Runtime Verification for Programmable Switches
Apoorv Shukla (Huawei Technologies Deutschland GmbH)
Kevin Hudemann (SAP AG)
Zsolt Vagi (Swisscom AG)
Lily Hügerich (Technical University of Berlin)
Georgios Smaragdakis (TU Delft - Cyber Security)
Artur Hecker (Huawei Technologies Deutschland GmbH)
Stefan Schmid (Technical University of Berlin)
Anja Feldmann (Max Planck Institut für Informatik)
More Info
expand_more
Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.
Abstract
We introduce a runtime verification framework for programmable switches that complements static analysis. To evaluate our approach, we design and develop P6, a runtime verification system that automatically detects, localizes, and patches software bugs in P4 programs. Bugs are reported via a violation of pre-specified expected behavior that is captured by P6. P6 is based on machine learning-guided fuzzing that tests P4 switch non-intrusively, i.e., without modifying the P4 program for detecting runtime bugs. This enables an automated and real-time localization and patching of bugs. We used a P6 prototype to detect and patch existing bugs in various publicly available P4 application programs deployed on two different switch platforms, namely, behavioral model (bmv2) and Tofino. Our evaluation shows that P6 significantly outperforms bug detection baselines while generating fewer packets and patches bugs in large P4 programs, e.g., switch.p4 without triggering any regressions.