Temporal NetKAT. Ryan Beckett Michael Greenberg*, David Walker. Pomona College* Princeton University
|
|
- Esmond Mosley
- 5 years ago
- Views:
Transcription
1 Temporal NetKAT Ryan Beckett Michael Greenberg*, David Walker Princeton University Pomona College*
2 Software-Defined Networking Controller
3 Software-Defined Networking Controller Match Action dst= pt 3, collect src= pt 2 * drop
4 Controller
5 L Maple FlowLog Frenetic NetKAT Routing Controller
6 L Maple FlowLog Frenetic NetKAT ndb Path Queries Routing Debugging Controller
7 L Maple FlowLog Frenetic NetKAT ndb Path Queries DREAM Path Queries Open Sketch Routing Debugging Controller Monitoring
8 FlowVisor L Maple FlowLog Frenetic NetKAT ndb Path Queries DREAM Path Queries Open Sketch NOD VeriFlow Headerspace NetPlumber NetKAT Routing Debugging Controller Monitoring Security Policy Verifier
9 Shared Abstraction: Dynamic forwarding based on a packet s history! Routing Debugging Monitoring Security Policy Controller Verifier
10 Overview Temporal NetKAT Extend NetKAT with queries over a packet s history Study the new paradigm on several applications Define a semantics and equational theory for the language Prove soundness and network-wide completeness Describe and implement a compilation strategy Evaluate the compiler performance on several networks
11 Temporal NetKAT
12 NetKAT Overview Predicates a,b ::= f = n test 1 true 0 false a + b or a b and a negation Policies p,q ::= a predicate f v assignment p + q union p q sequence p* iteration Based on KAT [Kozen & Smith 96] Extended to networks [Anderson et al 14]
13 NetKAT Overview Predicates a,b ::= f = n test 1 true 0 false a + b or a b and a negation Policies p,q ::= a predicate f v assignment p + q union p q sequence p* iteration Boolean Algebra Kleene Algebra
14 NetKAT Overview Packet: A record of fields and values sw=a, pt=1, src= , dst= A 3
15 NetKAT Overview Language Features: Match packets Modify packets sw=a, pt=1, src= , dst= A 3
16 NetKAT Overview Language Features: Match packets Modify packets sw=a, pt=1, src= , dst= src= sw=a 2 1 A 3
17 NetKAT Overview Language Features: Match packets Modify packets sw=a, pt=1, src= , dst= src pt A 3
18 NetKAT Overview Language Features: Match packets Modify packets sw=a, pt=1, src= , dst= src pt A 3
19 NetKAT Topology (sw=a pt=2) sw B pt A 1 2 B
20 NetKAT Network Kleene Star: (topology switch)*
21 NetKAT Network Kleene Star: (topology switch)*
22 NetKAT Network Kleene Star: (topology switch)*
23 NetKAT Network Kleene Star: (topology switch)*
24 NetKAT Network Kleene Star: (topology switch)*
25 NetKAT: Packet History A policy takes a packet history to a set of histories
26 NetKAT: Packet History A policy takes a packet history to a set of histories initial history [ ]
27 NetKAT: Packet History A policy takes a packet history to a set of histories [ ]
28 NetKAT: Packet History A policy takes a packet history to a set of histories [ ], [ ]
29 NetKAT: Packet History A policy takes a packet history to a set of histories [ ],, [ ], [ ]
30 NetKAT: Packet History A policy takes a packet history to a set of histories [ ],, [,,, ] [ ], [ ]
31 NetKAT: Packet History Final packet Initial packet [,,, ]
32 NetKAT: Packet History In practice, packets do not carry their history [ ]?,,,??
33 Temporal NetKAT Predicates a,b ::= f = n test 1 identity 0 drop a + b or a b and a negation a last (a S b) since Policies p,q ::= a predicate f v assignment p + q union p q sequence p* iteration LTLf Kleene Algebra
34 Temporal NetKAT (f=v1) f=v1 f=v1 f=v2 f=v3 f=v1 f=v1 Time
35 Temporal NetKAT (f=v1) f=v1 f=v1 f=v2 f=v3 f=v1 f=v1 Time
36 Temporal NetKAT What to do when there is no history? (f=v1) f=v1 f=v1 f=v2 f=v3 f=v1 f=v1 Time
37 Temporal NetKAT What to do when there is no history? (f=v1) Finite trace semantics LTLf [Giacomo & Vardi 13] False f=v1 f=v1 f=v2 f=v3 f=v1 f=v1 Time
38 Temporal NetKAT start = 1 f=v1 f=v1 f=v2 f=v3 f=v1 f=v1 Time
39 Temporal NetKAT Ever a = (1 S a) (f=v2) f=v1 f=v1 f=v2 f=v3 f=v1 f=v1 Time
40 Temporal NetKAT Ever a = (1 S a) (f=v2) f=v1 f=v1 f=v2 f=v3 f=v1 f=v1 Time
41 Temporal NetKAT Always a = a (f=v1) f=v1 f=v1 f=v2 f=v3 f=v1 f=v1 Time
42 Temporal NetKAT Always a = a (f=v1) f=v1 f=v1 f=v2 f=v3 f=v1 f=v1 Time
43 Examples
44 Routing Debugging Monitoring Security Policy Controller Verifier
45 Example: Debugging/Monitoring Determine flows utilizing a congested link S1 S3 S2 S4 S5 S6
46 Example: Debugging/Monitoring Determine flows utilizing a congested link pol + sw=s6 (sw=s2 (sw=s1)) pt ctrl S1 S3 S2 S4 S5 S6
47 Example: Security Ensure all traffic arriving at S6 went through a FW and IDS FW1 NAT S1 S3 S2 S4 S5 S6 FW2 IDS
48 Example: Security Ensure all traffic arriving at S6 went through a FW and IDS sw=s6 (sw=fw) (sw=ids) FW1 NAT S1 S3 S2 S4 S5 S6 FW2 IDS
49 Example: Isolation Enforce physical isolation of S1, S3, S4 from S2, S5, S6 S1 S3 S2 S4 S5 S6
50 Example: Isolation Enforce physical isolation of S1, S3, S4 from S2, S5, S6 pol ( (sw=s1+sw=s3+sw=s4) + (sw=s2+sw=s5+sw=s6)) S1 S3 S2 S4 S5 S6
51 Example: Verification Does the NAT always modify the dst IP address correctly? FW1 NAT S1 S3 S2 S4 S5 S6 FW2 IDS
52 Example: Verification Does the NAT always modify the dst IP address correctly? pol pol ((dst= ) S (sw=nat)) FW1 NAT S1 S3 S2 S4 S5 S6 FW2 IDS
53 Questions Reasoning How expressive is Temporal NetKAT? When are two programs equivalent? Compilation How to compile Temporal NetKAT to switch rules? Can we scale compilation to realistic topologies/policies?
54 Reasoning
55 Equational Theory Kleene Algebra Axioms Idempotent Semiring Laws (p+q)r pr+qr p+p p p+q q+p 1p p1 p p+0 p p0 0p 0 p(q+r) pq+pr p(qr) (pq)r p+(q+r) (p+q)+r Boolean Algebra Axioms aa a a a 0 a + 1 a a + a 1 (p + q)r pr + qr a + bc (a + b)(a + c) p* 1+pp* p* 1+p*p Axioms for * q+px x p*q x q+px x p*q x Packet Axioms (f = v) (f = v) (f = v ) (f v) (f = v) (f v) (f = v ) 1 0 f n (f = v ) (f v) NetKAT
56 Equational Theory Kleene Algebra Axioms p+q q+p p+0 p Idempotent Semiring Laws (p+q)r pr+qr p(q+r) pq+pr p+(q+r) (p+q)+r p* 1+pp* p* 1+p*p Packet Axioms (f = v) (f = v) (f = v ) (f v) (f = v) (f v) (f = v ) p+p p 1p p1 p p0 0p 0 p(qr) (pq)r Axioms for * q+px x p*q x q+px x p*q x 1 0 f n (f = v ) (f v) Boolean Algebra Axioms aa a a a 0 a + 1 a a + a 1 (p + q)r pr + qr a + bc (a + b)(a + c) LTLf Axioms 1 1 (a+b) a + b (a b) a b (a S b) b + a (a S b) (a S b) ( b) B ( a b) a (start a) (a a b) (a a)
57 Equational Theory Kleene Algebra Axioms Idempotent Semiring Laws (p+q)r pr+qr p+q q+p p+0 p p(q+r) pq+pr p+(q+r) (p+q)+r p* 1+pp* p* 1+p*p Packet Axioms (f = v) (f = v) (f = v ) (f v) (f = v) (f v) (f = v ) p+p p 1p p1 p p0 0p 0 p(qr) (pq)r Axioms for * q+px x p*q x q+px x p*q x 1 0 f n (f = v ) (f v) Boolean Algebra Axioms aa a a a 0 a + 1 a a + a 1 (p + q)r pr + qr a + bc (a + b)(a + c) LTLf Axioms 1 1 (a+b) a + b (a b) a b (a S b) b + a (a S b) (a S b) ( b) B ( a b) a (start a) (a a b) (a a) Step Axiom (f v) a a (f v)
58 Metatheory NetKAT: Soundness: If p q, then p = q Completeness: If p = q, then p q Temporal NetKAT: Soundness: If p q, then p = q Completeness: If start p = start q, then start p start q Completeness for network-wide policies Normalization reduces Temporal NetKAT terms to NetKAT Interesting induction invariant see the paper!
59 Compilation
60 Compilation A Fast Compiler for NetKAT [Smolka et al 15] Symbolic NetKAT automata Based on FDDs a variant of BDDs Tags the packet with the state of the automaton src=x dst Y sw B sw=a pt=1
61 Compilation A Fast Compiler for NetKAT [Smolka et al 15] Symbolic NetKAT automata Based on FDDs a variant of BDDs Tags the packet with the state of the automaton src=x dst Y sw=a pt=1 sw B High-level Idea: Reuse tagging mechanism for tracking history as well
62 Compilation Term Policy Automaton Query Automata NetKAT Automaton Rules
63 Compilation: Example pola link polb = (sw=a pt=1) (pt 2) = (sw B) (pt 1) = (sw=b pt=1) (pt 2) 1 2 A 1 2 B
64 Compilation: Example pola link polb pol = (sw=a pt=1) (pt 2) = (sw B) (pt 1) = (sw=b pt=1) (pt 2) = pola link (src=x) polb (src=x) 1 2 A 1 2 B
65 Compilation: Example pola link (src=x) polb (src=x) 1 2 A 1 2 B
66 Compilation: Example pola link (src=x) polb
67 Compilation: Example pola link (src=x) polb abstract predicate pola link α polb
68 Compilation: Example pola link α polb src=x 1 Query Automaton (α) 0 src=x 1 [src=x] [1] Policy Automaton 0 pola 1 link 2 [α polb]
69 src=x 1 Query Automaton (α) 0 src=x 1 [src=x] [1] Policy Automaton 0 pola 1 link 2 = [α polb] Product Automaton 0,0 src=x pola src=x pola 0,1 src=x link 0,2 src=x link link 1,1 [src=x polb] 1,2 [1 polb]
70 Compilation: Example 0,0 src=x pola src=x pola 0,1 src=x link 0,2 src=x link link 1,1 [src=x polb] 1,2 [1 polb] FDD Compilation Idea: Automaton state encoded as a packet field in the FDD
71 Compilation: Example
72 Compilation: Example
73 Compilation: Example See the paper for additional optimizations!
74 Evaluation
75 Compiler Evaluation Topology Zoo Over 250 real topologies Shortest path routing Stanford Campus Network Mid-sized campus network 16 core backbone routers Rich, non-uniform routing policy
76 Compiler Evaluation Baseline: Routing only Security: Enforce physical isolation Enforce logical isolation Debugging/Monitoring: Congested Link Simple path Port Matrix? DDOS sources?
77 Topology Zoo Compilation Time Most policies have very little overhead ~12 min worst case Main limiting factor: number of queries
78 Topology Zoo Number of Rules Often near minimal rule overhead ~2x increase with DDOS query
79 Stanford Network Compilation Time 12 Time (sec) No Query Congested Physical Isolation Simple Path Slice Isolation DDOS
80 Stanford Network Rule Overhead 0 No Query Congested Physical Isolation Simple Path Slice Isolation DDOS
81 Conclusions Language Extension of NetKAT with queries over packet history Useful in a variety of network applications Theory Soundness and completeness for network-wide programs New proof technique for completeness Compiler Inspired by structure of the completeness proof Scales to many real network topologies/policies
It's the last COS 326 class!
It's the last COS 326 class! David Walker COS 326 Princeton University COS 326 Final Exam Logistics: Friday Jan 26 1:30pm McCosh 46 Note: If you are doing study abroad, make sure that you email Chris Moretti
More informationFelix: Implementing Traffic Measurement on End Hosts Using Program Analysis
Felix: Implementing Traffic Measurement on End Hosts Using Program Analysis Haoxian Chen Tsinghua University hc865@cornell.edu Michael Whittaker Cornell University mjw297@cornell.edu Nate Foster Cornell
More informationCompiling Path Queries
Compiling Path Queries Princeton University Srinivas Narayana Mina Tahmasbi Jen Rexford David Walker Management = Measure + Control Network Controller Measure Control Software-Defined Networking (SDN)
More informationNetwork Programming Languages. Nate Foster
Network Programming Languages Nate Foster We are at the start of a revolution! Network architectures are being opened up giving programmers the freedom to tailor their behavior to suit applications!
More informationKAT and PHL in Coq. 1 Introduction. 2 Revision of KAT and PHL concepts. David Pereira 1 and Nelma Moreira 1
KAT and PHL in Coq David Pereira 1 and Nelma Moreira 1 LIACC University of Porto {dpereira,nam}@ncc.up.pt Abstract. In this paper we describe an implementation of Kleene Algebras with Tests (KAT) in the
More informationarxiv: v2 [cs.pl] 24 Jun 2015
A Fast Compiler for NetKAT Steffen Smolka Cornell University (USA) smolka@cs.cornell.edu Spiridon Eliopoulos Inhabited Type LLC (USA) spiros@inhabitedtype.com Nate Foster Cornell University (USA) jnfoster@cs.cornell.edu
More informationA Fast Compiler for NetKAT
A Fast Compiler for NetKAT Steffen Smolka Nate Foster Arjun Guha Spiridon Eliopoulos Networks have become programmable (just now!) Networks have become programmable (just now!) high-level program Firewall
More informationProgramming (Software-Defined) Networks
Programming (Software-Defined) Networks David Walker Princeton University http://www.cs.princeton.edu/~dpw http://frenetic-lang.org The Frenetic Team Cornell: Carolyn Anderson (alum) Shrutarshi Basu Rebecca
More informationNetKAT: Semantic Foundations for Networks. Nate Foster Cornell University
NetKAT: Semantic Foundations for Networks Nate Foster Cornell University Team NetKAT Carolyn Anderson Nate Foster Arjun Guha Jean-Baptiste Jeannin Dexter Kozen Cole Schlesinger David Walker Carbon Software-Defined
More informationarxiv: v4 [cs.ni] 29 Nov 2016
WNetKAT: A Weighted SDN Programming and Verification Language Kim G. Larsen Stefan Schmid Bingtian Xue Aalborg University, Denmark {kgl,schmiste,bingt}@cs.aau.dk arxiv:608.0848v4 [cs.ni] 9 Nov 06 Abstract
More informationI Know What Your Packet Did Last Hop: Using Packet Histories to Troubleshoot Networks.
I Know What Your Packet Did Last Hop: Using Packet Histories to Troubleshoot Networks. Paper by: Nikhil Handigol, Brandon Heller, Vimalkumar Jeyakumar, David Mazières, and Nick McKeown, Stanford University
More informationFormal Verification of Computer Switch Networks
Formal Verification of Computer Switch Networks Sharad Malik; Department of Electrical Engineering; Princeton Univeristy (with Shuyuan Zhang (Princeton), Rick McGeer (HP Labs)) 1 SDN: So what changes for
More informationOn the Complexity of Verifying Stateful Networks. A. Panda S. Shenker Y. Velner K. Alpernas A. Rabinovich M. Sagiv
On the Complexity of Verifying Stateful Networks A. Panda S. Shenker Y. Velner K. Alpernas A. Rabinovich M. Sagiv Alice Classical Networking Ted Stevens was right Bob Mallory Trent Networks provide end-to-end
More informationVeriCon: Towards Verifying Controller Programs in SDNs
VeriCon: Towards Verifying Controller Programs in SDNs Thomas Ball, Nikolaj Bjorner, Aaron Gember, Shachar Itzhaky, Aleksandr Karbyshev, Mooly Sagiv, Michael Schapira, Asaf Valadarsky 1 Guaranteeing network
More informationSNAP: Stateful Network-Wide Abstractions for Packet Processing
SNAP: Stateful Network-Wide Abstractions for Packet Processing Mina Tahmasbi Arashloo1, Yaron Koral1, Michael Greenberg2, Jennifer Rexford1, and David Walker1 1 Princeton University, 2 Pomona College Early
More informationTrident. Toward a Unified SDN Programming Framework with Automatic Updates. Kai Gao 1 Taishi Nojima 2 Y. Richard Yang 2, 3 August 23, 2018
Trident Toward a Unified SDN Programming Framework with Automatic Updates Kai Gao 1 Taishi Nojima 2 Y. Richard Yang 2, 3 August 23, 2018 1 Tsinghua University 2 Yale University 3 Tongji University Software-Defined
More informationApplications of Program analysis in Model-Based Design
Applications of Program analysis in Model-Based Design Prahlad Sampath (Prahlad.Sampath@mathworks.com) 2018 by The MathWorks, Inc., MATLAB, Simulink, Stateflow, are registered trademarks of The MathWorks,
More informationPropositional Calculus. CS 270: Mathematical Foundations of Computer Science Jeremy Johnson
Propositional Calculus CS 270: Mathematical Foundations of Computer Science Jeremy Johnson Propositional Calculus Objective: To provide students with the concepts and techniques from propositional calculus
More informationIEEE/ACM TRANSACTIONS ON NETWORKING, VOL. 24, NO. 2, APRIL Hongkun Yang, Student Member, IEEE, andsimons.lam, Fellow, IEEE, Fellow, ACM
IEEE/ACM TRANSACTIONS ON NETWORKING, VOL. 24, NO. 2, APRIL 2016 887 Real-Time Verification of Network Properties Using Atomic Predicates Hongkun Yang, Student Member, IEEE, andsimons.lam, Fellow, IEEE,
More informationDiscrete Mathematics Lecture 4. Harper Langston New York University
Discrete Mathematics Lecture 4 Harper Langston New York University Sequences Sequence is a set of (usually infinite number of) ordered elements: a 1, a 2,, a n, Each individual element a k is called a
More informationCSC Discrete Math I, Spring Sets
CSC 125 - Discrete Math I, Spring 2017 Sets Sets A set is well-defined, unordered collection of objects The objects in a set are called the elements, or members, of the set A set is said to contain its
More informationIncremental Update for a Compositional SDN Hypervisor
Incremental Update for a Compositional SDN Hypervisor Xin Jin Princeton University xinjin@cs.princeton.edu Jennifer Rexford Princeton University jrex@cs.princeton.edu David Walker Princeton University
More informationHeader Space Analysis: Static Checking For Networks
Header Space Analysis: Static Checking For Networks Peyman Kazemian, Nick McKeown (Stanford University) and George Varghese (UCSD and Yahoo Labs). Presented by Eviatar Khen (Software Defined Networks Seminar)
More informationDynamic Logic David Harel, The Weizmann Institute Dexter Kozen, Cornell University Jerzy Tiuryn, University of Warsaw The MIT Press, Cambridge, Massac
Dynamic Logic David Harel, The Weizmann Institute Dexter Kozen, Cornell University Jerzy Tiuryn, University of Warsaw The MIT Press, Cambridge, Massachusetts, 2000 Among the many approaches to formal reasoning
More informationVerdi: A Framework for Implementing and Formally Verifying Distributed Systems
Verdi: A Framework for Implementing and Formally Verifying Distributed Systems Key-value store VST James R. Wilcox, Doug Woos, Pavel Panchekha, Zach Tatlock, Xi Wang, Michael D. Ernst, Thomas Anderson
More informationVerifying C & C++ with ESBMC
Verifying C & C++ with ESBMC Denis A Nicole dan@ecs.soton.ac.uk CyberSecuritySoton.org [w] @CybSecSoton [fb & tw] ESBMC ESBMC, the Efficient SMT-Based Context-Bounded Model Checker was originally developed
More informationA NEW PROOF-ASSISTANT THAT REVISITS HOMOTOPY TYPE THEORY THE THEORETICAL FOUNDATIONS OF COQ USING NICOLAS TABAREAU
COQHOTT A NEW PROOF-ASSISTANT THAT REVISITS THE THEORETICAL FOUNDATIONS OF COQ USING HOMOTOPY TYPE THEORY NICOLAS TABAREAU The CoqHoTT project Design and implement a brand-new proof assistant by revisiting
More informationConcurrent NetCore: From Policies to Pipelines
Concurrent NetCore: From Policies to Pipelines Cole Schlesinger Princeton University Michael Greenberg Princeton University David Walker Princeton University Abstract In a Software-Defined Network (SDN),
More informationOverview. Discrete Event Systems - Verification of Finite Automata. What can finite automata be used for? What can finite automata be used for?
Computer Engineering and Networks Overview Discrete Event Systems - Verification of Finite Automata Lothar Thiele Introduction Binary Decision Diagrams Representation of Boolean Functions Comparing two
More informationLife on the Edge: Unraveling Policies into Configurations
Life on the Edge: Unraveling Policies into Configurations Shrutarshi Basu Cornell University Paparao Palacharla Fujitsu Labs of America Nate Foster Cornell University Christian Skalka University of Vermont
More informationSYNERGY INSTITUTE OF ENGINEERING & TECHNOLOGY,DHENKANAL LECTURE NOTES ON DIGITAL ELECTRONICS CIRCUIT(SUBJECT CODE:PCEC4202)
Lecture No:5 Boolean Expressions and Definitions Boolean Algebra Boolean Algebra is used to analyze and simplify the digital (logic) circuits. It uses only the binary numbers i.e. 0 and 1. It is also called
More informationCS 6110 S14 Lecture 38 Abstract Interpretation 30 April 2014
CS 6110 S14 Lecture 38 Abstract Interpretation 30 April 2014 1 Introduction to Abstract Interpretation At this point in the course, we have looked at several aspects of programming languages: operational
More informationFormal Modeling and Analysis of Stream Processing Systems
Formal Modeling and Analysis of Stream Processing Systems Linh T.X. Phan March 2009 Computer and Information Science University of Pennsylvania 1 High performance Highly optimized requirements systems
More informationRegular Expressions. Regular Expressions. Regular Languages. Specifying Languages. Regular Expressions. Kleene Star Operation
Another means to describe languages accepted by Finite Automata. In some books, regular languages, by definition, are described using regular. Specifying Languages Recall: how do we specify languages?
More informationResource-bound process algebras for Schedulability and Performance Analysis of Real-Time and Embedded Systems
Resource-bound process algebras for Schedulability and Performance Analysis of Real-Time and Embedded Systems Insup Lee 1, Oleg Sokolsky 1, Anna Philippou 2 1 RTG (Real-Time Systems Group) Department of
More informationReal-time Verification of Network Properties using Atomic Predicates
Real-time Verification of Network Properties using Atomic Predicates Hongkun Yang and Simon S. Lam Department of Computer Science, The University of Texas at Austin {yanghk, lam}@cs.utexas.edu TR-13-15
More informationCS3110 Spring 2017 Lecture 9 Inductive proofs of specifications
CS3110 Spring 2017 Lecture 9 Inductive proofs of specifications Robert Constable 1 Lecture Plan 1. Repeating schedule of remaining five problem sets and prelim. 2. Comments on tautologies and the Coq logic.
More informationLOGIC AND DISCRETE MATHEMATICS
LOGIC AND DISCRETE MATHEMATICS A Computer Science Perspective WINFRIED KARL GRASSMANN Department of Computer Science University of Saskatchewan JEAN-PAUL TREMBLAY Department of Computer Science University
More informationarxiv: v1 [cs.ni] 15 Oct 2017
Modeling and Analysis of SDN Control Applications using Vector Spaces Mohamed Aslan 1 and Ashraf Matrawy 2 arxiv:1710.05252v1 [cs.ni] 15 Oct 2017 1 Department of Systems and Computer Engineering, Carleton
More informationTA: Jade Cheng ICS 241 Recitation Lecture Notes #12 November 13, 2009
TA: Jade Cheng ICS 241 Recitation Lecture Notes #12 November 13, 2009 Recitation #12 Question: Use Prim s algorithm to find a minimum spanning tree for the given weighted graph. Step 1. Start from the
More informationRegular Languages. Regular Language. Regular Expression. Finite State Machine. Accepts
Regular Languages L Regular Language Regular Expression Accepts Finite State Machine Regular Expressions The regular expressions over an alphabet are all and only the strings that can be obtained as follows:
More informationModel Checking Revision: Model Checking for Infinite Systems Revision: Traffic Light Controller (TLC) Revision: 1.12
Model Checking mc Revision:.2 Model Checking for Infinite Systems mc 2 Revision:.2 check algorithmically temporal / sequential properties fixpoint algorithms with symbolic representations: systems are
More informationAn Annotated Language
Hoare Logic An Annotated Language State and Semantics Expressions are interpreted as functions from states to the corresponding domain of interpretation Operators have the obvious interpretation Free of
More informationVS 3 : SMT Solvers for Program Verification
VS 3 : SMT Solvers for Program Verification Saurabh Srivastava 1,, Sumit Gulwani 2, and Jeffrey S. Foster 1 1 University of Maryland, College Park, {saurabhs,jfoster}@cs.umd.edu 2 Microsoft Research, Redmond,
More informationLanguages and Compilers
Principles of Software Engineering and Operational Systems Languages and Compilers SDAGE: Level I 2012-13 3. Formal Languages, Grammars and Automata Dr Valery Adzhiev vadzhiev@bournemouth.ac.uk Office:
More informationMATH 139 W12 Review 1 Checklist 1. Exam Checklist. 1. Introduction to Predicates and Quantified Statements (chapters ).
MATH 139 W12 Review 1 Checklist 1 Exam Checklist 1. Introduction to Predicates and Quantified Statements (chapters 3.1-3.4). universal and existential statements truth set negations of universal and existential
More informationChapter 6 Connecting Device
Computer Networks Al-Mustansiryah University Elec. Eng. Department College of Engineering Fourth Year Class Chapter 6 Connecting Device 6.1 Functions of network devices Separating (connecting) networks
More informationContents. Chapter 1 SPECIFYING SYNTAX 1
Contents Chapter 1 SPECIFYING SYNTAX 1 1.1 GRAMMARS AND BNF 2 Context-Free Grammars 4 Context-Sensitive Grammars 8 Exercises 8 1.2 THE PROGRAMMING LANGUAGE WREN 10 Ambiguity 12 Context Constraints in Wren
More informationThe Invariant Problem for Binary String Structures and the Parallel Complexity Theory of Queries
The Invariant Problem for Binary String Structures and the Parallel Complexity Theory of Queries Steven Lindell Haverford College Haverford, PA 19041-1392 1 Introduction A fundamental problem in finite
More informationTo be or not programmable Dimitri Papadimitriou, Bernard Sales Alcatel-Lucent April 2013 COPYRIGHT 2011 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
To be or not programmable Dimitri Papadimitriou, Bernard Sales Alcatel-Lucent April 2013 Introduction SDN research directions as outlined in IRTF RG outlines i) need for more flexibility and programmability
More informationComplexity Theory. Compiled By : Hari Prasad Pokhrel Page 1 of 20. ioenotes.edu.np
Chapter 1: Introduction Introduction Purpose of the Theory of Computation: Develop formal mathematical models of computation that reflect real-world computers. Nowadays, the Theory of Computation can be
More informationP4 Pub/Sub. Practical Publish-Subscribe in the Forwarding Plane
P4 Pub/Sub Practical Publish-Subscribe in the Forwarding Plane Outline Address-oriented routing Publish/subscribe How to do pub/sub in the network Implementation status Outlook Subscribers Publish/Subscribe
More informationRecitation Session 6
Recitation Session 6 CSE341 Computer Organization University at Buffalo radhakri@buffalo.edu March 11, 2016 CSE341 Computer Organization Recitation Session 6 1/26 Recitation Session Outline 1 Overview
More informationThe set consisting of all natural numbers that are in A and are in B is the set f1; 3; 5g;
Chapter 5 Set Theory 5.1 Sets and Operations on Sets Preview Activity 1 (Set Operations) Before beginning this section, it would be a good idea to review sets and set notation, including the roster method
More informationNegations in Refinement Type Systems
Negations in Refinement Type Systems T. Tsukada (U. Tokyo) 14th March 2016 Shonan, JAPAN This Talk About refinement intersection type systems that refute judgements of other type systems. Background Refinement
More informationDISCRETE MATHEMATICS
DISCRETE MATHEMATICS WITH APPLICATIONS THIRD EDITION SUSANNA S. EPP DePaul University THOIVISON * BROOKS/COLE Australia Canada Mexico Singapore Spain United Kingdom United States CONTENTS Chapter 1 The
More informationIntroduction to Axiomatic Semantics (1/2)
#1 Introduction to Axiomatic Semantics (1/2) How s The Homework Going? Remember: just do the counterexample guided abstraction refinement part of DPLL(T). If you notice any other errors, those are good
More informationA NEW PROOF-ASSISTANT THAT REVISITS HOMOTOPY TYPE THEORY THE THEORETICAL FOUNDATIONS OF COQ USING NICOLAS TABAREAU
COQHOTT A NEW PROOF-ASSISTANT THAT REVISITS THE THEORETICAL FOUNDATIONS OF COQ USING HOMOTOPY TYPE THEORY NICOLAS TABAREAU The CoqHoTT project Design and implement a brand-new proof assistant by revisiting
More informationNetwork Verification Using Atomic Predicates (S. S. Lam) 3/28/2017 1
Network Verification Using Atomic Predicates 1 Difficulty in Managing Large Networks Complexity of network protocols o unexpected protocol interactions o links may be physical or virtual (e.g., point to
More informationHeading Off Correlated Failures through Independence-as-a-Service
Heading Off Correlated Failures through Independence-as-a-Service Ennan Zhai 1 Ruichuan Chen 2, David Isaac Wolinsky 1, Bryan Ford 1 1 Yale University 2 Bell Labs/Alcatel-Lucent Background Cloud services
More informationNetSMC: A Symbolic Model Checker for Stateful Network Verification
NetSMC: A Symbolic Model Checker for Stateful Network Verification YIFEI YUAN LIMIN JIA VYAS SEKAR CARNEGIE MELLON UNIVERSITY Abstract Formal verification of computer networks is critical for ensuring
More informationSemantics. There is no single widely acceptable notation or formalism for describing semantics Operational Semantics
There is no single widely acceptable notation or formalism for describing semantics Operational Describe the meaning of a program by executing its statements on a machine, either simulated or actual. The
More informationECS 120 Lesson 7 Regular Expressions, Pt. 1
ECS 120 Lesson 7 Regular Expressions, Pt. 1 Oliver Kreylos Friday, April 13th, 2001 1 Outline Thus far, we have been discussing one way to specify a (regular) language: Giving a machine that reads a word
More informationProgram verification. Generalities about software Verification Model Checking. September 20, 2016
Program verification Generalities about software Verification Model Checking Laure Gonnord David Monniaux September 20, 2016 1 / 43 The teaching staff Laure Gonnord, associate professor, LIP laboratory,
More informationSets. Mukulika Ghosh. Fall Based on slides by Dr. Hyunyoung Lee
Sets Mukulika Ghosh Fall 2018 Based on slides by Dr. Hyunyoung Lee Sets Sets A set is an unordered collection of objects, called elements, without duplication. We write a A to denote that a is an element
More informationFOUNDATIONS OF INTENT- BASED NETWORKING
FOUNDATIONS OF INTENT- BASED NETWORKING Loris D Antoni Aditya Akella Aaron Gember Jacobson Network Policies Enterprise Network Cloud Network Enterprise Network 2 3 Tenant Network Policies Enterprise Network
More informationIntroduction to Axiomatic Semantics (1/2)
#1 Introduction to Axiomatic Semantics (1/2) How s The Homework Going? Remember that you can t just define a meaning function in terms of itself you must use some fixed point machinery. #2 #3 Observations
More information1 Introduction... 1 1.1 A Database Example... 1 1.2 An Example from Complexity Theory...................... 4 1.3 An Example from Formal Language Theory................. 6 1.4 An Overview of the Book.................................
More informationCMPSCI 250: Introduction to Computation. Lecture #28: Regular Expressions and Languages David Mix Barrington 2 April 2014
CMPSCI 250: Introduction to Computation Lecture #28: Regular Expressions and Languages David Mix Barrington 2 April 2014 Regular Expressions and Languages Regular Expressions The Formal Inductive Definition
More informationMerlin: A Language for Provisioning Network Resources
Merlin: A Language for Provisioning Network Resources Robert Soulé * Shrutarshi Basu Parisa Jalili Marandi * Fernando Pedone * Robert Kleinberg Emin Gün Sirer Nate Foster * University of Lugano Cornell
More informationInversive Plane Geometry
Inversive Plane Geometry An inversive plane is a geometry with three undefined notions: points, circles, and an incidence relation between points and circles, satisfying the following three axioms: (I.1)
More informationAn Evolution of Mathematical Tools
An Evolution of Mathematical Tools From Conceptualization to Formalization Here's what we do when we build a formal model (or do a computation): 0. Identify a collection of objects/events in the real world.
More informationLanguages for Software-Defined Networks
Languages for Software-Defined Networks Nate Foster, Michael J. Freedman, Arjun Guha, Rob Harrison, Naga Praveen Katta, Christopher Monsanto, Joshua Reich, Mark Reitblatt, Jennifer Rexford, Cole Schlesinger,
More informationSNAP: Stateful Network-Wide Abstractions for Packet Processing. Collaboration of Princeton University & Pomona College
SNAP: Stateful Network-Wide Abstractions for Packet Processing Collaboration of Princeton University & Pomona College Brief Overview: Motivation Introduction to SNAP/Example(s) of SNAP SNAP Syntax Overview
More informationOptimal Network Flow Allocation. EE 384Y Almir Mutapcic and Primoz Skraba 27/05/2004
Optimal Network Flow Allocation EE 384Y Almir Mutapcic and Primoz Skraba 27/05/2004 Problem Statement Optimal network flow allocation Find flow allocation which minimizes certain performance criterion
More informationTowards a Software Model Checker for ML. Naoki Kobayashi Tohoku University
Towards a Software Model Checker for ML Naoki Kobayashi Tohoku University Joint work with: Ryosuke Sato and Hiroshi Unno (Tohoku University) in collaboration with Luke Ong (Oxford), Naoshi Tabuchi and
More informationRegular Languages and Regular Expressions
Regular Languages and Regular Expressions According to our definition, a language is regular if there exists a finite state automaton that accepts it. Therefore every regular language can be described
More informationBOOLEAN ALGEBRA. 1. State & Verify Laws by using :
BOOLEAN ALGEBRA. State & Verify Laws by using :. State and algebraically verify Absorption Laws. (2) Absorption law states that (i) X + XY = X and (ii) X(X + Y) = X (i) X + XY = X LHS = X + XY = X( + Y)
More informationSome Complexity Results for Stateful Network Verification
Some Complexity Results for Stateful Network Verification Yaron Velner 1, Kalev Alpernas 1, Aurojit Panda 2, Alexander Rabinovich 1, Mooly Sagiv 1, Scott Shenker 2, and Sharon Shoham 3 1 Tel Aviv University,
More informationDefinition: A context-free grammar (CFG) is a 4- tuple. variables = nonterminals, terminals, rules = productions,,
CMPSCI 601: Recall From Last Time Lecture 5 Definition: A context-free grammar (CFG) is a 4- tuple, variables = nonterminals, terminals, rules = productions,,, are all finite. 1 ( ) $ Pumping Lemma for
More informationLeveraging DTrace for runtime verification
Leveraging DTrace for runtime verification Carl Martin Rosenberg June 7th, 2016 Department of Informatics, University of Oslo Context: Runtime verification Desired properties System Every request gets
More informationLambda Calculus. CS 550 Programming Languages Jeremy Johnson
Lambda Calculus CS 550 Programming Languages Jeremy Johnson 1 Lambda Calculus The semantics of a pure functional programming language can be mathematically described by a substitution process that mimics
More informationCompiling Path Queries in Software-Defined Networks
Compiling Path Queries in Software-Defined Networks Srinivas Narayana, Jennifer Rexford and David Walker Princeton University {narayana, jrex, dpw}@cs.princeton.edu ABSTRACT Monitoring the flow of traffic
More informationBoolean relationships on Venn Diagrams
Boolean relationships on Venn Diagrams The fourth example has A partially overlapping B. Though, we will first look at the whole of all hatched area below, then later only the overlapping region. Let's
More informationVerasco: a Formally Verified C Static Analyzer
Verasco: a Formally Verified C Static Analyzer Jacques-Henri Jourdan Joint work with: Vincent Laporte, Sandrine Blazy, Xavier Leroy, David Pichardie,... June 13, 2017, Montpellier GdR GPL thesis prize
More informationarxiv: v1 [cs.ni] 4 Jul 2014
Merlin: A Language for Provisioning Network Resources Robert Soulé * Shrutarshi Basu Parisa Jalili Marandi * Fernando Pedone * Robert Kleinberg Emin Gün Sirer Nate Foster * University of Lugano Cornell
More informationCOMP-421 Compiler Design. Presented by Dr Ioanna Dionysiou
COMP-421 Compiler Design Presented by Dr Ioanna Dionysiou Administrative! [ALSU03] Chapter 3 - Lexical Analysis Sections 3.1-3.4, 3.6-3.7! Reading for next time [ALSU03] Chapter 3 Copyright (c) 2010 Ioanna
More informationApplication of SDN: Load Balancing & Traffic Engineering
Application of SDN: Load Balancing & Traffic Engineering Outline 1 OpenFlow-Based Server Load Balancing Gone Wild Introduction OpenFlow Solution Partitioning the Client Traffic Transitioning With Connection
More informationAutomating Construction of Lexers
Automating Construction of Lexers Regular Expression to Programs Not all regular expressions are simple. How can we write a lexer for (a*b aaa)? Tokenizing aaaab Vs aaaaaa Regular Expression Finite state
More informationAreas related to SW verif. Trends in Software Validation. Your Expertise. Research Trends High level. Research Trends - Ex 2. Research Trends Ex 1
Areas related to SW verif. Trends in Software Validation Abhik Roychoudhury CS 6214 Formal Methods Model based techniques Proof construction techniques Program Analysis Static Analysis Abstract Interpretation
More informationPRESENTATION SLIDES FOR PUN-LOSP William Bricken July Interface as Overview
PRESENTATION SLIDES FOR PUN-LOSP William Bricken July 1997 Interface as Overview Input Logic directory of files (edif, pun) filename logic specification string (symbolic logic notations) table propositional
More informationEstimating Persistent Spread in High-speed Networks Qingjun Xiao, Yan Qiao, Zhen Mo, Shigang Chen
Estimating Persistent Spread in High-speed Networks Qingjun Xiao, Yan Qiao, Zhen Mo, Shigang Chen Southeast University of China University of Florida Motivation for Persistent Stealthy Spreaders Imagine
More informationCSE 105 THEORY OF COMPUTATION
CSE 105 THEORY OF COMPUTATION Spring 2017 http://cseweb.ucsd.edu/classes/sp17/cse105-ab/ Today's learning goals Sipser Ch 1.2, 1.3 Design NFA recognizing a given language Convert an NFA (with or without
More informationMURPHY S COMPUTER LAWS
Bosch Workshop 04/08/18 Brandenburg University of Technology at Cottbus, Dep. of Computer Science MURPHY S COMPUTER LAWS (1) No program without faults. DEPENDABLE SOFTWARE - AN UNREALISTIC DREAM OR JUST
More informationCOCO N: CORRECT-BY-CONSTRUCTION NETWORKS USING STEPWISE REFINEMENT
COCO N: CORRECT-BY-CONSTRUCTION NETWORKS USING STEPWISE REFINEMENT Leonid Ryzhyk Nikolaj Bjorner Marco Canini Jean-Baptiste Jeannin Cole Schlesinger Douglas Terry George Varghese RUNNING EXAMPLE: CAMPUS
More informationPropositional Calculus. Math Foundations of Computer Science
Propositional Calculus Math Foundations of Computer Science Propositional Calculus Objective: To provide students with the concepts and techniques from propositional calculus so that they can use it to
More informationTemporal Refinement Using SMT and Model Checking with an Application to Physical-Layer Protocols
Temporal Refinement Using SMT and Model Checking with an Application to Physical-Layer Protocols Lee Pike (Presenting), Galois, Inc. leepike@galois.com Geoffrey M. Brown, Indiana University geobrown@cs.indiana.edu
More informationAmbiguous Grammars and Compactification
Ambiguous Grammars and Compactification Mridul Aanjaneya Stanford University July 17, 2012 Mridul Aanjaneya Automata Theory 1/ 44 Midterm Review Mathematical Induction and Pigeonhole Principle Finite Automata
More informationCS5371 Theory of Computation. Lecture 8: Automata Theory VI (PDA, PDA = CFG)
CS5371 Theory of Computation Lecture 8: Automata Theory VI (PDA, PDA = CFG) Objectives Introduce Pushdown Automaton (PDA) Show that PDA = CFG In terms of descriptive power Pushdown Automaton (PDA) Roughly
More informationSpark verification features
Spark verification features Paul Jackson School of Informatics University of Edinburgh Formal Verification Spring 2018 Adding specification information to programs Verification concerns checking whether
More information