The controller placement problem for robust SDNs against malicious node attacks considering the control plane with and without split-brain


In software-defined networking (SDN), the control plane is separated from the data plane. For scalability and robustness reasons, the logically centralized control plane is implemented by physically distributing different controllers throughout the network. The determination of the number and location of the SDN controllers is known as the controller placement problem (CPP). For given maximum switch-controller (SC) and controller-controller (CC) delays in the regular (failure-free) state, we aim to find a CPP solution that maximizes the control plane robustness against a given number of malicious node attacks. We describe an ILP-based method aiming to enumerate all CPP solutions that guarantee the existence of a data plane path from every switch to any controller if all other controller nodes are shut down (worst-case scenario). Then, for different malicious node attacks, based on node centrality metrics and corresponding to different attacker’s strategies, we evaluate the previous solutions to determine the ones that maximize the network robustness, considering the SDN control plane operating with or without split-brain. In the computational results, we compare the robustness and the average SC and CC delays of the best CPP solutions. Since a control plane with split-brain requires more controllers, the average SC and CC delays in the regular state of its CPP solutions are significantly better, on average. Concerning robustness, split-brain does not always provide the best robust CPP solutions due to its feature of requiring a minimum number of connected controllers (which must be over half of the total number of them) to be operational.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11


  1. 1.

    Rak J, Hutchison D, Calle E, Gomes T, Gunkel M, Smith P, Tapolcai J, Verbrugge S, Wosinska L (2016)RECODIS: Resilient communication services protecting end-user applications from disaster-based failures, in ICTON, , We.D1.4

  2. 2.

    Furdek M, Wosinska L, Goscien R, Manousakis K, Aibin M, Walkowiak K, Ristov S, Marzo J (2016) An overview of security challenges in communication networks, in RNDM, pp 43–50

  3. 3.

    Heller B, Sherwood R, McKeown N (2012) The controller placement problem. ACM HotSDN, New York, pp 7–12

    Google Scholar 

  4. 4.

    Fonseca P, Bennesby R, Mota E, Passito A (2012) A replication component for resilient OpenFlow-based networking. NOMS 2012, Maui, pp 933–939

    Google Scholar 

  5. 5.

    Vizarreta P, Mas Machuca C, Kellerer W (2016) Controller placement strategies for a resilient SDN control plane. In: RNDM, vol 2016. Halmstad, Sweden, pp 253–259

    Google Scholar 

  6. 6.

    Perrot N, Reynaud T (2016) Optimal placement of controllers in a resilient SDN architecture. In: DRCN, vol 2016. France, Paris, pp 145–151

    Google Scholar 

  7. 7.

    Santos D, de Sousa A, Mas Machuca C (2018) Robust SDN controller placement to malicious node attacks. DRCN 2018. France, Paris

    Google Scholar 

  8. 8.

    ONOS project. Accessed June 2018

  9. 9.

    OpenDayLight project. Accessed June 2018

  10. 10.

    Sakic E, Kellerer W (2018) Response time and availability study of RAFT consensus in distributed SDN control plane. IEEE Trans Netw Serv Manag 15(1):304–318

    Article  Google Scholar 

  11. 11.

    Muqaddas AS, Giaccone P, Bianco A, Maier G (2017) Inter-controller traffic to support consistency in ONOS clusters. IEEE Trans Netw Serv Manag 14(4):1018–1031

    Article  Google Scholar 

  12. 12.

    Jiménez Y, Cervelló-Pastor C, García AJ (2014) On the controller placement for designing a distributed SDN control layer. IFIP networking conference 2014, Trondheim, Norway

  13. 13.

    Hock D, Hartmann M, Gebert S, Jarschel M, Zinner T, Tran-Gia P (2013) Pareto-optimal resilient controller placement in SDN-based core networks. ITC 2013, Shanghai, China

  14. 14.

    Rueda DF, Calle E, Marzo JL (2017) Improving the robustness to targeted attacks in software defined networks (SDN). DRCN 2017, Munich, Germany, pp 78–85

  15. 15.

    Rueda DF, Calle E, Marzo JL (2017) Robustness comparison of 15 real telecommunication networks: structural and centrality measurements. J Netw Syst Manag 25(2):269–289

    Article  Google Scholar 

  16. 16.

    Nencioni G, Helvik BE, Heegaard PE (2017) Including failure correlation in availability modeling of a software-defined backbone network. IEEE Trans Netw Serv Manag 14(4):1032–1045

    Article  Google Scholar 

Download references


This article is based upon work from COST Action CA15127 (“Resilient communication services protecting end user applications from disaster-based failures—RECODIS”) supported by COST (European Cooperation in Science and Technology). The work was also supported by FCT (“Fundação para a Ciência e Tecnologia”), Portugal, under the projects ResNeD—CENTRO-01-0145-FEDER-029312 and UID/EEA/50008/2019. This work was conducted while Dorabella Santos was with Instituto de Telecomunicações, Aveiro, Portugal, supported by the FCT postdoc grant SFRH/BPD/111503/2015.

Author information



Corresponding author

Correspondence to Dorabella Santos.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Santos, D., de Sousa, A. & Mas Machuca, C. The controller placement problem for robust SDNs against malicious node attacks considering the control plane with and without split-brain. Ann. Telecommun. 74, 575–591 (2019).

Download citation


  • SDN
  • Controller placement problem
  • Malicious node attacks
  • Integer linear programming
  • Node centrality