Scalable verification of probabilistic networks

This paper presents McNetKAT, a scalable tool for verifying probabilistic network programs. McNetKAT is based on a new semantics for the guarded and history-free fragment of Probabilistic NetKAT in terms of finite-state, absorbing Markov chains. This view allows the semantics of all programs to be computed exactly, enabling construction of an automatic verification tool. Domain-specific optimizations and a parallelizing backend enable McNetKAT to analyze networks with thousands of nodes, automatically reasoning about general properties such as probabilistic program equivalence and refinement, as well as networking properties such as resilience to failures. We evaluate McNetKAT's scalability using real-world topologies, compare its performance against state-of-the-art tools, and develop an extended case study on a recently proposed data center network design.

[1]  Leslie G. Valiant,et al.  A Scheme for Fast Parallel Communication , 1982, SIAM J. Comput..

[2]  Walter Willinger,et al.  cSamp: A System for Network-Wide Flow Monitoring , 2008, NSDI.

[3]  Mark Filer,et al.  RADWAN: rate adaptive wide area network , 2018, SIGCOMM.

[4]  Mehryar Mohri Generic epsilon -Removal Algorithm for Weighted Automata , 2000, CIAA.

[5]  John G. Kemeny,et al.  Finite Markov Chains. , 1960 .

[6]  Brighten Godfrey,et al.  VeriFlow: verifying network-wide invariants in real time , 2012, HotSDN '12.

[7]  Bell Telephone,et al.  Regular Expression Search Algorithm , 1968 .

[8]  M. Droste,et al.  Handbook of Weighted Automata , 2009 .

[9]  Dexter Kozen,et al.  Kleene algebra with tests , 1997, TOPL.

[10]  Alexandra Silva,et al.  Cantor meets Scott: semantic foundations for probabilistic networks , 2016, POPL.

[11]  Alexandra Silva,et al.  A Coalgebraic Decision Procedure for NetKAT , 2015, POPL.

[12]  George Varghese,et al.  Header Space Analysis: Static Checking for Networks , 2012, NSDI.

[13]  Arjun Guha,et al.  A fast compiler for NetKAT , 2015, ICFP.

[14]  B. Nordstrom FINITE MARKOV CHAINS , 2005 .

[15]  Di Wang,et al.  PMAF: an algebraic framework for static analysis of probabilistic programs , 2018, PLDI.

[16]  Alexandra Silva,et al.  Probabilistic NetKAT , 2016, ESOP.

[17]  Chris Hankin,et al.  Probabilistic λ-calculus and Quantitative Program Analysis , 2004 .

[18]  Martín Casado,et al.  Abstractions for software-defined networks , 2014, Commun. ACM.

[19]  David M. Kahn Undecidable Problems for Probabilistic Network Programming , 2017, MFCS.

[20]  Saburo Muroga,et al.  Binary Decision Diagrams , 2000, The VLSI Handbook.

[21]  George Varghese,et al.  P4: programming protocol-independent packet processors , 2013, CCRV.

[22]  Ramana Rao Kompella,et al.  On the impact of packet spraying in data center networks , 2013, 2013 Proceedings IEEE INFOCOM.

[23]  Michèle Giry,et al.  A categorical approach to probability theory , 1982 .

[24]  Alex C. Snoeren,et al.  Inside the Social Network's (Datacenter) Network , 2015, Comput. Commun. Rev..

[25]  Micha Sharir,et al.  Verification of Probabilistic Programs , 1984, SIAM J. Comput..

[26]  Albert G. Greenberg,et al.  On static reachability analysis of IP networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[27]  Jeffrey Haas,et al.  Bidirectional Forwarding Detection (BFD) on Link Aggregation Group (LAG) Interfaces , 2014, RFC.

[28]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[29]  Thomas E. Anderson,et al.  F10: A Fault-Tolerant Engineered Network , 2013, NSDI.

[30]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[31]  Timothy V. Griffiths The unsolvability of the Equivalence Problem for Λ-Free nondeterministic generalized machines , 1968, JACM.

[32]  Timothy A. Davis,et al.  Algorithm 832: UMFPACK V4.3---an unsymmetric-pattern multifrontal method , 2004, TOMS.

[33]  Nick McKeown,et al.  p4v: practical verification for programmable data planes , 2018, SIGCOMM.

[34]  Masahiro Fujita,et al.  Multi-Terminal Binary Decision Diagrams: An Efficient Data Structure for Matrix Representation , 1997, Formal Methods Syst. Des..

[35]  Rajeev Alur,et al.  Regular Programming for Quantitative Properties of Data Streams , 2016, ESOP.

[36]  Dexter Kozen,et al.  Semantics of probabilistic programs , 1979, 20th Annual Symposium on Foundations of Computer Science (sfcs 1979).

[37]  Marta Z. Kwiatkowska,et al.  PRISM 4.0: Verification of Probabilistic Real-Time Systems , 2011, CAV.

[38]  Dana S. Scott,et al.  Finite Automata and Their Decision Problems , 1959, IBM J. Res. Dev..

[39]  Nate Foster,et al.  NetKAT: semantic foundations for networks , 2014, POPL.

[40]  Laurent Vanbever,et al.  Bayonet: probabilistic inference for networks , 2018, PLDI.

[41]  Navendu Jain,et al.  Understanding network failures in data centers: measurement, analysis, and implications , 2011, SIGCOMM.

[42]  Ken Thompson,et al.  Programming Techniques: Regular expression search algorithm , 1968, Commun. ACM.

[43]  Robert Soulé,et al.  Semi-Oblivious Traffic Engineering: The Road Not Taken , 2018, NSDI.

[44]  Timon Gehr,et al.  PSI: Exact Symbolic Inference for Probabilistic Programs , 2016, CAV.

[45]  James Worrell Revisiting the Equivalence Problem for Finite Multitape Automata , 2013, ICALP.

[46]  Tero Harju,et al.  The Equivalence Problem of Multitape Finite Automata , 1991, Theor. Comput. Sci..

[47]  Thomas A. Henzinger,et al.  Probabilistic programming , 2014, FOSE.

[48]  Katerina J. Argyraki,et al.  Network neutrality inference , 2014, SIGCOMM.

[49]  Amin Vahdat,et al.  A scalable, commodity data center network architecture , 2008, SIGCOMM '08.

[50]  Brighten Godfrey,et al.  Debugging the data plane with anteater , 2011, SIGCOMM.