How to Avoid Making a Billion-Dollar Mistake: Type-Safe Data Plane Programming with SafeP4
Matthias Eichholz, Eric Campbell, Nate Foster, Guido Salvaneschi, Mira, Mezini

TL;DR
SafeP4 is a new domain-specific language for data plane programming that guarantees header validity at compile-time, reducing bugs and increasing safety in network programs.
Contribution
It introduces a formal semantics and a static type system for SafeP4 that ensures header safety, addressing dynamic header validity issues in P4 programs.
Findings
SafeP4's type system effectively eliminates common header safety bugs.
The approach improves reliability of real-world data plane programs.
Static guarantees are achieved despite dynamic header modifications.
Abstract
The P4 programming language offers high-level, declarative abstractions that bring the flexibility of software to the domain of networking. Unfortunately, the main abstraction used to represent packet data in P4, namely header types, lacks basic safety guarantees. Over the last few years, experience with an increasing number of programs has shown the risks of the unsafe approach, which often leads to subtle software bugs. This paper proposes SafeP4, a domain-specific language for programmable data planes in which all packet data is guaranteed to have a well-defined meaning and satisfy essential safety guarantees. We equip SafeP4 with a formal semantics and a static type system that statically guarantees header validity---a common source of safety bugs according to our analysis of real-world P4 programs. Statically ensuring header validity is challenging because the set of valid…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
