An official website of the United States government
Networks in many safety-critical systems like avionics, automotive, and industrial plants have strict end-to-end delay requirements to be met for correct system operation. Existing software-defined real-time networks do not support data plane programmability provided by recent protocol-independent switch architectures such as P4. Our research enables time-aware flow forwarding in P4-enabled software-defined time-critical networks. In this paper, we introduce time-aware flow scheduling for P4-enabled SDN architectures. We study two scheduling policies: the first one prioritizes flows based on slack (i.e., how much time is left to reach the destination), and the second one uses finish time as a priority metric, which is determined from its data rate requirements. Both approaches were implemented and tested in the P4 software stack. We find that the slack-based forwarding scheme performs better in retaining real-time requirements. Our publicly released scheduler implementations will assist network engineers in adapting programmable switches to safety-critical applications that demand precise timing guarantees.
more »
« less
Lessons from the evolution of the Batfish configuration analysis tool
Batfish is a tool to analyze network configurations and forwarding. It has evolved from a research prototype to an industrial-strength product, guided by scalability, fidelity, and usability challenges encountered when analyzing complex, real-world networks. We share key lessons from this evolution, including how Datalog had significant limitations when generating and analyzing forwarding state and how binary decision diagrams (BDDs) proved highly versatile. We also describe our new techniques for addressing real- world challenges, which increase Batfish performance by three orders of magnitude and enable high-fidelity analysis of networks with thousands of nodes within minutes.
more »
« less
- PAR ID:
- 10534020
- Publisher / Repository:
- ACM
- Date Published:
- ISBN:
- 9798400702365
- Page Range / eLocation ID:
- 122 to 135
- Subject(s) / Keyword(s):
- Network verification configuration analysis Batfish
- Format(s):
- Medium: X
- Location:
- New York NY USA
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
Mobile wireless networks present several challenges for any learning system, due to uncertain and variable device movement, a decentralized network architecture, and constraints on network resources. In this work, we use deep reinforcement learning (DRL) to learn a scalable and generalizable forwarding strategy for such networks. We make the following contributions: i) we use hierarchical RL to design DRL packet agents rather than device agents, to capture the packet forwarding decisions that are made over time and improve training efficiency; ii) we use relational features to ensure generalizability of the learned forwarding strategy to a wide range of network dynamics and enable offline training; and iii) we incorporate both forwarding goals and network resource considerations into packet decision-making by designing a weighted DRL reward function. Our results show that our DRL agent often achieves a similar delay per packet delivered as the optimal forwarding strategy and outperforms all other strategies including state-of-the-art strategies, even on scenarios on which the DRL agent was not trained.more » « less
-
Automated spectrum analytics inform critical decisions in dynamic spectrum access networks such as (i) how to allocate network resources to clients, (ii) when to enforce penalties due to malicious or disruptive activity, and (iii) how to chart policies for future regulations. The insights gleaned from a spectrum trace, however, are as objective as the trace itself, and artifacts introduced by sensor imperfections or improper configuration will inevitably affect analysis outcomes. Yet, spectrum analytics have been largely developed in isolation from the underlying data collection and are oblivious to sensor-induced artifacts. To address this challenge, we develop VIA, a framework that attributes sensor properties and configuration to spectrum data fidelity, and models the relationship between spectrum analytics performance and data quality. VIA does not require expert input or intervention and can be used to profile the fidelity of unknown sensors. VIA takes as an input a spectrum trace and the sensor configuration, and benchmarks data quality along three dimensions: (i) Veracity, or how truthfully a scan captures spectrum activity, (ii) Intermittency, characterizing the temporal persistence of spectrum scans and (iii) Ambiguity quantifying the likelihood of false detection. We employ VIA to measure the data fidelity of five common sensor platforms. We then predict the outcome of several spectrum analysis tasks including occupancy and transmitter detection, and modulation recognition using both controlled and real-world measurements. We demonstrate high prediction performance with an average mean squared error of 0.0013 across all tasks using both regression and neural network models.more » « less
-
null (Ed.)Software defined networking (SDN) allows organizations to modify networks programmatically to implement custom forwarding behavior and to react to changing conditions. While there are many approaches available to implement SDN those that leverage forwarding table abstractions such as OpenFlow and P4 require developers to decompose problems into one or more tables associated with a definable pipeline. This paper explores tradeoffs between table depth and pipeline length associated with different problem decomposition options by analyzing the performance impact on hardware and software data planes including software data planes leveraging hardware acceleration through the use of SmartNICs.more » « less
-
The prosperity of smartphone markets has raised new concerns about software security on mobile platforms, leading to a grow- ing demand for effective software obfuscation techniques. Due to various differences between the mobile and desktop ecosystems, ob- fuscation faces both technical and non-technical challenges when applied to mobile software. Although there have been quite a few software security solution providers launching their mobile app obfuscation services, it is yet unclear how real-world mobile devel- opers perform obfuscation as part of their software engineering practices. Our research takes a first step to systematically studying the deployment of software obfuscation techniques in mobile software development. With the help of an automated but coarse-grained method, we computed the likelihood of an app being obfuscated for over a million app samples crawled from Apple App Store. We then inspected the top 6600 instances and managed to identify 601 obfuscated versions of 539 iOS apps. By analyzing this sample set with extensive manual effort, we made various observations that reveal the status quo of mobile obfuscation in the real world, providing insights into understanding and improving the situation of software protection on mobile platforms.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.1145/3603269.3604866
