Trailing the Snail: SDN Controller Security Evolution
Sandra Scott-Hayward
TL;DR
This paper reviews the slow progress in securing SDN controllers, focusing on the evolution of ONOS and ODL, and discusses implications for designing more secure SDN control planes.
Contribution
It provides a historical analysis of SDN controller security development, highlighting challenges and lessons for future secure SDN controller design.
Findings
Security development has been slow over 10 years.
ONOS and ODL are widely deployed open-source controllers.
Insights into secure SDN controller design are discussed.
Abstract
The first OpenFlow Software-Defined Network (SDN) Controller, NOX, was developed by Nicira Networks and donated to the research community in 2008. Almost 10 years later, there are at least 29 open-source SDN Controllers and many more proprietary solutions. Two of the open-source SDN controllers stand out in terms of broad deployment and strong contributor base; Open Network Operating System (ONOS) and OpenDaylight (ODL). Both have been deployed in live networks. However, despite increasing adoption of SDN, the security of the SDN control plane has developed at a snail's pace. In this paper, the evolution of ONOS and ODL security is discussed. The reflection of this on secure SDN Controller design is analyzed.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSoftware-Defined Networks and 5G · Network Security and Intrusion Detection · Internet Traffic Analysis and Secure E-voting