KATch: A Fast Symbolic Verifier for NetKAT

We develop new data structures and algorithms for checking verification queries in NetKAT, a domain-specific language for specifying the behavior of network data planes. Our results extend the techniques obtained in prior work on symbolic automata and provide a framework for building efficient and s...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	arXiv.org 2024-11
Hauptverfasser:	Moeller, Mark, Jacobs, Jules, Olivier Savary Belanger, Darais, David, Schlesinger, Cole, Smolka, Steffen, Foster, Nate, Silva, Alexandra
Format:	Artikel
Sprache:	eng
Schlagworte:	Algorithms Computer Science - Programming Languages Data structures Domain specific languages Specifications Verification
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page
container_issue
container_start_page
container_title	arXiv.org
container_volume
creator	Moeller, Mark Jacobs, Jules Olivier Savary Belanger Darais, David Schlesinger, Cole Smolka, Steffen Foster, Nate Silva, Alexandra
description	We develop new data structures and algorithms for checking verification queries in NetKAT, a domain-specific language for specifying the behavior of network data planes. Our results extend the techniques obtained in prior work on symbolic automata and provide a framework for building efficient and scalable verification tools. We present KATch, an implementation of these ideas in Scala, featuring an extended set of NetKAT operators that are useful for expressing network-wide specifications, and a verification engine that constructs a bisimulation or generates a counter-example showing that none exists. We evaluate the performance of our implementation on real-world and synthetic benchmarks, verifying properties such as reachability and slice isolation, typically returning a result in well under a second, which is orders of magnitude faster than previous approaches. Our advancements underscore NetKAT's potential as a practical, declarative language for network specification and verification.
doi_str_mv	10.48550/arxiv.2404.04760
format	Article
fullrecord	<record><control><sourceid>proquest_arxiv</sourceid><recordid>TN_cdi_arxiv_primary_2404_04760</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>3034838559</sourcerecordid><originalsourceid>FETCH-LOGICAL-a950-903eef1c450fae5bfd70fd1d3570f463d647c09bc2a0af76b4744317fb4acd373</originalsourceid><addsrcrecordid>eNotkFFLwzAUhYMgOOZ-gE8GfBNab3Jvmta3MtwUhz5YfA1pmmDHZmfaifv31s2n8_JxON9h7EpASrlScGfjT_udSgJKgXQGZ2wiEUWSk5QXbNb3awCQmZZK4YTdPpeV-7jnJV_YfuBvh23dbVrH331sQ-sjD13kL34YsUt2Huym97P_nLJq8VDNH5PV6_JpXq4SWyhICkDvg3CkIFiv6tBoCI1oUI1JGTYZaQdF7aQFG3RWkyZCoUNN1jWoccquT7VHEbOL7dbGg_kTMkehkbg5EbvYfe19P5h1t4-f4yaDgJTj-EOBv4QXS1Y</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>3034838559</pqid></control><display><type>article</type><title>KATch: A Fast Symbolic Verifier for NetKAT</title><source>arXiv.org</source><source>Free E- Journals</source><creator>Moeller, Mark ; Jacobs, Jules ; Olivier Savary Belanger ; Darais, David ; Schlesinger, Cole ; Smolka, Steffen ; Foster, Nate ; Silva, Alexandra</creator><creatorcontrib>Moeller, Mark ; Jacobs, Jules ; Olivier Savary Belanger ; Darais, David ; Schlesinger, Cole ; Smolka, Steffen ; Foster, Nate ; Silva, Alexandra</creatorcontrib><description>We develop new data structures and algorithms for checking verification queries in NetKAT, a domain-specific language for specifying the behavior of network data planes. Our results extend the techniques obtained in prior work on symbolic automata and provide a framework for building efficient and scalable verification tools. We present KATch, an implementation of these ideas in Scala, featuring an extended set of NetKAT operators that are useful for expressing network-wide specifications, and a verification engine that constructs a bisimulation or generates a counter-example showing that none exists. We evaluate the performance of our implementation on real-world and synthetic benchmarks, verifying properties such as reachability and slice isolation, typically returning a result in well under a second, which is orders of magnitude faster than previous approaches. Our advancements underscore NetKAT's potential as a practical, declarative language for network specification and verification.</description><identifier>EISSN: 2331-8422</identifier><identifier>DOI: 10.48550/arxiv.2404.04760</identifier><language>eng</language><publisher>Ithaca: Cornell University Library, arXiv.org</publisher><subject>Algorithms ; Computer Science - Programming Languages ; Data structures ; Domain specific languages ; Specifications ; Verification</subject><ispartof>arXiv.org, 2024-11</ispartof><rights>2024. This work is published under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><rights>http://creativecommons.org/licenses/by/4.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,780,784,885,27925</link.rule.ids><backlink>$$Uhttps://doi.org/10.1145/3656454$$DView published paper (Access to full text may be restricted)$$Hfree_for_read</backlink><backlink>$$Uhttps://doi.org/10.48550/arXiv.2404.04760$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Moeller, Mark</creatorcontrib><creatorcontrib>Jacobs, Jules</creatorcontrib><creatorcontrib>Olivier Savary Belanger</creatorcontrib><creatorcontrib>Darais, David</creatorcontrib><creatorcontrib>Schlesinger, Cole</creatorcontrib><creatorcontrib>Smolka, Steffen</creatorcontrib><creatorcontrib>Foster, Nate</creatorcontrib><creatorcontrib>Silva, Alexandra</creatorcontrib><title>KATch: A Fast Symbolic Verifier for NetKAT</title><title>arXiv.org</title><description>We develop new data structures and algorithms for checking verification queries in NetKAT, a domain-specific language for specifying the behavior of network data planes. Our results extend the techniques obtained in prior work on symbolic automata and provide a framework for building efficient and scalable verification tools. We present KATch, an implementation of these ideas in Scala, featuring an extended set of NetKAT operators that are useful for expressing network-wide specifications, and a verification engine that constructs a bisimulation or generates a counter-example showing that none exists. We evaluate the performance of our implementation on real-world and synthetic benchmarks, verifying properties such as reachability and slice isolation, typically returning a result in well under a second, which is orders of magnitude faster than previous approaches. Our advancements underscore NetKAT's potential as a practical, declarative language for network specification and verification.</description><subject>Algorithms</subject><subject>Computer Science - Programming Languages</subject><subject>Data structures</subject><subject>Domain specific languages</subject><subject>Specifications</subject><subject>Verification</subject><issn>2331-8422</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><sourceid>GOX</sourceid><recordid>eNotkFFLwzAUhYMgOOZ-gE8GfBNab3Jvmta3MtwUhz5YfA1pmmDHZmfaifv31s2n8_JxON9h7EpASrlScGfjT_udSgJKgXQGZ2wiEUWSk5QXbNb3awCQmZZK4YTdPpeV-7jnJV_YfuBvh23dbVrH331sQ-sjD13kL34YsUt2Huym97P_nLJq8VDNH5PV6_JpXq4SWyhICkDvg3CkIFiv6tBoCI1oUI1JGTYZaQdF7aQFG3RWkyZCoUNN1jWoccquT7VHEbOL7dbGg_kTMkehkbg5EbvYfe19P5h1t4-f4yaDgJTj-EOBv4QXS1Y</recordid><startdate>20241119</startdate><enddate>20241119</enddate><creator>Moeller, Mark</creator><creator>Jacobs, Jules</creator><creator>Olivier Savary Belanger</creator><creator>Darais, David</creator><creator>Schlesinger, Cole</creator><creator>Smolka, Steffen</creator><creator>Foster, Nate</creator><creator>Silva, Alexandra</creator><general>Cornell University Library, arXiv.org</general><scope>8FE</scope><scope>8FG</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>HCIFZ</scope><scope>L6V</scope><scope>M7S</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20241119</creationdate><title>KATch: A Fast Symbolic Verifier for NetKAT</title><author>Moeller, Mark ; Jacobs, Jules ; Olivier Savary Belanger ; Darais, David ; Schlesinger, Cole ; Smolka, Steffen ; Foster, Nate ; Silva, Alexandra</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a950-903eef1c450fae5bfd70fd1d3570f463d647c09bc2a0af76b4744317fb4acd373</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Algorithms</topic><topic>Computer Science - Programming Languages</topic><topic>Data structures</topic><topic>Domain specific languages</topic><topic>Specifications</topic><topic>Verification</topic><toplevel>online_resources</toplevel><creatorcontrib>Moeller, Mark</creatorcontrib><creatorcontrib>Jacobs, Jules</creatorcontrib><creatorcontrib>Olivier Savary Belanger</creatorcontrib><creatorcontrib>Darais, David</creatorcontrib><creatorcontrib>Schlesinger, Cole</creatorcontrib><creatorcontrib>Smolka, Steffen</creatorcontrib><creatorcontrib>Foster, Nate</creatorcontrib><creatorcontrib>Silva, Alexandra</creatorcontrib><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Materials Science & Engineering Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Engineering Collection</collection><collection>Engineering Database</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering Collection</collection><collection>arXiv Computer Science</collection><collection>arXiv.org</collection><jtitle>arXiv.org</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Moeller, Mark</au><au>Jacobs, Jules</au><au>Olivier Savary Belanger</au><au>Darais, David</au><au>Schlesinger, Cole</au><au>Smolka, Steffen</au><au>Foster, Nate</au><au>Silva, Alexandra</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>KATch: A Fast Symbolic Verifier for NetKAT</atitle><jtitle>arXiv.org</jtitle><date>2024-11-19</date><risdate>2024</risdate><eissn>2331-8422</eissn><abstract>We develop new data structures and algorithms for checking verification queries in NetKAT, a domain-specific language for specifying the behavior of network data planes. Our results extend the techniques obtained in prior work on symbolic automata and provide a framework for building efficient and scalable verification tools. We present KATch, an implementation of these ideas in Scala, featuring an extended set of NetKAT operators that are useful for expressing network-wide specifications, and a verification engine that constructs a bisimulation or generates a counter-example showing that none exists. We evaluate the performance of our implementation on real-world and synthetic benchmarks, verifying properties such as reachability and slice isolation, typically returning a result in well under a second, which is orders of magnitude faster than previous approaches. Our advancements underscore NetKAT's potential as a practical, declarative language for network specification and verification.</abstract><cop>Ithaca</cop><pub>Cornell University Library, arXiv.org</pub><doi>10.48550/arxiv.2404.04760</doi><oa>free_for_read</oa></addata></record>
fulltext	fulltext
identifier	EISSN: 2331-8422
ispartof	arXiv.org, 2024-11
issn	2331-8422
language	eng
recordid	cdi_arxiv_primary_2404_04760
source	arXiv.org; Free E- Journals
subjects	Algorithms Computer Science - Programming Languages Data structures Domain specific languages Specifications Verification
title	KATch: A Fast Symbolic Verifier for NetKAT
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-27T03%3A05%3A18IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_arxiv&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=KATch:%20A%20Fast%20Symbolic%20Verifier%20for%20NetKAT&rft.jtitle=arXiv.org&rft.au=Moeller,%20Mark&rft.date=2024-11-19&rft.eissn=2331-8422&rft_id=info:doi/10.48550/arxiv.2404.04760&rft_dat=%3Cproquest_arxiv%3E3034838559%3C/proquest_arxiv%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=3034838559&rft_id=info:pmid/&rfr_iscdi=true