3 research outputs found
Automated Formal Analysis of Internet Routing Configurations
Today\u27s Internet interdomain routing protocol, the Border Gateway
Protocol (BGP), is increasingly complicated and fragile due to policy
misconfigurations by individual autonomous systems (ASes). To create
provably correct networks, the past twenty years have witnessed, among
many other efforts, advances in formal network modeling, system
verification and testing, and point solutions for network management
by formal reasoning. On the conceptual side, the formal models
usually abstract away low-level details, specifying what are the
correct functionalities but not how to achieve them. On the practical
side, system verification of existing networked systems is generally
hard, and system testing or simulation provide limited formal
guarantees. This is known as a long standing challenge in network
practice --- formal reasoning is decoupled from actual implementation.
This thesis seeks to bridge formal reasoning and actual network
implementation in the setting of the Border Gateway Protocol (BGP), by
developing the Formally Verifiable Routing (FVR) toolkit that
combines formal methods and programming language techniques. Starting
from the formal model, FVR automates verification of routing
models and the synthesis of faithful implementations that
carries the correctness property. Conversely, starting from large
real-world BGP systems with arbitrary policy configurations,
automates the analysis of Internet routing configurations,
and also includes a novel network reduction technique that
scales up existing techniques for automated analysis. By
developing the above formal theories and tools, this thesis aims to
help network operators to create and manage BGP systems with
correctness guarantee