Abstract Interpretation of Stateful Networks

Kalev Alpernas (1); Roman Manevich (2); Aurojit Panda (3); Mooly Sagiv; (1); Scott Shenker (4); Sharon Shoham (1); Yaron Velner (5) ((1) Tel Aviv; University; (2) Ben-Gurion University of the Negev; (3) NYU; (4) UC Berkeley,; (5) Hebrew University of Jerusalem)

arXiv:1708.05904·cs.PL·July 5, 2018

Abstract Interpretation of Stateful Networks

Kalev Alpernas (1), Roman Manevich (2), Aurojit Panda (3), Mooly Sagiv, (1), Scott Shenker (4), Sharon Shoham (1), Yaron Velner (5) ((1) Tel Aviv, University, (2) Ben-Gurion University of the Negev, (3) NYU, (4) UC Berkeley,, (5) Hebrew University of Jerusalem)

PDF

Open Access

TL;DR

This paper introduces a polynomial-time, sound algorithm for verifying isolation properties in stateful networks with middleboxes, using abstract interpretation techniques that simplify state analysis while ensuring safety violations are not missed.

Contribution

The paper presents a novel, efficient algorithm for conservative verification of stateful networks, handling complex middlebox behaviors with abstraction techniques that preserve soundness.

Findings

01

Algorithm is polynomial in network size but exponential in local query complexity.

02

It is sound and guarantees no missed safety violations.

03

Abstractions remain precise even when middleboxes reset.

Abstract

Modern networks achieve robustness and scalability by maintaining states on their nodes. These nodes are referred to as middleboxes and are essential for network functionality. However, the presence of middleboxes drastically complicates the task of network verification. Previous work showed that the problem is undecidable in general and EXPSPACE-complete when abstracting away the order of packet arrival. We describe a new algorithm for conservatively checking isolation properties of stateful networks. The asymptotic complexity of the algorithm is polynomial in the size of the network, albeit being exponential in the maximal number of queries of the local state that a middlebox can do, which is often small. Our algorithm is sound, i.e., it can never miss a violation of safety but may fail to verify some properties. The algorithm performs on-the fly abstract interpretation by (1)…

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsFormal Methods in Verification · Radiation Effects in Electronics · Software-Defined Networks and 5G