Modular Control Plane Verification via Temporal Invariants
Timothy Alberdingk Thijm, Ryan Beckett, Aarti Gupta, David, Walker
TL;DR
Timepiece is a scalable, modular control plane verification system that uses temporal invariants to efficiently verify large and complex network policies, outperforming traditional monolithic methods.
Contribution
We introduce a sound, expressive, and scalable modular verification system based on temporal logic interfaces, enabling efficient verification of large networks.
Findings
Verifies a 2,000-node network in 2.37 minutes
Modular verification of individual routers completes in seconds
Outperforms non-modular engines on large networks
Abstract
Monolithic control plane verification cannot scale to hyperscale network architectures with tens of thousands of nodes, heterogeneous network policies and thousands of network changes a day. Instead, modular verification offers improved scalability, reasoning over diverse behaviors, and robustness following policy updates. We introduce Timepiece, a new modular control plane verification system. While one class of verifiers, starting with Minesweeper, were based on analysis of stable paths, we show that such models, when deployed naively for modular verification, are unsound. To rectify the situation, we adopt a routing model based around a logical notion of time and develop a sound, expressive, and scalable verification engine. Our system requires that a user specifies interfaces between module components. We develop methods for defining these interfaces using predicates inspired by…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Control Systems Optimization · Formal Methods in Verification · Fault Detection and Control Systems