Journal of Reliable Intelligent Environments

, Volume 3, Issue 3, pp 189–207 | Cite as

A characterisation of verification tools for software defined networks

  • Leticia Lavado
  • Laura Panizo
  • María-del-Mar Gallardo
  • Pedro Merino
Original Article


Software-defined networking (SDN) is a new paradigm to introduce intelligence in communication networks through centralised programming. SDN separates data and control plane with two main components, the programmable switches (data plane) and the central controller where network applications are executed. This highly programmable and flexible network introduces many challenges from the point of view of reliability (or robustness), and operators need to ensure the same level of confidence as in previous less flexible deployments. This paper provides a first study of the current verification tools used to analyse different properties of SDNs before deployment and/or during the exploitation of the network. Most of these tools offer some kind of automatic verification, supported by algorithms based on formal methods, but they do not differentiate between fixed and mobile/wireless networks. In the paper, we provide a number of classifications of the tools to make this selection easier for potential users, and we also identify promising research areas where more effort needs to be made.


  1. 1.
    Abiteboul S, Hull R, Vianu V (eds) (1995) Foundations of databases: the logical level, 1st edn. Addison-Wesley Longman Publishing Co., Inc, BostonGoogle Scholar
  2. 2.
    Al-Shaer E, Al-Haj S (2010) Flowchecker: configuration analysis and verification of federated openflow infrastructures. In: Proc of the 3rd ACM workshop on assurable and usable security configuration, ACM, New York, NY, USA, SafeConfig ’10, pp 37–44. doi: 10.1145/1866898.1866905
  3. 3.
    Al-Shaer E, Alsaleh MN (2011) Configchecker: a tool for comprehensive security configuration analytics. In: Configuration analytics and automation (SAFECONFIG), 2011 4th symposium on, IEEE, Arlington, VA, USA, pp 1–2. doi: 10.1109/SafeConfig.2011.6111667
  4. 4.
    Baldoni G, Melita M, Micalizzi S, Rametta C, Schembra G, Vassallo A (2016) Video broadcasting services over sdn-nfv enabled networks: a prototype. Proc Comput Sci 98:560–565. doi: 10.1016/j.procs.2016.09.086 CrossRefGoogle Scholar
  5. 5.
    Ball T, Bjørner N, Gember A, Itzhaky S, Karbyshev A, Sagiv M, Schapira M, Valadarsky A (2014) Vericon: towards verifying controller programs in software-defined networks. SIGPLAN Not 49(6):282–293. doi: 10.1145/2666356.2594317 CrossRefGoogle Scholar
  6. 6.
    Beckett R, Zou X, Zhang S, Malik S, Rexford J, Walker D (2014) An assertion language for debugging sdn applications. In: Proc of the 3rd Workshop on Hot Topics in Software Defined Networking, ACM, New York, NY, USA, HotSDN ’14, pp 91–96. doi: 10.1145/2620728.2620743
  7. 7.
    Bertot Y, Castran P (2004) Interactive theorem proving and program development, 1st edn. Springer, Berlin. doi: 10.1007/978-3-662-07964-5
  8. 8.
    Bingham B, Bingham J, de Paula FM, Erickson J, Singh G, Reitblatt M (2010) Industrial strength distributed explicit state model checking. In: Proc of the 9th international workshop on parallel and distributed methods in verification and 2nd international workshop on high performance computational systems biology, IEEE, Enschede, Netherlands, pp 28–36. doi: 10.1109/PDMC-HiBi.2010.13
  9. 9.
    Bochmann G, Rayner D, West CH (2010) Some notes on the history of protocol engineering. Comput Netw 54(18):3197–3209. doi: 10.1016/j.comnet.2010.05.019 CrossRefMATHGoogle Scholar
  10. 10.
    Cai Z, Cox AL, Ng TSE (2011) Maestro: a system for scalable OpenFlow control. Tech. rep., Rice University, Houston, USA, code at
  11. 11.
    Campbell AT, De Meer HG, Kounavis ME, Miki K, Vicente JB, Villela D (1999) A survey of programmable networks. SIGCOMM Comput Commun Rev 29(2):7–23. doi: 10.1145/505733.505735 CrossRefGoogle Scholar
  12. 12.
    Canini M, Venzano D, Perešíni P, Kostić D, Rexford J (2012) A NICE way to test OpenFlow applications. In: Proc of the 9th USENIX symposium on networked systems design and implementation (NSDI12). USENIX, San Jose, CA, pp 127–140Google Scholar
  13. 13.
    Cimatti A, Clarke E, Giunchiglia F, Roveri M (1999) NuSMV: a new symbolic model verifier. In: Halbwachs N, Peled D (eds) Proceedings eleventh conference on computer-aided verification (CAV’99), Springer, Trento, Italy, no. 1633 in Lecture Notes in Computer Science, pp 495–499Google Scholar
  14. 14.
    Della Penna G, Intrigila B, Melatti I, Tronci E, Venturini Zilli M (2004) Exploiting transition locality in automatic verification of finite-state concurrent systems. Int J Softw Tools Technol Transf 6(4):320–341. doi: 10.1007/s10009-004-0149-6 CrossRefMATHGoogle Scholar
  15. 15.
    Dhawan M, Poddar R, Mahajan K, Mann V (2015) SPHINX: detecting security attacks in software-defined networks. In: Network and distributed system security symposium (NDSS Symposium 2015), USENIX Association, San Diego, CA, USAGoogle Scholar
  16. 16.
    El-Hassany A, Miserez J, Bielik P, Vanbever L, Vechev M (2016) Sdnracer: concurrency analysis for software-defined networks. SIGPLAN Not 51(6):402–415. doi: 10.1145/2980983.2908124 CrossRefGoogle Scholar
  17. 17.
    Feamster N, Rexford J, Zegura E (2014) The road to sdn: an intellectual history of programmable networks. SIGCOMM Comput Commun Rev 44(2):87–98. doi: 10.1145/2602204.2602219 CrossRefGoogle Scholar
  18. 18.
    Foster N, Harrison R, Freedman MJ, Monsanto C, Rexford J, Story A, Walker D (2011) Frenetic: a network programming language. SIGPLAN Not 46(9):279–291. doi: 10.1145/2034574.2034812 CrossRefMATHGoogle Scholar
  19. 19.
    Gallardo MM, Martínez J, Merino P (2005) Model checking active networks with spin. Comput Commun 28(6):609–622. doi: 10.1016/j.comcom.2004.08.006 CrossRefGoogle Scholar
  20. 20.
    Gnesi S, Margaria T (2013) Formal methods for industrial critical systems : a survey of applications. Wiley, Hoboken. doi: 10.1002/9781118459898
  21. 21.
    GSMA’s Network 2020 (2016) Unlocking commercial opportunities from 4G Evolution to 5G. Tech. rep., GSMA Association, London, United Kingdom.
  22. 22.
    Gude N, Koponen T, Pettit J, Pfaff B, Casado M, McKeown N, Shenker S (2008) Nox: towards an operating system for networks. SIGCOMM Comput Commun Rev 38(3):105–110. doi: 10.1145/1384609.1384625, tool avaliable at
  23. 23.
    Guha A, Reitblatt M, Foster N (2013) Machine-verified network controllers. SIGPLAN Not 48(6):483–494. doi: 10.1145/2499370.2462178 CrossRefGoogle Scholar
  24. 24.
    Handigol N, Heller B, Jeyakumar V, Maziéres D, McKeown N (2012) Where is the debugger for my software-defined network? In: Proc of the 1st Workshop on Hot Topics in Software Defined Networks, ACM, New York, NY, USA, HotSDN ’12, pp 55–60, doi: 10.1145/2342441.2342453
  25. 25.
    Holzmann G (2003) Spin model checker, the: primer and reference manual, 1st edn. Addison-Wesley, BostonGoogle Scholar
  26. 26.
    Holzmann GJ (1991) Design and validation of computer protocols. Prentice-Hall, Inc, Upper Saddle RiverGoogle Scholar
  27. 27.
    Jackson D (2012) Software abstractions: logic, language, and analysis. MIT press, LondonGoogle Scholar
  28. 28.
    Karimzadeh M, Sperotto A, Pras A (2014) Software defined networking to improve mobility management performance. In: Sperotto A, Doyen G, Latré S, Charalambides M, Stiller B (eds) Monitoring and securing virtualized networks and services: proc of the 8th IFIP WG 6.6 international conference on autonomous infrastructure, management, and security, AIMS 2014, Brno, Czech Republic, Springer Berlin Heidelberg, Berlin, Heidelberg, pp 118–122, doi: 10.1007/978-3-662-43862-6_14
  29. 29.
    Kazemian P, Varghese G, McKeown N (2012) Header space analysis: static checking for networks. In: 9th USENIX symposium on networked systems design and implementation (NSDI 12). USENIX, Lombard, IL, pp 113–126Google Scholar
  30. 30.
    Kazemian P, Chang M, Zeng H, Varghese G, McKeown N, Whyte S (2013) Real time network policy checking using header space analysis. In: 10th USENIX symposium on networked systems design and implementation (NSDI 13). USENIX, Lombard, IL, pp 99–111Google Scholar
  31. 31.
    Khurshid A, Zhou W, Caesar M, Godfrey PB (2012) Veriflow: verifying network-wide invariants in real time. SIGCOMM Comput Commun Rev 42(4):467–472. doi: 10.1145/2377677.2377766 CrossRefGoogle Scholar
  32. 32.
    Kim H, Reich J, Gupta A, Shahbaz M, Feamster N, Clark R (2015) Kinetic: verifiable dynamic network control. In: 12th USENIX symposium on networked systems design and implementation (NSDI 15), USENIX Association, Oakland, CA, pp 59–72.
  33. 33.
    Kong C, Alexander P, Dieckman D (2000) Formal modeling of active network nodes using pvs. In: Proc of the 3rd workshop on formal methods in software practice, ACM, New York, NY, USA, FMSP ’00, pp 49–59. doi: 10.1145/349360.351130
  34. 34.
    Lakshman T, Stiliadis D (1998) High-speed policy-based packet forwarding using efficient multi-dimensional range matching. SIGCOMM Comput Commun Rev 28(4):203–214. doi: 10.1145/285243.285283 CrossRefGoogle Scholar
  35. 35.
    Leucker M, Schallhart C (2009) A brief account of runtime verification. J Logic Algebraic Program 78(5):293–303. doi: 10.1016/j.jlap.2008.08.004 CrossRefMATHGoogle Scholar
  36. 36.
    Li L, Mao ZM, Rexford J (2012) Toward software-defined cellular networks. In: Proc of the 2012 European workshop on software defined networking, IEEE Computer Society, Washington, DC, USA, EWSDN ’12, pp 7–1. doi: 10.1109/EWSDN.2012.28
  37. 37.
    Linux Fundation Collaborative Projects (2016) Opendaylight.
  38. 38.
    Mai H, Khurshid A, Agarwal R, Caesar M, Godfrey PB, King ST (2011) Debugging the data plane with anteater. SIGCOMM Comput Commun Rev 41(4):290–301. doi: 10.1145/2043164.2018470 CrossRefGoogle Scholar
  39. 39.
    Majumdar R, Tetali SD, Wang Z (2014) Kuai: a model checker for software-defined networks. In: Formal methods in computer-aided design (FMCAD), 2014, IEEE, Lausanne, Switzerland, pp 163–170. doi: 10.1109/FMCAD.2014.6987609
  40. 40.
    McKeown N, Anderson T, Balakrishnan H, Parulkar G, Peterson Rexford J, Shenker S, Turner J (2008) Openflow: enabling innovation in campus networks. SIGCOMM Comput Commun Rev 38(2):69–74. doi: 10.1145/1355734.1355746 CrossRefGoogle Scholar
  41. 41.
    Miserez J, Bielik P, El-Hassany A, Vanbever L, Vechev M (2015) Sdnracer: detecting concurrency violations in software-defined networks. In: Proc of the 1st ACM SIGCOMM symposium on software defined networking research, ACM, New York, NY, USA, SOSR ’15, pp 22:1–22:7. doi: 10.1145/2774993.2775004
  42. 42.
    Monsanto C, Foster N, Harrison R, Walker D (2012) A compiler and run-time system for network programming languages. SIGPLAN Not 47(1):217–230. doi: 10.1145/2103621.2103685 CrossRefGoogle Scholar
  43. 43.
    de Moura L, Bjørner N (2008) Z3: An efficient smt solver. In: Ramakrishnan CR, Rehof J (eds) Tools and algorithms for the construction and analysis of systems: 14th international conference (TACAS 2008), Springer, Berlin Heidelberg, pp 337–340. doi: 10.1007/978-3-540-78800-3_24
  44. 44.
    Nayak AK, Reimers A, Feamster N, Clark R (2009) Resonance: dynamic access control for enterprise networks. In: Proc of the 1st ACM Workshop on Research on Enterprise Networking, ACM, New York, NY, USA, WREN ’09, pp 11–18. doi: 10.1145/1592681.1592684
  45. 45.
    Nelson T, Guha A, Dougherty DJ, Fisler K, Krishnamurthi S (2013) A balance of power: expressive, analyzable controller programming. In: Proc the 2nd ACM SIGCOMM workshop on hot topics in software defined networking, ACM, New York, NY, USA, HotSDN ’13, pp 79–84. doi: 10.1145/2491185.2491201
  46. 46.
    Nelson T, Ferguson AD, Scheer MJG, Krishnamurthi S (2014) Tierless programming and reasoning for software-defined networks. In: Proc the 11th USENIX conference on networked systems design and implementation, USENIX Association, Berkeley, CA, USA, NSDI’14, pp 519–531Google Scholar
  47. 47.
    NGMN Alliance (2015) NGMN 5G White Paper. Tech. rep., Next Generation Mobile Networks, Frankfurt, Germany.
  48. 48.
    Nguyen V, Do T, Kim Y (2016) Sdn and virtualization-based lte mobile network architectures: a comprehensive survey. Wirel Pers Commun 86(3):1401–1438. doi: 10.1007/s11277-015-2997-7 CrossRefGoogle Scholar
  49. 49.
    Nunes BA, Mendonca M, Nguyen XN, Obraczka K, Turletti T (2014) A survey of software-defined networking: past, present, and future of programmable networks. IEEE Commun Surv Tutor 16(3):1617–1634. doi: 10.1109/SURV.2014.012214.00180 CrossRefGoogle Scholar
  50. 50.
    Open Networking Lab (2013) POX (Python Network Controller) Wiki.
  51. 51.
    Paulin-Mohring C (2012) Introduction to the coq proof-assistant for practical software verification. In: Meyer B, Nordio M (eds) Tools for practical software verification, LASER 2011 summerschool, revised tutorial lectures, Springer-Verlag, Elba Island, Italy, no. 7682 in Lecture Notes in Computer Science, pp 45–95Google Scholar
  52. 52.
    Peled DA, Gries D, Schneider FB (eds) (2001) Software reliability methods. Springer-Verlag New York, Inc, SecaucusMATHGoogle Scholar
  53. 53.
    Pentikousis K, Wang Y, Hu W (2013) Mobileflow: toward software-defined mobile networks. IEEE Commun Mag 51(7):44–53. doi: 10.1109/MCOM.2013.6553677 CrossRefGoogle Scholar
  54. 54.
    Pnueli A (1977) The temporal logic of programs. In: Proceedings of the 18th annual symposium on foundations of computer science, IEEE Computer Society, Washington, DC, USA, SFCS ’77, pp 46–57. doi: 10.1109/SFCS.1977.32
  55. 55.
    Project Frenetic (2015) Pyretic documentation.
  56. 56.
    Qazi ZA, Tu C, Chiang L, Miao R, Sekar V, Yu M (2013) Simple-fying middlebox policy enforcement using sdn. SIGCOMM Comput Commun Rev 43(4):27–38. doi: 10.1145/2534169.2486022 CrossRefGoogle Scholar
  57. 57.
    Sethi D, Narayana S, Malik S (2013) Abstractions for model checking SDN controllers. In: Formal methods in computer-aided design, FMCAD, IEEE, Portland, OR, USA, pp 145–148. doi: 10.1109/FMCAD.2013.6679403
  58. 58.
    Shenker S, Casado M, Koponen T, McKeown N et al (2011) The future of networking, and the past of protocols. Open Networking Summit 20:1–30.
  59. 59.
    Shu Z, Wan J, Lin J, Wang S, Li D, Rho S, Yang C (2016) Traffic engineering in software-defined networking: measurement and management. IEEE Access 4:3246–3256. doi: 10.1109/ACCESS.2016.2582748 CrossRefGoogle Scholar
  60. 60.
    Skowyra R, Lapets A, Bestavros A, Kfoury A (2014) A verification platform for sdn-enabled applications. In: Cloud engineering (IC2E), 2014 IEEE international conference on, IEEE, Boston, Massachussets, USA, pp 337–342. doi: 10.1109/IC2E.2014.72
  61. 61.
    Stehr M, Talcott CL (2002) Plan in maude: specifying an active network programming language. Electr Notes Theor Comput Sci 71:240–260. doi: 10.1016/S1571-0661(05)82538-1 CrossRefMATHGoogle Scholar
  62. 62.
    Tennenhouse DL, Wetherall D (2007) Towards an active network architecture. SIGCOMM Comput Commun Rev 37(5):81–94. doi: 10.1145/1290168.1290180 CrossRefGoogle Scholar
  63. 63.
    Tennenhouse DL, Smith JM, Sincoskie WD, Wetheral DJ, Minden GJ (1997) A survey of active network research. IEEE Commun Mag 35(1):80–86CrossRefGoogle Scholar
  64. 64.
    Voellmy A, Hudak P (2011) Nettle: taking the sting out of programming network routers. In: International symposium on practical aspects of declarative languages. Springer, Austin, TX, USA, vol 6539, pp 235–249Google Scholar
  65. 65.
    Wang G, Ng TE, Shaikh A (2012) Programming your network at run-time for big data applications. In: Proceedings of the first workshop on hot topics in software defined networks, ACM, New York, NY, USA, HotSDN ’12, pp 103–108. doi: 10.1145/2342441.2342462
  66. 66.
    West CH, Zafiropulo P (1978) Automated validation of a communications protocol: the ccitt x.21 recommendation. IBM J Res Dev 22(1):60–71. doi: 10.1147/rd.221.0060
  67. 67.
    J Woodcock, PG Larsen, J Bicarregui, Fitzgerald J (2009) Formal methods: practice and experience. ACM Comput Surv 41(4):19:1–19:36. doi: 10.1145/1592434.1592436 Google Scholar
  68. 68.
    Xie GG, Zhan J, Maltz DA, Zhang H, Greenberg A, Hjalmtysson G, Rexford J (2005) On static reachability analysis of ip networks. In: Proc IEEE 24th annual joint conference of the IEEE computer and communications societies, IEEE, Miami, FL, vol 3, pp 2170–2183. doi: 10.1109/INFCOM.2005.1498492
  69. 69.
    Zope N, Pawar S, Saquib Z (2016) Firewall and load balancing as an application of sdn. In: 2016 Conference on advances in signal processing (CASP), pp 354–359. doi: 10.1109/CASP.2016.7746195

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Andalucía Tech, Dept. Lenguajes y Ciencias de la ComputaciónUniversidad de MálagaMálagaSpain

Personalised recommendations