NEST: Network Enforced Session Types (Technical Report)

Jens Kanstrup Larsen; Alceste Scalas; Guy Amir; Jules Jacobs; Jana Wagemaker; Nate Foster

arXiv:2604.21795·cs.PL·April 24, 2026

NEST: Network Enforced Session Types (Technical Report)

Jens Kanstrup Larsen, Alceste Scalas, Guy Amir, Jules Jacobs, Jana Wagemaker, Nate Foster

PDF

TL;DR

NEST is a framework that enforces application protocols directly in the network data plane using synthesized packet-level monitors, improving protocol enforcement without modifying application code.

Contribution

It introduces a novel method to generate network-level monitors from session types and implements them in P4 for protocol enforcement.

Findings

01

NEST can enforce complex protocols in microservice and network-function applications.

02

The framework handles packet loss and reordering effectively.

03

Network-level enforcement reduces the need for application-level instrumentation.

Abstract

This paper introduces NEST (Network-Enforced Session Types), a runtime verification framework that moves application-level protocol monitoring into the network fabric. Unlike prior work that instruments or wraps application code, we synthesize packet-level monitors that enforce protocols directly in the data plane. We develop algorithms to generate network-level monitors from session types and extend them to handle packet loss and reordering. We implement NEST in P4 and evaluate it on applications including microservice and network-function models, showing that network-level monitors can enforce realistic non-trivial protocols.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.