Runtime Verification for Programmable Switches

Apoorv Shukla; Kevin Hudemann; Zsolt Vagi; Lily Hugerich; Georgios Smaragdakis; Artur Hecker; Stefan Schmid; Anja Feldmann

doi:10.1109/TNET.2023.3234931

Runtime Verification for Programmable Switches

Apoorv Shukla, Kevin Hudemann, Zsolt Vagi, Lily Hugerich, Georgios Smaragdakis, Artur Hecker, Stefan Schmid, Anja Feldmann

Cyber Security

Research output: Contribution to journal › Article › Scientific › peer-review

20 Downloads (Pure)

Abstract

We introduce a runtime verification framework for programmable switches that complements static analysis. To evaluate our approach, we design and develop P6, a runtime verification system that automatically detects, localizes, and patches software bugs in P4 programs. Bugs are reported via a violation of pre-specified expected behavior that is captured by P6. P6 is based on machine learning-guided fuzzing that tests P4 switch non-intrusively, i.e., without modifying the P4 program for detecting runtime bugs. This enables an automated and real-time localization and patching of bugs. We used a P6 prototype to detect and patch existing bugs in various publicly available P4 application programs deployed on two different switch platforms, namely, behavioral model (bmv2) and Tofino. Our evaluation shows that P6 significantly outperforms bug detection baselines while generating fewer packets and patches bugs in large P4 programs, e.g., switch.p4 without triggering any regressions.

Original language	English
Pages (from-to)	1822-1837
Number of pages	16
Journal	IEEE/ACM Transactions on Networking
Volume	31
Issue number	4
DOIs	https://doi.org/10.1109/TNET.2023.3234931
Publication status	Published - 2023

Bibliographical note

Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-care
Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.

Keywords

P4
Programmable networks
verification

Access to Document

10.1109/TNET.2023.3234931

Runtime_Verification_for_Programmable_SwitchesFinal published version, 2.96 MB

Cite this

@article{a0e1a8792ea944e5ba01daff02dc5189,

title = "Runtime Verification for Programmable Switches",

abstract = "We introduce a runtime verification framework for programmable switches that complements static analysis. To evaluate our approach, we design and develop P6, a runtime verification system that automatically detects, localizes, and patches software bugs in P4 programs. Bugs are reported via a violation of pre-specified expected behavior that is captured by P6. P6 is based on machine learning-guided fuzzing that tests P4 switch non-intrusively, i.e., without modifying the P4 program for detecting runtime bugs. This enables an automated and real-time localization and patching of bugs. We used a P6 prototype to detect and patch existing bugs in various publicly available P4 application programs deployed on two different switch platforms, namely, behavioral model (bmv2) and Tofino. Our evaluation shows that P6 significantly outperforms bug detection baselines while generating fewer packets and patches bugs in large P4 programs, e.g., switch.p4 without triggering any regressions.",

keywords = "P4, Programmable networks, verification",

author = "Apoorv Shukla and Kevin Hudemann and Zsolt Vagi and Lily Hugerich and Georgios Smaragdakis and Artur Hecker and Stefan Schmid and Anja Feldmann",

note = "Green Open Access added to TU Delft Institutional Repository {\textquoteleft}You share, we take care!{\textquoteright} – Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public. ",

year = "2023",

doi = "10.1109/TNET.2023.3234931",

language = "English",

volume = "31",

pages = "1822--1837",

journal = "IEEE/ACM Transactions on Networking",

issn = "1063-6692",

publisher = "Institute of Electrical and Electronics Engineers (IEEE)",

number = "4",

}

TY - JOUR

T1 - Runtime Verification for Programmable Switches

AU - Shukla, Apoorv

AU - Hudemann, Kevin

AU - Vagi, Zsolt

AU - Hugerich, Lily

AU - Smaragdakis, Georgios

AU - Hecker, Artur

AU - Schmid, Stefan

AU - Feldmann, Anja

N1 - Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.

PY - 2023

Y1 - 2023

N2 - We introduce a runtime verification framework for programmable switches that complements static analysis. To evaluate our approach, we design and develop P6, a runtime verification system that automatically detects, localizes, and patches software bugs in P4 programs. Bugs are reported via a violation of pre-specified expected behavior that is captured by P6. P6 is based on machine learning-guided fuzzing that tests P4 switch non-intrusively, i.e., without modifying the P4 program for detecting runtime bugs. This enables an automated and real-time localization and patching of bugs. We used a P6 prototype to detect and patch existing bugs in various publicly available P4 application programs deployed on two different switch platforms, namely, behavioral model (bmv2) and Tofino. Our evaluation shows that P6 significantly outperforms bug detection baselines while generating fewer packets and patches bugs in large P4 programs, e.g., switch.p4 without triggering any regressions.

AB - We introduce a runtime verification framework for programmable switches that complements static analysis. To evaluate our approach, we design and develop P6, a runtime verification system that automatically detects, localizes, and patches software bugs in P4 programs. Bugs are reported via a violation of pre-specified expected behavior that is captured by P6. P6 is based on machine learning-guided fuzzing that tests P4 switch non-intrusively, i.e., without modifying the P4 program for detecting runtime bugs. This enables an automated and real-time localization and patching of bugs. We used a P6 prototype to detect and patch existing bugs in various publicly available P4 application programs deployed on two different switch platforms, namely, behavioral model (bmv2) and Tofino. Our evaluation shows that P6 significantly outperforms bug detection baselines while generating fewer packets and patches bugs in large P4 programs, e.g., switch.p4 without triggering any regressions.

KW - P4

KW - Programmable networks

KW - verification

UR - http://www.scopus.com/inward/record.url?scp=85147308048&partnerID=8YFLogxK

U2 - 10.1109/TNET.2023.3234931

DO - 10.1109/TNET.2023.3234931

M3 - Article

AN - SCOPUS:85147308048

SN - 1063-6692

VL - 31

SP - 1822

EP - 1837

JO - IEEE/ACM Transactions on Networking

JF - IEEE/ACM Transactions on Networking

IS - 4

ER -

Runtime Verification for Programmable Switches

Abstract

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Cite this