Carolyn Jane Anderson
Nate Foster
Cole Schlesinger
ABSTRACT
Recent years have seen growing interest in high-level languages for programming networks. But the design of these languages has been largely ad hoc, driven more by the needs of applications and the capabilities of network hardware than by foundational principles. The lack of a semantic foundation has left language designers with little guidance in determining how to incorporate new features, and programmers without a means to reason precisely about their code.
This paper presents NetKAT, a new network programming language that is based on a solid mathematical foundation and comes equipped with a sound and complete equational theory. We describe the design of NetKAT, including primitives for filtering, modifying, and transmitting packets; union and sequential composition operators; and a Kleene star operator that iterates programs. We show that NetKAT is an instance of a canonical and well-studied mathematical structure called a Kleene algebra with tests (KAT) and prove that its equational theory is sound and complete with respect to its denotational semantics. Finally, we present practical applications of the equational theory including syntactic techniques for checking reachability, proving non-interference properties that ensure isolation between programs, and establishing the correctness of compilation algorithms.
Supplemental Material
- Ehab Al-Shaer and Saeed Al-Haj. FlowChecker: Configuration analysis and verification of federated OpenFlow infrastructures. In SafeConfig, 2010. Google Scholar
Digital Library
- Allegra Angus and Dexter Kozen. Kleene algebra with tests and program schematology. Technical Report TR2001--1844, Computer Science Department, Cornell University, July 2001. Google ScholarDigital Library
- Ernie Cohen. Using Kleene algebra to reason about concurrency control. Technical report, Telcordia, Morristown, N.J., 1994.Google Scholar
- John Horton Conway. Regular Algebra and Finite Machines. Chapman and Hall, London, 1971.Google Scholar
- Andrew D. Ferguson, Arjun Guha, Chen Liang, Rodrigo Fonseca, and Shriram Krishnamurthi. Participatory networking: An API for application control of SDNs. In SIGCOMM, 2013. Google ScholarDigital Library
- Nate Foster, Rob Harrison, Michael J. Freedman, Christopher Monsanto, Jennifer Rexford, Alec Story, and David Walker. Frenetic: A network programming language. In ICFP, September 2011. Google ScholarDigital Library
- Arjun Guha, Mark Reitblatt, and Nate Foster. Machine-verified network controllers. In PLDI, June 2013. Google ScholarDigital Library
- Stephen Gutz, Alec Story, Cole Schlesinger, and Nate Foster. Splendid isolation: A slice abstraction for software-defined networks. In HotSDN, 2012. Google ScholarDigital Library
- James Hamilton. Networking: The last bastion of mainframe computing, December 2009. Available at http://tinyurl.com/y9uz64e.Google Scholar
- Peyman Kazemian, George Varghese, and Nick McKeown. Header space analysis: Static checking for networks. In NSDI, 2012. Google ScholarDigital Library
- Ahmed Khurshid, Xuan Zou, Wenxuan Zhou, Matthew Caesar, and P. Brighten Godfrey. VeriFlow: Verifying network-wide invariants in real time. In NSDI, 2013. Google ScholarDigital Library
- Dexter Kozen. A completeness theorem for Kleene algebras and the algebra of regular events. I&C, 110(2):366--390, May 1994. Google ScholarDigital Library
- Dexter Kozen. Kleene algebra with tests and commutativity conditions. In TACAS, pages 14--33, Passau, Germany, March 1996. Google ScholarDigital Library
- Dexter Kozen. Kleene algebra with tests. Transactions on Programming Languages and Systems, 19(3):427--443, May 1997. Google ScholarDigital Library
- Dexter Kozen. Kleene algebras with tests and the static analysis of programs. Technical Report TR2003--1915, Computer Science Department, Cornell University, November 2003.Google Scholar
- Dexter Kozen and Maria-Cristina Patron. Certification of compiler optimizations using Kleene algebra with tests. In CL, July 2000. Google ScholarDigital Library
- Dexter Kozen and Frederick Smith. Kleene algebra with tests: Completeness and decidability. In CSL, September 1996. Google ScholarDigital Library
- Boon Thau Loo, Joseph M. Hellerstein, Ion Stoica, and Raghu Ramakrishnan. Declarative routing: Extensible routing with declarative queries. In SIGCOMM, 2005. Google ScholarDigital Library
- Haohui Mai, Ahmed Khurshid, Raghit Agarwal, Matthew Caesar, P. Brighten Godfrey, and Samuel Talmadge King. Debugging the data plane with Anteater. In SIGCOMM, 2011. Google ScholarDigital Library
- James McCauley, Aurojit Panda, Martin Casado, Teemu Koponen, and Scott Shenker. Extending SDN to large-scale networks. In ONS, 2013.Google Scholar
- Nick McKeown, Tom Anderson, Hari Balakrishnan, Guru Parulkar, Larry Peterson, Jennifer Rexford, Scott Shenker, and Jonathan Turner. OpenFlow: Enabling innovation in campus networks. SIGCOMM Computing Communications Review, 38(2):69--74, 2008. Google ScholarDigital Library
- B. Möller. Calculating with pointer structures. In Algorithmic Languages and Calculi. Proc. IFIP TC2/WG2.1 Working Conference, February 1997. Google ScholarDigital Library
- Christopher Monsanto, Nate Foster, Rob Harrison, and David Walker. A compiler and run-time system for network programming languages. In POPL, January 2012. Google ScholarDigital Library
- Christopher Monsanto, Joshua Reich, Nate Foster, Jennifer Rexford, and David Walker. Composing software-defined networks. In NSDI, April 2013. Google ScholarDigital Library
- Tim Nelson, Arjun Guha, Daniel J. Dougherty, Kathi Fisler, and Shriram Krishnamurthi. A balance of power: Expressive, analyzable controller programming. In HotSDN, 2013. Google ScholarDigital Library
- Mark Reitblatt, Nate Foster, Jennifer Rexford, Cole Schlesinger, and David Walker. Abstractions for network update. In SIGCOMM, 2012. Google ScholarDigital Library
- Andrei Sabelfeld and Andrew C. Myers. Language-based information-flow security. IEEE Journal on Selected Areas in Communications, 21(1):5--19, 2003. Google ScholarDigital Library
- Gunther Schmidt. Relational Mathematics. Cambridge University Press, 2010. Google ScholarDigital Library
- O. Shmueli. Decidability and expressiveness aspects of logic queries. In PODS, pages 237--249, 1987. Google ScholarDigital Library
- The Frenetic Project, 2013. See http://frenetic-lang.org.Google Scholar
- Andreas Voellmy and Paul Hudak. Nettle: Functional reactive programming of OpenFlow networks. In PADL, 2011.Google Scholar
- Andreas Voellmy, Junchang Wang, Y. Richard Yang, Bryan Ford, and Paul Hudak. Maple: Simplifying SDN programming using algorithmic policies. In SIGCOMM, 2013. Google ScholarDigital Library
- Anduo Wang, Limin Jia, Changbin Liu, Boon Thau Loo, Oleg Sokolsky, and Prithwish Basu. Formally verifiable networking. In HotNets, 2009.Google Scholar
- Minlan Yu, Jennifer Rexford, Xin Sun, Sanjay G. Rao, and Nick Feamster. A survey of virtual LAN usage in campus networks. IEEE Communications Magazine, 49(7):98--103, 2011.Google ScholarCross Ref
Index Terms
- NetKAT: semantic foundations for networks
Recommendations
A Coalgebraic Decision Procedure for NetKAT
POPL '15: Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming LanguagesNetKAT is a domain-specific language and logic for specifying and verifying network packet-processing functions. It consists of Kleene algebra with tests (KAT) augmented with primitives for testing and modifying packet headers and encoding network ...
NetKAT: semantic foundations for networks
POPL '14Recent years have seen growing interest in high-level languages for programming networks. But the design of these languages has been largely ad hoc, driven more by the needs of applications and the capabilities of network hardware than by foundational ...
A fast compiler for NetKAT
ICFP 2015: Proceedings of the 20th ACM SIGPLAN International Conference on Functional ProgrammingHigh-level programming languages play a key role in a growing number of networking platforms, streamlining application development and enabling precise formal reasoning about network behavior. Unfortunately, current compilers only handle "local" ...
Comments