Building Trustworthy Networks with Data Plane Verification
P. Brighten Godfrey
Assistant Professor, Department of Computer Science, University of Illinois at Urbana-Champaign
We rely on network infrastructure to deliver critical services and ensure security. Yet networks today have reached a level of complexity that is far beyond our ability to have confidence in their correct behavior – resulting in significant time investment and security vulnerabilities that can cost millions of dollars, or worse. In this talk, I will discuss the emerging field of network verification, which takes a transformative approach to network security by rigorously checking that the policy intent of a network engineer is correctly realized across the live running network. Our work developed data plane verification, which has discovered problems in operational environments and can verify policies with millisecond-level latency in dynamic networks. In just a few years, data plane verification has moved from early research prototypes to production deployment. I’ll also discuss the future of network verification in academic research and industry, and how SDN is an enabler for data plane verification.