Explaining safety failures in NetKAT

This work introduces a concept of explanations with respect to the violation of safe behaviours within software defined networks (SDNs) expressible in NetKAT. The latter is a network programming language based on a well-studied mathematical structure, namely, Kleene Algebra with Tests (KAT). Amongst...

Full description

Saved in:
Bibliographic Details
Published inJournal of logical and algebraic methods in programming Vol. 121; p. 100676
Main Authors Caltais, Georgiana, Tunç, Hünkar Can
Format Journal Article
LanguageEnglish
Published Elsevier Inc 01.06.2021
Subjects
Axiomatisations
Failure analysis
NetKAT
Safety
Software defined networks
The Maude system
Axiomatisations
The Maude system
Software defined networks
Safety
Failure analysis
NetKAT
Online AccessGet full text
ISSN2352-2208
DOI10.1016/j.jlamp.2021.100676

Cover

Abstract This work introduces a concept of explanations with respect to the violation of safe behaviours within software defined networks (SDNs) expressible in NetKAT. The latter is a network programming language based on a well-studied mathematical structure, namely, Kleene Algebra with Tests (KAT). Amongst others, the mathematical foundation of NetKAT gave rise to a sound and complete equational theory. In our setting, a safe behaviour is characterised by a NetKAT policy, or program, which does not enable forwarding packets from an ingress i to an undesirable egress e. We show how explanations for safety violations can be derived in an equational fashion, according to a modification of the existing NetKAT axiomatisation. We propose an approach based on the Maude system for actually computing the undesired behaviours witnessing the forwarding of packets from i to e as above. SDN-SafeCheck is a tool based on Maude equational theories satisfying important properties such as Church-Rosser and termination. SDN-SafeCheck automatically identifies all the undesired behaviours leading to e, covering forwarding paths up to a user specified size.
AbstractList This work introduces a concept of explanations with respect to the violation of safe behaviours within software defined networks (SDNs) expressible in NetKAT. The latter is a network programming language based on a well-studied mathematical structure, namely, Kleene Algebra with Tests (KAT). Amongst others, the mathematical foundation of NetKAT gave rise to a sound and complete equational theory. In our setting, a safe behaviour is characterised by a NetKAT policy, or program, which does not enable forwarding packets from an ingress i to an undesirable egress e. We show how explanations for safety violations can be derived in an equational fashion, according to a modification of the existing NetKAT axiomatisation. We propose an approach based on the Maude system for actually computing the undesired behaviours witnessing the forwarding of packets from i to e as above. SDN-SafeCheck is a tool based on Maude equational theories satisfying important properties such as Church-Rosser and termination. SDN-SafeCheck automatically identifies all the undesired behaviours leading to e, covering forwarding paths up to a user specified size.
ArticleNumber 100676
Author Caltais, Georgiana
Tunç, Hünkar Can
Author_xml – sequence: 1
  givenname: Georgiana
  orcidid: 0000-0002-8653-2299
  surname: Caltais
  fullname: Caltais, Georgiana
  email: gcaltais@gmail.com
– sequence: 2
  givenname: Hünkar Can
  orcidid: 0000-0001-9125-8506
  surname: Tunç
  fullname: Tunç, Hünkar Can
  email: hcantunc@gmail.com
BookMark eNp9j7FOwzAURT0UiVL6BSwZWBOebZzEA0NVFYqoYCmz5djPyFHqRnZA9O9JCTPTk67eubrniszCMSAhNxQKCrS8a4u204e-YMDomEBZlTMyZ1ywnDGoL8kypRZgfK2rmtM5ud189532wYePLGmHwylz2nefEVPmQ_aKw8tqf00unO4SLv_ugrw_bvbrbb57e3per3a5YbIecmklaG1oU1ZW85I1lDrBUKIw1mjXWGGQ3zMnASRnFNEIwZmGEUPtRMMXhE-9Jh5TiuhUH_1Bx5OioM5-qlW_furspya_kXqYKBynfXmMKhmPwaD1Ec2g7NH_y_8AEohdHw
Cites_doi 10.2307/2025310
10.1145/1355734.1355746
10.3390/fi11050107
10.1006/inco.1994.1037
10.1007/s10817-016-9388-y
10.1145/256167.256195
ContentType Journal Article
Copyright 2021 Elsevier Inc.
Copyright_xml – notice: 2021 Elsevier Inc.
DBID AAYXX
CITATION
DOI 10.1016/j.jlamp.2021.100676
DatabaseName CrossRef
DatabaseTitle CrossRef
DatabaseTitleList
DeliveryMethod fulltext_linktorsrc
Discipline Computer Science
ExternalDocumentID 10_1016_j_jlamp_2021_100676
S2352220821000390
GroupedDBID --M
0R~
4.4
457
4G.
7-5
8P~
AACTN
AAEDT
AAEDW
AAIAV
AAIKJ
AAKOC
AALRI
AAOAW
AAXUO
AAYFN
ABBOA
ABMAC
ABVKL
ABXDB
ABYKQ
ACDAQ
ACGFS
ACRLP
ADBBV
ADEZE
AEBSH
AEKER
AENEX
AFKWA
AFTJW
AGHFR
AGUBO
AIALX
AIEXJ
AIKHN
AITUG
AJBFU
AJOXV
ALMA_UNASSIGNED_HOLDINGS
AMFUW
AMRAJ
AOUOD
AXJTR
BKOJK
BLXMC
EBS
EFJIC
EFLBG
EJD
FDB
FIRID
FYGXN
GBLVA
GBOLZ
HZ~
KOM
M41
NCXOZ
O9-
OAUVE
RIG
ROL
SPC
SPCBC
SSV
SSZ
T5K
~G-
AATTM
AAXKI
AAYWO
AAYXX
ABJNI
ACVFH
ADCNI
ADVLN
AEIPS
AEUPX
AFJKZ
AFPUW
AFXIZ
AGCQF
AGRNS
AIGII
AIIUN
AKBMS
AKRWK
AKYEP
ANKPU
BNPGV
CITATION
SSH
ID FETCH-LOGICAL-c298t-9d90aac1b67da362b11f52e9e5cdcafbd5ce342f9009321eec5532a0d90eaf5b3
IEDL.DBID AIKHN
ISSN 2352-2208
IngestDate Thu Jul 03 08:28:40 EDT 2025
Fri Feb 23 02:45:47 EST 2024
IsDoiOpenAccess false
IsOpenAccess true
IsPeerReviewed true
IsScholarly true
Keywords Axiomatisations
The Maude system
Software defined networks
Safety
Failure analysis
NetKAT
Language English
LinkModel DirectLink
MergedId FETCHMERGED-LOGICAL-c298t-9d90aac1b67da362b11f52e9e5cdcafbd5ce342f9009321eec5532a0d90eaf5b3
ORCID 0000-0002-8653-2299
0000-0001-9125-8506
OpenAccessLink https://doi.org/10.1016/j.jlamp.2021.100676
ParticipantIDs crossref_primary_10_1016_j_jlamp_2021_100676
elsevier_sciencedirect_doi_10_1016_j_jlamp_2021_100676
PublicationCentury 2000
PublicationDate June 2021
2021-06-00
PublicationDateYYYYMMDD 2021-06-01
PublicationDate_xml – month: 06
  year: 2021
  text: June 2021
PublicationDecade 2020
PublicationTitle Journal of logical and algebraic methods in programming
PublicationYear 2021
Publisher Elsevier Inc
Publisher_xml – name: Elsevier Inc
References McKeown, Anderson, Balakrishnan, Parulkar, Peterson, Rexford, Shenker, Turner (br0020) 2008; 38
Voellmy, Hudak (br0040) 2009; vol. 5658
Halpern (br0160) 2015
Durán, Rocha, Álvarez (br0170) 2011; vol. 7000
Gill, Arlitt, Li, Mahanti (br0120) 2008; vol. 4979
Beckett, Greenberg, Walker (br0190) 2016
Deng, Zhang, Lei (br0100) 2017; vol. 10610
Foster, Kozen, Milano, Silva, Thompson (br0070) 2015
Buckl, Knoll, Schieferdecker, Zander (br0010) 2007; vol. 6100
Voellmy, Wang, Yang, Ford, Hudak (br0050) 2013
Kozen (br0130) 1997; 19
Giesl, Aschermann, Brockschmidt, Emmes, Frohn, Fuhs, Hensel, Otto, Plücker, Schneider-Kamp, Ströder, Swiderski, Thiemann (br0180) 2017; 58
Foster, Harrison, Freedman, Monsanto, Rexford, Story, Walker (br0030) 2011
Caltais (br0110) 2019; vol. 303
Leitner-Fischer, Leue (br0200) 2013; vol. 7737
Caltais, Guetlein, Leue (br0210) 2018; vol. 286
Pelle, Gulyás (br0090) 2019; 11
Clavel, Durán, Eker, Lincoln, Martí-Oliet, Meseguer, Talcott (br0080) 2003; vol. 2706
Kozen (br0140) 1994; 110
Lewis (br0220) 1973; 70
Anderson, Foster, Guha, Jeannin, Kozen, Schlesinger, Walker (br0060) 2014
Halpern (br0150) 2011; vol. 6929
Buckl (10.1016/j.jlamp.2021.100676_br0010) 2007; vol. 6100
Deng (10.1016/j.jlamp.2021.100676_br0100) 2017; vol. 10610
Giesl (10.1016/j.jlamp.2021.100676_br0180) 2017; 58
Gill (10.1016/j.jlamp.2021.100676_br0120) 2008; vol. 4979
McKeown (10.1016/j.jlamp.2021.100676_br0020) 2008; 38
Voellmy (10.1016/j.jlamp.2021.100676_br0050) 2013
Caltais (10.1016/j.jlamp.2021.100676_br0110) 2019; vol. 303
Halpern (10.1016/j.jlamp.2021.100676_br0150) 2011; vol. 6929
Beckett (10.1016/j.jlamp.2021.100676_br0190) 2016
Lewis (10.1016/j.jlamp.2021.100676_br0220) 1973; 70
Voellmy (10.1016/j.jlamp.2021.100676_br0040) 2009; vol. 5658
Kozen (10.1016/j.jlamp.2021.100676_br0130) 1997; 19
Foster (10.1016/j.jlamp.2021.100676_br0030) 2011
Clavel (10.1016/j.jlamp.2021.100676_br0080) 2003; vol. 2706
Caltais (10.1016/j.jlamp.2021.100676_br0210) 2018; vol. 286
Durán (10.1016/j.jlamp.2021.100676_br0170) 2011; vol. 7000
Pelle (10.1016/j.jlamp.2021.100676_br0090) 2019; 11
Anderson (10.1016/j.jlamp.2021.100676_br0060) 2014
Kozen (10.1016/j.jlamp.2021.100676_br0140) 1994; 110
Leitner-Fischer (10.1016/j.jlamp.2021.100676_br0200) 2013; vol. 7737
Foster (10.1016/j.jlamp.2021.100676_br0070) 2015
Halpern (10.1016/j.jlamp.2021.100676_br0160) 2015
References_xml – volume: vol. 2706
  start-page: 76
  year: 2003
  end-page: 87
  ident: br0080
  article-title: The Maude 2.0 system
  publication-title: Rewriting Techniques and Applications, 14th International Conference, Proceedings
– volume: vol. 5658
  start-page: 211
  year: 2009
  end-page: 235
  ident: br0040
  article-title: Nettle: a language for configuring routing networks
  publication-title: Domain-Specific Languages, IFIP TC 2 Working Conference, Proceedings
– volume: vol. 303
  start-page: 48
  year: 2019
  end-page: 60
  ident: br0110
  article-title: Explaining SDN failures via axiomatisations
  publication-title: Proceedings Third Symposium on Working Formal Methods
– volume: vol. 7000
  start-page: 329
  year: 2011
  end-page: 351
  ident: br0170
  article-title: Towards a Maude formal environment
  publication-title: Formal Modeling: Actors, Open Systems, Biological Systems - Essays Dedicated to Carolyn Talcott on the Occasion of Her 70th Birthday
– volume: vol. 10610
  start-page: 464
  year: 2017
  end-page: 480
  ident: br0100
  article-title: An algebraic approach to automatic reasoning for NetKAT based on its operational semantics
  publication-title: Formal Methods and Software Engineering - 19th International Conference on Formal Engineering Methods, Proceedings
– volume: 38
  start-page: 69
  year: 2008
  end-page: 74
  ident: br0020
  article-title: OpenFlow: enabling innovation in campus networks
  publication-title: Comput. Commun. Rev.
– start-page: 279
  year: 2011
  end-page: 291
  ident: br0030
  article-title: Frenetic: a network programming language
  publication-title: Proceeding of the 16th ACM SIGPLAN International Conference on Functional Programming
– start-page: 87
  year: 2013
  end-page: 98
  ident: br0050
  article-title: Maple: simplifying SDN programming using algorithmic policies
  publication-title: ACM SIGCOMM 2013 Conference
– volume: 11
  year: 2019
  ident: br0090
  article-title: An extensible automated failure localization framework using NetKAT, Felix, and SDN traceroute
  publication-title: Future Internet
– volume: vol. 286
  start-page: 1
  year: 2018
  end-page: 15
  ident: br0210
  article-title: Causality for general LTL-definable properties
  publication-title: Proceedings 3rd Workshop on Formal Reasoning About Causation, Responsibility, and Explanations in Science and Technology
– volume: vol. 7737
  start-page: 248
  year: 2013
  end-page: 267
  ident: br0200
  article-title: Causality checking for complex system models
  publication-title: Verification, Model Checking, and Abstract Interpretation, 14th International Conference, Proceedings
– start-page: 343
  year: 2015
  end-page: 355
  ident: br0070
  article-title: A coalgebraic decision procedure for NetKAT
  publication-title: Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
– volume: 58
  start-page: 3
  year: 2017
  end-page: 31
  ident: br0180
  article-title: Analyzing program termination and complexity automatically with AProVE
  publication-title: J. Autom. Reason.
– volume: 70
  start-page: 556
  year: 1973
  end-page: 567
  ident: br0220
  article-title: Causation
  publication-title: J. Philos.
– volume: vol. 6100
  start-page: 271
  year: 2007
  end-page: 293
  ident: br0010
  article-title: Model-based analysis and development of dependable systems
  publication-title: Model-Based Engineering of Embedded Real-Time Systems - International
– start-page: 113
  year: 2014
  end-page: 126
  ident: br0060
  article-title: NetKAT: semantic foundations for networks
  publication-title: The 41st Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
– volume: vol. 6929
  start-page: 1
  year: 2011
  ident: br0150
  article-title: Causality, responsibility, and blame: a structural-model approach
  publication-title: Scalable Uncertainty Management - 5th International Conference, Proceedings
– start-page: 386
  year: 2016
  end-page: 401
  ident: br0190
  article-title: Temporal NetKAT
  publication-title: Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation
– volume: vol. 4979
  start-page: 1
  year: 2008
  end-page: 10
  ident: br0120
  article-title: The flattening internet topology: natural evolution, unsightly barnacles or contrived collapse?
  publication-title: Passive and Active Network Measurement, 9th International Conference, Proceedings
– volume: 19
  start-page: 427
  year: 1997
  end-page: 443
  ident: br0130
  article-title: Kleene algebra with tests
  publication-title: ACM Trans. Program. Lang. Syst.
– volume: 110
  start-page: 366
  year: 1994
  end-page: 390
  ident: br0140
  article-title: A completeness theorem for Kleene algebras and the algebra of regular events
  publication-title: Inf. Comput.
– start-page: 3022
  year: 2015
  end-page: 3033
  ident: br0160
  article-title: A modification of the Halpern-Pearl definition of causality
  publication-title: Proceedings of the Twenty-Fourth International Joint Conference on Artificial Intelligence
– volume: 70
  start-page: 556
  year: 1973
  ident: 10.1016/j.jlamp.2021.100676_br0220
  article-title: Causation
  publication-title: J. Philos.
  doi: 10.2307/2025310
– volume: 38
  start-page: 69
  issue: 2
  year: 2008
  ident: 10.1016/j.jlamp.2021.100676_br0020
  article-title: OpenFlow: enabling innovation in campus networks
  publication-title: Comput. Commun. Rev.
  doi: 10.1145/1355734.1355746
– start-page: 343
  year: 2015
  ident: 10.1016/j.jlamp.2021.100676_br0070
  article-title: A coalgebraic decision procedure for NetKAT
– volume: vol. 2706
  start-page: 76
  year: 2003
  ident: 10.1016/j.jlamp.2021.100676_br0080
  article-title: The Maude 2.0 system
– volume: vol. 286
  start-page: 1
  year: 2018
  ident: 10.1016/j.jlamp.2021.100676_br0210
  article-title: Causality for general LTL-definable properties
– volume: vol. 4979
  start-page: 1
  year: 2008
  ident: 10.1016/j.jlamp.2021.100676_br0120
  article-title: The flattening internet topology: natural evolution, unsightly barnacles or contrived collapse?
– volume: vol. 6100
  start-page: 271
  year: 2007
  ident: 10.1016/j.jlamp.2021.100676_br0010
  article-title: Model-based analysis and development of dependable systems
– volume: 11
  issue: 5
  year: 2019
  ident: 10.1016/j.jlamp.2021.100676_br0090
  article-title: An extensible automated failure localization framework using NetKAT, Felix, and SDN traceroute
  publication-title: Future Internet
  doi: 10.3390/fi11050107
– volume: 110
  start-page: 366
  issue: 2
  year: 1994
  ident: 10.1016/j.jlamp.2021.100676_br0140
  article-title: A completeness theorem for Kleene algebras and the algebra of regular events
  publication-title: Inf. Comput.
  doi: 10.1006/inco.1994.1037
– volume: vol. 6929
  start-page: 1
  year: 2011
  ident: 10.1016/j.jlamp.2021.100676_br0150
  article-title: Causality, responsibility, and blame: a structural-model approach
– start-page: 386
  year: 2016
  ident: 10.1016/j.jlamp.2021.100676_br0190
  article-title: Temporal NetKAT
– volume: vol. 10610
  start-page: 464
  year: 2017
  ident: 10.1016/j.jlamp.2021.100676_br0100
  article-title: An algebraic approach to automatic reasoning for NetKAT based on its operational semantics
– start-page: 87
  year: 2013
  ident: 10.1016/j.jlamp.2021.100676_br0050
  article-title: Maple: simplifying SDN programming using algorithmic policies
– volume: vol. 303
  start-page: 48
  year: 2019
  ident: 10.1016/j.jlamp.2021.100676_br0110
  article-title: Explaining SDN failures via axiomatisations
– volume: vol. 7000
  start-page: 329
  year: 2011
  ident: 10.1016/j.jlamp.2021.100676_br0170
  article-title: Towards a Maude formal environment
– volume: vol. 7737
  start-page: 248
  year: 2013
  ident: 10.1016/j.jlamp.2021.100676_br0200
  article-title: Causality checking for complex system models
– volume: vol. 5658
  start-page: 211
  year: 2009
  ident: 10.1016/j.jlamp.2021.100676_br0040
  article-title: Nettle: a language for configuring routing networks
– start-page: 279
  year: 2011
  ident: 10.1016/j.jlamp.2021.100676_br0030
  article-title: Frenetic: a network programming language
– start-page: 113
  year: 2014
  ident: 10.1016/j.jlamp.2021.100676_br0060
  article-title: NetKAT: semantic foundations for networks
– volume: 58
  start-page: 3
  issue: 1
  year: 2017
  ident: 10.1016/j.jlamp.2021.100676_br0180
  article-title: Analyzing program termination and complexity automatically with AProVE
  publication-title: J. Autom. Reason.
  doi: 10.1007/s10817-016-9388-y
– volume: 19
  start-page: 427
  issue: 3
  year: 1997
  ident: 10.1016/j.jlamp.2021.100676_br0130
  article-title: Kleene algebra with tests
  publication-title: ACM Trans. Program. Lang. Syst.
  doi: 10.1145/256167.256195
– start-page: 3022
  year: 2015
  ident: 10.1016/j.jlamp.2021.100676_br0160
  article-title: A modification of the Halpern-Pearl definition of causality
SSID ssj0001687831
Score 2.1621642
Snippet This work introduces a concept of explanations with respect to the violation of safe behaviours within software defined networks (SDNs) expressible in NetKAT....
SourceID crossref
elsevier
SourceType Index Database
Publisher
StartPage 100676
SubjectTerms Axiomatisations
Failure analysis
NetKAT
Safety
Software defined networks
The Maude system
Title Explaining safety failures in NetKAT
URI https://dx.doi.org/10.1016/j.jlamp.2021.100676
Volume 121
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
link http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1LS8NAEF5Ke_HiW6yPsoceDU32lc2xFEu1WkRb6C3sbjaQHmKx8eC_dzbZoIJ48JjAhM032ZkvyzczCA1pHBqgQTSQQHcDJiQNkkzbgKnYiJgpSLOuGvlxIWYrdr_m6w6atLUwTlbpY38T0-to7e-MPJqjbVGMXojjDgRSWFRXmMJ_e4_QRMCn3RvfzWeLr6MWIWNZTyZ0JoGzafsP1UqvDWDvWleSyGkGhGs_8luO-pZ3podo3xNGPG7WdIQ6tjxGB-0wBuz35gkaOjVdM-4B71Ruqw-cq8KJzne4KPHCVvPx8hStprfLySzwIxACQxJZAW5JqJSJtIgzBblGR1HOiU0sN5lRuc64sZSRPHEnEySy1nBOiQrBzKqca3qGuuVrac8RVhSeoBQn4DUW6VgzQ0KuZZJJRgy1fXTTvnS6bTpdpK0EbJPWGKUOo7TBqI9EC0z6w2EpxOK_DC_-a3iJ9txVo9O6Qt3q7d1eAyOo9AA8Pnl-eBp4z38Cy760Kw
linkProvider Elsevier
linkToHtml http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV07T8MwED5V7QALb0R5ZuhI1MSvJGNUUaW0zUIrdbNsx5HSIVQ0DPx77DwESIiBNdYXJd_Jd2fruzuAEQ48ZdIg7IYm3XUJC7EbZVK7RASKBUSYMGurkZcpS9bkeUM3PZh0tTBWVtn6_san1966fTJu2RzvimL8gmzugEwI8-sKU3NuH9juVLQPg3g2T9KvqxYWBmE9mdBCXIvp-g_VSq-t4d62rkS-1Qww237ktxj1Le5MT-CoTRiduPmmU-jp8gyOu2EMTrs3z2Fk1XTNuAdnL3JdfTi5KKzofO8UpZPqah6vLmA9fVpNErcdgeAqFIWV4S3yhFC-ZEEmTKyRvp9TpCNNVaZELjOqNCYoj-zNBPK1VpRiJDwD0yKnEl9Cv3wt9RU4Aps3CEGRsRrxZSCJQh6VYZSFBCmsh_DY_TTfNZ0ueCcB2_KaI2454g1HQ2AdMfyHwbjxxX8Br_8LfICDZLVc8MUsnd_AoV1pNFu30K_e3vWdyQ4qed9a_xOowbV8
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Explaining+safety+failures+in+NetKAT&rft.jtitle=Journal+of+logical+and+algebraic+methods+in+programming&rft.au=Caltais%2C+Georgiana&rft.au=Tun%C3%A7%2C+H%C3%BCnkar+Can&rft.date=2021-06-01&rft.issn=2352-2208&rft.volume=121&rft.spage=100676&rft_id=info:doi/10.1016%2Fj.jlamp.2021.100676&rft.externalDBID=n%2Fa&rft.externalDocID=10_1016_j_jlamp_2021_100676
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2352-2208&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2352-2208&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2352-2208&client=summon