SDNRacer: Concurrency Analysis for Software-Defined Networks

Authors: Ahmed El-Hassany, Jérémie Miserez, Pavol Bielik, Laurent Vanbever, and Martin Vechev
Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation
PDF

Abstract

Concurrency violations are an important source of bugs in Software-Defined Networks (SDN), often leading to policy or invariant violations. Unfortunately, concurrency violations are also notoriously difficult to avoid, detect and debug. This paper presents a novel approach and a tool, SDNRacer, for detecting concurrency violations of SDNs. Our approach is enabled by three key ingredients: (i) a precise happens- before model for SDNs that captures when events can happen concurrently; (ii) a set of sound, domain-specific filters that reduce reported violations by orders of magnitude, and; (iii) a sound and complete dynamic analyzer, based on the above, that can ensure the network is free of harmful errors such as data races and per-packet incoherence. We evaluated SDNRacer on several real-world OpenFlow controllers, running both reactive and proactive applications in large networks. We show that SDNRacer is practically effective: it quickly pinpoints harmful concurrency violations without overwhelming the user with false positives.

People

Dr. Ahmed El-Hassany
PhD student
2015—2019

BibTex

@inproceedings{el-hassany2016sdnracer,
  author    = {El-Hassany, Ahmed and Miserez, J{\'{e}}r{\'{e}}mie and Bielik, Pavol and Vanbever, Laurent and Vechev, Martin},
  title     = {{SDNRacer: Concurrency Analysis for Software-Defined Networks}},
  booktitle = {Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation},
  address   = {Santa Barbara, CA, USA},
  year      = 2016,
  month     = jun,
  publisher = {Association for Computing Machinery},
  doi       = {10.1145/2908080.2908124},
  url       = {https://doi.org/10.1145/2908080.2908124}
}

Research Collection: 20.500.11850/196973