Concurrency violations are an important source of bugs in Software-Defined Networks (SDN), often leading to policy or invariant violations. Unfortunately, concurrency violations are also notoriously difficult to avoid, detect and debug.
This paper presents a novel approach and a tool, iRacer, for detecting concurrency violations of SDNs. Our approach is enabled by three key ingredients: (i) a precise happens- before model for SDNs that captures when events can happen concurrently; (ii) a set of sound, domain-specific filters that reduce reported violations by orders of magnitude, and; (iii) a sound and complete dynamic analyzer, based on the above, that can ensure the network is free of harmful errors such as data races and per-packet incoherence.
We evaluated SDNRacer on several real-world OpenFlow controllers, running both reactive and proactive applications in large networks. We show that SDNRacer is practically effective: it quickly pinpoints harmful concurrency violations without overwhelming the user with false positives.
Thu 16 Jun Times are displayed in time zone: Tijuana, Baja California change
13:30 - 15:00 | Software-Defined NetworkingResearch Papers at Grand Ballroom San Rafael Chair(s): Todd MillsteinUniversity of California, Los Angeles | ||
13:30 30mTalk | Event-driven Network Programming Research Papers Jedidiah McClurgUniversity of Colorado Boulder, Hossein HojjatCornell University, Nate FosterCornell University, Pavol CernyUniversity of Colorado Boulder Pre-print Media Attached | ||
14:00 30mTalk | Temporal NetKAT Research Papers Media Attached | ||
14:30 30mTalk | SDNRacer: Concurrency Analysis for Software-Defined Networks Research Papers Ahmed El-HassanyETH Zürich, Jeremie MiserezETH Zürich, Pavol BielikETH Zurich, Switzerland, Laurent VanbeverETH Zürich, Martin VechevETH Zurich Media Attached |