A Survey on Data Plane Programming with P4: Fundamentals, Advances, and Applied Research

With traditional networking, users can configure control plane protocols to match the specific network configuration, but without the ability to fundamentally change the underlying algorithms. With SDN, the users may provide their own control plane, that can control network devices through their data plane APIs. Programmable data planes allow users to define their own data plane algorithms for network devices including appropriate data plane APIs which may be leveraged by user-defined SDN control. Thus, programmable data planes and SDN offer great flexibility for network customization, be it for specialized, commercial appliances, e.g., in 5G or data center networks, or for rapid prototyping in industrial and academic research. Programming protocol-independent packet processors (P4) has emerged as the currently most widespread abstraction, programming language, and concept for data plane programming. It is developed and standardized by an open community and it is supported by various software and hardware platforms. In this paper, we survey the literature from 2015 to 2020 on data plane programming with P4. Our survey covers 497 references of which 367 are scientific publications. We organize our work into two parts. In the first part, we give an overview of data plane programming models, the programming language, architectures, compilers, targets, and data plane APIs. We also consider research efforts to advance P4 technology. In the second part, we analyze a large body of literature considering P4-based applied research. We categorize 241 research papers into different application domains, summarize their contributions, and extract prototypes, target platforms, and source code availability.Comment: Submitted to IEEE Communications Surveys and Tutorials (COMS) on 2021-01-2

Web service control of component-based agile manufacturing systems

Current global business competition has resulted in significant challenges for manufacturing and production sectors focused on shorter product lifecyc1es, more diverse and customized products as well as cost pressures from competitors and customers. To remain competitive, manufacturers, particularly in automotive industry, require the next generation of manufacturing paradigms supporting flexible and reconfigurable production systems that allow quick system changeovers for various types of products. In addition, closer integration of shop floor and business systems is required as indicated by the research efforts in investigating "Agile and Collaborative Manufacturing Systems" in supporting the production unit throughout the manufacturing lifecycles. The integration of a business enterprise with its shop-floor and lifecycle supply partners is currently only achieved through complex proprietary solutions due to differences in technology, particularly between automation and business systems. The situation is further complicated by the diverse types of automation control devices employed. Recently, the emerging technology of Service Oriented Architecture's (SOA's) and Web Services (WS) has been demonstrated and proved successful in linking business applications. The adoption of this Web Services approach at the automation level, that would enable a seamless integration of business enterprise and a shop-floor system, is an active research topic within the automotive domain. If successful, reconfigurable automation systems formed by a network of collaborative autonomous and open control platform in distributed, loosely coupled manufacturing environment can be realized through a unifying platform of WS interfaces for devices communication. The adoption of SOA- Web Services on embedded automation devices can be achieved employing Device Profile for Web Services (DPWS) protocols which encapsulate device control functionality as provided services (e.g. device I/O operation, device state notification, device discovery) and business application interfaces into physical control components of machining automation. This novel approach supports the possibility of integrating pervasive enterprise applications through unifying Web Services interfaces and neutral Simple Object Access Protocol (SOAP) message communication between control systems and business applications over standard Ethernet-Local Area Networks (LAN's). In addition, the re-configurability of the automation system is enhanced via the utilisation of Web Services throughout an automated control, build, installation, test, maintenance and reuse system lifecycle via device self-discovery provided by the DPWS protocol...cont'd

Otimização de distribuição de conteúdos multimédia utilizando software-defined networking

The general use of Internet access and user equipments, such as smartphones, tablets and personal computers, is creating a new wave of video content consumption. In the past two decades, the Television broadcasting industry went through several evolutions and changes, evolving from analog to digital distribution, standard definition to high definition TV-channels, form the IPTV method of distribution to the latest set of technologies in content distribution, OTT. The IPTV technology introduced features that changed the passive role of the client to an active one, revolutionizing the way users consume TV content. Thus, the clients’ habits started to shape the services offered, leading to an anywhere and anytime offer of video content. OTT video delivery is a reflection of those habits, meeting the users’ desire, introducing several benefits discussed in this work over the previous technologies. However, the OTT type of delivery poses several challenges in terms of scalability and threatens the Telecommunications Operators business model, because OTT companies use the Telcos infrastructure for free. Consequently, Telecommunications Operators must prepare their infrastructure for future demand while offering new services to stay competitive. This dissertation aims to contribute with insights on what infrastructure changes a Telecommunications Operator must perform with a proposed bandwidth forecasting model. The results obtained from the forecast model paved the way to the proposed video content delivery method, which aims to improve users’ perceived Quality-of-Experience while optimizing load balancing decisions. The overall results show an improvement of users’ experience using the proposed method.A generalização do acesso à Internet e equipamentos pessoais como smartphones, tablets e computadores pessoais, está a criar uma nova onda de consumo de conteúdos multimedia. Nas ultimas duas décadas, a indústria de transmissão de Televisão atravessou várias evoluções e alterações, evoluindo da distribuição analógica para a digital, de canais de Televisão de definição padrão para alta definição, do método de distribuição IPTV, até ao último conjunto de tecnologias na distribuição de conteúdos, OTT. A tecnologia IPTV introduziu novas funcionalidades que mudaram o papel passivo do cliente para um papel activo, revolucionando a forma como os utilizadores consumem conteúdos televisivos. Assim, os hábitos dos clientes começaram a moldar os serviços oferecidos, levando à oferta de consumo de conteúdos em qualquer lugar e em qualquer altura. A entrega de vídeo OTT é um reflexo destes hábitos, indo ao encontro dos desejos dos utilizadores, que introduz inúmeras vantagens sobre outras tecnologias discutidas neste trabalho. No entanto, a entrega de conteúdos OTT cria diversos problemas de escalabilidade e ameaça o modelo de negócio das Operadoras de Telecomunicações, porque os fornecedores de serviço OTT usam a infraestrutura das mesmas sem quaisquer custos. Consequentemente, os Operadores de Telecomunicações devem preparar a sua infraestrutura para o consumo futuro ao mesmo tempo que oferecem novos serviços para se manterem competitivos. Esta dissertação visa contribuir com conhecimento sobre quais alterações uma Operadora de Telecomunicações deve executar com o modelo de previsão de largura de banda proposto. Os resultados obtidos abriram caminho para o método de entrega de conteúdos multimedia proposto, que visa ao melhoramento da qualidade de experiência do utilizador ao mesmo tempo que se optimiza o processo de balanceamento de carga. No geral os testes confirmam uma melhoria na qualidade de experiência do utilizador usando o método proposto.Mestrado em Engenharia de Computadores e Telemátic

A Study of Application-awareness in Software-defined Data Center Networks

A data center (DC) has been a fundamental infrastructure for academia and industry for many years. Applications in DC have diverse requirements on communication. There are huge demands on data center network (DCN) control frameworks (CFs) for coordinating communication traffic. Simultaneously satisfying all demands is difficult and inefficient using existing traditional network devices and protocols. Recently, the agile software-defined Networking (SDN) is introduced to DCN for speeding up the development of the DCNCF. Application-awareness preserves the application semantics including the collective goals of communications. Previous works have illustrated that application-aware DCNCFs can much more efficiently allocate network resources by explicitly considering applications needs. A transfer application task level application-aware software-defined DCNCF (SDDCNCF) for OpenFlow software-defined DCN (SDDCN) for big data exchange is designed. The SDDCNCF achieves application-aware load balancing, short average transfer application task completion time, and high link utilization. The SDDCNCF is immediately deployable on SDDCN which consists of OpenFlow 1.3 switches. The Big Data Research Integration with Cyberinfrastructure for LSU (BIC-LSU) project adopts the SDDCNCF to construct a 40Gb/s high-speed storage area network to efficiently transfer big data for accelerating big data related researches at Louisiana State University. On the basis of the success of BIC-LSU, a coflow level application-aware SD- DCNCF for OpenFlow-based storage area networks, MinCOF, is designed. MinCOF incorporates all desirable features of existing coflow scheduling and routing frame- works and requires minimal changes on hosts. To avoid the architectural limitation of the OpenFlow SDN implementation, a coflow level application-aware SDDCNCF using fast packet processing library, Coflourish, is designed. Coflourish exploits congestion feedback assistances from SDN switches in the DCN to schedule coflows and can smoothly co-exist with arbitrary applications in a shared DCN. Coflourish is implemented using the fast packet processing library on an SDN switch, Open vSwitch with DPDK. Simulation and experiment results indicate that Coflourish effectively shortens average application completion time

Space Plug-and-Play Architecture Networking: A Self-Configuring Heterogeneous Network Architecture

The Space Plug-and-Play Architecture (SPA) networking approach outlined in this dissertation is an improvement over the previous approach used by the Satellite Data Model(SDM). The first improvement is the introduction of a SPA network model based on the Open Systems Interconnection (OSI) model. Second, a new addressing and routing scheme is presented, which places the burden of routing on the network infrastructure instead of the network endpoints. These improvements have been implemented in a software infrastructure called the SPA Services Manager (SSM). The SSM was developed under an International Organization for Standardization (ISO) 9001 certified development process, the details of which are presented. A collection of network timing graphs that measure latency and jitter of the SPA network is contained in this dissertation, as well as a runtime memory footprint. The maturity of the development process and these initial performance measurements demonstrate that the SSM is qualified for spaceflight

Hardware Architectures for Low-power In-Situ Monitoring of Wireless Embedded Systems

As wireless embedded systems transition from lab-scale research prototypes to large-scale commercial deployments, providing reliable and dependable system operation becomes absolutely crucial to ensure successful adoption. However, the untethered nature of wireless embedded systems severely limits the ability to access, debug, and control device operation after deployment—post-deployment or in-situ visibility. It is intuitive that the more information we have about a system’s operation after deployment, the better/faster we can respond upon the detection of anomalous behavior. Therefore, post-deployment visibility is a foundation upon which other runtime reliability techniques can be built. However, visibility into system operation diminishes significantly once the devices are remotely deployed, and we refer to this problem as a lack of post-deployment visibility

Resilient and Scalable Forwarding for Software-Defined Networks with P4-Programmable Switches

Traditional networking devices support only fixed features and limited configurability. Network softwarization leverages programmable software and hardware platforms to remove those limitations. In this context the concept of programmable data planes allows directly to program the packet processing pipeline of networking devices and create custom control plane algorithms. This flexibility enables the design of novel networking mechanisms where the status quo struggles to meet high demands of next-generation networks like 5G, Internet of Things, cloud computing, and industry 4.0. P4 is the most popular technology to implement programmable data planes. However, programmable data planes, and in particular, the P4 technology, emerged only recently. Thus, P4 support for some well-established networking concepts is still lacking and several issues remain unsolved due to the different characteristics of programmable data planes in comparison to traditional networking. The research of this thesis focuses on two open issues of programmable data planes. First, it develops resilient and efficient forwarding mechanisms for the P4 data plane as there are no satisfying state of the art best practices yet. Second, it enables BIER in high-performance P4 data planes. BIER is a novel, scalable, and efficient transport mechanism for IP multicast traffic which has only very limited support of high-performance forwarding platforms yet. The main results of this thesis are published as 8 peer-reviewed and one post-publication peer-reviewed publication. The results cover the development of suitable resilience mechanisms for P4 data planes, the development and implementation of resilient BIER forwarding in P4, and the extensive evaluations of all developed and implemented mechanisms. Furthermore, the results contain a comprehensive P4 literature study. Two more peer-reviewed papers contain additional content that is not directly related to the main results. They implement congestion avoidance mechanisms in P4 and develop a scheduling concept to find cost-optimized load schedules based on day-ahead forecasts

Sandboxed, Online Debugging of Production Bugs for SOA Systems

Short time-to-bug localization is extremely important for any 24x7 service-oriented application. To this end, we introduce a new debugging paradigm called live debugging. There are two goals that any live debugging infrastructure must meet: Firstly, it must offer real-time insight for bug diagnosis and localization, which is paramount when errors happen in user-facing applications. Secondly, live debugging should not impact user-facing performance for normal events. In large distributed applications, bugs which impact only a small percentage of users are common. In such scenarios, debugging a small part of the application should not impact the entire system. With the above-stated goals in mind, this thesis presents a framework called Parikshan, which leverages user-space containers (OpenVZ) to launch application instances for the express purpose of live debugging. Parikshan is driven by a live-cloning process, which generates a replica (called debug container) of production services, cloned from a production container which continues to provide the real output to the user. The debug container provides a sandbox environment, for safe execution of monitoring/debugging done by the users without any perturbation to the execution environment. As a part of this framework, we have designed customized-network proxies, which replicate inputs from clients to both the production and test-container, as well safely discard all outputs. Together the network duplicator, and the debug container ensure both compute and network isolation of the debugging environment. We believe that this piece of work provides the first of its kind practical real-time debugging of large multi-tier and cloud applications, without requiring any application downtime, and minimal performance impact

User-side wi-fi hotspot spoofing detection on android-based devices

A Dissertation Submitted in Partial Fulfilment of the Requirements for the Degree of Master’s in Wireless and Mobile Computing of the Nelson Mandela African Institution of Science and TechnologyNetwork spoofing is becoming a common attack in wireless networks. Similarly, there is a rapid growth of numbers in mobile devices in the working environments. The trends pose a huge threat to users since they become the prime target of attackers. More unfortunately, mobile devices have weak security measures due to their limited computational powers, making them an easy target for attackers. Current approaches to detect spoofing attacks focus on personal computers and rely on the network hosts’ capacity, leaving users with mobile devices at risk. Furthermore, some approaches on Android-based devices demand root privilege, which is highly discouraged. This research aims to study users' susceptibility to network spoofing attacks and propose a detection solution in Android-based devices. The presented approach considers the difference in security information and signal levels of an access point to determine its legitimacy. On the other hand, it tests the legitimacy of the captive portal with fake login credentials since, usually, fake captive portals do not authenticate users. The detection approaches are presented in three networks: (a) open networks, (b) closed networks and (c) networks with captive portals. As a departure from existing works, this solution does not require root access for detection, and it is developed for portability and better performance. Experimental results show that this approach can detect fake access points with an accuracy of 98% and 99% at an average of 24.64 and 7.78 milliseconds in open and closed networks, respectively. On the other hand, it can detect the existence of a fake captive portal at an accuracy of 88%. Despite achieving this performance, the presented detection approach does not cover APs that do not mimic legitimate APs. As an improvement, future work may focus on pcap files which is rich of information to be used in detection