Network-wide Configuration Synthesis

Computer networks are hard to manage. Given a set of high-level requirements (e.g., reachability, security), operators have to manually figure out the individual configuration of potentially hundreds of devices running complex distributed protocols so that they, collectively, compute a compatible forwarding state. Not surprisingly, operators often make mistakes which lead to downtimes. To address this problem, we present a novel synthesis approach that automatically computes correct network configurations that comply with the operator's requirements. We capture the behavior of existing routers along with the distributed protocols they run in stratified Datalog. Our key insight is to reduce the problem of finding correct input configurations to the task of synthesizing inputs for a stratified Datalog program. To solve this synthesis task, we introduce a new algorithm that synthesizes inputs for stratified Datalog programs. This algorithm is applicable beyond the domain of networks. We leverage our synthesis algorithm to construct the first network-wide configuration synthesis system, called SyNET, that support multiple interacting routing protocols (OSPF and BGP) and static routes. We show that our system is practical and can infer correct input configurations, in a reasonable amount time, for networks of realistic size (> 50 routers) that forward packets for multiple traffic classes.Comment: 24 Pages, short version published in CAV 201

Efficient Synthesis of Network Updates

Software-defined networking (SDN) is revolutionizing the networking industry, but current SDN programming platforms do not provide automated mechanisms for updating global configurations on the fly. Implementing updates by hand is challenging for SDN programmers because networks are distributed systems with hundreds or thousands of interacting nodes. Even if initial and final configurations are correct, naively updating individual nodes can lead to incorrect transient behaviors, including loops, black holes, and access control violations. This paper presents an approach for automatically synthesizing updates that are guaranteed to preserve specified properties. We formalize network updates as a distributed programming problem and develop a synthesis algorithm based on counterexample-guided search and incremental model checking. We describe a prototype implementation, and present results from experiments on real-world topologies and properties demonstrating that our tool scales to updates involving over one-thousand nodes

Access Control Synthesis for Physical Spaces

Access-control requirements for physical spaces, like office buildings and airports, are best formulated from a global viewpoint in terms of system-wide requirements. For example, "there is an authorized path to exit the building from every room." In contrast, individual access-control components, such as doors and turnstiles, can only enforce local policies, specifying when the component may open. In practice, the gap between the system-wide, global requirements and the many local policies is bridged manually, which is tedious, error-prone, and scales poorly. We propose a framework to automatically synthesize local access control policies from a set of global requirements for physical spaces. Our framework consists of an expressive language to specify both global requirements and physical spaces, and an algorithm for synthesizing local, attribute-based policies from the global specification. We empirically demonstrate the framework's effectiveness on three substantial case studies. The studies demonstrate that access control synthesis is practical even for complex physical spaces, such as airports, with many interrelated security requirements

Applying Formal Methods to Networking: Theory, Techniques and Applications

Despite its great importance, modern network infrastructure is remarkable for the lack of rigor in its engineering. The Internet which began as a research experiment was never designed to handle the users and applications it hosts today. The lack of formalization of the Internet architecture meant limited abstractions and modularity, especially for the control and management planes, thus requiring for every new need a new protocol built from scratch. This led to an unwieldy ossified Internet architecture resistant to any attempts at formal verification, and an Internet culture where expediency and pragmatism are favored over formal correctness. Fortunately, recent work in the space of clean slate Internet design---especially, the software defined networking (SDN) paradigm---offers the Internet community another chance to develop the right kind of architecture and abstractions. This has also led to a great resurgence in interest of applying formal methods to specification, verification, and synthesis of networking protocols and applications. In this paper, we present a self-contained tutorial of the formidable amount of work that has been done in formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial

OSNR Aware Composition of an Open and Disaggregated Optical Node and Network

A function programmable optical network has been recently proposed to enhance the flexibility of an optical transport based on architecture-on-demand (AoD). The flexible synthesis of optical node architectures provided by AoD enables an open and disaggregated optical layer thanks to the available deep programmability. However, previous studies have focused on how to synthesize a single node out of switching function blocks, thus neglecting the optical signal-to-noise ratio (OSNR) impact, power imbalance effects due to the diverse set of devices traversed per input–output configuration, and network-wide implications. In this work, we present an optical network-wide function synthesis (ONetFuS), which is an algorithm to compose AoD nodes that consider placement and configuration of both switches and amplifiers. ONeFuS minimizes OSNR degradation and deviation across channels and offers enhanced power balance performance. Moreover, ONetFuS addresses multiple-node scenarios to investigate cascading, transmission distance, and networking effects. We compare the number of optical cross-connections computed by our proposal against solutions in the literature. Results in network scenarios, including the number of components, power balance, OSNR variations, and OSNR penalty reductions, prove the suitability of our proposed ONetFuS for open and functional programmable optical networks

Don't mind the gap: Bridging network-wide objectives and device-level configurations

We reflect on the historical context that lead to Propane, a high-level language and compiler to help network operators bridge the gap between network-wide routing objectives and low-level configurations of devices that run complex, distributed protocols. We also highlight the primary contributions that Propane made to the networking literature and describe ongoing challenges. We conclude with an important lesson learned from the experience

The MRO-accompanied modes of Re-implantation into SiO2-host matrix: XPS and DFT based scenarios

The following scenarios of Re-embedding into SiO2-host by pulsed Re-implantation were derived and discussed after XPS-and-DFT electronic structure qualification: (i) low Re-impurity concentration mode -> the formation of combined substitutional and interstitial impurities with Re2O7-like atomic and electronic structures in the vicinity of oxygen vacancies; (ii) high Re-impurity concentration mode -> the fabrication of interstitial Re-metal clusters with the accompanied formation of ReO2-like atomic structures and (iii) an intermediate transient mode with Re-impurity concentration increase, when the precursors of interstitial defect clusters are appeared and growing in the host-matrix structure occur. An amplification regime of Re-metal contribution majority to the final Valence Band structure was found as one of the sequences of intermediate transient mode. It was shown that most of the qualified and discussed modes were accompanied by the MRO (middle range ordering) distortions in the initial oxygen subnetwork of the a-SiO2 host-matrix because of the appeared mixed defect configurations.Comment: 19 pages, 7 figures, accepted to J. Alloys and Compound

Evolutionary cellular configurations for designing feed-forward neural networks architectures

Proceeding of: 6th International Work-Conference on Artificial and Natural Neural Networks, IWANN 2001 Granada, Spain, June 13–15, 2001In the recent years, the interest to develop automatic methods to determine appropriate architectures of feed-forward neural networks has increased. Most of the methods are based on evolutionary computation paradigms. Some of the designed methods are based on direct representations of the parameters of the network. These representations do not allow scalability, so to represent large architectures, very large structures are required. An alternative more interesting are the indirect schemes. They codify a compact representation of the neural network. In this work, an indirect constructive encoding scheme is presented. This scheme is based on cellular automata representations in order to increase the scalability of the method