Model checking invariant security properties in OpenFlow

Author

Son, Seuk ; Seungwon Shin ; Yegneswaran, Vinod ; Porras, Phillip ; Guofei Gu

fYear

2013

fDate

9-13 June 2013

Firstpage

1974

Lastpage

1979

Abstract

The OpenFlow (OF) switching specification represents an innovative and open standard for enabling the dynamic programming of flow control policies in production networks. Unfortunately, thus far researchers have paid little attention to the development of methods for verifying that dynamic flow policies inserted within an OpenFlow network do not violate the network´s underlying security policy. We introduce Flover, a model checking system which verifies that the aggregate of flow policies instantiated within an OpenFlow network does not violate the network´s security policy. We have implemented Flover using the Yices SMT solver, which we then integrated into NOX, a popular OpenFlow network controller. Flover provides NOX a formal validation of the OpenFlow network´s security posture.

Keywords

business communication; dynamic programming; formal verification; open systems; telecommunication control; Flover; NOX; OpenFlow network controller; OpenFlow switching specification; Yices SMT solver; dynamic flow policies; dynamic programming; flow control policies; formal validation; model checking invariant security properties; model checking system; open standard; production networks; security policy; Educational institutions; Model checking; Ports (Computers); Security; Standards; Switches;

fLanguage

English

Publisher

ieee

Conference_Titel

Communications (ICC), 2013 IEEE International Conference on

Conference_Location

Budapest

ISSN

1550-3607

Type

conf

DOI

10.1109/ICC.2013.6654813

Filename

6654813