TY - GEN
T1 - Abstract Interpretation of Stateful Networks
AU - Alpernas, Kalev
AU - Manevich, Roman
AU - Panda, Aurojit
AU - Sagiv, Mooly
AU - Shenker, Scott
AU - Shoham, Sharon
AU - Velner, Yaron
N1 - Publisher Copyright:
© 2018, Springer Nature Switzerland AG.
PY - 2018/1/1
Y1 - 2018/1/1
N2 - Modern networks achieve robustness and scalability by maintaining states on their nodes. These nodes are referred to as middleboxes and are essential for network functionality. However, the presence of middleboxes drastically complicates the task of network verification. Previous work showed that the problem is undecidable in general and EXPSPACE-complete when abstracting away the order of packet arrival. We describe a new algorithm for conservatively checking isolation properties of stateful networks. The asymptotic complexity of the algorithm is polynomial in the size of the network, albeit being exponential in the maximal number of queries of the local state that a middlebox can do, which is often small. Our algorithm is sound, i.e., it can never miss a violation of safety but may fail to verify some properties. The algorithm performs on-the fly abstract interpretation by (1) abstracting away the order of packet processing and the number of times each packet arrives, (2) abstracting away correlations between states of different middleboxes and channel contents, and (3) representing middlebox states by their effect on each packet separately, rather than taking into account the entire state space. We show that the abstractions do not lose precision when middleboxes may reset in any state. This is encouraging since many real middleboxes reset, e.g., after some session timeout is reached or due to hardware failure.
AB - Modern networks achieve robustness and scalability by maintaining states on their nodes. These nodes are referred to as middleboxes and are essential for network functionality. However, the presence of middleboxes drastically complicates the task of network verification. Previous work showed that the problem is undecidable in general and EXPSPACE-complete when abstracting away the order of packet arrival. We describe a new algorithm for conservatively checking isolation properties of stateful networks. The asymptotic complexity of the algorithm is polynomial in the size of the network, albeit being exponential in the maximal number of queries of the local state that a middlebox can do, which is often small. Our algorithm is sound, i.e., it can never miss a violation of safety but may fail to verify some properties. The algorithm performs on-the fly abstract interpretation by (1) abstracting away the order of packet processing and the number of times each packet arrives, (2) abstracting away correlations between states of different middleboxes and channel contents, and (3) representing middlebox states by their effect on each packet separately, rather than taking into account the entire state space. We show that the abstractions do not lose precision when middleboxes may reset in any state. This is encouraging since many real middleboxes reset, e.g., after some session timeout is reached or due to hardware failure.
UR - https://www.scopus.com/pages/publications/85053597706
U2 - 10.1007/978-3-319-99725-4_8
DO - 10.1007/978-3-319-99725-4_8
M3 - Conference contribution
AN - SCOPUS:85053597706
SN - 9783319997247
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 86
EP - 106
BT - Static Analysis - 25th International Symposium, SAS 2018, Proceedings
A2 - Podelski, Andreas
PB - Springer Verlag
T2 - 25th International Static Analysis Symposium, SAS 2018
Y2 - 29 August 2018 through 31 August 2018
ER -