2020
DOI: 10.1109/access.2020.2979894
|View full text |Cite
|
Sign up to set email alerts
|

Formal Verification of SDN-Based Firewalls by Using TLA+

Abstract: Software-defined networking (SDN) has generated increased interest due to the rapid growth in the amount of data generated by the development of the Internet and communications, the commercialization of 5G, and increasingly complex networks. While SDN is more advantageous than traditional networks in terms of efficient network management, rapid deployment, and dynamic scalability, the correctness of a network configuration must be ensured in advance. In other words, SDN components such as network devices, SDN … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
65
0

Year Published

2023
2023
2024
2024

Publication Types

Select...
6
1

Relationship

0
7

Authors

Journals

citations
Cited by 18 publications
(65 citation statements)
references
References 14 publications
0
65
0
Order By: Relevance
“…Formal verification has been introduced in this field by some subsequent articles ( [11], [15], [16], [17], [18]), which underlined the importance of formal correctness assurance for the automatically computed configurations. Formal verification of firewall configurations has recently become a vital requirement for critical environments, as underlined in [6]. All these approaches miss some of the other features characterizing our approach.…”
Section: Automatic Firewall Configurationmentioning
confidence: 99%
See 1 more Smart Citation
“…Formal verification has been introduced in this field by some subsequent articles ( [11], [15], [16], [17], [18]), which underlined the importance of formal correctness assurance for the automatically computed configurations. Formal verification of firewall configurations has recently become a vital requirement for critical environments, as underlined in [6]. All these approaches miss some of the other features characterizing our approach.…”
Section: Automatic Firewall Configurationmentioning
confidence: 99%
“…Designing and managing these complex architectures requires automation, because positioning and configuring virtual instances manually can likely lead to incorrect or non-optimal solutions, in addition to taking excessive time. Instead, automation, paired with formal verification techniques (e.g., [5] or [6]), is the key for computing provably correct and optimized solutions rapidly enough.…”
Section: Introductionmentioning
confidence: 99%
“…On contrary, deterministic models are significantly more complex and can represent only a single behavior at most [12]. Reasoning in terms of non-deterministic models, it should be noted that model checking technique on the basis of FSM (Finite-state Machine) has already proved itself to be a plausible solution: checking the design solutions for Amazon Web Services [13], implementing the Temporal Logic of Actions (TLA), corresponding TLA+ formalism and TLC (TLA Checker) model checker [14]; specifying and verifying the rules of Firewall (on the basis of TLA) [15]; modeling and developing the fault-tolerant safety-critical modules for a platform for railway control applications up to safety integrity level 4 (on the basis of TLA) [16].…”
Section: Related Workmentioning
confidence: 99%
“…In the recent years several formal models of SDN (e.g. [2,15,16]) have been proposed in order to test or check that a network behave correctly.…”
Section: Introductionmentioning
confidence: 99%
“…It does not support update of flow tables nor routing of multiple packets. TLA+ [18] has also been used to model the behaviour of SDN but in a very restrictive manner, allowing only a single switch [16]. Formal models are used not only to verify properties of an SDN such as consistency of flow tables, violation of safety policies, or forwarding loops, but also for finding flaws in security protocols using CSP and the model checker PAT [24].…”
Section: Introductionmentioning
confidence: 99%