Formal Modeling and Systematic Black-Box Testing of SDN Data Plane

Existing tools for Software-Defined Networking (SDN) data plane testing can be classified into two classes: white box and black-box. For the former, all or part of source codes should be accessed. But for testers outside the manufacturers, the accessing of source code is impossible or very difficult in most cases, especially for hardware devices. For the latter, test cases are manually developed, which cannot ensure the coverage. In this paper, we present a model based black-box systematic testing method for SDN data plane. We propose a new model, Pipelined Extended Finite State Machine (Pi-EFSM), to specify the multiple-level pipeline of SDN data plane. For the Pi-EFSM model, we present a 3-phase systematic test generation approach. By using a hierarchical test generation strategy, the proposed test generation method can alleviate state space explosion to some extent. Our test generation method can achieve the systematic coverage towards the elements of the model. We apply our method in the testing of Open Flow switches (specification version 1.3.0). We build a Pi-EFSM model for Open Flow switches and derive the executable test sequences. Some implementation faults and specification confusions are exposed when we test two switches, Open switch 2.1.0 and CPqD Open Flow 1.3 Software Switch.

[1]  Myung-Ki Shin,et al.  Process Algebraic Specification of Software Defined Networks , 2012, 2012 Fourth International Conference on Computational Intelligence, Communication Systems and Networks.

[2]  Marco Canini,et al.  Is your OpenFlow application correct? , 2011, CoNEXT '11 Student.

[3]  Brighten Godfrey,et al.  VeriFlow: verifying network-wide invariants in real time , 2012, HotSDN '12.

[4]  Alexandre Petrenko,et al.  Test Selection Based on Communicating Nondeterministic Finite-State Machines Using a Generalized WP-Method , 1994, IEEE Trans. Software Eng..

[5]  Rob Sherwood,et al.  OFLOPS: An Open Framework for OpenFlow Switch Evaluation , 2012, PAM.

[6]  Myung-Ki Shin,et al.  Formal specifications for software-defined networking , 2012, CFI.

[7]  David Lee,et al.  Conformance testing of protocols specified as communicating finite state machines-a guided random walk based approach , 1996, IEEE Trans. Commun..

[8]  W. Eric Wong,et al.  Validation of SDL-based architectural design models using communication-based coverage criteria , 2012, Inf. Softw. Technol..

[9]  Marco Canini,et al.  Automating the Testing of OpenFlow Applications , 2011 .

[10]  Rachida Dssouli,et al.  A test case generation approach for conformance testing of SDL systems , 2001, Comput. Commun..

[11]  Myung-Ki Shin,et al.  Formal Modeling and Verification of SDN-OpenFlow , 2013, 2013 IEEE Sixth International Conference on Software Testing, Verification and Validation.

[12]  Katerina J. Argyraki,et al.  Software dataplane verification , 2014, NSDI.

[13]  Scott Shenker,et al.  What, Where, and When: Software Fault Localization for SDN , 2012 .

[14]  Sharad Malik,et al.  Abstractions for model checking SDN controllers , 2013, 2013 Formal Methods in Computer-Aided Design.

[15]  George Varghese,et al.  Header Space Analysis: Static Checking for Networks , 2012, NSDI.

[16]  Azer Bestavros,et al.  Verifiably-safe software-defined networks for CPS , 2013, HiCoNS '13.

[17]  George Varghese,et al.  Usenix Association 10th Usenix Symposium on Networked Systems Design and Implementation (nsdi '13) 99 Real Time Network Policy Checking Using Header Space Analysis , 2022 .

[18]  Marco Canini,et al.  OFTEN Testing OpenFlow Networks , 2012, 2012 European Workshop on Software Defined Networking.

[19]  Xingang Shi,et al.  A TTCN-3-based protocol testing system and its extension , 2008, Science in China Series F: Information Sciences.

[20]  Jianping Wu,et al.  Testing of a source address validation protocol with parallel parameterized extended finite state machines , 2011, AINTEC '11.

[21]  Azer Bestavros,et al.  Using Alloy to Formally Model and Reason About an OpenFlow Network Switch , 2016, ArXiv.

[22]  Katerina J. Argyraki,et al.  Toward a verifiable software dataplane , 2013, HotNets.

[23]  Samuel T. King,et al.  Debugging the data plane with anteater , 2011, SIGCOMM 2011.

[24]  Svetlana Prokopenko,et al.  Extended Finite State Machine Based Test Derivation Driven by User Defined Faults , 2008, 2008 1st International Conference on Software Testing, Verification, and Validation.

[25]  J. W. Patrick,et al.  Fourth international conference on coal science , 1988 .

[26]  Marco Canini,et al.  A SOFT way for openflow switch interoperability testing , 2012, CoNEXT '12.

[27]  Natali Ruchansky,et al.  A (not) NICE way to verify the openflow switch specification: formal modelling of the openflow switch using alloy , 2013, SIGCOMM.

[28]  Robert M. Hierons,et al.  Generating Feasible Transition Paths for Testing from an Extended Finite State Machine (EFSM) , 2009, 2009 International Conference on Software Testing Verification and Validation.

[29]  Zhi Liu,et al.  Troubleshooting blackbox SDN control software with minimal causal sequences , 2014 .

[30]  Marco Canini,et al.  A NICE Way to Test OpenFlow Applications , 2012, NSDI.

[31]  David Lee,et al.  Online minimization of transition systems (extended abstract) , 1992, STOC '92.

[32]  Jianping Wu,et al.  Reachability Graph Based Hierarchical Test Generation for Network Protocols Modeled as Parallel Finite State Machines , 2013, 2013 22nd International Conference on Computer Communication and Networks (ICCCN).

[33]  Arjun Guha,et al.  Machine-verified network controllers , 2013, PLDI.