency violations of SDNs. Our approach is enabled by three key ingredients: (i) a precise happens- before model for SDNs that captures when events can happen concurrently; (ii) a set of sound, domain-specific filters that reduce reported violations by orders of magnitude, and; (iii) a sound and complete dynamic analyzer, based on the above, that can ensure the network is free of harmful errors such as data races and per-packet incoherence.
We evaluated SDNRacer on several real-world OpenFlow controllers, running both reactive and proactive applications in large networks. We show that SDNRacer is practically effective: it quickly pinpoints harmful concurrency violations without overwhelming the user with false positives.
Thu 16 Jun (GMT-07:00) Tijuana, Baja California change
|13:30 - 14:00|
Jedidiah McClurgUniversity of Colorado Boulder, Hossein HojjatCornell University, Nate FosterCornell University, Pavol CernyUniversity of Colorado BoulderPre-print Media Attached
|14:00 - 14:30|
|14:30 - 15:00|
Ahmed El-HassanyETH Zürich, Jeremie MiserezETH Zürich, Pavol BielikETH Zurich, Switzerland, Laurent VanbeverETH Zürich, Martin VechevETH ZurichMedia Attached